| | 1 | = `marcos.mayfirst.org` = |
| | 2 | |
| | 3 | `marcos.mayfirst.org` is a simple xen domU hosting a dedicated resolving DNS cache for MF/PL. It was created in response to #765. |
| | 4 | |
| | 5 | It is hosted on [wiki:fred.mayfirst.org]. |
| | 6 | |
| | 7 | == Creation == |
| | 8 | |
| | 9 | I opted to go with debian lenny, since the new [DebianPackage:djbdns] packages are included upstream, and there will be no other services on the box. |
| | 10 | |
| | 11 | {{{ |
| | 12 | 0 fred:~# lvcreate --name marcos-disk --size 500M vg_fred0 |
| | 13 | Logical volume "marcos-disk" created |
| | 14 | 0 fred:~# mkfs -t ext3 /dev/mapper/vg_fred0-marcos--disk |
| | 15 | mke2fs 1.40-WIP (14-Nov-2006) |
| | 16 | Filesystem label= |
| | 17 | OS type: Linux |
| | 18 | Block size=1024 (log=0) |
| | 19 | Fragment size=1024 (log=0) |
| | 20 | 128016 inodes, 512000 blocks |
| | 21 | 25600 blocks (5.00%) reserved for the super user |
| | 22 | First data block=1 |
| | 23 | Maximum filesystem blocks=67633152 |
| | 24 | 63 block groups |
| | 25 | 8192 blocks per group, 8192 fragments per group |
| | 26 | 2032 inodes per group |
| | 27 | Superblock backups stored on blocks: |
| | 28 | 8193, 24577, 40961, 57345, 73729, 204801, 221185, 401409 |
| | 29 | |
| | 30 | Writing inode tables: done |
| | 31 | Creating journal (8192 blocks): done |
| | 32 | Writing superblocks and filesystem accounting information: done |
| | 33 | |
| | 34 | This filesystem will be automatically checked every 21 mounts or |
| | 35 | 180 days, whichever comes first. Use tune2fs -c or -i to override. |
| | 36 | 0 fred:~# mount /dev/mapper/vg_fred0-marcos--disk /mnt/ |
| | 37 | 0 fred:~# debootstrap lenny /mnt/ |
| | 38 | I: Retrieving Release |
| | 39 | I: Retrieving Packages |
| | 40 | I: Validating Packages |
| | 41 | I: Resolving dependencies of required packages... |
| | 42 | I: Resolving dependencies of base packages... |
| | 43 | I: Found additional base dependencies: libldap-2.4-2 |
| | 44 | I: Checking component main on http://ftp.debian.org/debian... |
| | 45 | I: Retrieving adduser |
| | 46 | ...[skip boring debootstrap output]... |
| | 47 | I: Configuring klogd... |
| | 48 | I: Configuring tasksel... |
| | 49 | I: Base system installed successfully. |
| | 50 | 0 fred:~# echo proc /proc proc defaults 0 0 > /mnt/etc/fstab |
| | 51 | 0 fred:~# echo /dev/sda1 / ext3 defaults,errors=remount-ro 0 1 >> /mnt/etc/fstab |
| | 52 | 0 fred:~# echo /dev/sda2 none swap sw 0 0 >> /mnt/etc/fstab |
| | 53 | 0 fred:~# echo >/mnt/etc/hosts '127.0.0.1 localhost |
| | 54 | 209.51.163.29 marcos.mayfirst.org marcos |
| | 55 | |
| | 56 | # The following lines are desirable for IPv6 capable hosts |
| | 57 | ::1 ip6-localhost ip6-loopback |
| | 58 | fe00::0 ip6-localnet |
| | 59 | ff00::0 ip6-mcastprefix |
| | 60 | ff02::1 ip6-allnodes |
| | 61 | ff02::2 ip6-allrouters |
| | 62 | ff02::3 ip6-allhosts |
| | 63 | ' |
| | 64 | 0 fred:~# echo marcos > /mnt/etc/hostname |
| | 65 | 0 fred:~# cp -a {,/mnt}/etc/network/if-up.d/add-he-routes |
| | 66 | 0 fred:~# cp -a {,/mnt}/etc/network/if-down.d/remove-he-routes |
| | 67 | 0 fred:~# emacs /mnt/etc/network/if-*.d/*-he-routes ## fix up to repair IP addresses and network interface designations |
