Shulou(Shulou.com)06/02 Report--

Concept Docker is an open source application container engine. Docker allows developers to package their applications and dependency packages into a lightweight, portable container and publish them to any popular Linux machine. It can also be virtualized. Here I will use the docker container to quickly deploy the DNS domain name resolution server and quickly launch the # environment. 1. DNS server host: 172.18.0.2 domain name: dns.jkyst.xyz 2. Client machine: 172.18.0.3 domain name: client1.jkyst.xyz 3. Client machine: 172.18.0.4 domain name: client2.jkyst.xyz# deployment DNS here to say that the DNS service is provided by the bind software package, if you do not want to use docker for deployment You can also install bind-related software packages for deployment # # download related images download images can be downloaded using the following command: ```bash docker search image name / find relevant image docker pull image name / download related image

After searching, choose the version that suits you.

Root@ubuntu:~# docker search dns NAME DESCRIPTION STARS OFFICIAL AUTOMATED andyshinn/dnsmasq My dnsmasq brings all the boys to the yard,... [OK] jpillora/dnsmasq dnsmasq with a web UI 89 [OK] gists/dnscrypt-proxy A flexible DNS proxy, with support for encry... 18 [OK] tutum/dnsutils Provides DNS utilities like dig and nslookup 13 [OK] defreitas/dns-proxy-server Solve your DNS hosts from docker containers,... [OK] jedisct1/dnscrypt-server A non-censoring, non-logging, DNSSEC-capable... 11 [OK] certbot/dns-route53 Official build of EFF's Certbot with its plu... 10 [OK] root@ubuntu:~#

Download related images

Root@ubuntu:~# docker pull andyshinn/dnsmasqUsing default tag: latestlatest: Pulling from andyshinn/dnsmasq1eae7a7426b0: Pull complete 4e20cc818d2e: Pull complete Digest: sha256:dbd1c08714ee9d7a3edb2729eac7e4bea3b88553f14c4d7821526d612437e0b4Status: Downloaded newer image for andyshinn/dnsmasq:latestdocker.io/andyshinn/dnsmasq:latestroot@ubuntu:~# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEandyshinn/dnsmasq latest 831c17422076 20 months ago 4.88MBroot@ubuntu:~#

The above images are official images. Because hub is abroad, some images are slow to download, so I provide some domestic images here.

Hangzhou area: registry.cn-hangzhou.aliyuncs.com/stqc/

Beijing area: registry.cn-beijing.aliyuncs.com/stqc/

Official website (docker hub): because the address on the official website can be directly used: docker search blxt can be searched.

Note: since the image cannot provide the relevant list name, you can use docker search blxt to search, and the image name plus the domestic address above can be downloaded. I will give you an example below.

Root@ubuntu:~# docker search blxt/ / check what are the mirrors NAME DESCRIPTION STARS OFFICIAL AUTOMATEDblxt/nginx based on centos8 0 blxt/tomcat based on centos8 tomcat9 0 Blxt/mariadb based on centos8 image 0 blxt/mysql-proxy based on centos8 image 0 blxt/dns based on ubuntu DNS version bind9 0 Blxt/ubuntu ubuntu19 0 root@ubuntu:~# docker pull registry.cn-beijing.aliyuncs.com/stqc/dns / / download DNS image Using default tag: latestlatest: Pulling from stqc/dnsda6fc00e4d0b: Already exists c3c0be9d84b3: Already exists 9c1dda927878: Already exists 4b8880231fa0: Already exists a7d3d4ea8ca6: Already exists 6193a51f16ce: Pull complete Digest: sha256:25309761b9b046549b3488960d518fd234367748c899e2e3a58265f2c9cbc8f3Status: Downloaded newer image for registry.cn-beijing.aliyuncs. Com/stqc/dns:latestregistry.cn-beijing.aliyuncs.com/stqc/dns:latestroot@ubuntu:~# docker images / / View all local images REPOSITORY TAG IMAGE ID CREATED SIZEregistry.cn-beijing.aliyuncs.com/stqc/dns latest c24136df62ae 2 hours ago 376MBblxt/ubuntu Latest 182d872a6abe 5 weeks ago 327MBroot@ubuntu:~#

When you come here, the image is downloaded successfully.

Creating and starting a DNS container briefly introduces three ways to create a container

There are generally three ways to create a container. Let me briefly introduce these three startup methods: interactive mode, command transient mode and daemon mode.

Interactive

This way allows us to print some data directly. For example, the ip address of the container is root@test:~# docker run registry.cn-beijing.aliyuncs.com/stqc/dns ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00 scope host lo valid_lft forever preferred_lft forever10: mtu 1500 qdisc noqueue state UP group default link/ether 02 42 : ac:12:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0 valid_lft forever preferred_lft foreverroot@test:~#

Or let's have an interactive terminal of bash.

