From: Michal Karm Babacek Date: Thu, 6 Oct 2016 20:20:00 +0000 (+0200) Subject: Tip for running kresd in containers. X-Git-Tag: v1.2.0-rc1~98 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ce28b17330a651f47efdfe09c036cb2c80a55b19;p=thirdparty%2Fknot-resolver.git Tip for running kresd in containers. Based on [issue 28](https://github.com/CZ-NIC/knot-resolver/issues/28), we were able to boost kresd performance running in a Docker container on DockerCloud by nearly 100% by binding to a single interface:ipaddress. It might be handy for other users to know. --- diff --git a/daemon/README.rst b/daemon/README.rst index 04c34faea..dcb107c15 100644 --- a/daemon/README.rst +++ b/daemon/README.rst @@ -244,6 +244,16 @@ Another example would show how it is possible to bind to all interfaces, using i net.listen(addr_list) end +.. tip:: Some users observed a considerable, close to 100%, performance gain in Docker containers when they bound the daemon to a single interface:ip address pair. One may expand the aforementioned example with browsing available addresses as: + + .. code-block:: lua + + addrpref = env.EXPECTED_ADDR_PREFIX + for k, v in pairs(addr_list["addr"]) do + if string.sub(v,1,string.len(addrpref)) == addrpref then + net.listen(v) + ... + You can also use third-party packages (available for example through LuaRocks_) as on this example to download cache from parent, to avoid cold-cache start. @@ -565,8 +575,8 @@ For when listening on ``localhost`` just doesn't cut it. .. code-block:: lua - > net.tls_cert("/etc/kresd/server-cert.pem", "/etc/kresd/server-key.pem") - > net.tls_cert() + > net.tls("/etc/kresd/server-cert.pem", "/etc/kresd/server-key.pem") + > net.tls() ("/etc/kresd/server-cert.pem", "/etc/kresd/server-key.pem") > net.listen("::", 853) > net.listen("::", 443, {tls = true})