| | 68 | 0 fred:~# lvcreate --size=200MB --name=marcos-swap vg_fred0 |
| | 69 | Logical volume "marcos-swap" created |
| | 70 | 0 fred:~# mkswap /dev/mapper/vg_fred0-marcos--swap |
| | 71 | Setting up swapspace version 1, size = 209711 kB |
| | 72 | no label, UUID=1fe97b9d-445b-458c-891b-925d23dfaa80 |
| | 73 | 0 fred:~# umount /mnt |
| | 74 | 0 fred:~# |
| | 75 | }}} |
| | 76 | |
| | 77 | Setting up the xen config: |
| | 78 | {{{ |
| | 79 | 0 fred:~# grep '^[^#]' /etc/xen/marcos |
| | 80 | kernel = '/boot/vmlinuz-2.6.18-6-xen-amd64' |
| | 81 | ramdisk = '/boot/initrd.img-2.6.18-6-xen-amd64' |
| | 82 | memory = '64' |
| | 83 | root = '/dev/sda1 ro' |
| | 84 | disk = [ 'phy:vg_fred0/marcos-disk,sda1,w', 'phy:vg_fred0/marcos-swap,sda2,w' ] |
| | 85 | name = 'marcos' |
| | 86 | vif = [ 'ip=209.51.163.29' ] |
| | 87 | on_poweroff = 'destroy' |
| | 88 | on_reboot = 'restart' |
| | 89 | on_crash = 'restart' |
| | 90 | 0 fred:~# |
| | 91 | }}} |
| | 92 | |
| | 93 | Within the domU, once it was started, i did: |
| | 94 | {{{ |
| | 95 | aptitude install iproute less lsof emacs22-nox psmisc screen runit djbdns |
| | 96 | }}} |
| | 97 | |
| | 98 | I don't appear to need the kernel modules for this machine, since it is a dedicated host. |
| | 99 | |
| | 100 | Setting up the actual resolving name service: |
| | 101 | {{{ |
| | 102 | 0 marcos:~# lsof -i |
| | 103 | 1 marcos:~# adduser --system dnslog |
| | 104 | Adding system user `dnslog' (UID 100) ... |
| | 105 | Adding new user `dnslog' (UID 100) with group `nogroup' ... |
| | 106 | Creating home directory `/home/dnslog' ... |
| | 107 | 0 marcos:~# adduser --system dnscache |
| | 108 | Adding system user `dnscache' (UID 101) ... |
| | 109 | Adding new user `dnscache' (UID 101) with group `nogroup' ... |
| | 110 | Creating home directory `/home/dnscache' ... |
| | 111 | 0 marcos:~# dnscache-conf dnscache dnslog /srv/dnscache 209.51.163.29 |
| | 112 | 0 marcos:~# ln -s /srv/dnscache /etc/service |
| | 113 | 0 marcos:~# lsof -i |
| | 114 | COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME |
| | 115 | dnscache 1536 dnscache 3u IPv4 4816 UDP marcos.mayfirst.org:domain |
| | 116 | dnscache 1536 dnscache 4u IPv4 4817 TCP marcos.mayfirst.org:domain (LISTEN) |
| | 117 | 0 marcos:/srv/dnscache/root/ip# ip route |
| | 118 | 209.51.163.192/28 dev eth0 scope link src 209.51.163.29 |
| | 119 | 209.51.180.16/28 dev eth0 scope link src 209.51.163.29 |
| | 120 | 209.51.172.0/28 dev eth0 scope link src 209.51.163.29 |
| | 121 | 209.51.169.80/28 dev eth0 scope link src 209.51.163.29 |
| | 122 | 209.51.163.0/27 dev eth0 proto kernel scope link src 209.51.163.29 |
| | 123 | default via 209.51.163.1 dev eth0 |
| | 124 | 0 marcos:~# ls /srv/dnscache/root/ip/ | wc -l |
| | 125 | 1 |
| | 126 | 0 marcos:~# for BASE in 209.51.163.192 209.51.180.16 209.51.172.0 209.51.169.80 209.51.163.0 209.51.163.16; do for INC in $(seq 0 15) ; do LAST=${BASE#*.*.*.}; NEW=/srv/dnscache/root/ip/${BASE%.*}.$(( $LAST + $INC )); if [ ! -e $NEW ]; then touch $NEW; fi; done; done |
| | 127 | 0 marcos:~# ls /srv/dnscache/root/ip/ |
| | 128 | 97 |
| | 129 | 0 marcos:~# |
| | 130 | }}} |
