2020-07-21 第十三周dns服務(wù)及MariaDB編譯安裝

rndc flush 清除緩存記得關(guān)閉防火墻或允許開放53端口
1、簡述DNS服務(wù)器原理，并搭建主-輔服務(wù)器票彪。
DNS（Domain Name System素邪，域名系統(tǒng)）外莲，因特網(wǎng)上作為域名和IP地址相互映射的一個分布式數(shù)據(jù)庫，能夠使用戶更方便的訪問互聯(lián)網(wǎng)兔朦，而不用去記住能夠被機器直接讀取的IP數(shù)串偷线。通過主機名，最終得到該主機名對應(yīng)的IP地址的過程叫做域名解析（或主機名解析）沽甥。DNS協(xié)議運行在UDP協(xié)議之上声邦，使用端口號53。
準備工作三臺同網(wǎng)段可互通的linux服務(wù)器
主dns：192.168.8.10
從dns：192.168.8.11
測試機：192.168.8.12
關(guān)閉防火墻或開放53端口
安裝dns服務(wù)

yum -y install bind                       安裝dns服務(wù)包
[root@localhost ~]# vim /etc/named.conf       更改配置文件
options {
//      listen-on port 53 { 127.0.0.1; };  注釋掉 或則件｛｝改為any  表示所有
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
//      allow-query     { localhost; };           
注釋掉 或則件｛｝改為any  表示所有
[root@localhost ~]#vim /etc/named.rfc1912.zones 
zone "linuxtext.com" {
         type master;                                                      正向解析配置
         file "linuxtext.com.zone";
};  
zone "50.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.50.zone";                                   反向解析配置
};
[root@centos7localdomain ~]# cat /var/named/linuxtext.com.zone    區(qū)域正解析庫
$TTL 86400                                                                                      
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )       2表示版本號 每次更改配置都要變大數(shù)字 才能讓從服務(wù)器同步
                   NS    ns1                         主dns服務(wù)器IP
           NS    ns2                          從dns服務(wù)器ip
ns1                A      192.168.8.10
ns2                A      192.168.8.11
websrv             A      192.168.8.12
www                CNAME   websrv                    別名
ftp                A      192.168.8.127
jekens             A      192.168.8.115
[root@centos7localdomain ~]# cat /var/named/192.168.8.zone     區(qū)域反解析庫
$TTL 86400
@             IN   SOA   ns1 admin    ( 1 3H 10M 12H 1H )
                   NS    ns1
                   NS    ns2
ns1                A      192.168.8.10
ns2                A      192.168.8.11
12                PTR     websrv.linuxtext.com
10                PTR     na1.linuxtext.com
127               PTR     ftp.linuxtext.com
測試：
[root@localhost ~]# host  jekens.linuxtext.com 192.168.8.11
Using domain server:
Name: 192.168.8.11
Address: 192.168.8.11#53
Aliases: 

jekens.linuxtext.com has address 192.168.8.115
[root@localhost ~]# host  jekens.linuxtext.com 192.168.8.10
Using domain server:
Name: 192.168.8.10
Address: 192.168.8.10#53
Aliases: 

