import socket
from typing import Any, Dict, List, Literal, Optional, Tuple, Union
-from knot_resolver.constants import API_SOCK_FILE, FREEBSD_SYS, LINUX_SYS, RUN_DIR, VERSION
+from knot_resolver.constants import API_SOCK_FILE, RUN_DIR, VERSION, WORKERS_SUPPORT
from knot_resolver.datamodel.cache_schema import CacheSchema
from knot_resolver.datamodel.defer_schema import DeferSchema
from knot_resolver.datamodel.dns64_schema import Dns64Schema
return obj.hostname
def _workers(self, obj: Raw) -> Any:
- no_support_msg = "On this system, you cannot run more than one worker because SO_REUSEPORT/SO_REUSEPORT_LB socket option is not supported."
-
- workers_support = LINUX_SYS or FREEBSD_SYS
- if not workers_support and (int(obj.workers) > 1):
- raise ValueError(no_support_msg)
+ no_workers_support_msg = (
+ "On this system, you cannot run more than one worker because "
+ "SO_REUSEPORT (Linux) or SO_REUSEPORT_LB (FreeBSD) socket option is not supported."
+ )
+ if not WORKERS_SUPPORT and (int(obj.workers) > 1):
+ raise ValueError(no_workers_support_msg)
if obj.workers == "auto":
- if not workers_support:
+ if not WORKERS_SUPPORT:
logger.info(
"Running on system without support for multiple workers,"
- f"' workers' configuration automatically set to 1. {no_support_msg}"
+ f"' workers' configuration automatically set to 1. {no_workers_support_msg}"
)
return IntPositive(1)
from subprocess import SubprocessError
from typing import Any, Callable, List, Optional
-from knot_resolver.constants import FREEBSD_SYS, LINUX_SYS
from knot_resolver.controller.exceptions import SubprocessControllerError
from knot_resolver.controller.interface import Subprocess, SubprocessController, SubprocessStatus, SubprocessType
from knot_resolver.controller.registered_workers import command_registered_workers, get_registered_workers_kresids
# register callback to reset policy rules for each 'kresd' worker
await config_store.register_on_change_callback(self.reset_workers_policy_rules)
- # Only necessary on systems that allow multiple kresd workers
- # TLS session secret synchronization across all workers
- if LINUX_SYS or FREEBSD_SYS:
- # register and immediately call a callback to set new TLS session ticket secret for 'kresd' workers
- await config_store.register_on_change_callback(
- only_on_real_changes_update(config_nodes)(self.set_new_tls_sticket_secret)
- )
+ # register and immediately call a callback to set new TLS session ticket secret for 'kresd' workers
+ await config_store.register_on_change_callback(
+ only_on_real_changes_update(config_nodes)(self.set_new_tls_sticket_secret)
+ )
# register callback that reloads files (TLS cert files) if selected configuration has not been changed
await config_store.register_on_change_callback(only_on_no_changes_update(config_nodes)(files_reload))
)
async def set_new_tls_sticket_secret(self, config: KresConfig, force: bool = False) -> None:
+ if int(config.workers) == 1:
+ logger.info(
+ "There is no need to synchronize the TLS session secret across all workers"
+ " because only one kresd worker is configured - skipping auto-generation"
+ )
+ return
+
if config.network.tls.sticket_secret or config.network.tls.sticket_secret_file:
- logger.debug("User-configured TLS resumption secret found - skipping auto-generation.")
+ logger.debug("User-configured TLS resumption secret found - skipping auto-generation")
return
logger.debug("Creating TLS session ticket secret")
projects / thirdparty / knot-resolver.git / commitdiff
