f5d3ee4b79
This will allow us to create new nameservers in the opendev.org domain. We will replace the existing servers once these are bootstrapped. Some lines are commented pending server creation. Change-Id: If71e3f87a9d7a83d80cff053874c84411b248515
41 lines
915 B
ReStructuredText
41 lines
915 B
ReStructuredText
:title: DNS
|
|
|
|
.. _dns:
|
|
|
|
DNS
|
|
###
|
|
|
|
The project runs authoritative DNS servers for any constituent
|
|
projects that wish to use them. The servers run NSD.
|
|
|
|
At a Glance
|
|
===========
|
|
|
|
:Hosts:
|
|
* ns1.openstack.org
|
|
* ns2.openstack.org
|
|
* ns1.opendev.org
|
|
* ns2.opendev.org
|
|
:Puppet:
|
|
* :cgit_file:`manifests/site.pp`
|
|
:Projects:
|
|
* https://github.com/icann-dns/puppet-nsd
|
|
* https://www.nlnetlabs.nl/projects/nsd/
|
|
|
|
Adding a Zone
|
|
=============
|
|
|
|
To add a new zone, add an entry to :cgit_file:`manifests/site.pp`,
|
|
:cgit_file:`modules/openstack_project/manifests/master_nameserver.pp` and
|
|
create a new git repository to hold the contents of the zone.
|
|
|
|
Run::
|
|
|
|
dnssec-keygen -a RSASHA256 -b 2048 -3 example.net
|
|
dnssec-keygen -a RSASHA256 -b 2048 -3 -fk example.net
|
|
|
|
And add the resulting files to the `dnssec_keys` key in the
|
|
`group/adns.yaml` private hiera file on puppetmaster.
|
|
|
|
.. note:: This section will be expanded.
|