jekens.linuxtext.com has address 192.168.8.115

2摆舟、搭建并實現(xiàn)智能DNS

yum -y install bind                       安裝dns服務(wù)包
[root@localhost ~]# vim /etc/named.conf       更改配置文件
options {
//  listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursing-file  "/var/named/data/named.recursing";
    secroots-file   "/var/named/data/named.secroots";
//  allow-query     { localhost; };
acl beijing {                                               區(qū)域網(wǎng)段
    192.168.50.0/24;
    192.168.20.0/24;
};
acl shanghai {
    172.16.0.0/16;
    172.17.0.0/16;
};
acl other {
    any;
};
view view_beijing {                              對應(yīng)的view配置
     match-clients { beijing;};
     include "/etc/named.rfc1912.zones.bj";
};
view view_shanghai {    
     match-clients { shanghai;};
     include "/etc/named.rfc1912.zones.shh";
};
view view_other {
     match-clients { other;};
     include "/etc/named.rfc1912.zones";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.shh  
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.shh";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.bj
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.bj";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.other
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.other";
};
* 注意文件權(quán)限  chgrp named named.rfc1912.zones.*
[root@cen7 named]#cat linuxtext.com.zone.other    建立數(shù)據(jù)庫
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      192.168.50.143
www                CNAME   websrv
ftp                A      192.168.50.127
[root@cen7 named]#cat linuxtext.com.zone.bj 
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      192.168.50.3
www                CNAME   websrv
ftp                A      192.168.50.100
[root@cen7 named]#cat linuxtext.com.zone.ssh
cat: linuxtext.com.zone.ssh: No such file or directory
[root@cen7 named]#cat linuxtext.com.zone.shh
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      172.16.100.43
www                CNAME   websrv
ftp                A      172.16.100.143
* 注意文件權(quán)限  chgrp named linuxtext.com.zone.*
測試結(jié)果：
測試機ip 172.16.100.22
[root@centos7 ~]#dig www.linuxtext.com

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> www.linuxtext.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22184
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   172.16.100.43

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 2 msec
;; SERVER: 192.168.50.2#53(192.168.50.2)
;; WHEN: Mon Jul 27 10:20:48 CST 2020
;; MSG SIZE  rcvd: 117
測試機IP 192.168.50.133
[root@localhost ~]# dig www.linuxtext.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> www.linuxtext.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11355
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   192.168.50.3

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 2 msec
;; SERVER: 192.168.50.2#53(192.168.50.2)
;; WHEN: 一 7月 27 10:31:42 CST 2020
;; MSG SIZE  rcvd: 117
測試機IP other
[root@cen7 ~]#dig www.linuxtext.com @127.0.0.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> www.linuxtext.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33620
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   192.168.50.143

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 27 10:33:17 CST 2020
;; MSG SIZE  rcvd: 117

3亥曹、編譯安裝Mariadb邓了，并啟動后可以正常登錄
官網(wǎng)下載源碼安裝包：https://mariadb.org/download

mkdir /data/mysql 
useradd -r -s /sbin/nologin -d /data/mysql/ mysql 創(chuàng)建系統(tǒng)用戶MySQL并建立家目錄   
chown mysql.mysql /data/mysql
tar xvf mariadb-vision.tar.gz  解壓源碼包
安裝包
yum install bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel gcc gcc-c++ cmake ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
[root@cen7 mysql]cd mariadb-10.2.18/
[mariadb-10.2.18/]#cmake . \
-DCMAKE_INSTALL_PREFIX=/app/mysql \    安裝根目錄
-DMYSQL_DATADIR=/data/mysql/ \                數(shù)據(jù)庫 數(shù)據(jù)目錄
-DSYSCONFDIR=/etc/ \
-DMYSQL_USER=mysql \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
-DWITH_DEBUG=0 \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_ZLIB=system \
-DWITH_LIBWRAP=0 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci
[root@cen7 mysql]#make && make install  編譯安裝

[root@cen7 mariadb-10.2.25]#echo 'PATH=/app/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@cen7 mariadb-10.2.25]#. /etc/profile.d/mysql.sh 
[root@cen7 mariadb-10.2.25]#cd /app/mysql/    生成數(shù)據(jù)庫文件
[root@cen7 mysql]#scripts/mysql_install_db --datadir=/data/mysql/ --user=mysql
root@cen7 mysql]#cp /app/mysql/support-files/my-huge.cnf /etc/my.cnf  準備啟動腳本
cp: overwrite ‘/etc/my.cnf’? y
[root@cen7 mysql]#cp /app/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@cen7 mysql]#chkconfig --add mysqld ;service mysqld start     啟動服務(wù)
Starting mysqld (via systemctl):                           [  OK  ]
[root@cen7 mysql]#mysql           測試
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.2.25-MariaDB-log Source distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [