dnsmasq设置域名解析

一、安装dnsmasq

[root@10-13-181-14 ~]# yum -y install dnsmasq
[root@10-13-181-14 ~]# systemctl enable dnsmasq

二、dnsmasq配置文件

[root@10-13-181-14 ~]# rpm -ql dnsmasq
/etc/dbus-1/system.d/dnsmasq.conf
/etc/dnsmasq.conf
/etc/dnsmasq.d
/usr/lib/systemd/system/dnsmasq.service
/usr/sbin/dnsmasq
/usr/share/doc/dnsmasq-2.76
/usr/share/doc/dnsmasq-2.76/CHANGELOG
/usr/share/doc/dnsmasq-2.76/COPYING
/usr/share/doc/dnsmasq-2.76/COPYING-v3
/usr/share/doc/dnsmasq-2.76/DBus-interface
/usr/share/doc/dnsmasq-2.76/FAQ
/usr/share/doc/dnsmasq-2.76/doc.html
/usr/share/doc/dnsmasq-2.76/setup.html
/usr/share/man/man8/dnsmasq.8.gz
/var/lib/dnsmasq

三、泛域名解析设置

设置 *openresty-dev.2haohr.com 解析为 10.13.30.224
设置 *openresty-test.2haohr.com 解析为 10.13.66.19

[root@10-13-181-14 ~]# cat /etc/dnsmasq.d/openresty.conf
address=/openresty-dev.2haohr.com/10.13.30.224
address=/openresty-test.2haohr.com/10.13.66.19

四、cname解析设置

[root@10-13-181-14 ~]# cat /etc/dnsmasq.d/address.conf
#dev
cname = dev.2haohr.com,waf.dev.2haohr.com
cname = i-dev.2haohr.com,waf.i-dev.2haohr.com
cname = api-dev.2haohr.com,waf.api-dev.2haohr.com
cname = wework-h5-dev.2haohr.com,waf.wework-h5-dev.2haohr.com

[root@10-13-181-14 ~]# cat /etc/hosts
# dev
124.70.67.17 waf.i-dev.2haohr.com
119.3.238.177 waf.i-dev.2haohr.com

124.70.67.17 waf.dev.2haohr.com
119.3.238.177 waf.dev.2haohr.com

124.70.67.17 waf.api-dev.2haohr.com
119.3.238.177 waf.api-dev.2haohr.com

124.70.67.17 waf.wework-h5-dev.2haohr.com
119.3.238.177 waf.wework-h5-dev.2haohr.com

五、语法检查

[root@10-13-181-14 ~]# dnsmasq -test

六、重启dnsmasq

[root@10-13-181-14 ~]# systemctl restart dnsmasq
[root@10-13-181-14 ~]# systemctl status dnsmasq

cat /etc/crontab

附：同步脚步

/root/shell/auth_create_hosts_index.sh

# !/bin/env bash
# huangjinsheng
# 触发自动生成hosts网页版 
# 触发自动同步dns服务器

file_input='/etc/hosts'
file_output='/usr/share/nginx/html/index.html'
create_time=$(date +%Y%m%d%H%M%S)

dns_slave_all="10.40.0.92 10.40.0.93"
dns_slave_port='18122'

#系统ip
test -e /usr/bin/curl || yum -y install curl
test -e /usr/sbin/ifconfig || yum -y install net-tools &>/dev/null
ip_gateway=$(route -n|tail -n +3|awk '{print $2}'|grep -v '0.0.0.0')
ip_interface=$(route -n|grep $ip_gateway |awk '{print $NF}')
ucloud_ip=$(ifconfig ${ip_interface}|grep inet|awk '{print $2}')

td_str=''

function create_html_head(){
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />'
  echo -e "<html>
    <body>
      <h1>dns文件生成时间-${create_time}-当前dns节点-${ucloud_ip}</h1>"
}

function create_table_head(){
  echo -e "<table border="0">"
}

function create_td(){
#  if [ -e ./"$1" ]; then
    echo $1
    td_str=`echo $1 | awk 'BEGIN{FS="|"}''{i=1; while(i<=NF) {print "<td>"$i"</td>";i++}}'`
    echo $td_str
#  fi
}

