4362. [func] Changed rndc reconfig behaviour so that newly added

zones are loaded asynchronously and the loading does not block the server. [RT #41934]

4362. [func] Changed rndc reconfig behaviour so that newly added
zones are loaded asynchronously and the loading does not block the server. [RT #41934]
e846f127 · Witold Krecicki · 28053af0 · e846f127 · e846f127 · e846f127
Commit e846f127 authored May 05, 2016 by Witold Krecicki
8 changed files
--- a/CHANGES
+++ b/CHANGES
+4362.	[func]		Changed rndc reconfig behaviour so that newly added 
+			zones are loaded asynchronously and the loading does 
+			not block the server. [RT #41934]
+
 4361.	[cleanup]	Where supported, file modification times returned
 			by isc_file_getmodtime() are now accurate to the
 			nanosecond. [RT #41968]

--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -271,6 +271,7 @@ typedef struct ns_cfgctx {
 */
 typedef struct {
 		ns_server_t *server;
+		isc_boolean_t reconfig;
 		isc_refcount_t refs;
 } ns_zoneload_t;

@@ -6928,6 +6929,7 @@ view_loaded(void *arg) {
 	isc_result_t result;
 	ns_zoneload_t *zl = (ns_zoneload_t *) arg;
 	ns_server_t *server = zl->server;
+	isc_boolean_t reconfig = zl->reconfig;
 	unsigned int refs;


@@ -6946,8 +6948,21 @@ view_loaded(void *arg) {
 	isc_refcount_destroy(&zl->refs);
 	isc_mem_put(server->mctx, zl, sizeof (*zl));

-	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
-		      ISC_LOG_NOTICE, "all zones loaded");
+	/*
+	 * To maintain compatibility with log parsing tools that might
+	 * be looking for this string after "rndc reconfig", we keep it
+	 * as it is
+	 */
+	if (reconfig) {
+		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+			      NS_LOGMODULE_SERVER, ISC_LOG_INFO,
+			      "any newly configured zones are now loaded");
+	} else {
+		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+			      NS_LOGMODULE_SERVER, ISC_LOG_NOTICE,
+			      "all zones loaded");
+	}
+
 	CHECKFATAL(dns_zonemgr_forcemaint(server->zonemgr),
 		   "forcing zone maintenance");

@@ -6959,7 +6974,7 @@ view_loaded(void *arg) {
 }

 static isc_result_t
-load_zones(ns_server_t *server, isc_boolean_t init) {
+load_zones(ns_server_t *server, isc_boolean_t init, isc_boolean_t reconfig) {
 	isc_result_t result;
 	dns_view_t *view;
 	ns_zoneload_t *zl;
@@ -6969,6 +6984,7 @@ load_zones(ns_server_t *server, isc_boolean_t init) {
 	if (zl == NULL)
 		return (ISC_R_NOMEMORY);
 	zl->server = server;
+	zl->reconfig = reconfig;

 	result = isc_task_beginexclusive(server->task);
 	RUNTIME_CHECK(result == ISC_R_SUCCESS);
@@ -7026,39 +7042,6 @@ load_zones(ns_server_t *server, isc_boolean_t init) {
 	return (result);
 }

-static isc_result_t
-load_new_zones(ns_server_t *server, isc_boolean_t stop) {
-	isc_result_t result;
-	dns_view_t *view;
-
-	result = isc_task_beginexclusive(server->task);
-	RUNTIME_CHECK(result == ISC_R_SUCCESS);
-
-	/*
-	 * Load zone data from disk.
-	 */
-	for (view = ISC_LIST_HEAD(server->viewlist);
-	     view != NULL;
-	     view = ISC_LIST_NEXT(view, link))
-	{
-		CHECK(dns_view_loadnew(view, stop));
-
-		/* Load managed-keys data */
-		if (view->managed_keys != NULL)
-			CHECK(dns_zone_loadnew(view->managed_keys));
-		if (view->redirect != NULL)
-			CHECK(dns_zone_loadnew(view->redirect));
-	}
-
-	/*
-	 * Resume zone XFRs.
-	 */
-	dns_zonemgr_resumexfrs(server->zonemgr);
- cleanup:
-	isc_task_endexclusive(server->task);
-	return (result);
-}
-
 static void
 run_server(isc_task_t *task, isc_event_t *event) {
 	isc_result_t result;
@@ -7112,7 +7095,7 @@ run_server(isc_task_t *task, isc_event_t *event) {

 	isc_hash_init();

-	CHECKFATAL(load_zones(server, ISC_TRUE), "loading zones");
+	CHECKFATAL(load_zones(server, ISC_TRUE, ISC_FALSE), "loading zones");
 #ifdef ENABLE_AFL
 	ns_g_run_done = ISC_TRUE;
 #endif
@@ -7611,7 +7594,7 @@ reload(ns_server_t *server) {
 	isc_result_t result;
 	CHECK(loadconfig(server));

-	result = load_zones(server, ISC_FALSE);
+	result = load_zones(server, ISC_FALSE, ISC_FALSE);
 	if (result == ISC_R_SUCCESS)
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_SERVER, ISC_LOG_INFO,
@@ -7926,11 +7909,11 @@ ns_server_reconfigcommand(ns_server_t *server) {

