2020-07-21 第十三周dns服务及MariaDB编译安装

rndc flush 清除缓存记得关闭防火墙或允许开放53端口
1、简述DNS服务器原理，并搭建主-辅服务器。
DNS（Domain Name System，域名系统），因特网上作为域名和IP地址相互映射的一个分布式数据库，能够使用户更方便的访问互联网，而不用去记住能够被机器直接读取的IP数串。通过主机名，最终得到该主机名对应的IP地址的过程叫做域名解析（或主机名解析）。DNS协议运行在UDP协议之上，使用端口号53。
准备工作三台同网段可互通的linux服务器
主dns：192.168.8.10
从dns：192.168.8.11
测试机：192.168.8.12
关闭防火墙或开放53端口
安装dns服务

yum -y install bind                       安装dns服务包
[root@localhost ~]# vim /etc/named.conf       更改配置文件
options {
//      listen-on port 53 { 127.0.0.1; };  注释掉 或则件｛｝改为any  表示所有
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
//      allow-query     { localhost; };           
注释掉 或则件｛｝改为any  表示所有
[root@localhost ~]#vim /etc/named.rfc1912.zones 
zone "linuxtext.com" {
         type master;                                                      正向解析配置
         file "linuxtext.com.zone";
};  
zone "50.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.50.zone";                                   反向解析配置
};
[root@centos7localdomain ~]# cat /var/named/linuxtext.com.zone    区域正解析库
$TTL 86400                                                                                      
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )       2表示版本号 每次更改配置都要变大数字 才能让从服务器同步
                   NS    ns1                         主dns服务器IP
           NS    ns2                          从dns服务器ip
ns1                A      192.168.8.10
ns2                A      192.168.8.11
websrv             A      192.168.8.12
www                CNAME   websrv                    别名
ftp                A      192.168.8.127
jekens             A      192.168.8.115
[root@centos7localdomain ~]# cat /var/named/192.168.8.zone     区域反解析库
$TTL 86400
@             IN   SOA   ns1 admin    ( 1 3H 10M 12H 1H )
                   NS    ns1
                   NS    ns2
ns1                A      192.168.8.10
ns2                A      192.168.8.11
12                PTR     websrv.linuxtext.com
10                PTR     na1.linuxtext.com
127               PTR     ftp.linuxtext.com
测试：
[root@localhost ~]# host  jekens.linuxtext.com 192.168.8.11
Using domain server:
Name: 192.168.8.11
Address: 192.168.8.11#53
Aliases: 

jekens.linuxtext.com has address 192.168.8.115
[root@localhost ~]# host  jekens.linuxtext.com 192.168.8.10
Using domain server:
Name: 192.168.8.10
Address: 192.168.8.10#53
Aliases: 

jekens.linuxtext.com has address 192.168.8.115

2、搭建并实现智能DNS

yum -y install bind                       安装dns服务包
[root@localhost ~]# vim /etc/named.conf       更改配置文件
options {
//  listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    recursing-file  "/var/named/data/named.recursing";
    secroots-file   "/var/named/data/named.secroots";
//  allow-query     { localhost; };
acl beijing {                                               区域网段
    192.168.50.0/24;
    192.168.20.0/24;
};
acl shanghai {
    172.16.0.0/16;
    172.17.0.0/16;
};
acl other {
    any;
};
view view_beijing {                              对应的view配置
     match-clients { beijing;};
     include "/etc/named.rfc1912.zones.bj";
};
view view_shanghai {    
     match-clients { shanghai;};
     include "/etc/named.rfc1912.zones.shh";
};
view view_other {
     match-clients { other;};
     include "/etc/named.rfc1912.zones";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.shh  
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.shh";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.bj
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.bj";
};
[root@cen7 ~]#cat /etc/named.rfc1912.zones.other
include "/etc/named.root.key";
zone "linuxtext.com" {
         type master;
     file "linuxtext.com.zone.other";
};
* 注意文件权限  chgrp named named.rfc1912.zones.*
[root@cen7 named]#cat linuxtext.com.zone.other    建立数据库
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      192.168.50.143
www                CNAME   websrv
ftp                A      192.168.50.127
[root@cen7 named]#cat linuxtext.com.zone.bj 
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      192.168.50.3
www                CNAME   websrv
ftp                A      192.168.50.100
[root@cen7 named]#cat linuxtext.com.zone.ssh
cat: linuxtext.com.zone.ssh: No such file or directory
[root@cen7 named]#cat linuxtext.com.zone.shh
$TTL 86400
@             IN   SOA   ns1 admin    ( 2 3H 10M 12H 1H )
                   NS    ns1
ns1                A      192.168.50.2
websrv             A      172.16.100.43
www                CNAME   websrv
ftp                A      172.16.100.143
* 注意文件权限  chgrp named linuxtext.com.zone.*
测试结果：
测试机ip 172.16.100.22
[root@centos7 ~]#dig www.linuxtext.com

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> www.linuxtext.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22184
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   172.16.100.43

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 2 msec
;; SERVER: 192.168.50.2#53(192.168.50.2)
;; WHEN: Mon Jul 27 10:20:48 CST 2020
;; MSG SIZE  rcvd: 117
测试机IP 192.168.50.133
[root@localhost ~]# dig www.linuxtext.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> www.linuxtext.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11355
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   192.168.50.3

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 2 msec
;; SERVER: 192.168.50.2#53(192.168.50.2)
;; WHEN: 一 7月 27 10:31:42 CST 2020
;; MSG SIZE  rcvd: 117
测试机IP other
[root@cen7 ~]#dig www.linuxtext.com @127.0.0.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7_8.6 <<>> www.linuxtext.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33620
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.linuxtext.com.     IN  A

;; ANSWER SECTION:
www.linuxtext.com.  86400   IN  CNAME   websrv.linuxtext.com.
websrv.linuxtext.com.   86400   IN  A   192.168.50.143

;; AUTHORITY SECTION:
linuxtext.com.      86400   IN  NS  ns1.linuxtext.com.

;; ADDITIONAL SECTION:
ns1.linuxtext.com.  86400   IN  A   192.168.50.2

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 27 10:33:17 CST 2020
;; MSG SIZE  rcvd: 117

3、编译安装Mariadb，并启动后可以正常登录
官网下载源码安装包：https://mariadb.org/download

mkdir /data/mysql 
useradd -r -s /sbin/nologin -d /data/mysql/ mysql 创建系统用户MySQL并建立家目录   
chown mysql.mysql /data/mysql
tar xvf mariadb-vision.tar.gz  解压源码包
安装包
yum install bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel gcc gcc-c++ cmake ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
[root@cen7 mysql]cd mariadb-10.2.18/
[mariadb-10.2.18/]#cmake . \
-DCMAKE_INSTALL_PREFIX=/app/mysql \    安装根目录
-DMYSQL_DATADIR=/data/mysql/ \                数据库 数据目录
-DSYSCONFDIR=/etc/ \
-DMYSQL_USER=mysql \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DWITHOUT_MROONGA_STORAGE_ENGINE=1 \
-DWITH_DEBUG=0 \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_ZLIB=system \
-DWITH_LIBWRAP=0 \
-DENABLED_LOCAL_INFILE=1 \
-DMYSQL_UNIX_ADDR=/data/mysql/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci
[root@cen7 mysql]#make && make install  编译安装

[root@cen7 mariadb-10.2.25]#echo 'PATH=/app/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
[root@cen7 mariadb-10.2.25]#. /etc/profile.d/mysql.sh 
[root@cen7 mariadb-10.2.25]#cd /app/mysql/    生成数据库文件
[root@cen7 mysql]#scripts/mysql_install_db --datadir=/data/mysql/ --user=mysql
root@cen7 mysql]#cp /app/mysql/support-files/my-huge.cnf /etc/my.cnf  准备启动脚本
cp: overwrite ‘/etc/my.cnf’? y
[root@cen7 mysql]#cp /app/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@cen7 mysql]#chkconfig --add mysqld ;service mysqld start     启动服务
Starting mysqld (via systemctl):                           [  OK  ]
[root@cen7 mysql]#mysql           测试
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.2.25-MariaDB-log Source distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [