Commit 70436fd8 authored by Jan Včelák's avatar Jan Včelák 🚀

Merge branch 'new_config' into 'master'

New configuration format
parents 6966fbc8 2bb9d3f9
......@@ -57,9 +57,6 @@
/m4/ltsugar.m4
/m4/ltversion.m4
/m4/lt~obsolete.m4
/src/knot/conf/libknotd_la-cf-lex.c
/src/knot/conf/libknotd_la-cf-parse.c
/src/knot/conf/libknotd_la-cf-parse.h
/src/dnssec/libdnssec.pc
/src/libknot-int.pc
/src/libknot.pc
......@@ -80,10 +77,12 @@
# Binaries
/src/knotc
/src/knotd
/src/knot1to2
/src/kdig
/src/khost
/src/knsupdate
/src/knsec3hash
/src/rosedb_tool
# Plugin binaries
/src/rosedb_tool
......
......@@ -4,11 +4,11 @@ compiler:
before_install:
- sudo add-apt-repository --yes ppa:cz.nic-labs/knot-dns
- sudo apt-get update -qq
- sudo apt-get install -qq autotools-dev autoconf automake libtool libssl-dev liburcu-dev flex bison ragel pkg-config texinfo texlive lcov liblmdb-dev
- sudo apt-get install -qq autotools-dev autoconf automake libtool libssl-dev liburcu-dev pkg-config texinfo texlive lcov liblmdb-dev
- sudo pip install cpp-coveralls --use-mirrors
before_script:
- autoreconf -fi
script:
- ./configure --disable-fastparser --disable-shared --enable-static --enable-code-coverage && make && make -k check
after_success:
- coveralls --exclude tests/ --exclude src/cf-lex.l --exclude src/cf-parse.y --exclude ./src/utils/ --exclude ./src/libtap --exclude ./src/zscanner --build-root ./src/
- coveralls --exclude tests/ --exclude ./src/utils/ --exclude ./src/libtap --exclude ./src/zscanner --build-root ./src/
......@@ -176,14 +176,14 @@ src/knot/common/ref.c
src/knot/common/ref.h
src/knot/common/time.h
src/knot/common/trim.h
src/knot/conf/cf-lex.l
src/knot/conf/cf-parse.y
src/knot/conf/conf.c
src/knot/conf/conf.h
src/knot/conf/extra.c
src/knot/conf/extra.h
src/knot/conf/includes.c
src/knot/conf/includes.h
src/knot/conf/confdb.c
src/knot/conf/confdb.h
src/knot/conf/scheme.c
src/knot/conf/scheme.h
src/knot/conf/tools.c
src/knot/conf/tools.h
src/knot/ctl/estimator.c
src/knot/ctl/estimator.h
src/knot/ctl/knotc_main.c
......@@ -439,6 +439,17 @@ src/utils/kdig/kdig_params.h
src/utils/khost/khost_main.c
src/utils/khost/khost_params.c
src/utils/khost/khost_params.h
src/utils/knot1to2/cf-lex.c
src/utils/knot1to2/cf-lex.l
src/utils/knot1to2/cf-parse.tab.c
src/utils/knot1to2/cf-parse.tab.h
src/utils/knot1to2/cf-parse.y
src/utils/knot1to2/extra.c
src/utils/knot1to2/extra.h
src/utils/knot1to2/includes.c
src/utils/knot1to2/includes.h
src/utils/knot1to2/main.c
src/utils/knot1to2/scheme.h
src/utils/knsupdate/knsupdate_exec.c
src/utils/knsupdate/knsupdate_exec.h
src/utils/knsupdate/knsupdate_main.c
......@@ -462,7 +473,6 @@ tests/acl.c
tests/base32hex.c
tests/base64.c
tests/changeset.c
tests/conf.c
tests/descriptor.c
tests/dname.c
tests/dthreads.c
......@@ -486,7 +496,6 @@ tests/requestor.c
tests/rrl.c
tests/rrset.c
tests/rrset_wire.c
tests/sample_conf.h
tests/server.c
tests/utils.c
tests/wire.c
......
