[Opendnssec-user] How to do HA with opendnssec
shuoleo at 126.com
Thu Jul 19 03:52:46 UTC 2012
I'm planning to setup a salve opendnssec server to backup the configuration files and .db files of the master, this will help when the master meets disastrous incident, like power-off.
The method I have figured is as follows:
1.scp master's configuration files and .db files to slave at a fixed-rate which would be less than the resign period configured in kasp.xml
2.slave detects master's service status, when the master is down, slave will become master and starts all opendnssec processes, we assume the current master has the same configuration files and .db files.
3.start the former master and configure it as slave to detect the new master
What I'm not sure is that, there may be a time when the master is down before it scps the latest configuration files and .db files, especially the .db files. How can I make sure the two server share the same keys? Can RequireBackup attribute guarantee this? If so, I have to develop a script to monitor newly created but not in use keys,right?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Opendnssec-user