RHEL5 BIND in PROD
Warren Kumari
warren at kumari.net
Tue Mar 15 15:39:22 UTC 2011
So, how many servers are you talking about?
After having tried to use the distribution supplied packages (for multiple distributions) my opinion is that building from source is the right answer for BIND. The distributions lag more than I'm comfortable with, and BIND builds cleanly from source with mo muss, no fuss....
For a small number of devices (4 or 5ish) building from source on each box is not *too* hard. For anything more than that, you should be using some sort of system management / configuration thing -- personally I'm partial to Puppet. Trust me, the 2 or 3 days that you will burn getting it all setup and recipes written will more than pay for itself... Being able to bump the version number on a single node, confirm it works, then change the version on the default node and have all your boxes scurry off any upgrade themselves is wickedly fun....
Installing a new box used to be a multi day event, with much scampering around, package installing, kvetching abut the fact that emacs, bc, tcpdump, traceroute, etc are not installed by default, backup system configuration, kerberos key-diddling, ssh key poking, etc. Now it is:
PXE boot / kickstart a base image.
Enroll box in puppet: apt-get install puppet; puppet agent --waitforcert 60 --test; <on server>sudo puppet cert --sign newbox.example.com
<have coffee, read XKCD for 20 minutes (I read slow!)>
Profit!
W
On Mar 15, 2011, at 6:45 AM, Mike Diggins wrote:
>
> I'm about to transition my name servers from Solaris 10 to RedHat Linux 5.6. I'm debating whether to compile BIND directly from source as I usually do or use one of the RHEL packages, likely the newly released 9.7.0-6.P2. I would like to make our DNS a little more appliance based to ease some of the support burden. I'm also concerned with stability over new features. I'm interested to know what others are doing.
>
> -Mike
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list