......@@ -57,14 +57,12 @@ endif
code-coverage-html:
if CODE_COVERAGE_ENABLED
@echo "Generating code coverage HTML report (this might take a while)"
@cp src/knot/conf/cf-lex.l src/knot/conf/cf-parse.y src/
LANG=C $(GENHTML) $(code_coverage_quiet) \
--output-directory $(CODE_COVERAGE_HTML) \
--title "Knot DNS $(PACKAGE_VERSION) Code Coverage" \
--legend --show-details \
--ignore-errors source \
$(CODE_COVERAGE_INFO)
-@rm src/cf-lex.l src/cf-parse.y
else
@echo "You need to run configure with --enable-code-coverage to enable code coverage"
endif
......
......@@ -4,8 +4,6 @@ Dependencies
Knot DNS has several dependencies:
* libtool
* autoconf > 2.65
* flex >= 2.5.31
* bison >= 2.3
* liburcu >= 0.5.4
* gnutls >= 3.0
* jansson >= 2.3
......@@ -41,7 +39,7 @@ $ sudo apt-get upgrade
Install prerequisites:
$ sudo apt-get install \
libtool autoconf flex bison liburcu-dev libgnutls28-dev libjansson-dev
libtool autoconf liburcu-dev libgnutls28-dev libjansson-dev
Install optional packages to override embedded libraries:
$ sudo apt-get install liblmdb-dev
......@@ -59,7 +57,7 @@ Install basic development tools:
Install prerequisites:
# yum install \
libtool autoconf flex bison userspace-rcu-devel gnutls-devel jansson-devel
libtool autoconf userspace-rcu-devel gnutls-devel jansson-devel
Install optional packages to override embedded libraries:
# yum install lmdb-devel
......
......@@ -168,38 +168,6 @@ AC_SUBST(config_dir)
# Dependencies needed for Knot DNS daemon
#########################################
AS_IF([test "$enable_daemon" = "yes"],[
AC_CACHE_CHECK([for reentrant lex], [ac_cv_path_LEX],
[AC_PATH_PROGS_FEATURE_CHECK([LEX], [$LEX flex gflex],
[cat >conftest.l <<_ACEOF
%{
%}
%option reentrant
%option bison-bridge
%option noinput
%option nounput
%option noreject
BLANK [ \t\n]
%%
<<EOF>> return 0;
%%
_ACEOF
_AC_DO_VAR(ac_path_LEX conftest.l)
test $ac_status -eq 0 && ac_cv_path_LEX=$ac_path_LEX ac_path_LEX_found=true
rm -f conftest.l lexyy.c lex.yy.c
],
[AC_MSG_ERROR([could not find lex that supports reentrant parsers])])])
AC_SUBST([LEX], [$ac_cv_path_LEX])
AM_PROG_LEX
AC_PROG_YACC
YACC_BISON=`bison --version | awk '{print $1;exit}'`
AS_IF([test "x$YACC_BISON" != "xbison"],
[AC_MSG_ERROR([GNU bison needed for reentrant parsers, set the \$YACC variable before running configure])])
])
# Systemd integration
......@@ -448,6 +416,7 @@ AC_CONFIG_FILES([Makefile
man/kdig.1
man/knsupdate.1
man/knot.conf.5
man/knot1to2.1
])
AC_OUTPUT
......
