Uploaded image for project: 'OpenDNSSEC'
  1. OpenDNSSEC
  2. OPENDNSSEC-309

Document the options for HA setups

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: future
    • Component/s: Documentation
    • Labels:
      None

      Description

      After many questions on the users list about this it was agreed that it would be nice to document how ODS can be used in a high availability deployment. Dave Knight sent a presentation on how ICANN do this: https://www.dns-oarc.net/files/workshop-201005/ha-opendnssec-oarc.pdf

      There are two main aspects to capture. One is that a feed of the configuration files and db are required to keep two signers in sync since key selection is not completely deterministic. The other is that it is possible to trigger the enforcer to sign at specific times (as opposed to intervals that originate from when the daemon is started) by signalling it.

        Attachments

          Issue Links

          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. OPENDNSSEC-308 Support for HA deployment

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Reopened

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              sara Sara Dickinson
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: