[Kea-users] kea-2.2.0 - HA cluster - communication between stork and dhcp4 gets lost
Darren Ankney
darren.ankney at gmail.com
Fri Jun 23 11:01:15 UTC 2023
Hi Stefan,
I imagine your socket file is being removed during routine OS cleaning
of /tmp/ I would not store it there in production (I do often do that
in testing, however). If the socket file gets removed, Kea will not
recreate it until a restart.
Thank you,
Darren Ankney
On Fri, Jun 23, 2023 at 4:21 AM Stefan G. Weichinger <lists at xunil.at> wrote:
>
> Am 22.06.23 um 19:35 schrieb Eric Graham:
> > Check the permissions of the control socket on your server:
> >
> > * Confirm that the Kea control agent can read it * Confirm that
> > SELinux is not denying the attempt
>
> Eric, thanks for your help.
>
> If it works most of the time ... why wouldn't the permissions be OK then?
>
> OK:
>
> root at adc1:/etc/kea# ls -l /tmp/kea4*
> srwxr-xr-x 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket
> -rw------- 1 _kea _kea 0 22. Jun 07:35 /tmp/kea4-ctrl-socket.lock
>
>
> root at adc2:/etc/kea# ls -l /tmp/kea4*
> srwxr-xr-x 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket
> -rw------- 1 _kea _kea 0 17. Mai 08:18 /tmp/kea4-ctrl-socket.lock
>
> SElinux: don't know how to check that right now ...
>
>
> > Your control agent on the other server isn't configured to connect to
> > the socket for dhcp4 on your primary server, correct?
>
> As far as I understand, no.
>
> I add the whole file just to be safe here:
>
> root at adc1:/etc/kea# cat kea-ctrl-agent.conf
> // This is a basic configuration for the Kea Control Agent.
> //
> // This is just a very basic configuration. Kea comes with large suite
> (over 30)
> // of configuration examples and extensive Kea User's Guide. Please refer to
> // those materials to get better understanding of what this software is
> able to
> // do. Comments in this configuration file sometimes refer to sections
> for more
> // details. These are section numbers in Kea User's Guide. The version
> matching
> // your software should come with your Kea package, but it is also available
> // in ISC's Knowledgebase (https://kea.readthedocs.io; the direct link for
> // the stable version is https://kea.readthedocs.io/).
> //
> // This configuration file contains only Control Agent's configuration.
> // If configurations for other Kea services are also included in this
> file they
> // are ignored by the Control Agent.
> {
>
> // This is a basic configuration for the Kea Control Agent.
> // RESTful interface to be available at http://127.0.0.1:8000/
> "Control-agent": {
> "http-host": "10.0.0.231",
> // If enabling HA and multi-threading, the 8000 port is used by the HA
> // hook library http listener. When using HA hook library with
> // multi-threading to function, make sure the port used by dedicated
> // listener is different (e.g. 8001) than the one used by CA. Note
> // the commands should still be sent via CA. The dedicated listener
> // is specifically for HA updates only.
> "http-port": 8000,
>
> "authentication": {
> "type": "basic",
> "realm": "kea-control-agent",
> "clients": [
> {
> "user": "admin",
> "password": "X-dEldmfRz"
> } ]
> },
>
> // Specify location of the files to which the Control Agent
> // should connect to forward commands to the DHCPv4, DHCPv6
> // and D2 servers via unix domain sockets.
> "control-sockets": {
> "dhcp4": {
> "socket-type": "unix",
> "socket-name": "/tmp/kea4-ctrl-socket"
> }
> # "dhcp6": {
> # "socket-type": "unix",
> # "socket-name": "/tmp/kea6-ctrl-socket"
> # },
> # "d2": {
> # "socket-type": "unix",
> # "socket-name": "/tmp/kea-ddns-ctrl-socket"
> # }
> },
>
> // Specify hooks libraries that are attached to the Control Agent.
> // Such hooks libraries should support 'control_command_receive'
> // hook point. This is currently commented out because it has to
> // point to the existing hooks library. Otherwise the Control
> // Agent will fail to start.
> "hooks-libraries": [
> // {
> // "library":
> "/usr/lib/x86_64-linux-gnu/kea/hooks/control-agent-commands.so",
> // "parameters": {
> // "param1": "foo"
> // }
> // }
> ],
>
> // Logging configuration starts here. Kea uses different loggers to log
> various
> // activities. For details (e.g. names of loggers), see Chapter 18.
> "loggers": [
> {
> // This specifies the logging for Control Agent daemon.
> "name": "kea-ctrl-agent",
> "output_options": [
> {
> // Specifies the output file. There are several special
> values
> // supported:
> // - stdout (prints on standard output)
> // - stderr (prints on standard error)
> // - syslog (logs to syslog)
> // - syslog:name (logs to syslog using specified name)
> // Any other value is considered a name of the file
> "output": "stdout",
>
> // Shorter log pattern suitable for use with systemd,
> // avoids redundant information
> "pattern": "%-5p %m\n"
>
> // This governs whether the log output is flushed to
> disk after
> // every write.
> // "flush": false,
>
> // This specifies the maximum size of the file before it is
> // rotated.
> // "maxsize": 1048576,
>
> // This specifies the maximum number of rotated files
> to keep.
> // "maxver": 8
> }
> ],
> // This specifies the severity of log messages to keep.
> Supported values
> // are: FATAL, ERROR, WARN, INFO, DEBUG
> "severity": "INFO",
>
> // If DEBUG level is specified, this value is used. 0 is least
> verbose,
> // 99 is most verbose. Be cautious, Kea can generate lots and lots
> // of logs if told to do so.
> "debuglevel": 0
> }
> ]
> }
> }
>
>
> It looks at the local socket in /tmp, right?
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
More information about the Kea-users
mailing list