Root@test:~# root@test:~# docker run-it registry.cn-beijing.aliyuncs.com/stqc/dns / bin/bashroot@b9bc496a5028:/# / / this is the interactive terminal provided, similar to the ssh connection command transient mode

First let's use the container to print something root@test:~# docker run registry.cn-beijing.aliyuncs.com/stqc/dns / bin/echo "hello word" hello word / / what I wrote can be printed out root@test:~#

But after printing, the container did not disappear.

Root@test:~# docker ps-a / / looking at all containers, you can see that this container exists CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES5889013ad2fd registry.cn-beijing.aliyuncs.com/stqc/dns "/ bin/echo 'hello wo..." About a minute ago Exited (0) About a minute ago optimistic_gouldroot@test:~#

If we restart the container again, we will find that the word hello word does not appear.

Root@test:~# docker start optimistic_gould / / start the container optimistic_gould / / find that what is printed is the name of the container root@test:~#

If we want to ask him to reprint the hello word, we will execute the following command

Root@test:~# docker logs optimistic_gould / / this command executes the container hello word hello wordroot@test:~# again

So you can see two hello word.

Daemon mode

Daemon mode is also called stateful mode, which means that software runs as a long-time service!

Let's give an example:

````bashroot@test:~# docker run-d registry.cn-beijing.aliyuncs.com/stqc/dns / bin/sh-c "while true; do echo hello word; sleep 1 done" / / execute every second

C334e679b334d64dae25f1f6193550cf029135496e3c4ea9f355ee263a326837

Root@test:~# docker ps-a / / View the container

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

C334e679b334 registry.cn-beijing.aliyuncs.com/stqc/dns "/ bin/sh-c'while t …" 17 seconds ago Up 14 seconds dazzling_mccarthy

Output of root@test:~# docker logs dazzling_mccarthy / / print container

Hello word

Hello word

Hello word

Root@test:~# docker attach dazzling_mccarthy / / View container output in real time

Hello word

Hello word

Hello word

Hello word### container starts and stops 1. Launch Container ```bashroot@test:~# docker start Container ID/ Container name

two。 Restart the container

Root@test:~# docker restart container ID/ container name

3. Close the container

Root@test:~# docker stop container ID/ container name create dns interactive container root@test:~# docker run-itd-- name dns-- privileged registry.cn- beijing.aliyuncs.com/stqc/dns / sbin/init / / create in init interactive mode And automatically start fbc5c6c1a26920bb94a5963cb7c7867e106f3f67ffb84c055849e332006c9077root@test:~# docker exec-it dns / bin/bash / / to connect to the container and generate bash interactive root@fbc5c6c1a269:/# / / dns container command-line configuration DNS container-related configuration

Now that the DNS container has been configured, it's time to configure some configurations of DNS, such as the configuration file for forward parsing.

Modify the / etc/bind/named.conf.default-zones configuration file to configure as follows:

# add the following content to the configuration file zone "jkyst.xyz" {type master; file "/ etc/bind/db.jkyst";}; # create a forward parsing data file db.jkystroot@fbc5c6c1a269:/etc/bind# touch db.jkyst# to add the following content to the data file. The following is the parsing content, which is recommended to be filled in according to the actual situation; BIND data file for local loopback interface;$TTL 604800 @ IN SOA www.jkyst.xyz. Root.jkyst.xyz. (2; Serial 604800; Refresh 86400; Retry 2419200; Expire 604800); Negative Cache TTL IN NS www.jkyst.xyz. / / www domain name IN MX 10 root.jkyst.xyz. / / email domain name dns IN A 172.18.0.2 / / IPclient1 IN A 172.18.0.3 / / client 1 domain name corresponds to IPclient2 IN A 172.18.0.4 / / client 2 domain name corresponds to IProot IN A 172.18. 0.2 / / after the IP# configuration for the email domain name is completed Restart DNS. You can restart the container or restart the bind service. I will start the bind service directly after root@fbc5c6c1a269:/etc/bind# systemctl restart bind9 # restarts Check to see if root@fbc5c6c1a269:/etc/bind# netstat-anpl is running on port 53 | grep namedtcp 0 172.18.0.2 grep namedtcp 53 0.0.0.0 LISTEN 394/named tcp 0 0127.0.0.1 grep namedtcp 53 0.0.0.0 LISTEN 394/named Tcp 0 0127.0.0.1 LISTEN 394/named udp 953 0.0.0.0 * LISTEN 394/named tcp6 0 0:: 53:: * LISTEN 394/named udp 0 172.18.0.2 0.0.0.0 * 394/named udp 0 0127.0.0.1 53 0.0.0.0 394/named udp6 0 0:: 53:: * 394/named unix 2 [] DGRAM 105734 394/named

After the startup is successful, even if our DNS configuration is finished here, let's test it.

