[Opendnssec-develop] Enforcer NG test, using protocol buffers to acccess configuration data from C++

René Post rene at xpt.nl
Tue Jan 11 09:06:20 UTC 2011


Hi Sion,

Thanks for your feedback.

> Something that we have discussed a number of times in the past is why we have 
> the database replicating the xml file... It leads to problems of knowing which 
> is the correct information etc.

Well the XML data is still in the database, just encoded and collapsed to a single field in the policy table.
This encoded configuration is leading for enforcer operation. 

I just got an eerie "Maslow's hammer" feeling when I noticed how it was stored, but perhaps I'm wrong.

> 
> There is an argument for getting rid of it and just reading the xml.
> 
> One reason for keeping the database is for a future development where we 
> wanted a GUI configuration tool.

I guessed you'd probably want to generate and XML file and then tell the enforcer to import this policy.

> (The original database was ruby on rails 
> compatible; I'm not sure if that is still the case.)

This is the first I've heard of it, I don't know why that is important

> I just thought that I'd mention this in case it is still a possibility.

Nothing is set in stone yet, we are still going to discuss this later today.
For this test a lot of the time was spend on getting an accurate specification of the configuration data that is actually represented in the database and how that maps to the configuration file.

Best regards,
René

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20110111/3800dfc5/attachment.htm>


More information about the Opendnssec-develop mailing list