[Kea-users] kea-2.2.0 - HA cluster - communication between stork and dhcp4 gets lost
Stefan G. Weichinger
lists at xunil.at
Fri Jun 23 08:20:49 UTC 2023
Am 22.06.23 um 19:35 schrieb Eric Graham:
> Check the permissions of the control socket on your server:
>
> * Confirm that the Kea control agent can read it * Confirm that
> SELinux is not denying the attempt
Eric, thanks for your help.
If it works most of the time ... why wouldn't the permissions be OK then?
OK:
root at adc1:/etc/kea# ls -l /tmp/kea4*
srwxr-xr-x 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket
-rw------- 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket.lock
root at adc2:/etc/kea# ls -l /tmp/kea4*
srwxr-xr-x 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket
-rw------- 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket.lock
SElinux: don't know how to check that right now ...
> Your control agent on the other server isn't configured to connect to
> the socket for dhcp4 on your primary server, correct?
As far as I understand, no.
I add the whole file just to be safe here:
root at adc1:/etc/kea# cat kea-ctrl-agent.conf
// This is a basic configuration for the Kea Control Agent.
//
// This is just a very basic configuration. Kea comes with large suite
(over 30)
// of configuration examples and extensive Kea User's Guide. Please refer to
// those materials to get better understanding of what this software is
able to
// do. Comments in this configuration file sometimes refer to sections
for more
// details. These are section numbers in Kea User's Guide. The version
matching
// your software should come with your Kea package, but it is also available
// in ISC's Knowledgebase (https://kea.readthedocs.io; the direct link for
// the stable version is https://kea.readthedocs.io/).
//
// This configuration file contains only Control Agent's configuration.
// If configurations for other Kea services are also included in this
file they
// are ignored by the Control Agent.
{
// This is a basic configuration for the Kea Control Agent.
// RESTful interface to be available at http://127.0.0.1:8000/
"Control-agent": {
"http-host": "10.0.0.231",
// If enabling HA and multi-threading, the 8000 port is used by the HA
// hook library http listener. When using HA hook library with
// multi-threading to function, make sure the port used by dedicated
// listener is different (e.g. 8001) than the one used by CA. Note
// the commands should still be sent via CA. The dedicated listener
// is specifically for HA updates only.
"http-port": 8000,
"authentication": {
"type": "basic",
"realm": "kea-control-agent",
"clients": [
{
"user": "admin",
"password": "X-dEldmfRz"
} ]
},
// Specify location of the files to which the Control Agent
// should connect to forward commands to the DHCPv4, DHCPv6
// and D2 servers via unix domain sockets.
"control-sockets": {
"dhcp4": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
}
# "dhcp6": {
# "socket-type": "unix",
# "socket-name": "/tmp/kea6-ctrl-socket"
# },
# "d2": {
# "socket-type": "unix",
# "socket-name": "/tmp/kea-ddns-ctrl-socket"
# }
},
// Specify hooks libraries that are attached to the Control Agent.
// Such hooks libraries should support 'control_command_receive'
// hook point. This is currently commented out because it has to
// point to the existing hooks library. Otherwise the Control
// Agent will fail to start.
"hooks-libraries": [
// {
// "library":
"/usr/lib/x86_64-linux-gnu/kea/hooks/control-agent-commands.so",
// "parameters": {
// "param1": "foo"
// }
// }
],
// Logging configuration starts here. Kea uses different loggers to log
various
// activities. For details (e.g. names of loggers), see Chapter 18.
"loggers": [
{
// This specifies the logging for Control Agent daemon.
"name": "kea-ctrl-agent",
"output_options": [
{
// Specifies the output file. There are several special
values
// supported:
// - stdout (prints on standard output)
// - stderr (prints on standard error)
// - syslog (logs to syslog)
// - syslog:name (logs to syslog using specified name)
// Any other value is considered a name of the file
"output": "stdout",
// Shorter log pattern suitable for use with systemd,
// avoids redundant information
"pattern": "%-5p %m\n"
// This governs whether the log output is flushed to
disk after
// every write.
// "flush": false,
// This specifies the maximum size of the file before it is
// rotated.
// "maxsize": 1048576,
// This specifies the maximum number of rotated files
to keep.
// "maxver": 8
}
],
// This specifies the severity of log messages to keep.
Supported values
// are: FATAL, ERROR, WARN, INFO, DEBUG
"severity": "INFO",
// If DEBUG level is specified, this value is used. 0 is least
verbose,
// 99 is most verbose. Be cautious, Kea can generate lots and lots
// of logs if told to do so.
"debuglevel": 0
}
]
}
}
It looks at the local socket in /tmp, right?
More information about the Kea-users
mailing list