#
# This is a sample of a minimal configuration file for Knot DNS when used with RoseDB.
system {
# Identity of the server (see RFC 4892).
identity on;
# Version of the server (see RFC 4892)
version on;
# User for running server
# May also specify user.group (e.g. knot.knot)
user knot.knot;
}
interfaces {
all_ipv4 {
address 0.0.0.0;
port 53;
}
all_ipv6 {
address [::];
port 53;
}
}
control {
# Default: knot.sock (relative to rundir)
listen-on "knot.sock";
}
zones {
query_module {
rosedb "/etc/knot/rosedb";
# catchall dnsproxy
# dnsproxy "192.0.2.1";
}
# dnsproxy for specific domain name
#
# example.com {
# query_module {
# dnsproxy "198.51.100.1";
# }
# }
}
log {
syslog {
# Log info and more serious events to syslog
any info;
}
# Log warnings, errors and criticals to stderr
stderr {
any warning;
}
}
......@@ -15,7 +15,7 @@ EXTRA_DIST = \
SPHINXBUILDDIR = _build
ALLSPHINXOPTS = -n -d $(SPHINXBUILDDIR)/doctrees -D latex_paper_size=a4 $(SPHINXOPTS) .
.PHONY: html-local singlehtml pdf-local info-local
.PHONY: html-local singlehtml pdf-local info-local man
if HAVE_DOCS
......@@ -37,7 +37,6 @@ pdf-local:
$(MAKE) -C $(SPHINXBUILDDIR)/latex all-pdf
@echo "pdflatex finished; the PDF files are in $(SPHINXBUILDDIR)/latex."
else
pdf:
@echo "You need to install pdflatex and re-run configure to be"
@echo "able to generate PDF documentation."
endif
......@@ -53,8 +52,13 @@ else
@echo "able to generate info pages."
endif
man:
$(SPHINXBUILD) -b man -D version="__VERSION__" -D today="__DATE__" $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/man
@echo
@echo "Build finished. The man pages are in $(SPHINXBUILDDIR)/man."
else
html-local singlehtml pdf-local info-local:
html-local singlehtml pdf-local info-local man:
@echo "Please install sphinx (python-sphinx) to generate Knot DNS documentation."
endif
......
......@@ -40,8 +40,9 @@ source_suffix = '.rst'
master_doc = 'index'
# General information about the project.
project = u'Knot DNS'
copyright = "%d, CZ.NIC, z.s.p.o." % time.localtime().tm_year
project = 'Knot DNS'
copyright = 'Copyright 2010-%d, CZ.NIC, z.s.p.o.' % time.localtime().tm_year
author = 'CZ.NIC Labs <http://www.knot-dns.cz>'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
......@@ -189,8 +190,7 @@ latex_elements = {
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title, author, documentclass [howto/manual]).
latex_documents = [
('index', 'KnotDNS.tex', u'Knot DNS Documentation',
u'CZ.NIC, z.s.p.o.', 'manual'),
('index', 'KnotDNS.tex', 'Knot DNS Documentation', copyright, 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
......@@ -218,10 +218,9 @@ latex_domain_indices = False
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
#man_pages = [
# ('index', 'knotdns', u'Knot DNS Documentation',
# [u'CZ.NIC, z.s.p.o.'], 1)
#]
man_pages = [
('reference', 'knot.conf', 'Knot DNS configuration file', author, 5)
]
# If true, show URL addresses after external links.
#man_show_urls = False
......@@ -233,10 +232,7 @@ latex_domain_indices = False
# (source start file, target name, title, author,
# dir menu entry, description, category)
texinfo_documents = [
('index', 'KnotDNS', u'Knot DNS Documentation',
u'CZ.NIC, z.s.p.o.', 'KnotDNS',
'High-performance authoritative DNS server implementation',
'Miscellaneous'),
('index', 'KnotDNS', 'Knot DNS Documentation', author)
]
# Documents to append as an appendix to all manuals.
......
This diff is collapsed.
.. meta::
:description: reStructuredText plaintext markup language
.. _Knot DNS Installation:
.. _Installation:
*********************
Knot DNS Installation
*********************
************
Installation
************
.. _Required build environment:
......@@ -25,8 +25,6 @@ Knot DNS build system relies on these standard tools:
* make
* libtool
* autoconf >= 2.65
* flex >= 2.5.31
* bison >= 2.3
.. _Required libraries:
......@@ -61,12 +59,12 @@ http://www.openssl.org.
Userspace RCU
-------------
liburcu is a LGPLv2.1 userspace RCU (read-copy-update) library. This
data synchronization library provides read-side access which scales
`Liburcu <http://urcu.so>`_ is a userspace RCU (read-copy-update) library.
