Mechanism to propagate ACLs and Views to multiple BIND servers
When we introduced catalog zones, we immediate began getting requests to provide centralized configuration for other frequently-updated parts of the configuration, including views and the ACL list.
The suggestion was to extend catalog zones for this purpose, but that may not be an appropriate solution. Any mechanism that is not unnecessarily complex that will facilitate centralized management of the views and ACL list for a server farm is desirable.
- A push rather than a pull mechanism may be preferable, to avoid the notify overhead.
- There must be some way to centrally monitor which servers have successfully updated their configuration via this method, perhaps some versioning system for the configuration.
- It is desirable to be able to create an updated list of views and ACL list and schedule the change to be applied at a later time (e.g. for the case where the ACL is required for regulatory reasons to take effect on a certain day).
See also the related feature request RT# 44546, Extend Catalog zones to provision views