Before migrating to PowerDNS a few things should be considered.
PowerDNS does not operate as a secondary or primary server with all backends. The Generic SQL and BIND backends have the ability to act as master or slave. See the table of backends which other backends support these modes.
The easiest way to migrate all your zones from your old infrastructure to PowerDNS is to add all your domains as a slave domain with your current master as the master, wait for the zones to be transferred and change the zones to master. Make sure secondary is set to “yes” in your pdns.conf.
Note
This assumes the schema provided with PowerDNS is in place.
In order to migrate to a Generic SQL backend, add all your domains to the ‘domains’ table with the IP of your current master. On your current master, make sure that this master allows AXFRs to this new slave.
INSERT INTO domains (name,type,master) VALUES ('example.net', 'SLAVE', '198.51.100.101');
Then start PowerDNS and wait for all the zones to be transferred. If this server is the new master, change the type of domain in the database:
UPDATE domains set type='MASTER' where type='SLAVE';
And set primary to “yes” in your pdns.conf and restart PowerDNS.
Or, if you want to use native:
UPDATE domains set type='NATIVE' where type='SLAVE';
Create a named.conf with all the domains as slave domains, e.g.:
zone "example.net" in {
type slave;
file "/var/lib/powerdns/zones/example.net.zone";
masters {
198.51.100.101;
};
};
Make sure the directory is writable for the pdns_server
process and
that bind-config parameter
references this file. Now start PowerDNS and wait until all zones are
transferred. Now you can change the zone type to master:
zone "example.net" in {
type master;
file "/var/lib/powerdns/zones/example.net.zone";
};
Don’t forget to enable primary in your
pdns.conf and restart, or if this setting was already set, use
pdns_control rediscover
to load these zones as master zones.
To use the BIND backend, set launch=bind
and
bind-config=/path/to/named.conf
in your pdns.conf
. Note that
PowerDNS will not honor any options from named.conf, it will only use
the zone
statements. See the BIND backend
documentation for more information.
There are several methods to migrate to a Generic SQL backend.
zone2sql
¶To migrate, the zone2sql
tool is provided. This tool parses a BIND
named.conf
file and zone files and outputs SQL on standard output,
which can then be fed to your database. It understands the BIND master
file extension $GENERATE
and will also honour $ORIGIN
and
$TTL
.
For backends supporting slave operation, there is also an option to keep slave zones as slaves, and not convert them to native operation.
zone2sql
can generate SQL for nearly all the Generic SQL backends.
See its manpage for more information.
An example call to zone2sql
could be:
zone2sql --named-conf=/path/to/named.conf --gmysql | mysql -u pdns -p pdns-db
This will generate the SQL statements for the Generic MySQL and pipe them into the pdns-db database in MySQL.
pdnsutil load-zone
¶The pdnsutil tool has a
load-zone
command that ingests a zone file and imports it into the
first backend that is capable of hosting it.
To import, configure the backend and run
pdnsutil load-zone example.com /tmp/example.com.zone
to import
the example.com
domain from the /tmp/example.com.zone
file. The
zone is imported atomically (i.e. it is fully imported, or not) and any
existing records for that zone are overwritten. This include the SOA record too.
Note
This is an experimental feature.
Syntax: pdnsutil b2b-migrate OLD NEW
This tool lets you migrate data from one backend to another, it moves all data, including zones, metadata and crypto keys (if present). Some example use cases are moving from BIND-style zonefiles to SQL based, or other way around.
You can perform live upgrade with this tool, provided you follow the procedure.
pdnsutil b2b-migrate old new
, the old and new being
configuration prefixes in pdns.conf. If something goes wrong, make
sure you properly clear ALL data from target backend before
retrying.pdnsutil rectify-all-zones
and pdnsutil check-all-zones
to
make sure everything is OK.