[Opendnssec-user] OpenDNSSEC 2.1.0 released

[Mathieu Arnold]

Le 21/04/2017 à 10:05, Yuri Schaeffer a écrit :
>> So noone really tested migrating a MySQL backed OpenDNSSEC
>> installation from 1.4 to 2.x? I'm a bit concerned about this, as there
>> are a lot of TLDs using OpenDNSSEC. Do they all still use 1.4? Do they
>> not use MySQL? Didn't anyone test this in development?
> Well, I did test it. But it is a complex migration because the database
> layout and key state representation changed radically. Unfortunately I
> can only test a subset of every imaginable situation in my lifetime.
>
> It is true (my impression) that most people run OpenDNSSEC with SQLite

Well, I don't know about most people, but I run OpenDNSSEC with (as of
right now) 2350 zones, and 5280 keys (with rollovers going on and all).

The SQLite backend was nice to begin with, but it is not workable for
large zone numbers.

I have not yet migrated from 1.4 because, well, ENOTIME, but it was on
my TODO for before the summer, I'd rather be sure quite it is going to
work :-)

> and the migration script was initially developed (and mostly tested for
> corner cases and such) for SQLite and later adapted for MySQL. Same
> database layout, slightly different SQL dialect.
> In that process there was an oversight of some SQL dialect issues, like
> the comment syntax. But depending on your MySQL version /and/ the
> contents of your database this may or may not be a problem. It wasn't
> for me at the time and went undetected.
>
> //Yuri
>
>
>
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user


-- 
Mathieu Arnold


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20170421/9cbe08d4/attachment.bin>