 	CHECK(loadconfig(server));

-	result = load_new_zones(server, ISC_FALSE);
+	result = load_zones(server, ISC_FALSE, ISC_TRUE);
 	if (result == ISC_R_SUCCESS)
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_SERVER, ISC_LOG_INFO,
-			      "any newly configured zones are now loaded");
+			      "scheduled loading new zones");
 	else
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_SERVER, ISC_LOG_ERROR,

--- a/bin/tests/system/rndc/clean.sh
+++ b/bin/tests/system/rndc/clean.sh
@@ -23,5 +23,8 @@ rm -f ns*/named.run
 rm -f ns4/*.conf
 rm -f rndc.status
 rm -f rndc.output
+rm -f dig.out
 rm -f ns*/named.lock
 rm -f ns4/*.nta
+rm -f ns6/named.conf
+rm -f ns6/huge.zone.db
--- a/bin/tests/system/rndc/ns6/named.args
+++ b/bin/tests/system/rndc/ns6/named.args
+# teardown of a huge zone with tracing enabled takes way too long 
+# -m none is set so that stop.pl does not timeout
+-X named.lock -m none -T clienttest -c named.conf -d 99 -g -U 4
\ No newline at end of file
--- a/bin/tests/system/rndc/ns6/named.conf.in
+++ b/bin/tests/system/rndc/ns6/named.conf.in
+/*
+ * Copyright (C) 2015  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+controls { /* empty */ };
+
+options {
+	port 5300;
+	pid-file "named.pid";
+	listen-on { 10.53.0.6; };
+	listen-on-v6 { none; };
+	recursion no;
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm hmac-sha256;
+};
+
+controls {
+	inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; };
+};
--- a/bin/tests/system/rndc/setup.sh
+++ b/bin/tests/system/rndc/setup.sh
@@ -25,7 +25,12 @@ $SHELL ../genzone.sh 2 >ns2/nil.db
 $SHELL ../genzone.sh 2 >ns2/other.db
 $SHELL ../genzone.sh 2 >ns2/static.db

+$SHELL ../genzone.sh 2 >ns6/huge.zone.db
+awk 'END { for (i = 1; i <= 1000000; i++)
+     printf "host%u IN A 10.53.0.6\n", i; }' < /dev/null >> ns6/huge.zone.db
+
 cat ns4/named.conf.in > ns4/named.conf
+cat ns6/named.conf.in > ns6/named.conf

 make_key () {
    $RNDCCONFGEN -r $RANDFILE -k key$1 -A $2 -s 10.53.0.4 -p 995${1} \

--- a/bin/tests/system/rndc/tests.sh
+++ b/bin/tests/system/rndc/tests.sh
@@ -448,6 +448,55 @@ grep "^running on " rndc.output > /dev/null || ret=1
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`

+echo "I:test 'rndc reconfig' with loading of a large zone"
+ret=0
+cur=`awk 'BEGIN {l=0} /^/ {l++} END { print l }' ns6/named.run`
+cp ns6/named.conf ns6/named.conf.save
+echo "zone \"huge.zone\" { type master; file \"huge.zone.db\"; };" >> ns6/named.conf
+echo " I:reloading config"
+$RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > rndc.output 2>&1 || ret=1
+if [ $ret != 0 ]; then echo " I:failed"; fi
+status=`expr $status + $ret`
+sleep 1
+echo " I:check if zone load was scheduled"
+grep "scheduled loading new zones" ns6/named.run > /dev/null || ret=1
+if [ $ret != 0 ]; then echo " I:failed"; fi
+status=`expr $status + $ret`
+
+echo " I:check if query for the zone returns SERVFAIL"
+$DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out
+grep "SERVFAIL" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo " I:failed"; fi
+status=`expr $status + $ret`
+
+echo " I:wait for the zones to be loaded"
+ret=1
+try=0
+while test $try -lt 45
+do
+    sleep 1
+    sed -n "$cur,"'$p' < ns6/named.run | grep "any newly configured zones are now loaded" > /dev/null && {
+        ret=0
+        break
+    }
+    try=`expr $try + 1`
+done
+if [ $ret != 0 ]; then echo " I:failed"; fi
+status=`expr $status + $ret`
+
+echo " I:check if query for the zone returns NOERROR"
+$DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out
+grep "NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo " I:failed"; fi
+status=`expr $status + $ret`
+
+mv ns6/named.conf.save ns6/named.conf
+sleep 1
+$RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > /dev/null || ret=1
+sleep 1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
 if [ -x "$PYTHON" ]; then
    echo "I:test rndc python bindings"
    ret=0

--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -694,6 +694,11 @@
 	  Added support for the AVC resource record type (Application
 	  Visibility and Control).
 	</para>
+	<para>
+	  Changed <command>rndc reconfig</command> behaviour so that newly
+	  added zones are loaded asynchronously and the loading does not
+	  block the server.
+	</para>
      </listitem>
    </itemizedlist>
  </section>