diff options
| -rw-r--r-- | docs/OPERATION | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/docs/OPERATION b/docs/OPERATION new file mode 100644 index 00000000..cdeec417 --- /dev/null +++ b/docs/OPERATION @@ -0,0 +1,64 @@ +$Id$ -*- Text -*- + +Preliminary operation instructions for rpkid et al. These are the +production-side RPKI tools, for Internet Registries (RIRs, LIRs, etc). +See ../rcynic/README for relying party tools. + +See INSTALLATION for how to install the software. + +At present the package is intended to be run out of the scripts +directory. + +In addition to the library routines in the scripts/rpki/ directory, +the package includes the following programs: + +rpkid.py The main RPKI engine daemon + +rootd.py A separate daemon for handling the root of an RPKI + certificate tree. This is essentially a stripped down + version of rpkid with no SQL database, no left-right + protocol implementation, and only the parent side of + the up-down protocol. It's separate because the root + is a special case in several ways and it was simpler + to keep the special cases out of the main daemon. + +irdb.py A sample implementation of an IR database daemon. + rpkid calls into this to perform lookups via the + left-right protocol. + +irbe-cli.py A command-line client for the left-right control + protocol. + +irbe-setup.py An example of a script to set up the mappings between + the IRDB and rpkid's own database, using the + left-right control protocol. + +http-client.py A trivial HTTP client, originally written for testing, + now used to drive rpkid cron events. + +testbed.py A test tool for running a collection of rpkid and irdb + instances under common control, driven by a unified + test script. + +testpoke.py A simple client for the up-down protocol, mostly + compatable with APNIC's rpki_poke.pl tool. + +Most of these programs take configuration files in a common format. +The test programs also take input in YAML format to drive the tests. +Configuration files are described below. + +Basic operation consists of creating the appropriate MySQL databases, +starting rpkid, rootd, and irdbd, using the left-right control +protocol to set up rpkid's internal state, and setting up a cron job +to invoke rpkid's cron action at regular intervals. All other +operations should occur either as a result of cron events or as a +result of incoming left-right and up-down protocol requests. + +Note that the publication protocol hasn't yet been written. At the +moment rpkid just writes its outputs to a local directory. + +Note that the full event-driven model for rpkid hasn't yet been +implemented. The design is intended to allow an arbitrary number of +hosted RPKI engines to run in a single rpkid instance, but without the +event-driven tasking model one has to set up a separate rpkid instance +for each hosted RPKI engine. |