This data synchronization library provides read-side access which scales
linearly with the number of cores. It does so by allowing multiple
copies of a given data structure to live at the same time, and by
monitoring the data structure accesses to detect grace periods after
which memory reclamation is possible. `Userspace RSU <http://lttng.org/urcu>`_
which memory reclamation is possible.
Binary packages for Debian can be found under ``liburcu1`` for the
library and ``liburcu-dev`` for development files.
......@@ -77,16 +75,16 @@ It is crucial especially on non-Linux systems, as we got some compatibility
patches accepted to later releases of Userspace RCU.
OpenBSD, NetBSD and OS X platforms are supported from version 0.7.0.
.. _Installation from the source:
.. _Installation from source code:
Installation from the sources
Installation from source code
=============================
You can find the source files for the latest release on `www.knot-dns.cz <https://www.knot-dns.cz>`_.
Alternatively, you can fetch the sources from git repository
You can find the source code for the latest release on `www.knot-dns.cz <https://www.knot-dns.cz>`_.
Alternatively, you can fetch the whole project from the git repository
`git://git.nic.cz/knot-dns.git <https://gitlab.labs.nic.cz/labs/knot/tree/master>`_.
After unpacking the sources, the compilation and installation is a
After obtaining the source code the compilation and installation is a
quite straightforward process using autotools.
.. _Configuring and generating Makefiles:
......@@ -94,7 +92,7 @@ quite straightforward process using autotools.
Configuring and generating Makefiles
------------------------------------
If you want to compile from Git sources, you need to bootstrap the ``./configure`` file first::
If compiling from the git source, you need to bootstrap the ``./configure`` file first::
$ autoreconf -i -f
......@@ -116,19 +114,6 @@ compiler versions and may result in an unexpected behaviour. Link
time optimizations also disables the possibility to debug the
resulting binaries.
If you want to add debug messages, there are two steps to do that.
First you have to enable modules you are interested in.
Available are: ``server, zones, ns, loader, dnssec``.
You can combine multiple modules as a comma-separated list.
Then you can narrow the verbosity of the debugging message by specifying the
verbosity as ``brief, verbose, details``.
For example::
$ ./configure --enable-debug=server,packet --enable-debuglevel=verbose
For more detailed information, see :ref:`Debug messages`.
Compilation
-----------
......@@ -154,17 +139,18 @@ You can do so by executing::
When installing as a non-root user you might have to gain elevated privileges by
switching to root user, e.g. ``sudo make install`` or ``su -c 'make install'``.
Installation from packages
==========================
.. _OS specific installation:
In addition to providing the packages in .DEB and .RPM format,
Knot DNS might already be available in your favourite distribution, or
in a ports tree.
OS specific installation
========================
Installing Knot DNS packages on Debian
--------------------------------------
Knot DNS might already be available in the destination operating system
repository.
Knot DNS is already available from Debian wheezy upwards. In addition
Debian Linux
------------
Knot DNS is already available from Debian wheezy upwards. In addition
to the official packages we also provide custom repository, which can
be used by adding::
......@@ -184,11 +170,11 @@ executing following command as the root user::
$ apt-get update
$ apt-get install knot
Installing Knot DNS packages on Ubuntu
--------------------------------------
Ubuntu Linux
------------
Prepackaged version of Knot DNS can be found in Ubuntu from
version 12.10 (Quantal Quetzal). In addition to the package included
version 12.10 (Quantal Quetzal). In addition to the package included
in the main archive, we provide Personal Package Archive (PPA) as an
option to upgrade to the last stable version of Knot DNS or to install
it on older versions of Ubuntu Linux.
......@@ -207,33 +193,33 @@ Running this sequence of commands will ensure that you will
install Knot DNS on your system and keep it up-to-date
in the future, when new versions are released.
