|
|
## Background
|
|
|
BIND 9 has support for optional features that usually need external libraries. The most difficult to set up and also most requested is dnstap that has number of external dependencies (protobuf, fstrm, ...). Those libraries are often outdated or missing and BIND 9 cannot be compiled with the optional feature.
|
|
|
BIND 9 has support for optional features that usually need external libraries. The most difficult one to set up and also the most requested one is dnstap, which has a number of external dependencies (i.a. protobuf, fstrm). Stock OS packages for those libraries are often outdated or missing and thus BIND 9 cannot be compiled with support for that feature.
|
|
|
|
|
|
BIND 9 comes in two flavours - the open source edition and subscription edition.
|
|
|
BIND 9 comes in two flavours - the open source edition and the subscription edition.
|
|
|
|
|
|
## Detailed Requirements
|
|
|
|
|
|
1. BIND 9 Packages
|
|
|
1. Kea modules and extra features should be packaged separately into dynamically loaded libraries, see more in #435.
|
|
|
1. packages should be prepared in a way that allow installation and upgrading
|
|
|
1. Coordinate packaging with distro maintainers(?)
|
|
|
1. keep solution close to distros solutions so maintainers could gain from packaging changes on Kea side and quickly update their side when something changes in Kea e.g. new daemon has been added, etc.
|
|
|
1. In case of RPM, we provide BIND packages as Software Collection (SCL) as they are not really compatible with BIND 9 packages provided by RedHat (it's more vanilla, doesn't provide PKCS#11 integration)
|
|
|
1. Packages should be prepared in a way that allows installation and upgrading
|
|
|
1. In the case of RPM, we provide BIND packages as a Software Collection (SCL) as they are not really compatible with BIND 9 packages provided by RedHat (it's more vanilla, doesn't provide PKCS#11 integration)
|
|
|
1. Formats
|
|
|
1. minimum: deb and rpm
|
|
|
1. At least deb and RPM
|
|
|
1. Supported distros
|
|
|
1. Ubuntu LTSs (16.04, 18.04)
|
|
|
1. RHEL/CentOS - 6, 7
|
|
|
1. RHEL/CentOS - 6, 7
|
|
|
1. Fedora (supported versions)
|
|
|
1. Debian - 9 (stretch), 10 (buster)
|
|
|
1. Packages compliance
|
|
|
1. Packages should be compliant with distros policies
|
|
|
1. BIND 9 processes should use native solutions for services, systemd on Linuxes, daemon on FreeBSD
|
|
|
1. Package compliance
|
|
|
1. Packages should be compliant with distros' policies
|
|
|
1. BIND 9 processes should use native solutions for services, systemd on Linux, daemon on FreeBSD
|
|
|
1. Distribution
|
|
|
1. Distributing open source packages and premium/subscription packages should be supported
|
|
|
1. Packages should be exposed as just a folder of files on FTP/HTTP server
|
... | ... | @@ -29,7 +26,7 @@ BIND 9 comes in two flavours - the open source edition and subscription edition. |
|
|
1. COPR for Fedora/CentOS/RHEL: https://copr.fedorainfracloud.org/coprs/isc/{bind,bind-esv,bind-dev}/
|
|
|
1. The closest thing Debian has is debian.net domain, so we have https://bind.debian.net/<flavor>/
|
|
|
1. Subscription edition is using private location
|
|
|
1. Repositories and/or packages MUST signed
|
|
|
1. Repositories and/or packages MUST be signed
|
|
|
1. Per-customer access control should be applied to the subscription edition
|
|
|
|
|
|
## Design
|
... | ... | @@ -38,10 +35,12 @@ BIND 9 comes in two flavours - the open source edition and subscription edition. |
|
|
|
|
|
#### RPM
|
|
|
|
|
|
* isc-bind - metapackage
|
|
|
* isc-bind-bind
|
|
|
* isc-bind-bind-utils
|
|
|
* ...
|
|
|
* isc-bind - SCL metapackage
|
|
|
* isc-bind-bind - `named` and everything else installed into `<scl-prefix>/usr/sbin`, plus the relevant daemon and system configuration files
|
|
|
* isc-bind-bind-utils - utilities installed into `<scl-prefix>/usr/bin`
|
|
|
* isc-bind-bind-libs - libraries installed into `<scl-prefix>/usr/lib` or `<scl-prefix>/usr/lib64`
|
|
|
* isc-bind-bind-devel - everything installed into `<scl-prefix>/usr/include`, plus `<scl-prefix>/usr/bin/bind9-config` and `<scl-prefix>/usr/bin/isc-config.sh`
|
|
|
* isc-bind-bind-debuginfo - debug objects for binaries contained in the other packages
|
|
|
|
|
|
#### Deb
|
|
|
|
... | ... | @@ -80,11 +79,11 @@ Example: |
|
|
|
|
|
### Repository Design
|
|
|
|
|
|
Repos hierarchy and naming convention is as follows.
|
|
|
Repos hierarchy and naming convention is as follows:
|
|
|
|
|
|
* bind9?-esv
|
|
|
* bind9?
|
|
|
* bind9?-dev
|
|
|
* bind-esv
|
|
|
* bind
|
|
|
* bind-dev
|
|
|
|
|
|
The release component of the package is handled natively by the repository design.
|
|
|
|
... | ... | @@ -103,8 +102,8 @@ Done natively by distribution tools. |
|
|
#### Ubuntu
|
|
|
Done by Launchpad.
|
|
|
|
|
|
#### Subscription edition.
|
|
|
Done natively by distribution tools
|
|
|
#### Subscription Edition
|
|
|
Done manually.
|
|
|
|
|
|
## Synchronization with Distributions
|
|
|
|
... | ... | @@ -112,15 +111,15 @@ Done natively by distribution tools |
|
|
|
|
|
* Fedora 28 - supported till 2019.06
|
|
|
* Fedora 29 - supported till ~2019.12
|
|
|
* **Fedora 30 - planned release on 2019.05.07, will include Kea ???**
|
|
|
* Fedora 30 - released on 2019.04.30
|
|
|
|
|
|
Old release X is maintained until 1 month after the release of X+2.
|
|
|
|
|
|
### RHEL/CentOS
|
|
|
|
|
|
* RHEL 6 - ...
|
|
|
* RHEL 7 - End of Full Support: 2019 Q4, End of Maintenance Support 2 - 2024.06.30
|
|
|
* **RHEL 8 - beta released on 2018.11.14, planned release on ~2019, will include Kea ???**
|
|
|
* RHEL 6 - End of Full Support: 2017.05.10, End of Maintenance Support: 2020.11.30
|
|
|
* RHEL 7 - End of Full Support: 2020 Q4, End of Maintenance Support: 2024.06.30
|
|
|
* RHEL 8 - released on 2019.05.07
|
|
|
|
|
|
### CentOS
|
|
|
|
... | ... | @@ -130,7 +129,7 @@ Releases 1 month after RHEL releases. Support is the same as in RHEL. |
|
|
|
|
|
* Debian 8 "jessie" - obsolete stable release, EOLed, LTS supported till 2020.06.06
|
|
|
* Debian 9 "stretch" - current stable release, full supported till 2020, LTS till 2022
|
|
|
* **Debian 10 "buster" - no release date has been set, will include Kea ???**
|
|
|
* Debian 10 "buster" - release planned for Mid-2019
|
|
|
|
|
|
### Ubuntu
|
|
|
|
... | ... | |