On Wed, Dec 14, 2016, at 08:40, Jaap Akkerhuis wrote: > Ondřej Surý writes: > > > networks, mounts are ok, but how you are going to make sure that a > > remote MySQL server is available from within a local init system? > > > > > Is it unreasonable for OpenDNSSEC to require certain resources to be > > > available before starting? > > > > With remote MySQL you cannot be even sure that MySQL is available for > > a full run time of OpenDNSSEC, as there might be network breakages, > > database might disconnect you due to capacity reasons, etc., the > > server might be located after a HA proxy not handling TCP connection > > handovers. > > > > So any software that rely on another networking server must be able to > > cope with unavailability of the networked service. > > > > E.g. instead of failing to start when MySQL is not available, it > > should refuse to run the first operation in the queue until it is > > connected, etc. > > So you are saing that it should try to connect to the database and > other need resources if any, before it becomes functional.
I think I am saying the exact opposite :), or we just don't understand each other. What I am trying to say is that every database operation should be blocking (with timeout) and it should include "connect/reconnect" operation. Thus in case of opendnssec-signer, the signerd should start, enter the main loop and try to connect to database only after it needs to. If the database connection fails, it should report the error and back off for some predefined time, and try to connect again. Cheers, -- Ondřej Surý <[email protected]> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware, fast DNS(SEC) resolver Vše pro chleba (https://vseprochleba.cz) – Mouky ze mlýna a potřeby pro pečení chleba všeho druhu _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
