26 Dub
2018
26 Dub
'18
13:48
Hello all,
my Knot DNS is now in production and I would like to setup some
backup tasks for the configuration and of course keys. Are there any
recommendations regarding backup? And restore? I can see that it is very
easy to dump current config but I am to sure how to backup keys. What do
you recommend? Save the content of /var/lib/knot on a hourly/daily
basis? I am not using shared keys.
Thanks
With regards
Ales
27 Dub
27 Dub
8:57
Hi Aleš,
you can simply backup the 'keys' directory (containing both the LMDB
with keystore and the subdirectory with pem files), possibly
incrementally. I would simply set the period of backup for
DNSSEC-related stuff to be less than propagation-delay in your config. I
would slightly recommend to backup everything (including zonefile,
journal, ...) together, provided if it's not a problem due to e.g. size.
When restoring from backup, it would be good to have Knot turned off.
Shared keys don't matter, since everything is on one place for all zones.
Libor
Dne 26.4.2018 v 13:48 Aleš Rygl napsal(a):
Hello all,
my Knot DNS is now in production and I would like to setup some
backup tasks for the configuration and of course keys. Are there any
recommendations regarding backup? And restore? I can see that it is
very easy to dump current config but I am to sure how to backup keys.
What do you recommend? Save the content of /var/lib/knot on a
hourly/daily basis? I am not using shared keys.
Thanks
With regards
Ales
2431
days inactive
2432
days old
1 comments
2 participants
participants (2)
-
Aleš Rygl -
libor.peltan@nic.cz