Installing and Configuring Sun Cluster HA for DNS

This chapter describes the steps to install and configure the Sun Cluster HA for Domain Name Service (DNS) data service on your Sun Cluster servers.

This chapter contains the following sections.

• Overview of the Installation and Configuration Process for Sun Cluster HA for DNS

• Installing DNS

• Installing the Sun Cluster HA for DNS Packages

• Registering and Configuring Sun Cluster HA for DNS

• Verifying Data Service Installation and Configuration

• Tuning the Sun Cluster HA for DNS Fault Monitor

You must configure Sun Cluster HA for DNS as a failover data service. See Chapter 1, Planning for Sun Cluster Data Services, in Sun Cluster Data Services Planning and Administration Guide for Solaris OS and the Sun Cluster Concepts Guide for Solaris OS document for general information about data services, resource groups, resources, and other related topics.

The Sun Cluster HA for DNS can be configured to run in a whole root or a sparse root non-global zone, if required.

Overview of the Installation and Configuration Process for Sun Cluster HA for DNS

The following table lists the sections that describe the installation and configuration tasks.

Installing DNS

This section describes the steps to install DNS and to enable DNS to run as Sun Cluster HA for DNS.

Sun Cluster HA for DNS uses the Internet Domain Name Server (in.named) software that is bundled with the Solaris 8, Solaris 9, and Solaris 10 operating systems. See the in.named(1M) man page for information about how to set up DNS. The Sun Cluster configuration involves the following differences.

• The DNS database is located on the cluster file system, not a local file system.

• A network resource (relocatable IP address), not the name of a physical host, identifies the name of a DNS server.

How to Install DNS

This section describes how to install the DNS.

1. On a cluster member, become superuser or assume a role that provides solaris.cluster.admin RBAC authorization.

2. Decide on the network resource that will provide the DNS service.

   This name should be an IP address (logical hostname) that you set up when you install the Sun Cluster software. See the Sun Cluster Concepts Guide for Solaris OS document for details about network resources.

3. Ensure that the DNS executable (in.named) is in the directory /usr/sbin.

   The DNS executable is bundled with the Solaris 8, Solaris 9, and Solaris 10 operating systems. Ensure that this executable is located in the /usr/sbin directory before you begin the installation.

4. Create directory structure /global/dns/named on the cluster file system to hold the DNS configuration files (at level /global/dns) and database files (at level /global/dns/named).

   See the Sun Cluster Software Installation Guide for Solaris OS for information on how to set up cluster file systems.

   # mkdir -p /global/dns/named

5. Place the configuration file for DNS, named.conf or named.boot, under the /global/dns directory.

   If you have already installed DNS, you can copy the existing named.conf or named.boot file to the /global/dns directory. Otherwise, create a named.conf file in this directory. See the in.named(1M) man page for information on the types of entries to place in named.conf or named.boot. Either the named.conf file or the named.boot file must exist. Both files can exist.

6. Place all of the DNS database files (listed in the named.conf file) under the /global/dns/named directory.

7. On all of the clients of Sun Cluster HA for DNS, create an entry for the network resource of the DNS service in the /etc/resolv.conf file.

   On all of the nodes or zones, edit the /etc/resolv.conf file to contain the network resource. The following example shows the entries for a four-node configuration (phys-schost-1, phys-schost-2, phys-schost-3, and phys-schost-4) with the logical hostname schost-1.eng.sun.com.

   domain eng.sun.com ; schost-1.eng.sun.com (Only entry to be added if the file is already present.)   nameserver 192.29.72.90   ; phys-schost-2.eng nameserver 129.146.1.151   ; phys-schost-3.eng nameserver 129.146.1.152   ; phys-schost-4.eng nameserver 129.144.134.19   ; phys-schost-1.eng nameserver 129.144.1.57

   Make the network resource the first entry after the domain name. DNS attempts to use the addresses in the order that they are listed in the resolv.conf file to access the server.

   ---

   Note –

   If the /etc/resolv.conf is already present on the nodes or zones, just add the first entry that shows the logical hostname in the preceding example. The order of the entries determines the order in which DNS tries to access the server.

   ---

8. On all of the cluster nodes or zones, edit the /etc/inet/hosts file to create an entry for the network resource of the DNS service.

   In the following example, perform these steps.

