Agent

Step by Step Installation

Agent CentOS / CloudLinux Instractions

Installing – Adding the repository

CentOS 6

wget http://repo.nixpal.com/el6/nixpal-el6-1.2-2.el6.x86_64.rpm
yum localinstall nixpal-el6-1.2-2.el6.x86_64.rpm 

CentOS 7

wget http://repo.nixpal.com/el7/nixpal-el7-1.1-1.el7.x86_64.rpm
yum localinstall nixpal-el7-1.1-1.el7.x86_64.rpm 

CentOS 8

wget http://repo.nixpal.com/el8/nixpal-el8-1.1-1.el8.x86_64.rpm
yum localinstall nixpal-el8-1.1-1.el8.x86_64.rpm 

Now install zcloudagent

yum clean all
 
yum install zcloudagent 

Debian and Ubuntu Installation

Import the GPG key then get the nixpal.list file and just apt-get update. Complete command list:

wget -O /tmp/nixpal.key -q https://repo.nixpal.com/debian/KEY.gpg ; apt-key add /tmp/nixpal.key
wget -O /etc/apt/sources.list.d/nixpal.list https://repo.nixpal.com/debian/nixpal.list
apt-get update 

Import the GPG key then get the nixpal.list file and just apt-get update. Complete command list:

apt-get update ; apt-get install zcloudagent 

FreeBSD Installation

FreeBSD comes in a single .tar.gz package. 

Also Because of its nature we need curl and gcc.

pkg install curl
pkg install gcc
wget http://repo.nixpal.com/freebsd/zcloudagent-FreeBSD.tar.gz
tar -zxvf zcloudagent-FreeBSD.tar.gz
cd zcloudagent
 

You will see a install.FreeBSD.sh script. You can run it or inspect it first. zcloudagent binary goes to /usr/local/bin . zcloudagent.conf goes to /usr/local/etc/ and service file goes to /usr/local/etc/rc.d/ .

Don’t forget to enable the service to /etc/rc.conf and make changes to conf file. After editing /usr/local/etc/zcloudagent.conf you can enable and start service

service zcloudagent start
 

Configuring and starting zonecloud

Edit /etc/zcloudagent.conf

Add:

Controller URL without https://
Server’s Token
License information

Should look like that in the end

ZONES_FILE=/etc/named.conf
TOKEN=Vh2Pk7lg3i2zkMlC2gBVjRroNAAqw12XzxolKVg
SERVER_HOSTNAME=controller.yourdomain.com
UPDATE_INTERVAL=60
LOG_LEVEL=1
LICENSE=ZCAgent-xxxxxxxxxxx 

If the server is Debian/Ubuntu the only different is the location of named.conf. It should be ZONES_FILE=/etc/bind/named.conf

Enabling / Starting Zonecloud Agent

CentOS 6

chkconfig zcloudagent on
service zcloudagent start 

Centos 7/8 and Debian / Ubuntu

systemctl enable zcloudagent --now 

Check service if started  with “status”
Centos 6: service zcloudagent status

CentOS 7 / 8: systemctl status zcloudagent
Also check Controller web interface if the agent sending zone information

Configuring named.conf

We now need to tell our Bind which our nodes are:

We create a ACL with our NODES IPS:

acl "nodes" {
1.1.1.1; // ns1.domain.com
2.2.2.2; // ns2.domain.com
3.3.3.3; // ns3.domain.com
4.4.4.4; // ns4.domain.com
};

And then we add in options:

notify explicit;
//allow-query {"nodes";}; /* You should stop answering queries once Nodes are online but needed for migration */
allow-transfer {"nodes";};
allow-notify {"nodes";};

 

Let’s have a look of an Agent’s Cloudlinux 7 named.conf what looks like

include "/etc/rndc.key";
 
/* First of all we declare ACL with our Nodes (Our own DNS Servers) IPs */
/* Let's name this acl "nodes" */
 
acl "nodes" {
1.1.1.1; // ns1.mycompany.com
2.2.2.2; // ns2.mycompany.com
3.3.3.3; // ns3.mycompany.com
4.4.4.4; // ns4.mycompany.com
};
 
/* Then we leave the default -or edit as you need options (stats, versions, hostname, pid-file, directory */
/* The only change we need is recursion to be NO */
 
controls {
        inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};
 
options {
 
recursion no;
directory                "/var/named"; // the default
pid-file                 "/var/run/named/named.pid";
dump-file                "data/cache_dump.db";
statistics-file          "data/named_stats.txt";
version "";
hostname "";
 
/* BUT we don't serve DNS anymore, so we need to notify and allow transfer to our Nodes */
/* Also allow-query should be to any; for the first time if we also need the web server to serve DNS queries */
notify yes;
/* allow-query    {"nodes";}; */
allow-query {any;};
allow-transfer {"nodes";};
allow-notify   {"nodes";};
 
 
 
};
 
/* That's it. We don't need something else from named.conf. Everything else stays as is */
 
logging {
        channel default_log {
                file "/var/log/named/named.log" versions 5 size 128M;
                print-time yes;
                print-severity yes;
                print-category yes;
                severity warning;
        };
        category default { default_log; };
        category general { default_log; };
};
 
 
 
 
zone "my-zone-example.com" {
        type master;
        file "/var/named/my-zone-example.com.db";
};
....
....
.... 
The webserver now will stop answering queries if the allow-query set to nodes. That’s a node’s job. And it will notify / update the nodes and the nodes only.
Change to
allow-query {any;};
If you like also the webserver to serve / answer to DNS queries (For example when migrating from local to cluster DNS)

Questions? Issues?

Scroll to Top