Bind9 Domain Name Server Configuration

I am very new to Rancher. I have all of 3 hours looking at rancher.

I am creating a home test network and thought I would try something simple; like install a bind9 DNS server. This is for lookups of machines on my home network, not for services running in docker containers. I have run into a chicken and egg problem. I need a TSIG key to launch the stack, but think I need the stack in order to get the key. If I were setting this up on a server, I would use the tools on the server to create the key. I know a little about DNS, but is has been a very long time since I actually had to install one.

It got me to thinking that what I am really missing is a way to start thinking in the rancher way of doing things. For rancher stacks, is the forum the best place to ask questions like this? I don’t see many questions on bind from newbies such as myself. I did check the github page and looked around the Internet.

Hey @echeadle,

This is very much a Bind question, whereas this forum is focused on Rancher specifics.

Before getting into containers, let alone Rancher, I would suggest you gain a full understanding of the configuration elements (and how to create them) required for your DNS service. Once you know what you need and how it should be configured you can then tackle how to build one or more suitable containers. Then Rancher comes into the picture.

This seems to be the most popular Bind image and might be a good way to start tinkering: https://hub.docker.com/r/sameersbn/bind/.

I agree with you mostly, but I think for new people trying to learn, there should be some documentation to use templates found in the catalog. I loaded the DNS container, looked at the logs and it was trying to download records from some strange DNS server. I mean DNS servers need things like zone files and there was no mention about if there was a way to install them, or how to get into the system. In looking around I am beginning to find other ways that might be able to resolve the issues, but how hard would it be to say, to load a zone file do x. In Docker there is persistent storage, or you might have to run the container and move the files into it. The person that made the template had some idea of how to configure the system and it might be nice to give thoughts about how he/she envisioned it happening.

Apologies, I didn’t realise it was from the Catalog. I checked out the docker image it uses here: https://github.com/digitalLumberjack/docker-bind9/ and it does indeed look somewhat simplistic, no doubt intentionally so.

I’d suggest you’d be better off with something like this: https://hub.docker.com/r/sameersbn/bind/. Perhaps you can use the Bind9 compose files here: https://github.com/rancher/community-catalog/tree/master/templates/bind9/0 as a starting point for getting it into Rancher as a service.

Thanks for the information. This is a good place to start.

So no one with experience with the Catalog specific Bind 9 stack in Rancher?

It requires a Bind9 TSIG Keyname but provides no references to how to generate one.

Follow this: https://www.cyberciti.biz/faq/unix-linux-bind-named-configuring-tsig/
Then you can use DNS Update (RFC2136)
And as mentioned by @sjiveson look at https://github.com/digitalLumberjack/docker-bind9/ there is the example with TSIG, but attention - generate an appropriate key