   • Replace the IPaddress variable with your actual IP address, such as 129.146.87.53.

   • Replace the logical-hostname variable with your actual network resource (logical hostname).

   127.0.0.1 localhost IPaddress logical-hostname

9. On all of the cluster nodes or zones, edit the /etc/nsswitch.conf file to add the string dns after cluster and files to the hosts entry.

   Example:

   hosts: cluster files dns

10. On all of the cluster nodes or zones, test DNS.

    The following example shows how to test DNS.

    # /usr/sbin/in.named -c /global/dns/named.conf # nslookup phys-schost-1

11. On all of the cluster nodes or zones, stop DNS.

    Be sure to stop the in.named executable before you proceed.

    # pkill -x in.named

Next Steps

If you installed the Sun Cluster HA for DNS packages during your Sun Cluster installation, go to Registering and Configuring Sun Cluster HA for DNS. Otherwise, go to Installing the Sun Cluster HA for DNS Packages.

Installing the Sun Cluster HA for DNS Packages

If you did not install the Sun Cluster HA for DNS packages during your initial Sun Cluster installation, perform this procedure to install the packages. To install the packages, use the Sun Java Enterprise System Common Installer.

How to Install the Sun Cluster HA for DNS Packages

Perform this procedure on each cluster node where you are installing the Sun Cluster HA for DNS packages.

You can run the Sun Java Enterprise System Common Installer with a command-line interface (CLI) or with a graphical user interface (GUI). The content and sequence of instructions in the CLI and the GUI are similar.

Even if you plan to configure this data service to run in non-global zones, install the packages for this data service in the global zone. The packages are propagated to any existing non-global zones and to any non-global zones that are created after you install the packages.

Before You Begin

Ensure that you have the Sun Java^TM Availability Suite DVD-ROM.

If you intend to run the Sun Java Enterprise System Common Installer with a GUI, ensure that your DISPLAY environment variable is set.

1. On the cluster node where you are installing the data service packages, become superuser.

2. Load the Sun Java Availability Suite DVD-ROM into the DVD-ROM drive.

   If the Volume Management daemon vold(1M) is running and configured to manage DVD-ROM devices, the daemon automatically mounts the DVD-ROM on the /cdrom directory.

3. Change to the Sun Java Enterprise System Common Installer directory of the DVD-ROM.

   • If you are installing the data service packages on the SPARC® platform, type the following command:

     # cd /cdrom/cdrom0/Solaris_sparc

   • If you are installing the data service packages on the x86 platform, type the following command:

     # cd /cdrom/cdrom0/Solaris_x86

4. Start the Sun Java Enterprise System Common Installer.

   # ./installer

5. When you are prompted, accept the license agreement.

   If any Sun Java Enterprise System components are installed, you are prompted to select whether to upgrade the components or install new software.

6. From the list of Sun Cluster agents under Availability Services, select the data service for Domain Name Service (DNS).

7. If you require support for languages other than English, select the option to install multilingual packages.

   English language support is always installed.

8. When prompted whether to configure the data service now or later, choose Configure Later.

   Choose Configure Later to perform the configuration after the installation.

9. Follow the instructions on the screen to install the data service packages on the node.

   The Sun Java Enterprise System Common Installer displays the status of the installation. When the installation is complete, the wizard displays an installation summary and the installation logs.

10. (GUI only) If you do not want to register the product and receive product updates, deselect the Product Registration option.

    The Product Registration option is not available with the CLI. If you are running the Sun Java Enterprise System Common Installer with the CLI, omit this step

11. Exit the Sun Java Enterprise System Common Installer.

12. Unload the Sun Java Availability Suite DVD-ROM from the DVD-ROM drive.

    1. To ensure that the DVD-ROM is not being used, change to a directory that does not reside on the DVD-ROM.

    2. Eject the DVD-ROM.

       # eject cdrom

Next Steps

See Registering and Configuring Sun Cluster HA for DNS to register Sun Cluster HA for DNS and to configure the cluster for the data service.

Registering and Configuring Sun Cluster HA for DNS

This procedure describes how to use the clresource(1CL)command to register and configure Sun Cluster HA for DNS.

Other options also enable you to register and configure the data service. See Tools for Data Service Resource Administration in Sun Cluster Data Services Planning and Administration Guide for Solaris OS for details about these options.

