[Kea-users] Kea HA Heartbeat Failure
duluxoz
duluxoz at gmail.com
Thu Jan 26 08:26:08 UTC 2023
Hi All,
Looking for some pointers on an issue we've got.
TL:DR: Our Kea HA Servers' Heartbeat not connecting - permissions issue.
So we've got to Kea servers (v2.2) running on two Rocky Linux v9.1
servers. Clients are getting IP Addresses (both dynamic and reserved)
and keactrl works fine, etc. But we're getting the following error
messages showing up in the logs:
~~~
2023-01-26 16:20:37.013 WARN [kea-dhcp4.ha-hooks/7896.140594097562496]
HA_HEARTBEAT_FAILED heartbeat to kea_dhcp_2 (http://192.168.1.3:8000/)
failed: Unauthorized, error code 1
2023-01-26 16:20:37.013 WARN [kea-dhcp4.ha-hooks/7896.140594097562496]
HA_COMMUNICATION_INTERRUPTED communication with kea_dhcp_2 is interrupted
~~~
Its not SELinux (we turned off SELinux and the problem persisted).
Its not firewalld (we think) - ie the ports are opened, confirmed by
netstat.
We are using the default port of 8000 for keactrl and the heartbeat (I
assume this is OK, as the doco seems to imply that it is).
keactrl is using a basic authentication with a pre-shared key, and we've
checked that its the same on both servers.
We've bound port 8000 to the actual IPv4 address of the server (not
127.0.0.1). We originally had it bound to the loopback address, and we
were getting "connection refused" errors, so we bound it to the real IP
Address and not we're getting the above error.
The two servers' IP Addresses are in the correct "allow" statement, and
when we removed the allow statement from the config (ie opened up
connection to all) we still had the same problem.
Finally, our config files are practically the same as those shown on
numerous websites and in the official doco and sample files - with the
relevant details changed (ie IP Addresses, etc) - I can post them here
if required, but I'm loath to fill up a post with irrelevant info unless
requested. :-)
So, any pointers would be appreciated
Cheers
Dulux-Oz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20230126/a57cbf71/attachment.htm>
More information about the Kea-users
mailing list