function create_tr(){
  create_td "$1"
  echo -e "<tr>
    $td_str
  </tr>" >> $file_output
}

function create_table_end(){
  echo -e "</table>"
}

function create_html_end(){
  echo -e "</body></html>"
}


function create_html(){
  rm -rf $file_output
  touch $file_output

  create_html_head >> $file_output
  create_table_head >> $file_output

  while read line
  do
    echo $line
    create_tr "$line" 
  done < $file_input

  create_table_end >> $file_output
  create_html_end >> $file_output
}

	if [ ! -f /tmp/auth_create_hosts_index_md5sum.txt ];then
		echo "md5对比文件/tmp/auth_create_hosts_index_md5sum.txt不存在,正在生成.."
		md5sum /etc/hosts > /tmp/auth_create_hosts_index_md5sum.txt
	else


		echo "md5对比文件/tmp/auth_create_hosts_index_md5sum.txt存在,正在检验.."
		md5sum_file=$(cat /tmp/auth_create_hosts_index_md5sum.txt |awk '{print $1}')
		if [ $(md5sum /etc/hosts |awk '{print $1}') != ${md5sum_file} ];then
			echo "md5校验结果:dns解析文件/etc/hosts已经被修改.触发nginx默认网页生成.."
	
			mtime_ymd=$(stat /etc/hosts|grep -E "Modify"|awk '{print $2}')
			mtime_HMS=$(stat /etc/hosts|grep -Ei "Modify" |awk '{print $3}'|awk -F":" '{print $1"-"$2"-"$3}'|awk -F"." '{print $1}')
			mtime=${mtime_ymd}-${mtime_HMS}
	
			[ -d /opt/dns/${mtime_ymd} ] || mkdir -p /opt/dns/${mtime_ymd}
			\cp -f /etc/hosts /opt/dns/${mtime_ymd}/hosts-${mtime} 	
	
			md5sum /etc/hosts &> /tmp/auth_create_hosts_index_md5sum.txt
			#create_html
			systemctl restart dnsmasq
			systemctl enable dnsmasq
	
			for dns_slave  in $dns_slave_all
			do
			echo "rsync ${dns_slave} -- "

				if [ $(ping -c3 ${dns_slave} 2>&1 |grep ttl|wc -l ) -ge 2 ];then
					echo "正在更新dns从服务器 ${dns_slave}"
					ssh -p${dns_slave_port} root@${dns_slave} "chattr -i /etc/hosts"
					ssh -p${dns_slave_port} root@${dns_slave} "rpm -qa |grep ^rsync &>/dev/null || yum -y install rsync"
				 	rsync -avz --delete -e "ssh -p ${dns_slave_port}" /etc/hosts root@${dns_slave}:/etc/hosts
	
	                	        ssh -p${dns_slave_port} root@${dns_slave} "rpm -qa |grep ^dnsmasq &>/dev/null || yum -y install dnsmasq"
					ssh -p${dns_slave_port} root@${dns_slave} "systemctl stop dnsmasq"	
				 	ssh -p${dns_slave_port} root@${dns_slave} "systemctl status dnsmasq"	
				 	ssh -p${dns_slave_port} root@${dns_slave} "systemctl restart dnsmasq"	
				 	ssh -p${dns_slave_port} root@${dns_slave} "systemctl enable dnsmasq"	
				 	ssh -p${dns_slave_port} root@${dns_slave} "systemctl status dnsmasq"
					ssh -p${dns_slave_port} root@${dns_slave} "chattr +i /etc/hosts"
				else
					echo "dns从服务器${dns_slave}故障..同步配置失败"
				fi
			done
		else 
			echo "md5校验结果:dns解析文件/etc/hosts与上次对比没有变化"
		fi
	fi
	echo " "

#create_html

cat /etc/crontab

#同步更新dns
* * * * * root sh  /root/shell/auth_create_hosts_index.sh &>/dev/null