Installing Knot DNS packages on Fedora
--------------------------------------
Fedora Linux
------------
The RPM packages for ``Knot DNS`` are available in official Fedora
The RPM packages for Knot DNS are available in official Fedora
repositories since Fedora 18 (Spherical Cow). Look for ``knot``
package in your package manager. To install the package using Yum, run
a following command as the root user::
the following command as the root user::
$ yum install knot
Installing Knot DNS from ports on FreeBSD
-----------------------------------------
FreeBSD
-------
Knot DNS is in ports tree under ``dns/knot``::
$ cd /usr/ports/dns/knot
$ sudo make install
Installing Knot DNS on Arch Linux
---------------------------------
Arch Linux
----------
Knot DNS is available official package repository (AUR)::
https://aur.archlinux.org/packages/knot/
Installing Knot DNS on Gentoo Linux
-----------------------------------
Gentoo Linux
------------
Knot DNS is available from Gentoo package repository::
......
.. meta::
:description: reStructuredText plaintext markup language
Introduction
============
.. _Introduction:
The reader of this document is assumed to know the principles of
Domain Name System.
************
Introduction
************
What is Knot DNS
----------------
================
Knot DNS is a high-performance open source DNS server. It
implements only authoritative domain name service. Knot DNS
......@@ -20,9 +20,9 @@ implementation which allows it to scale well on SMP systems and
operate non-stop even when adding or removing zones.
Knot DNS features
-----------------
=================
Knot DNS supports the following DNS features:
DNS features:
* IN class and partially CH class
* TCP/UDP protocols
......@@ -54,15 +54,9 @@ Knot DNS issue tracker: `gitlab.labs.nic.cz/labs/knot/issues <https://gitlab.lab
Knot DNS users mailing list: `knot-dns-users@lists.nic.cz <mailto:knot-dns-users@lists.nic.cz>`_
Scope of this document
----------------------
This document covers the basic information on installing, configuring
and troubleshooting the Knot DNS server.
License
-------
=======
Knot DNS is licensed under `GNU General Public License <https://www.gnu.org/copyleft/gpl.html>`_
version 3 or (at your option) any later version. The full text of the license
is available in the ``COPYING`` file distributed with the source codes.
is available in the ``COPYING`` file distributed with the source code.
......@@ -45,13 +45,11 @@ generated by Bind.
You can follow this example::
zones {
storage "/var/lib/knot";
example.com {
dnssec-enable on;
dnssec-keydir "example.com.keys";
file "example.com.db";
}
}
zone:
- domain: "example.com."
file: "example.com.db"
storage: "/var/lib/knot"
dnssec-enable: on
dnssec-keydir: "example.com.keys"
5. Start Knot DNS and check the log files to make sure that everything went right.
This diff is collapsed.
.. meta::
:description: reStructuredText plaintext markup language
Knot DNS Resource Requirements
==============================
.. _Requirements:
Hardware requirements
---------------------
************
Requirements
************
Hardware
========
Knot DNS requirements are not very demanding for typical
installations, and a commodity server or a virtual solution will be
sufficient in most cases.
However please note that there are some scenarios that will require
However, please note that there are some scenarios that will require
administrator attention and testing of exact requirements before
deploying Knot DNS in production. These cases include deployment for a
large number of zones (DNS hosting), a large number of records in one
......@@ -30,7 +33,7 @@ Memory requirements
-------------------
Knot DNS implementation focuses on performance and thus can be quite
demanding for memory. The rough estimate for memory requirements is
demanding for memory. The rough estimate for memory requirements is
3 times of the size of the zone in text format. Again this is only
an estimate and you are advised to do your own measurements before
deploying Knot DNS into production.
......@@ -40,8 +43,8 @@ employs a Read-Copy-Update mechanism instead of locking and thus
requires twice the amount of memory for the duration of incoming
transfers.
Supported operating system
--------------------------
Operating system
================
Knot DNS itself is written in a portable way, but it depends on
several libraries. Namely userspace-rcu, which could be a constraint
......