Setting Sun Cluster HA for DNS Extension Properties

The sections that follow contain instructions for registering and configuring Sun Cluster HA for DNS resources. For information about the extension properties, see Appendix A, Sun Cluster HA for DNS Extension Properties. The Tunable entry indicates when you can update a property.

See Appendix B, Standard Properties, in Sun Cluster Data Services Planning and Administration Guide for Solaris OS for details about all the Sun Cluster properties.

To set an extension property of a resource, include the following option in the clresource(1CL) command that creates or modifies the resource:

-p property=value 

-p property

Identifies the extension property that you are setting.

value

Specifies the value to which you are setting the extension property.

You can also use the procedures in Chapter 2, Administering Data Service Resources, in Sun Cluster Data Services Planning and Administration Guide for Solaris OS to configure resources after the resources are created.

How to Register and Configure Sun Cluster HA for DNS

This section describes how to register and configure Sun Cluster HA for DNS.

To perform this procedure, you need the following information about your configuration.

• The name of the resource type for Sun Cluster HA for DNS. This name is SUNW.dns.

• The names of the cluster nodes that master the data service.

• The network resource that clients use to access the data service. You normally set up this IP address when you install the cluster. See the Sun Cluster Concepts Guide for Solaris OS document for details about network resources.

• The path to the DNS configuration files, which you must install on a cluster file system. This path maps to the Config_dir resource property that is configured in this procedure.

Perform this procedure on any cluster member.

1. On a cluster member, become superuser or assume a role that provides solaris.cluster.admin RBAC authorization.

2. Disable the SMF service /network/dns/server:default.

   Perform this step before starting any Sun Cluster HA for DNS resource.

   In the event of any failure in the initial primary node or zone, failover is possible only if the Service Management Facility (SMF) service /network/dns/server:default is disabled. On all potential primary nodes, disable this service by running the following command.

   # svcadm disable /network/dns/server:default

3. Register the resource type for the data service.

   # clresourcetype register SUNW.dns

   SUNW.dns

   Specifies the predefined resource type name for your data service.

4. Create a resource group for network and DNS resources to use.

   You can use the -n option to optionally select the set of nodes or zones on which the data service can run.

   # clresourcegroup create [-n node-zone-list] resource-group

   [-n node-zone-list]

   Specifies a comma-separated, ordered list of zones that can master this resource group. The format of each entry in the list is node. In this format, node specifies the node name and zone specifies the name of a non-global Solaris zone. To specify the global zone, or to specify a node without non-global zones, specify only node.

   This list is optional. If you omit this list, the global zone of each cluster node can master the resource group.

   resource-group

   Specifies the name of the resource group. This name can be your choice but must be unique for the resource groups within the cluster.

5. Add network resources to the resource group.

   For example, run the following command to add a logical hostname to a resource group.

   # clreslogicalhostname create -g resource-group -h logical-hostname [logical-hostname] \ [-N netiflist] logical-hostname

   -h logical-hostname

   Specifies a comma-separated list of network resources (logical hostname). If you require a fully qualified hostname, you must specify the fully qualified name with the -h option and you cannot use the fully qualified form in the resource name.

   -N netiflist

   Specifies an optional, comma-separated list that identifies the IP Networking Multipathing groups that are on each node or zone. The format of each entry in the list is netif@node. The replaceable items in this format are as follows:

   netif

   Specifies an IPMP group name, such as sc_ipmp0, or a public network interface card (NIC). If you specify a public NIC, Sun Cluster attempts to create the required IPMP groups.

   node

   Specifies the name or ID of a node. To specify the global zone, or to specify a node without non-global zones, specify only node.

   ---

   Note –

   Sun Cluster does not currently support the use of the adapter name for netif.

   ---

6. Add a DNS application resource to the resource group.

   # clresource create -g resource-group \ -t SUNW.dns -p Resource_Dependencies=network-resource,… \ -p Port_list=port-number/protocol -p DNS_mode=config-file \ -p Confdir_list=config-directory resource

   The resource is created in the enabled state.

   -t SUNW.dns

   Specifies the name of the resource type to which this resource belongs. This entry is required.

   -p Resource_Dependencies=network-resource, …

   Specifies a comma-separated list of network resources (logical hostnames) that DNS will use. If you do not specify this property, the value defaults to all the network resources that are contained in the resource group.

