status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

website: Doc cleanup

This commit is contained in:
Armon Dadgar 2014-04-09 11:40:52 -07:00
parent 4a330a9644
commit a74c0668c6
3 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
website/source/docs/guides/forwarding.html.markdown
View File

@ -4,16 +4,19 @@ page_title: "Forwarding"
sidebar_current: "docs-guides-forwarding" sidebar_current: "docs-guides-forwarding"
--- ---
# Forwarding DNS queries from Bind To Consul # Forwarding DNS
In order to not have to run Consul as root and bind to port 53 it's best if By default DNS is served from port 53 which requires root privileges.
it's paired with Bind. Instead of running Consul as root, it is possible to instead run Bind
and forward queries to Consul as appropriate.
In this example, Bind and Consul are running on the same machine for simplicity but you should be able to separate them. In this example, Bind and Consul are running on the same machine for
simplicity but this is not required.
### DNSSEC ### Bind Setup
First, you have to disable DNSSEC so that Consul and Bind can communicate First, you have to disable DNSSEC so that Consul and Bind can communicate.
This is an example configuration:
options { options {
listen-on port 53 { 127.0.0.1; }; listen-on port 53 { 127.0.0.1; };
@ -46,15 +49,14 @@ Then we set up a zone for our Consul managed records in consul.conf:
forwarders { 127.0.0.1 port 8600; }; forwarders { 127.0.0.1 port 8600; };
}; };
## Complete the Setup Here we assume Consul is running with default settings, and is serving
DNS on port 8600.
Once those files are changed, restarted named (on RHEL this is just 'system named restart') and you should be done.
### Testing ### Testing
First, perform a DNS query against Consul directly to be sure that the record exists: First, perform a DNS query against Consul directly to be sure that the record exists:
[root@localhost ~]# dig @localhost -p 8600 master.redis.service.dc-1.consul. A [root@localhost ~]# dig @localhost -p 8600 master.redis.service.dc-1.consul. A
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.32.amzn1 <<>> @localhost master.redis.service.dc-1.consul. A ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.32.amzn1 <<>> @localhost master.redis.service.dc-1.consul. A
; (1 server found) ; (1 server found)
@ -76,7 +78,7 @@ First, perform a DNS query against Consul directly to be sure that the record ex
Then run the same query against your Bind instance and make sure you get a result: Then run the same query against your Bind instance and make sure you get a result:
[root@localhost ~]# dig @localhost -p 53 master.redis.service.dc-1.consul. A [root@localhost ~]# dig @localhost -p 53 master.redis.service.dc-1.consul. A
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.32.amzn1 <<>> @localhost master.redis.service.dc-1.consul. A ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.32.amzn1 <<>> @localhost master.redis.service.dc-1.consul. A
; (1 server found) ; (1 server found)
@ -98,8 +100,7 @@ Then run the same query against your Bind instance and make sure you get a resul
### Troubleshooting ### Troubleshooting
If you don't get an answer from Bind but you do get an answer from Consul then your best bet is to turn on the query log If you don't get an answer from Bind but you do get an answer from Consul then your best bet is to turn on the query log to see what's going on:
to see what's going on
[root@localhost ~]# rndc querylog [root@localhost ~]# rndc querylog
[root@localhost ~]# tail -f /var/log/messages [root@localhost ~]# tail -f /var/log/messages
@ -109,6 +110,5 @@ In there if you see errors like this:
error (no valid RRSIG) resolving error (no valid RRSIG) resolving
error (no valid DS) resolving error (no valid DS) resolving
Then DNSSEC is not disabled properly. If you see errors about network connections then verify that there are no firewall or Then DNSSEC is not disabled properly. If you see errors about network connections then verify that there are no firewall or routing problems between the servers running Bind and Consul
routing problems between the servers running Bind and Consul

4
website/source/docs/guides/index.html.markdown
View File

@ -15,11 +15,11 @@ The following guides are available:
* [Bootstrapping](/docs/guides/bootstrapping.html) - This guide covers bootstrapping a new * [Bootstrapping](/docs/guides/bootstrapping.html) - This guide covers bootstrapping a new
datacenter. This covers safely adding the initial Consul servers. datacenter. This covers safely adding the initial Consul servers.
* [DNS Forwarding](/docs/guides/forwarding.html) - Forward DNS queries from Bind to Consul
* [External Services](/docs/guides/external.html) - This guide covers registering * [External Services](/docs/guides/external.html) - This guide covers registering
an external service. This allows using 3rd party services within the Consul framework. an external service. This allows using 3rd party services within the Consul framework.
* [Forwarding](/docs/guides/forwarding.html) DNS queries from Bind to Consul
* TODO: Adding and removing servers * TODO: Adding and removing servers
* TODO: Joining datacenters * TODO: Joining datacenters

6
website/source/layouts/docs.erb
View File

@ -124,9 +124,13 @@
<a href="/docs/guides/bootstrapping.html">Bootstrapping</a> <a href="/docs/guides/bootstrapping.html">Bootstrapping</a>
</li> </li>
<li<%= sidebar_current("docs-guides-forwarding") %>>
<a href="/docs/guides/forwarding.html">DNS Forwarding</a>
</li>
<li<%= sidebar_current("docs-guides-external") %>> <li<%= sidebar_current("docs-guides-external") %>>
<a href="/docs/guides/external.html">External Services</a> <a href="/docs/guides/external.html">External Services</a>
</li> </li>
</ul> </ul>
</ul> </ul>