第5章 Configuring Satellite Server with External Services

Procedure

1. Install the bind-utils package:

   # yum install bind bind-utils

2. Copy the /etc/rndc.key file from the external DNS server to Satellite Server:

   # scp root@dns.example.com:/etc/rndc.key /etc/rndc.key

3. Configure the ownership, permissions, and SELinux context:

   # restorecon -v /etc/rndc.key
   # chown -v root:named /etc/rndc.key
   # chmod -v 640 /etc/rndc.key

4. To test the nsupdate utility, add a host remotely:

   # echo -e "server DNS_IP_Address\n \
   update add aaa.virtual.lan 3600 IN A Host_IP_Address\n \
   send\n" | nsupdate -k /etc/rndc.key
   # nslookup aaa.virtual.lan DNS_IP_Address
   # echo -e "server DNS_IP_Address\n \
   update delete aaa.virtual.lan 3600 IN A Host_IP_Address\n \
   send\n" | nsupdate -k /etc/rndc.key

5. Assign the foreman-proxy user to the named group manually. Normally, satellite-installer ensures that the foreman-proxy user belongs to the named UNIX group, however, in this scenario Satellite does not manage users and groups, therefore you need to assign the foreman-proxy user to the named group manually.

   # usermod -a -G named foreman-proxy

6. Enter the satellite-installer command to make the following persistent changes to the /etc/foreman-proxy/settings.d/dns.yml file:

   # satellite-installer --foreman-proxy-dns=true \
   --foreman-proxy-dns-managed=false \
   --foreman-proxy-dns-provider=nsupdate \
   --foreman-proxy-dns-server="DNS_IP_Address" \
   --foreman-proxy-keyfile=/etc/rndc.key \
   --foreman-proxy-dns-ttl=86400

7. Restart the foreman-proxy service:

   # systemctl restart foreman-proxy

8. Log in to the Satellite Server web UI.
9. Navigate to Infrastructure > Capsules, locate the Satellite Server, and from the list in the Actions column, select Refresh.
10. Associate the DNS service with the appropriate subnets and domain.