   -p Port_list=port-number/protocol

   Specifies a port number and the protocol to be used. If you do not specify this property, the value defaults to 53/udp.

   -p DNS_mode=config-file

   Specifies the configuration file to use, either conf (which specifies the file named.conf) or boot (which specifies the file named.boot). If you do not specify this property, the value defaults to conf.

   -p Confdir_list=config-directory

   Specifies the DNS configuration directory, which must be on the cluster file system. Sun Cluster HA for DNS requires this extension property. The `directory' directive in the global portion (options) of the named.conf should match this value.

   resource

   Specifies the DNS application resource name.

7. Run the clresourcegroup(1CL) command to complete the following tasks.

   • Enable the resource and fault monitoring.

   • Move the resource group into a managed state.

   • Bring the resource group online.

   # clresourcegroup online -M resource-group

   -M

   Moves all resources within the resource group to the MANAGED state.

   resource-group

   Specifies the name of the resource group.

Example 1 Registering Failover Sun Cluster HA for DNS

The following example shows how to register Sun Cluster HA for DNS on a two-node cluster. Note that at the end, the clresourcegroup command starts Sun Cluster HA for DNS.

Cluster Information
Node names: phys-schost-1, phys-schost-2
Logical hostname: schost-1
Resource group: resource-group-1 (for all the resources)
Resources: schost-1 (logical hostname), dns-1 (DNS application resource)

(Disable the SMF service /network/dns/server:default.) 
# svcadm disable /network/dns/server:default

(Register the DNS resource type.)
# clresourcetype register SUNW.dns
 
(Add the resource group to contain all the resources.)
# clresourcegroup create resource-group-1
 
(Add the logical hostname resource to the resource group.)
# clreslogicalhostname create -g resource-group-1 -h schost-1 schost-1 
 
(Add DNS application resources to the resource group.)
# clresource create -g resource-group-1 -t SUNW.dns \
-p Resource_Dependencies=schost-1 -p Port_list=53/udp \
-p DNS_mode=conf -p Confdir_list=/global/dns dns-1

(Bring the failover resource group online.)
# clresourcegroup online -M resource-group-1

Verifying Data Service Installation and Configuration

To verify that you have correctly installed and configured Sun Cluster HA for DNS, run the following command after you complete the procedure How to Register and Configure Sun Cluster HA for DNS.

# nslookup logical-hostname logical-hostname

In this example, logical-hostname is the name of the network resource that you have configured to service DNS requests—for example, schost-1—as shown in the previous registration example. The output should indicate that the network resource that you specified answered (served) the query.

Tuning the Sun Cluster HA for DNS Fault Monitor

The Sun Cluster HA for DNS fault monitor is contained in the resource that represents DNS. You create this resource when you register and configure Sun Cluster HA for DNS. For more information, see Registering and Configuring Sun Cluster HA for DNS.

System properties and extension properties of this resource control the behavior of the fault monitor. The default values of these properties determine the preset behavior of the fault monitor. The preset behavior should be suitable for most Sun Cluster installations. Therefore, you should tune the Sun Cluster HA for DNS fault monitor only if you need to modify this preset behavior.

For more information, see the following sections.

• Tuning Fault Monitors for Sun Cluster Data Services in Sun Cluster Data Services Planning and Administration Guide for Solaris OS

• Changing Resource Type, Resource Group, and Resource Properties in Sun Cluster Data Services Planning and Administration Guide for Solaris OS

• Appendix B, Standard Properties, in Sun Cluster Data Services Planning and Administration Guide for Solaris OS

Operations by the Fault Monitor During a Probe

The fault monitor probe uses the nslookup command to query the health of DNS. Before the probe actually queries the DNS server, a check is made to confirm that network resources are configured in the same resource group as the DNS data service. If no network resources are configured, an error message is logged, and the probe exits with failure.

The result of the nslookup command can be either failure or success. If DNS successfully replied to the nslookup query, the probe returns to its infinite loop, waiting for the next probe time.

If the nslookup fails, the probe considers this scenario a failure of the DNS data service and records the failure in its history. The DNS probe considers every failure a complete failure.

Based on the success or failure history, a failure can cause a local restart or a data service failover. Tuning Fault Monitors for Sun Cluster Data Services in Sun Cluster Data Services Planning and Administration Guide for Solaris OS further describes this action.