[Opendnssec-develop] Realtime scheduling... off the shelf?
Rick van Rein
rick at openfortress.nl
Thu Jan 15 20:27:52 UTC 2009
Hello,
The most worrysome concerns with DNSSEC would seem to be related to timing.
I've spent some thought on how to get it all flowing well, and you
inevitably end up with complicating reasonings like:
1. I can predict how long zone re-signing takes
2. I know when re-signing should be done
3. So I know when to start re-signing a zone
4. Let's keep some space for emergency re-signing popping up unexpectedly
5. Oops, what if all zones come in at once
In other words, scheduling the signing processes is going to get complicated.
Then I realised that our constraints may not in any way be special... there
is a whole field of realtime scheduling expertise that we could exploit.
Realtime schedulers usually manage tasks that occur at a regular interval,
and mix several of those with timing as accurate as possible. They should
also be able to add or withdraw any such interval-based actions, and to
handle irregular extra jobs. The only "problem" with our domain would
seem to be that our intervals span weeks, not milli-seconds.
What do you guys think? Should we invent the wheel of real-time scheduling
ourselves, or is there anything to be gained from using something already
in existence? Is anyone experienced in or knowledgeable about this field?
And, related, is it a fair question to ask the Signer Engine to initiate
its own future operation? It could initially schedule a single re-signing
but later versions may have better overall schedules if the Signer Engine
actually set itself up as a repeating task.
It's just a thought that might be useful to save us work.
Best,
-Rick
More information about the Opendnssec-develop
mailing list