.. meta::
:description: reStructuredText plaintext markup language
.. _Running Knot DNS:
.. _Running:
****************
Running Knot DNS
****************
*******
Running
*******
The Knot DNS server part ``knotd`` can run either in the foreground or in the background,
with the ``-d`` option. When run in the foreground, it doesn't create a PID file.
......@@ -15,9 +15,10 @@ The tool ``knotc`` is designed as a front-end for user, making it easier to cont
server daemon. If you want to control the daemon directly, use ``SIGINT`` to quit
the process or ``SIGHUP`` to reload configuration.
If you do not pass any configuration via ``-c`` option, it will try to
search configuration in default path that is ``SYSCONFDIR/knot.conf``. The ``SYSCONFDIR``
depends on what you passed to the ``./configure``, usually ``/etc``.
If you pass neither configuration file (``-c`` parameter) nor configuration
database (``-C`` parameter), server will try to use the default configuration
file stored in ``SYSCONFDIR/knot/knot.conf`` (configured with
``--with-configdir=path``)
Example of server start as a daemon::
......@@ -30,24 +31,24 @@ Example of server stop::
For a complete list of actions refer to ``knotd -h`` and ``knotc -h``
or corresponding man pages.
Also, the server needs to create several files in order to run properly. These
files are stored in the folowing directories.
Also, the server needs to create :ref:`server_rundir` and :ref:`template_storage`
directories in order to run properly.
``storage`` (:ref:`storage`):
.. _Configuration database:
* *Zone files* - default directory for storing zone files. This can be
overriden using absolute zone file location.
Configuration database
======================
In the case of a huge configuration file, the configuration can be preloaded
into the server`s configuration database::
* *Journal files* - each zone has a journal file to store differences
for IXFR and dynamic updates. Journal for zone ``example.com`` will
be placed in ``example.com.diff.db``.
$ knotc import input.conf
``rundir`` (:ref:`rundir`):
Also the configuration database can be exported into the configuration file::
* *PID file* - is created automatically when the server is run in background.
$ knotc export output.conf
* *Control sockets* - as a default, UNIX sockets are created here, but
this can be overriden.
It is recommended to process these operations without server running.
.. _Running a slave server:
......@@ -55,12 +56,10 @@ Running a slave server
======================
Running the server as a slave is very straightforward as you usually
bootstrap zones over AXFR and thus avoid any manual zone compilation.
bootstrap zones over AXFR and thus avoid any manual zone operations.
In contrast to AXFR, when the incremental transfer finishes, it stores
the differences in a journal file and doesn't update the zone file
immediately. There is a timer that checks periodically for new
differences and updates the zone file. You can configure this timer
with the ``zonefile-sync`` statement in ``zones`` (:ref:`zones`).
the differences in the journal file and doesn't update the zone file
immediately but after :ref:`template_zonefile-sync` period elapses.
.. _Running a master server:
......@@ -96,14 +95,14 @@ action::
$ knotc -c master.conf reload
If you want *IXFR-out* differences created from changes you make to a
zone file, enable :ref:`ixfr-from-differences` in ``zones`` statement,
then reload your server as seen above. If *SOA*'s *serial* is not
changed no differences will be created.
If you want to enable ixfr differences creation from changes you make to a
zone file, enable :ref:`template_ixfr-from-differences` in the zone configuration
and reload your server as seen above. If *SOA*'s *serial* is not changed,
no differences will be created.
If you want to refresh the slave zones, you can do this with the
``knotc refresh`` action::
$ knotc -c slave.conf refresh
For the zone retransfer, there is also additional command ``-f``.
For the zone retransfer, there is also an additional command ``-f``.
.. meta::
:description: reStructuredText plaintext markup language
.. _Troubleshooting:
***************
Troubleshooting
***************
First of all, check the logs (:ref:`log`). By default, Knot DNS logs
all error messages to syslog. Enabling at least the ``warning``
message severity may help you identify some problems.
First of all, check the logs (:ref:`Logging section`). Enabling at least
the ``warning`` message severity may help you identify some problems.
.. _Submitting a bugreport: