Closed sjmuniz closed 4 years ago
@sjmuniz Great question - It's due to overriding /etc/bind all together.
Unfortunately, the mentality was that if you override it, "you know what you are doing", and then chances are you are providing your own configs/keys/etc.
But to your point - the keys should probably be included. So this leaves 2 solutions: 1.) override a sub-folder within /etc/bind (ex: /etc/bind/custom) or 2.) have the keys be dropped/copied/etc as part of "startup" as the last step during container start (ex: /root/rndc.key -> /etc/bind.) on every single container start.
What do you think about a "good way" to set this up?
@ventz I like the idea of generating it at /root and linking. I think it provides greater flexibility. Keep tuned for a set of patches. Thanks, Sebastian.
Hello, Ventz I find a bit of race condition between the generation of rndc key at build time and the expectation of "/DATA/etc/bind" to be mounted on top of /etc/bind within the container. Either I am doing something wrong or correct me if there is an issue.
If I mount from docker-compose a "/DATA/etc/bind" on top of /etc/bind there should be a mechanism to preserve rndc or it would be overwriten/hidden with the external information.
My docker-compose is:
I modified it to use path relatives to the docker-compose file. But of course rndc is not there after populating ./etc_bind: with container/configs/ contents, and bind fails to start because it can not find rndc.
¿What am I doing wrong? ¡Thanks you!