centos 7 DNS部署

支持轮询的bind9的部署方法：

yum install bind -y
cat /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
#设置转发的公网DNS服务器地址;
forwarders{114.114.114.114;8.8.8.8;};
recursion yes;
dnssec-enable no;
dnssec-validation no;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

#增加解析域名daxmall.com;
zone "daxmall.com" {
type master;
file "/var/named/daxmall.com";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

cat /var/named/daxmall.com
$TTL 3H
@ IN SOA @ daxmall.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum 
NS @
A 127.0.0.1
AAAA ::1

oms-api IN A 192.168.89.131
oms-api IN A 192.168.89.132
oms-api IN A 192.168.89.133
oms-api IN A 192.168.89.130
pms-api IN A 192.168.89.134
pms-api IN A 192.168.89.136
pims-api IN A 192.168.89.133
pims-api IN A 192.168.89.139
cshop-api IN A 192.168.89.135
cshop-api IN A 192.168.89.139
report-api IN A 192.168.89.137
report-api IN A 192.168.89.135
vendor-api IN A 192.168.89.132
vendor-api IN A 192.168.89.133
* IN A 121.201.72.173

注意要把iptables关闭。
启动服务：
systemctl start named 
查看服务状态：
systemctl status named
重启服务：
systemctl restart named

不支持轮询但配置简单的dnsmasq部署方法：

yum install -y dnsmasq

cat /etc/dnsmasq.conf

no-hosts    #不加载本地的/etc/hosts文件
local-ttl=3600  #本地缓存时间，通常不要求缓存本地，这样更改hosts文件后即使生效
cache-size=1000000  #最大缓存条数
dns-forward-max=1000000
listen-address=127.0.0.1,192.168.89.131  #如果想要这台服务器做解析，就要填上自己的地址，并且填上127.0.0.1的地址
resolv-file=/etc/resolv.dnsmasq.conf   #这个文件是可以自定义的，我就跟随大流，直接复制了一份resolv.conf改了名称就用了
all-servers   #这条语句的意思就是如果本地没查询到，则想我们的resolv.dnsmasq.conf文件中所有的DNS查询，谁查到的快就用谁的
log-queries  #开启日志选项
log-facility=/var/log/dnsmasq/dnsmasq.log
log-async=100    #异步log,缓解阻塞，提高性能。默认为5，最大为100
conf-dir=/etc/dnsmasq.d  #作用其实就是说明该目录下的所有.conf文件都是要做解析的

增加以下配置文件：

cat  /etc/dnsmasq.d/daxmall.conf 

address=/oms-api.daxmall.com/10.0.6.56
address=/pms-api.daxmall.com/10.0.6.53
address=/pims-api.daxmall.com/10.0.6.52

增加DNS转发配置文件：

cat /etc/resolv.dnsmasq.conf 
nameserver 114.114.114.114
nameserver 8.8.8.8

二种方法各有优点，使用在生产环境的时间看自己的具体业务需求选择。

生产建议部署二台做冗余备份。客户端就可以配置2个DNSIP一主一从。