PowerDNS Cluster with PowerAdmin Web-Interface

The goal of this guide is to setup a PowerDNS master with mySQL as backend, then use mySQL replication to update the slaves.

When the master/slave is done, we will add Poweradmin as webinterface for the admin/users to update their dns-zones.
Everything running on Debian (ofcourse :) )

This guide will only cover the installation, no optimisation. That is another topic.

The usernames/password in this guide is only used as reference, do NOT use the same username/password in your production installation.

Master DNS Server Install

Install PowerDNS and MySQL

During the installation you will set the password for the mysql root user (mysqlpassword is used in this guide) , write this down or memorize it. Whenever you find the password below, change t to the one you have chosen.

Now we need to create the database, create an mySQL user that we later on will use to connect with.

Ok, database and user created, time to populate the database.

Download this  sql file here, it will help you create all needed tables.

Database populated, time to edit the configuration files. First out is the Powerdns configuration file

pdns.conf

Edit /etc/powerdns/pdns.conf and add  your database details at the end of the file:

Then it’s time to change some existing values

Find and update accordingly:

Close and save then start powerdns in monitored mode to check your configuration :

We will now check that our installation is working by running a few commands:

Open a new terminal and run this  command (it should reurn an error)

if you get a “command not found” error,

The proper response to your “host” command should be something like this:

and our monitor terminal shows this :

Why does it fail you may ask? Because we haven’t enabled recursion on our DNS server.
If you want to enable recursion, edit /etc/powerdns/pdns.conf and find this :

and change to this:

if you want to use googles DNS server.

[alert style=”green”] Note that if this will be a public DNS server, the recommendations are NOT to enable recursion. The only time recursion should be used is by DNS-servers on your own internal network. [/alert]

Now we have a working PowerDNS server that we will use as MASTER in our DNS-Cluster.

 

Slave DNS Server Install

Same steps as for out MASTER PowerDNS server:

Create database and mysql user

Download and populate the database

Edit /etc/powerdns/pdns.conf

If you want to enable recursion on the slave also, find this :

and change to this:

Check that everything was entered correct by running

write

the exit the monitor mode and start PowerDNS with

By now we have two working DNS server, time to make sure that they will have the same information.

MySQL Replication to Slaves

This part is really important and needs to be done correctly. All the slaves need to contact the master to get the MySQL updates and keep in sync. It may seem complicated but once it’s setup you don’t need to touch it again and you will achieve instant DNS updates across your cluster.

Master Replication Setup

This part needs to be performed on the MASTER dns server only.

Edit /etc/mysql/my.cnf with the following settings:

Also find this:

and change it this:

Exit, save and restart MySQL:

 

MySQL Replication User

A new SQL user needs to be created on the master:

After entering the SQL root password:
Here is an important part that I noticed, I could not get the replication to work if I set a wildcard host to the mysql user. I had to use the IP of the slave. If you get it to work, leave a comment on how you did it.

Next we need some information from the master SQL that we will use on the slave later on:
while still connected to the mysql server, run this command:

You should see something like this:

Make a note of the File and Position values.

Slave Replication Setup

This part needs to be performed on the slave dns server(s) only.

Edit my.cnf

Edit /etc/mysql/my.cnf with the following settings:

[alert style=”green”]
The server-id variable needs to be different on each of the slave dns servers. i.e server-id=2, server-id=3
[/alert]

Restart MySQL:

Request Replication Access from the Master

After entering the password:
(remember the filename and position from the master server? It’s time to enter them below)

You can see the status by using the following command:

Thats it! Replication is setup on the slave. When showing the status on the slave, if it says error anywhere, you need to troubleshoot the reason for the failure.
If you need to setup more DNS slaves, just follow the instructions again.

Common errors:
* Creating the pdnsslave user with * as host, I couldn’t get this to work. The slave wasn’t allowed to connect to the master! So when adding a new slave to the cluster you might need to add a new pdnsslave user for each new host.

Next step: Setup the webinterface so you easily can edit your DNS-entries.
I have decided to use Poweradmin 2.1.6, which was released on May 7th, 2012 in this guide.

Prerequisites

* MySQL or PostgreSQL.
* A webserver. Apache 2.2.3 has been tested. ( I used nginX for this guide )
* PHP. It needs the mysql or pgsql extension and the PHP modules: session, gettext, mcrypt.
* PEAR and its packages PEAR::MDB2, PEAR::MDB2_Driver_mysql or PEAR::MDB2_Driver_pgsql.

Installation steps (using the installer)

Using the installer is the recommended way of installing Poweradmin and I see no other reason not to.
Here are the steps needed to get it running. On the vps where you have installed your MASTER PowerDNS server. (I assume you have installed the webserver of your choice already)

First off is to change directory to your web accesible directory, then:

That will create a subdirectory (poweradmin) where your installation will be.
If you are installing this in an already running PowerDNS environment, create a backup of your current PowerDNS database and files. Better safe than sorry.

The installer also expects you to have never ran Poweradmin before, it will therefore overwrite any already existing Poweradmin parts of the database. If you have had Poweradmin running before, any data in the following tables will be destroyed: perm_items, perm_templ, perm_templ_items, users and zones.
This installer will, of course, not touch the data in the PowerDNS tables of the database.

Point your browser to the install directory, e.g. “http://example.net/poweradmin/install”, and follow the instructions on the screen.

If you followed the complete guide, on step3 in the installer, the database settings use the pdns mySQL user settings that we used before.
Don’t forget to set the Poweradmin administrator password.

Finally, remove the “install/” directory from the Poweradmin directory.
Point your browser to “http://example.net/poweradmin/” and login using the username “admin” and the password you have provided during the installation process.

 

5 comments for “PowerDNS Cluster with PowerAdmin Web-Interface

  1. March 3, 2013 at 12:46

    Enabling recursion is not absolutely required. In fact, there are relatively few instances when you would want to so – primarily if you want to use your server as an internal caching DNS server. If you’re setting up PowerDNS to use to serve DNS records for your own websites, you probably don’t want to enable recursion at all.

    • March 3, 2013 at 13:25

      The post is now updated with a note that it is not recommended to be enabled on public servers.

  2. Charlie
    March 14, 2013 at 10:32

    I would consider this guide to be outdated, 2.9 is very old now and it is recommended to use 3.*

    Also, don’t forget the appropriate schema-updates!

  3. Genko Penev
    February 6, 2014 at 13:50

    The guide is very useful. Some things are out of date, but most important part of the guide is the needed tools and sequence of action. Of course anyone who is going to configure high availability DNS have enough knowledge to check for latest software versions and etc. I personally replaced in my production environment mysql server with Percona Server 5.5 and used MySQL Tuning Primer Script for optimization of mysql parameters in my.cnf.

  4. Alex
    June 18, 2014 at 17:59

    uhmm with this guilde (adapted to today’s versions) you have 2 dns server working as masters, and a DB master/slave cluster replicating records, not a real master dns and a real slave dns.
    did i got it right?

Leave a Reply

Your email address will not be published. Required fields are marked *