Setup dnsmasq for proof of concept / development / test environments
I was growing tired of maintaining different /etc/hosts files on all my Linux virtual machines that run a variety of IBM Collaboration Solutions software. Installing a full fledged DNS server like bind is a bit overkill, and there are solutions to distribute configuration files around (like cfengine) , but I ended up looking at dnsmasq http://www.thekelleys.org.uk/dnsmasq/doc.html. Not new, not revolutionary, but simple and should to the job. And it’s being used by default in Ubuntu …
It’s a small dns server that can use an /etc/hosts file or another version of such a file, to serve queries for a specific domain. All other queries are forwarded to the dns server configured in /etc/resolv.conf .
An added advantage is that you really configure dns in the virtual machines and so can easily conform to the requirements in (most) IBM products of using Fully Qualified hostnames, without a lot of effort. As an added bonus, would work for all guest Operating systems (Windows, Linux, …).
In my case, I have VMWare workstation running on my Lenovo W520 laptop running Ubuntu 13.04, with a lot of virtual machines on a NAT virtual network. There’s 2 places where I could run dnsmasq :
- a virtual machine that I generally need anyway (like the one running my IDS Ldap server with WebSeal). The disadvantage obviously is that this machine should always be up and running.
- the host os . This is actually a great place, since it means I only need to maintain a hostfile here and it will be automatically used on my Virtual Machines. And in Ubuntu (which I’m running), dnsmasq is running by default (started by NetworkManager). The drawback is that I need to make sure the Virtual machines can connect to it (so punch a hole in the firewall).
So I go with the host OS option :
Ubuntu 12.04
Unfortunately, I can’t find a way to modify the NetworkManager-managed dnsmasq. This is only available from Ubuntu 12.10 onwards …
So in this case, you’d need to disable the dnsmasq from NetworkManager and install a separate version. It’s not that easy to get right , though , so I did not get this working.
Ubuntu 12.10/13.04/13.10/14.04
- configure dnsmasq : on Ubuntu 12.10 (and higher), dnsmasq is actually already used by NetworkManager. So if you installl it, you’d have to disable it in the NetworkManager configuration .
The alternative is to add the necessary options that you need to this NetworkManager-managed dnsmasq . The NetworkManager-managed instance is running with the no-hosts option, which is annoying. So you need to add a file (dnsmasq.conf) to /etc/NetworkManager/dnsmasq.d/ This in the file , but actually only addn-hosts and local are really required
local=/tb.issc.ibm.com/ addn-hosts=/etc/hosts interface=lo interface=vmnet8
For completeness, here what you need to do in a guest OS like CentOS :
-
install dnsmasg : eg. yum install dnsmasq
-
configure dnsmasq. There’s actually not a lot to configure, just the domain name you want to handle with dnsmasq (your own domain). In my case, this is tb.issc.ibm.com. The only change in /etc/dnsmasq.conf I made is adding this entry :
local=/tb.issc.ibm.com/
Start dnsmasq :
service dnsmasq stop service dnsmasq start
Firewall
- update the firewall configuration : I added a rule file for my ubuntu firewall into the directory /etc/iptables.d/filter/INPUT named 90-myrules.rule
-I INPUT 2 -i vmnet8 --dport 53 -j ACCEPT
This rule inserts itself at the 2nd position, and allows incoming DNS requests only from the interface vmnet8 (used by the VMWare NAT virtual network).
Virtual machines configuration
Linux
- configure /etc/resolv.conf on the virtual host machines , to use the Host machine as the dns server. The ip address that you need to use is the ip address for the vmnet8 adapter on your host machine.
user@ThinkPad-W520:/etc/iptables.d/filter/INPUT# ifconfig vmnet8 vmnet8 Link encap:Ethernet HWaddr 00:50:56:c0:00:08 inet addr:172.16.231.1 Bcast:172.16.231.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:256949 errors:0 dropped:0 overruns:0 frame:0 TX packets:221056 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Now edit /etc/resolv.conf :
search issc.ibm.com nameserver 172.16.231.1
And if you use dhcp in your virtual machines, make sure that your /etc/resolv.conf is not overwritten on reboot : Edit /etc/sysconfig/network-scripts/ifcfg-eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth0
add or modify the entry
PEERDNS=no
This effectively disables updating the dns servers from dhcp (which in the case of VMWare NAT networks, would be set to xx.xx.xx.2 )
Windows
For your Windows Virtual Machines, open the Local Area Connection Properties and then the TCPIP/Ipv4 item:
Set “Use the following DNS server addresses” and enter the IP address of your host machine (see the Linux section above) .
Save everything .
Single source hostfile
The result is that I now can easily use hostnames in all configuration in my virtual machines without having to modify multiple hostfiles … Should be a real timesaver . One annoying issue, is that when you change /etc/hosts, you’ll need to restart dnsmasq. On Ubuntu, this means restarting Network Manager :
sudo restart network-manager
The only file you need to maintain, is the /etc/hosts file on your host workstation. All your virtual machines are immediately up to date!