manager: load policy rules on any configuration change

diff --git a/doc/dev/architecture-pl.rst b/doc/dev/architecture-pl.rst
index d5fd80f04194b2497fefee4c073ad672dcaf131e..724652d63994e89d1655e7f0198324eb9dd26039 100644 (file)
--- a/doc/dev/architecture-pl.rst
+++ b/doc/dev/architecture-pl.rst
@@ -5,14 +5,13 @@ policy-loader
 The ``policy-loader`` is a new special kresd instance ensuring that configured policies are loaded into the rules database where they are made available to all running kresd workers. 
 If the policies are loaded successfully, the ``policy-loader`` exits automatically, otherwise it exits with an error code that is detected by Supervisor.
 
+The ``policy-loader`` is triggered on every reload or a cold start to recompile the LMDB of rules,
+as changes to external files are not tracked (e.g. RPZ or /etc/hosts).
+This eliminates the need to restart kresd workers if only the policies have changed.
+In that case the running kresd workers are only notified of changes in the rules database by their control socket using the ``kr_rules_reset()`` function.
 
-The ``policy-loader`` is only triggered when there are the policies relevant configuration changes, or when the resolver is cold started.
-This eliminates the need to restart all running kresd workers if only the policies have changed.
-The running kresd workers are only notified of changes in the rules database by their control socket using the ``kr_rules_reset()`` function.
-The policies are all configuration options located under the ``views``, ``local-data`` and ``forward`` sections.
-
-
-The kresd workers are only fully restarted when a relevant configuration change is made to them (everything else outside the policies), or when the resolver is cold started.
+The kresd workers are only restarted when a relevant configuration change is made.
+In particular, options located under the ``views`` and ``local-data`` do not need kresd restarts.
 The same as for the kresd workers applies to the kresd canary process, which is always run before the kresd workers to validate the new configuration.
 The manager always waits for the ``policy-loader`` to finish before working with other processes.
 

diff --git a/manager/knot_resolver_manager/kres_manager.py b/manager/knot_resolver_manager/kres_manager.py
index 9499e7cb7c14ec8b9c2e843e9799617558a85d6f..79859a53f4a9f64d9192380ef055135bca59ffd7 100644 (file)
--- a/manager/knot_resolver_manager/kres_manager.py
+++ b/manager/knot_resolver_manager/kres_manager.py
@@ -115,11 +115,7 @@ class KresManager:  # pylint: disable=too-many-instance-attributes
         await self._collect_already_running_workers()
 
         # register and immediately call a callback that applies policy rules configuration
-        await config_store.register_on_change_callback(
-            only_on_real_changes_update(lambda config: [config.views, config.local_data, config.forward])(
-                self.apply_policy_rules_config
-            )
-        )
+        await config_store.register_on_change_callback(self.apply_policy_rules_config)
 
         # configuration nodes that are relevant to kresd workers and the cache garbage collector
         def config_nodes(config: KresConfig) -> List[Any]: