knot-resolver-manager issueshttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues2022-01-16T17:14:56+01:00https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/37CLI utility to convert declarative config to lua2022-01-16T17:14:56+01:00Tomas KrizekCLI utility to convert declarative config to luaThe utility should display the generated lua config that will be passed to kresd from a provided declarative config. This can aid debugging and it might be useful for users during configuration migration.The utility should display the generated lua config that will be passed to kresd from a provided declarative config. This can aid debugging and it might be useful for users during configuration migration.Vaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/24datamodel: Unification of logging configuration for manager and kresd2022-01-16T17:14:55+01:00Aleš Mrázekdatamodel: Unification of logging configuration for manager and kresdAt this point, the manager and kresd logging level configuration is in different section of configuration schema. For simplicity, it would be appropriate to set both at once.At this point, the manager and kresd logging level configuration is in different section of configuration schema. For simplicity, it would be appropriate to set both at once.Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/2Implement proper shutdown2021-06-07T11:24:34+02:00Vaclav SraierImplement proper shutdownAs of now, if you stop the manager, the workers keep running. This is by design so that a crash of the manager does not impact the underlying DNS service. However, we should be able to properly stop the manager if we want to. For example...As of now, if you stop the manager, the workers keep running. This is by design so that a crash of the manager does not impact the underlying DNS service. However, we should be able to properly stop the manager if we want to. For example, something like `systemctl stop knot-resolver.service` should stop all resolver processes, even `kresd`'s spawned by the manager previously.https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/51DoH can't be configured2022-01-16T17:45:50+01:00Vladimír Čunátvladimir.cunat@nic.czDoH can't be configured`kind: doh` in config generates `kind = 'doh'` for lua, but that won't work (at least for now), and might be better to generate `'doh2'` even in case the alias will work in future.`kind: doh` in config generates `kind = 'doh'` for lua, but that won't work (at least for now), and might be better to generate `'doh2'` even in case the alias will work in future.https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/50systemd: handle exited kresd instances2022-01-16T17:45:38+01:00Vladimír Čunátvladimir.cunat@nic.czsystemd: handle exited kresd instancesWhen a kresd instance exits (could be a crash or whatever), it does not get auto-restarted by systemd like in the manager-less case. What's worse, it blocks manager itself from reloading or even ^C-quitting, as it expects the service to...When a kresd instance exits (could be a crash or whatever), it does not get auto-restarted by systemd like in the manager-less case. What's worse, it blocks manager itself from reloading or even ^C-quitting, as it expects the service to be running.
Tested with systemd-session controller, assuming OS-level systemd will behave similarly. This seems important to improve for production-level reliability.https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/49modelling: more readable error messages2022-01-16T17:45:26+01:00Vaclav Sraiermodelling: more readable error messagessee https://relaxng.org/jclark/derivative.html#Error_handling for inspiration
an implementation of that is this https://relaxng.org/jclark/jing.html
cc @llhotkasee https://relaxng.org/jclark/derivative.html#Error_handling for inspiration
an implementation of that is this https://relaxng.org/jclark/jing.html
cc @llhotkaVaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/48datamodel: network: more readable 'kind' in listen interfaces2022-01-16T17:45:09+01:00Aleš Mrázekdatamodel: network: more readable 'kind' in listen interfaces- `dns-over-https` -> `doh`
- `dns-over-tls` -> `dot`- `dns-over-https` -> `doh`
- `dns-over-tls` -> `dot`Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/47datamodel: renaming 'server' section2022-01-16T17:44:57+01:00Aleš Mrázekdatamodel: renaming 'server' sectionThis section is basically a summary of things that do not fit elsewhere, so the name of this section may be confusing.
examples of the new name: `general`, `management`, ...
Or maybe try to split the section.This section is basically a summary of things that do not fit elsewhere, so the name of this section may be confusing.
examples of the new name: `general`, `management`, ...
Or maybe try to split the section.Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/46Add integration test with some complex configuration2022-01-16T17:44:46+01:00Vaclav SraierAdd integration test with some complex configurationFor example try to translate configuration from ODVR and see if it works. The ODVR configuration can be found in the discussion of issue #38For example try to translate configuration from ODVR and see if it works. The ODVR configuration can be found in the discussion of issue #38https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/45exit doesn't stop GC2022-01-16T17:14:56+01:00Vladimír Čunátvladimir.cunat@nic.czexit doesn't stop GCWhen exiting manager, kresd units are stopped but `kres-managed-cache-gc.service` remains. At least with systemd-session controller.
