BIND 10 #596: allow configurations without running services

BIND 10 Development do-not-reply at isc.org
Thu May 5 18:02:17 UTC 2011 

#596: allow configurations without running services
--------------------------------------------+----------------------------
                   Reporter:  jreed         |                 Owner:
                       Type:  task          |                Status:  new
                   Priority:  major         |             Milestone:
                  Component:  Unclassified  |            Resolution:
                   Keywords:                |             Sensitive:  0
            Defect Severity:  N/A           |           Sub-Project:  DNS
Feature Depending on Ticket:                |  Estimated Difficulty:  0.0
        Add Hours to Ticket:  0             |           Total Hours:  0
                  Internal?:  0             |
--------------------------------------------+----------------------------

Comment (by vorner):

 #810 does not solve this directly, it only allows for writing a python
 plugin that does the checking. It is meant for configuration modules that
 have no „home“ process (like TSIG keys, they are shared between multiple
 modules, so there's no one that should do the checking).

 However, it could be step towards this ticket as well. We could move all
 the checking of configuration into modules (which would have two
 advantages, one would be the offline configuration, another would be
 writing the tedious checks in python even for C++ modules). It looks
 cleaner to me as well, because we will want to have multiple auth servers,
 for example, and which one of them should do the checking now? (currently,
 it's the one that answers first, the rest is ignored)

 But I think we'd like to think about the exact implementation first:
  * Currently, module can either fail completely or be silent. It would be
 nice to have an ability for warnings or non-fatal failures. The non-fatal
 errors could come both from the plugins and from the processes, fatal ones
 only from plugins (processes should be only notified about the new
 configuration).
  * What should be done in case when the configuration is syntactically
 correct, but can't be used when the process is started? Like port numbers
 ‒ we can do some checks that they look sane and OK, but then binding them
 fails. We couldn't predict it at the time in the plugin, but it's wrong
 anyway.
  * We should decide how to handle failure of new configuration. Currently
 if a check fails, what is commited and checked already is left there, but
 yet unchekced modules are aborted. We could either commit any module that
 passes the check, rejecting only the ones that are problematic, or we
 could do all the checks first and notify the processes after everything
 was checked.
  * If configuration of one module depends on another, do we want to have
 dependencies to order the checks? Or we just use the new values from other
 modules and hope they are OK or will fail later when checked?

 Anyway, the current ticket is still valid, we can't configure b10-auth,
 for example, if it's not running.

-- 
Ticket URL: <http://bind10.isc.org/ticket/596#comment:2>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list