Search in this section
Introduction
The application DNS REST BIND forms a bridge between AutoDNS and a BIND name server, allowing the zones in AutoDNS to be managed. The actions required for this in AutoDNS are passed to the BIND server with the help of DNS REST BIND. The REST protocol based on HTTP is used to do this. In order to ensure a secure connection, we suggest that you start the server in SSL mode. You can either integrate your own certificates or use the certificate already in place in the application.
The AutoDNS actions are processed in two steps:
- The order data is checked and saved in the relevant queue. The corresponding BIND zone data is also generated and saved.
- All open orders are carried out and the AutoDNS configuration file is rewritten. After this is done, the BIND server is restarted. This step is asynchronous, but the interval can be adjusted.
System requirements
The application requires a Java Virtual Machine (JDK). It is also dependent on the javad-util package, included in delivery. Although there are no special hardware requirements, we nevertheless recommend an x86 system with at least 128 MB storage.
Recommendation
We use the OpenJDK Amazon Corretto-8 to develop our software, therefore we recommend the usage of Amazon Corretto-8. Amazon Corretto is a free, cross-platform and production-ready distribution of the Open Java Development Kit (OpenJDK). Corretto provides long-term support that includes performance enhancements and security fixes. It can be installed easily using the following commands:
First import the repository
rpm --import https://yum.corretto.aws/corretto.key curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo
Finally install the JDK:
yum install java-1.8.0-amazon-corretto-devel
First installation
Installation using package manager yum
DNS REST BIND was designed for use with systems based on RPM and is available as an RPM package. As soon as the InterNetX repositories are available, DNS REST BIND can be installed easily using the following command:
yum install dns-rest-bind.rpm
The package manager resolves the requirements and enables the installation of missing programs.
Configuration
Predefined variables
Variable | Description | Default Path |
CONFIGDIR | Configuration Files |
|
HOME | Home Directory |
|
APPDIR | Program Files |
|
Password configuration
The server uses HTTP BASIC Auth to authorize the user. You can define the users and corresponding passwords in the file passwd in the configuration index.
The file uses the following format:
User: Password,rest-user
Example: user.one: pwsecret,rest-user
Rest-user
cannot be changed and must follow the password – it defines the user group specified in the server.
Logging configuration
The file log4j.xml is saved in the configuration index at installation.
The file defines the logging behavior. This is based on "Log4j-Logger". It writes the log data to /var/log/javad/dns-rest-bind.info.log
file. Logging is set so that a maximum of 1 GB hard drive space can be used, i.e. 10 files of 100 MB each.
If you would like to perform the logging via e.g. syslog, please refer to the "Log4j" configuration.
Configuration of the BIND connection
The following parameters are defined in the configuration folder under bind.properties:
Name | Format | Description |
jobXmlDao.directory | String | The path to the job spool directory. Default: /var/spool/javad/dns-rest-bind/job-data |
bind.zoneDirectory | String | The path to the zone files directory, must be also defined within the bind conf. Default : /var/named/data |
bind.rndc | String | The path to the RNDC command. Default: /usr/sbin/rndc |
bind.config | String | The path to the specific AutoDNS BIND definition file. The file will be generated by the application. Default: /var/named/autodns.conf |
bind.reloadDelay | Integer | Reload every minute in milli seconds, after the time of seconds the bind server is reloaded, using the RNDC command. Default: 60000 |
bind.chgrp | String | The path to the chgrp command.Default: /bin/chgrp |
bind.chmod | String | The path to the chmod command.Default: /bin/chmod |
bind.group | String | The bind user group.Default: named |
bind.named-checkconf | String | The path to the named-checkconf command.Default: named-checkconf |
bind.named-checkzone | String | The path to the name-checkzone command.Default: named-checkzone |
bind.axfrTimeout | Integer | The AXFR timeout in seconds.Default: 60 |
bind.localAxfr | IP | The local address to bind.Default: 0.0.0.0 |
Server start parameters
The server starting parameters are defined in the tables.
These can be modified under /etc/sysconfig/javad/dns-rest-bind under the item PARAM.
Name | Required | Type | Description |
Port, -p | yes | integer | Server port that waits for requests. Default: 9090 |
ssl | no | boolean | Is HTTPS used instead of HTTP? For SSL further parameters are required. Default: false |
keystore | no | path | SSL keystore |
keystore-password | no | string | Password for the SSL keystore. The password is stored AES encrypted. |
cert-password | no | string | Password for the certificate. The password is stored AES encrypted. |
passwd | yes | string | Path to the user file. Default: /etc/javad/dns-rest-bind/passwd |
hostname | no | ip | IP Address the server should bind to. Default: 0.0.0.0 |
config | yes | path | Path to the multiserver configuration. Default file: $CONFIGDIR/multiserver.conf |
General parameters
Name | Required | Type | Description |
---|---|---|---|
USER | yes | string | The user the server is started with. Default: autodns |
VMOPTS | yes | string | Defines JDK specific parameters like memory usage. Default: -Dconf-dir=file:$CONFIGDIR |
PARAMS | yes | string | Start parameter for the server. See: Configuration of the Server Start Parameters. Default: see server parameters |
JMX | no | boolean | Starts the VM with JMX. Default: false |
JMXPORT | no | integer | The JMX port. Default: 10120 |
DEBUG | no | boolean | Starts the VM in the remote debug mode. Default: false |
DEBUGPORT | no | integer | Default: 10220 |