The document describes the internals of Registry DNS server. It is based on the Hadoop service registry which is backed by a zookeeper cluster.
The Registry DNS Server provides a standard DNS interface to the information posted into the Hadoop Registry by deployed applications. The DNS service serves the following functions:
The existing Hadoop Service Registry is leveraged as the source of information for the DNS Service.
The following core functions are supported by the DNS-Server:
The DNS names of generated records are composed from the following elements (labels). Note that these elements must be compatible with DNS conventions (see “Preferred Name Syntax” in RFC 1035):
The primary functions of the DNS service are illustrated in the following diagram:
The following figure illustrates at slightly greater detail the DNS record creation and registration sequence (NOTE: service record updates would follow a similar sequence of steps, distinguished only by the different event type):
Similarly, record removal follows a similar sequence
(NOTE: The DNS Zone requires a record as an argument for the deletion method, thus requiring similar parsing logic to identify the specific records that should be removed).
By default, the DNS server runs on non-privileged port 5335. Start the server with:
hadoop --daemon start registrydns
If the DNS server is configured to use the standard privileged port 53, the environment variables HADOOP_REGISTRYDNS_SECURE_USER and HADOOP_REGISTRYDNS_SECURE_EXTRA_OPTS must be uncommented in the hadoop-env.sh file. The DNS server should then be launched as root and jsvc will be used to reduce the privileges of the daemon after the port has been bound.
The Registry DNS server reads its configuration properties from the core-site.xml file. The following are the DNS associated configuration properties:
Name | Description |
---|---|
hadoop.registry.zk.quorum | A comma separated list of hostname:port pairs defining the zookeeper quorum for the Hadoop registry. |
hadoop.registry.dns.enabled | The DNS functionality is enabled for the cluster. Default is false. |
hadoop.registry.dns.domain-name | The domain name for Hadoop cluster associated records. |
hadoop.registry.dns.bind-address | Address associated with the network interface to which the DNS listener should bind. |
hadoop.registry.dns.bind-port | The port number for the DNS listener. The default port is 5335. |
hadoop.registry.dns.dnssec.enabled | Indicates whether the DNSSEC support is enabled. Default is false. |
hadoop.registry.dns.public-key | The base64 representation of the server’s public key. Leveraged for creating the DNSKEY Record provided for DNSSEC client requests. |
hadoop.registry.dns.private-key-file | The path to the standard DNSSEC private key file. Must only be readable by the DNS launching identity. See dnssec-keygen documentation. |
hadoop.registry.dns-ttl | The default TTL value to associate with DNS records. The default value is set to 1 (a value of 0 has undefined behavior). A typical value should be approximate to the time it takes YARN to restart a failed container. |
hadoop.registry.dns.zone-subnet | An indicator of the IP range associated with the cluster containers. The setting is utilized for the generation of the reverse zone name. |
hadoop.registry.dns.zone-mask | The network mask associated with the zone IP range. If specified, it is utilized to ascertain the IP range possible and come up with an appropriate reverse zone name. |
hadoop.registry.dns.zones-dir | A directory containing zone configuration files to read during zone initialization. This directory can contain zone master files named zone-name.zone. See here for zone master file documentation. |
<property> <description>The domain name for Hadoop cluster associated records.</description> <name>hadoop.registry.dns.domain-name</name> <value>ycluster</value> </property> <property> <description>The port number for the DNS listener. The default port is 5335. If the standard privileged port 53 is used, make sure start the DNS with jsvc support.</description> <name>hadoop.registry.dns.bind-port</name> <value>5335</value> </property> <property> <description>The DNS functionality is enabled for the cluster. Default is false.</description> <name>hadoop.registry.dns.enabled</name> <value>true</value> </property> <property> <description>Address associated with the network interface to which the DNS listener should bind.</description> <name>hadoop.registry.dns.bind-address</name> <value>localhost</value> </property> <property> <description>A comma separated list of hostname:port pairs defining the zookeeper quorum for the Hadoop registry</description> <name>hadoop.registry.zk.quorum</name> <value>localhost:2181</value> </property>
To configure Registry DNS to serve reverse lookup for 172.17.0.0/24
<property> <description>The network mask associated with the zone IP range. If specified, it is utilized to ascertain the IP range possible and come up with an appropriate reverse zone name.</description> <name>hadoop.registry.dns.zone-mask</name> <value>255.255.255.0</value> </property> <property> <description>An indicator of the IP range associated with the cluster containers. The setting is utilized for the generation of the reverse zone name.</description> <name>hadoop.registry.dns.zone-subnet</name> <value>172.17.0.0</value> </property>
You can edit the /etc/resolv.conf to make your system use the registry DNS such as below, where 192.168.154.3 is the ip address of your DNS host. It should appear before any nameservers that would return NXDOMAIN for lookups in the domain used by the cluster.
nameserver 192.168.154.3
Alternatively, if you have a corporate DNS in your organization, you can configure zone forwarding so that the Registry DNS resolves hostnames for the domain used by the cluster.