 |
|
Correlator DNS Service
Server Configuration
Both server-1 and server-2 provide DNS service to the correlator. Server-2 should be considered a backup to server-1.Daemon
On ther servers DNS is implemented using the named-chroot software provided by Red Hat. This runs in a chroot located below /var/named. The zone files are located in /var/named. The service is controlled throughsystemd. To refresh the service after changing the zone files do systemctl restart named-chroot (This service does not support the systemd reload command).
The servers allow lookup to proceed to an external DNS so that the rest of the internet can be accessed if desired. The AOC cluster uses the NRAO name servers {mala, zia}.aoc.nrao.edu. This is configuration is set in /etc/resolv.conf.
Protections and SE Linux Issues
The servers need appropriate access to the zone files and log directories in /var/named. The files must have the appropriate protections to allow the daemon, running as named:named to access the files. In addition the files need the correct SELinux contexts; performingrestorecon on the files will usually ensure that the appropriate context is applied. When files are moved or copied from elsewhere (e.g., during patching) they may be labelled incorrectly and daemon startup will be incomplete or unsuccessful. In addtion, an SELinux bool is set to allow named to write the zone files. This was set using setsebool -P named_write_master_zones on; the -P switch is needed to make the change permanent.
External Name Resolution
- The test cluster uses NRAO namservers for external addresses.
- The USNO cluster uses google nameservers (8.8.8.8 and 8.8.4.4) to resolve external addresses. The NRAO name servers do not allow access from the USNO cluster.
Internal Domain Names
All the correlator hosts are in the domain usno.nrao.edu; this is true on both the DC and AOC clusters. The correlators have up to three subnets:| Subnet | AOC | DC |
| 10.1.38 | Not present | Disk Net Infiniband Used to allows nodes swc-001..016 to access the fileservers via an Infiniband fabric not shared with the other correlator nodes (swc-017..swc-064). Hosts on this net use the admin net DNS name suffixed with "-disk" (e.g., |
| 10.1.36 | Admin net 1G Ethernet Used to administer the correlator. N.B., The two servers are not located on either of the two high-speed subnets. |
Admin net 1G Ethernet Used to administer the correlator. N.B., The two servers are not located on either of the two high-speed subnets. |
| 10.1.37 | Data Net Infiniband Allows all correlator nodes and the file servers to share data.Names for hosts on this subnet use the admin net DNS name suffixed with "-data" (e.g., |
Data Net Infiniband Allows nodes swc-001..064 to share data. Fileservers are not on this subnet. Names for hosts on this subnet use the admin net DNS name suffixed with "-data" (e.g., |
- Webs
-
ALMA
- NAASC
- SCIIPT
- CDL
- CICADA
- Ccs
- Littlethings
- Cville
- DSAA
- EVLA
- FASR
- GB
- Computing
- Data
- Dynamic
- Electronics
- Gbtpipeline
- Knowledge
- Mechanical
- Observing
- WbandVLBACal
- Obsreports
- Operate
- PTCS
- OOF
- ServoImprovementsHome
- ServoSiteAcceptTestProcs
- Pennarray
- Projects
- Recreation
- Scicenter
- Skynet
- Software
- CLEO
- StaffEvents
- TACTool
- HPC
- JVLA
- KPAF
- Library
- Main
- Metrics
- NGVLA
- NM
- Computing
- Electronics
- OSAA
- OSX
- SRDP
- Software
- Algorithms
- CASA
- Splat
- System
- VLBA
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding NRAO Public Wiki? Send feedback