_Not a significant problem, I think._When exiting manager, kresd units are stopped but `kres-managed-cache-gc.service` remains. At least with systemd-session controller.
_Not a significant problem, I think._Vaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/44watchdog is broken2022-01-16T17:14:57+01:00Vladimír Čunátvladimir.cunat@nic.czwatchdog is brokenWhen watchdog isn't enabled (explicitly, and `True` doesn't suffice), the service will restart every 10s. That's because the generated unit contains watchdog spec (regardless of config), but generated config explicitly unloads the modul...When watchdog isn't enabled (explicitly, and `True` doesn't suffice), the service will restart every 10s. That's because the generated unit contains watchdog spec (regardless of config), but generated config explicitly unloads the module that would send the keep-alives.https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/43docs: annotate data model with docstrings2022-01-16T17:44:36+01:00Vaclav Sraierdocs: annotate data model with docstringsAleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/42systemd service: implement configuration file reload2022-01-16T17:14:56+01:00Vaclav Sraiersystemd service: implement configuration file reloadprobably after SIGUSRx?probably after SIGUSRx?Vaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/41SIGINT should cleanly terminate everything2022-01-16T17:14:56+01:00Vaclav SraierSIGINT should cleanly terminate everythingNow, only manager stops without stopping kresd instancesNow, only manager stops without stopping kresd instancesVaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/40docs: create man page2022-01-16T17:44:20+01:00Vaclav Sraierdocs: create man pageShould it contain configuration schema or are only CLI arguments sufficient?Should it contain configuration schema or are only CLI arguments sufficient?https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/39Add tests for all quick start configuration snippets in kresd documentation2022-01-16T17:44:09+01:00Vaclav SraierAdd tests for all quick start configuration snippets in kresd documentationhttps://knot-resolver.readthedocs.io/en/stable/modules-policy.htmlhttps://knot-resolver.readthedocs.io/en/stable/modules-policy.htmlAleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/38Optimize network configuration for lower verbosity2022-01-16T17:43:50+01:00Vaclav SraierOptimize network configuration for lower verbosityWhen we look at a more complicated configuration, for example our ODVR, the network section is unnecessarily verbose. We should make it more concise...
Note: issue changed topic due to a developing discussion. The previous topic was rec...When we look at a more complicated configuration, for example our ODVR, the network section is unnecessarily verbose. We should make it more concise...
Note: issue changed topic due to a developing discussion. The previous topic was recreated under #46Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/36datamodel: zone name as key in forward/stub-zones dictionary2022-01-16T17:43:37+01:00Aleš Mrázekdatamodel: zone name as key in forward/stub-zones dictionaryCurrently, the zone name is a key of stub/forward zone [dict](https://gitlab.nic.cz/knot/knot-resolver-manager/-/blob/datamodel-policy/knot_resolver_manager/datamodel/config_schema.py#L57), so it is not possible to create two configurati...Currently, the zone name is a key of stub/forward zone [dict](https://gitlab.nic.cz/knot/knot-resolver-manager/-/blob/datamodel-policy/knot_resolver_manager/datamodel/config_schema.py#L57), so it is not possible to create two configurations for one zone.
However, this can be a problem, for example, if I want to set up different stub/forward servers for `view` which differs from the global configuration.https://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/35tests: datamodel: tests for complex jinja2 templates/macros2022-01-16T17:14:56+01:00Aleš Mrázektests: datamodel: tests for complex jinja2 templates/macrosSome jinja2 templates and macros are more complex, so it would be good to come up with a way to test them.Some jinja2 templates and macros are more complex, so it would be good to come up with a way to test them.Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver-manager/-/issues/34full partial config updates2022-01-16T17:42:50+01:00Vaclav Sraierfull partial config updatesCurrently, we can only change configuration model with whole subtrees. So for example, you can't update a list or a dictionary with one value, you have to replace it whole.Currently, we can only change configuration model with whole subtrees. So for example, you can't update a list or a dictionary with one value, you have to replace it whole.