[Opendnssec-user] distributed OpenDNSSEC (distributed database and HSM)

[Jerry Lundström]

Hi Petr,

On 06 Mar 2014, at 14:06 , Petr Spacek <pspacek at redhat.com> wrote:

> Thank you for information, I will look into live DB. How it works on upgrade - generally? What if proto-buffer definition was changed between versions? Are there differences between 1.x and 2.x?

Protobuf-orm is total new with 2.0 and I don’t know if any work has been done on upgrade after 2.0. The database schema are different, maybe not very but they are. Upgrade path from 1.x to 2.x will be an export/import step and upgrade path within 1.x have been SQL statements that you run manually.

> The original proposal was also about 'distributed operation', i.e. multiple enforcers running and coordinating among multiple machines at the same time (possibly via shared database or something like that).
> 
> I think this will require more significant changes than 'mere' database backend.

If you want the Enforcer to understand its running in multiple places, yes that is a bit change and needs more high level design before we can start implementing. But if you can control which instance of the Enforcer that is running and make sure only one does, you can use what we got today and “just" add a new backend.

Regards,
Jerry

--
Jerry Lundström - OpenDNSSEC Developer
http://www.opendnssec.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 625 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140306/91413716/attachment.bin>