I have 3 servers (one hosting node + 2 powerdns/apiscp servers). The DNS machines are running standard apiscp dnsonly installation with powerdns on 2 GB RAM.
I want to migrate those nameservers to new 1 GB RAM VPS-es (to save money).
I suppose I can install ApisCP platform with this snippet(correct me if wrong):
How do I copy the DNS records and zones from the old nameserver(s) and re-connect them to the hosting node(if keeping the same hostnames, though I’d like to change them…)?
On the new server, configure PowerDNS as its role were using pdns.apiscp.com.
On the old server:
mysqldump powerdns | ssh NEW.SERVER.NAME mysql powerdns
Then you’ll need to reconfigure the IP address for other PowerDNS instances. Easiest process is to just substitute it within apnscp-runtime-vars.yml, assuming the old IP is 1.2.3.4 and new IP is 2.3.4.5:
sed -ie 's!1.2.3.4!2.3.4.5!g' /root/apnscp-vars-runtime.yml
upcp -sbf software/powerdns
Once that’s completed, change the A/AAAA records for the NS to the new value. I recommend changing the TTL value to 15 (seconds) for these records ahead of time. TTL controls how long the DNS record will remain cached before trying again, so once the IP address updates cutover to the new server will be instantaneous.
First, Happy new year and i hope you have a prosperous 2025 ahead.
Now, to the matter at hand:
I ran into new issue with my lowend VPS:
fatal: [localhost]: FAILED! => changed=false
msg: |-
ApisCP requires at least 1 GB memory to run.
Total memory detected: 962 MB (3.80% less)
This safety check may be overridden by setting limit_memory_1gb in /root/apnscp-vars-runtime.yml to a value lower than "972".
PLAY RECAP *********************************************************************
localhost : ok=7 changed=1 unreachable=0 failed=1 skipped=3 rescued=0 ignored=0
Now I see, I can override it, but the question is, does it actually need more RAM during installation?
I guess i might just need to forget about downsizing…
I have a few more questions:
Suppose i decide to install just bare PowerDNS without ApisCP - to save RAM (PowerDNS API will be exposed on 8081 as default). Do I need to do any configuration changes to get it to work with the hosting node or as long as i keep the hostnames the same, it will just work? Or it’s not a good idea to do this?
Of course I would run the cpcmd, which I list below to change the api_uri and the last command (upcp) to update the changes.
Zones i can copy manually or with the mysql dump you described above.
If I want to change the nameserver hostnames, with or without ApisCP on the PowerDNS servers, what do I need to do in the hosting node (I already know I need to update my GLUE records and the A records on the nameserver domain)?
Update the NS records in the hosted zones themselves.
Anything else?
In the installation snippet, which I copied from the documentation, what’s the IP (136.37.24.241) that it says to whitelist? The Licensing Server?
Is it possible to use a hosting node as PowerDNS server? i want to host a small PHP script on the nameservers (in case I end up with multiple locations), which I would use for my other project. It’s basically a script, which runs exec every few minutes - usage is for a ping checker website. If i get mini license, can I use those machines as nameservers for the the hosting node which is hosting my free users’ websites? The URL that will serve the PHP script is a subdomain and does not need to have zone on the nameservers themselves (it’s working from Cloudflare).
P.S. My old offer still stands - I’ll happily pay you to help me setup ns1 and ns2 locally on the hosting node itself (i know it violates the RFCs and that it would cause downtime for my free customers in case the machine goes down - we are all okay with it) - it would save me a considerable headache, plus i can keep a copy of the DNS zones on some free DNS provider and just update nameservers on a short notice in case of an emergency.
No. A threshold had to be established of what constitutes “1 GB”. It’s 3.8% less than “1000 MB” or 6.05% less than 1 GiB (1024 MiB). While surveying providers I found machines that only had 875 MB and 1750 MB available respectively, so this is one of those nags to steer users in the right direction.
This mode of operation is unsupported. You are on your own.
Nameserver in the SOA or individual NS hostname? From what I understand, you’re preserving the nameserver hostnames and changing the IPs. In this case, the NS record would not change. Only the A record for the nameserver hostname will change.
If you’re changing the NS for the domain, this should be updated at both the registrar and zone. A bulk replacement boilerplate will accomplish the zone change:
<?php
include __DIR__ . '/lib/CLI/cmd.php';
(new \Opcenter\Dns\Bulk)->replace(
// replace A records named "test"
new \Opcenter\Dns\Record('_dummy_zone.com', [
'name' => 'ns2.myhostingprovider.com',
'rr' => 'NS'
]),
// with the IP address 1.2.3.4
new \Opcenter\Dns\Record(
'_dummy_zone.com', [
'parameter' => 'ns139384.myhostingprovider.com',
'rr' => 'NS'
])
);
Run as apnscp_php boilerplate-filename.php within /usr/local/apnscp.
It’s a prefilled value based upon the HTTP client to whitelist whoever initiated installation.
Yes.
Professional expectations preclude me from violating RFC.
The idea was to change the nameserver hostnames. Is there bulk way to update the master nameserver hostname in the SOA record for all zones?
I won’t be doing it for now, as I wanted to use same set of DNS for everything (ApisCP, Plesk, cPanel etc…), but if its unsupported to run DNS without the ApisCP, I guess I will run dedicated NS for each system. I still want to know if its possible to bulk-change SOA record though (for informational purposes).
To replace specific metadata, you can specify a callback instead as the replacement parameter. Metadata names are available in the “Record” structure, which correspond to their equivalent RFC declarations.
<?php
include __DIR__ . '/lib/CLI/cmd.php';
// empty all NS records on the apex
// "_dummy_zone.com" has no effect, but used for completeness with the API
(new \Opcenter\Dns\Bulk)->replace(new \Opcenter\Dns\Record('_dummy_zone.com', [
'name' => '',
'rr' => 'SOA'
]), function (\apnscpFunctionInterceptor $afi, \Opcenter\Dns\Record $r) {
// update "rname" parameter
$r->setMeta('rname', 'ns1.mydomain.com');
// update negative cache TTL
$r->setMeta('ttl', 300);
// likewise we can statically set the parameter as such
// $r['parameter'] = 'ns1.mydomain.com. noc.mydomain.com. 2021090229 3600 1800 604800 300';
// return false to skip processing the record
return $afi->dns_get_provider() === 'powerdns';
});