test

I used two client hosts for testing here, namely client1 and client2

Modify the default DNS address of the client

There are two ways to modify the default address of DNS:

1. The first is to modify the resolv.conf system configuration file, which is as follows: nameserver 172.18.0.2 / / change the ip address to your dns IP address 2. The second is to modify the network configuration file. Add the following items to the network configuration file (note that ubuntu cannot use this step): network configuration file path: / etc/sysconfig/network-script/ifconf-eth0 network configuration file is as follows: DEVICE=eth0 / / network card name ONBOOT=yes / / whether to load BOOTPROTO=static / / set static ipNETMASK=255.255.255.0 / / subnet mask IPADDR=172.18.0.3 / / ip address GATEWAY=172 .18.0.1 / / Gateway DNS1=172.18.0.2 / / DNSubuntu modifies the configuration file settings DNSnetwork: version: 2 renderer: networkd ethernets: enp0s3: / / Network card name dhcp4: false / / whether to automatically obtain addresses: [192.168.1.142addresses 24] / / ip address and mask gateway4: 192.168.1.1 / / Gateway nameservers: / / here is the specified DNS address addresses: [172.18.0.2]

After the configuration is complete, we can test it.

Use nslookup for testing

Nslookup is a network management command line tool that can be used to query DNS domain names and IP address input instructions nslookup default server and Address is the current DNS server domain name and address A record A (Address) record refers to the IP record used to specify the host name or domain name.

I will use nslookup to test this test. If you think it is not very good, you can also configure the web service for testing. I will not demonstrate web here.

Client 1 tests: root@client1:~# nslookup dns.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: dns.jkyst.xyzAddress: 172.18.0.2root@client1:~# nslookup client1.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: client2.jkyst.xyzAddress: 172.18.0.4root@client1:~# client 2 tests : root@client2:~# nslookup dns.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: dns.jkyst.xyzAddress: 172.18.0.2root@client2:~# nslookup client1.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: client2.jkyst.xyzAddress: 172.18.0.4root@client2:~#

Ok is sure there is no problem

Upper line

Let's talk about how to quickly launch the dns server configured by docker.

1. Generate the container as a mirror root@test:~# docker commit dns dns:latest / / generate an image sha256:660da4ca051f00aa2a459d030766a2c59a3a5338dd2e754a2aa109ebf49e1cf3root@test:~# # to see if the image generates root@test:~# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdns latest 660da4ca051f 40 seconds ago 431MBregistry.cn-beijing.aliyuncs. Com/stqc/dns latest c24136df62ae 26 hours ago 376MBroot@test:~# 2. Save the image as root@test:~# docker save-o dns.tar dns:latest / / Save the container as a file root@test:~# ls / / check if there is a related file dns.tarroot@test:~# 3. Put the image file on the official server And launch Container # to import the image file into dockerroot@dns:~# docker load-I dns.tar / / Import the image file into dockerdfc7a90ce923: Loading layer [= = >] 74.23MB/74.23MB020f1d32db77: Loading layer [= = >] 989.2kB/989.2kBde2a5db5a95c: Loading layer [= = >] 15.36kB/15.36kBf6bc8c0eecde: Loading layer [= = >] 3.072kB/3.072kBe7591d8092df: Loading layer [= = >] 260.4MB/260.4MB0c6c54fbd833: Loading layer [= = >] 49 .53MB / 49.53MBfa7d6002eff3: Loading layer [= = >] 57.27MB/57.27MBLoaded image: dns:latestroot@dns:~# docker images / / check whether REPOSITORY TAG IMAGE ID CREATED SIZEdns latest 6cff411803cd 8 minutes ago 431MBroot@dns:~# # has been successfully imported to create a container and launch root@ Dns:~# docker run-- name dns-p 53:53-v / opt/bind:/etc/bind-d dns:latest 655b2a7de6501cb9edd9667a38ca09e9c36d614efcfbcfbe115f5a60aba3fd1broot@dns:~# docker ps-a / / check if CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES944b9f9f4e5e dns:latest "/ sbin/init" 13 seconds ago has been started successfully Test Up 10 seconds dnsroot@dns:~# # after starting successfully: root@dns:~# nslookup dns.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: dns.jkyst.xyzAddress: 172.18.0.2root@dns:~# nslookup client1.jkyst.xyzServer: 172.18.0.2Address: 172.18.0.2#53Name: Client2.jkyst.xyzAddress: 172.18.0.4root@dns:~# # OK parsed successfully

It's done here.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.