summaryrefslogtreecommitdiffstats
path: root/doc/examples/kea6
diff options
context:
space:
mode:
authorRazvan Becheriu <razvan@isc.org>2022-08-20 18:36:07 +0200
committerRazvan Becheriu <razvan@isc.org>2022-08-27 09:15:39 +0200
commit05366c117a28ff6072fe1d8cd7532fa219c0bb27 (patch)
treeb7b2a703498674dffd07500511971598ff54444d /doc/examples/kea6
parent[#2537] add ChangeLog entry (diff)
downloadkea-05366c117a28ff6072fe1d8cd7532fa219c0bb27.tar.xz
kea-05366c117a28ff6072fe1d8cd7532fa219c0bb27.zip
[#2441] added HA+MT and HA+MT+TLS examples
Diffstat (limited to 'doc/examples/kea6')
-rw-r--r--doc/examples/kea6/ha-hot-standby-server1-with-tls.json164
-rw-r--r--doc/examples/kea6/ha-hot-standby-server2.json (renamed from doc/examples/kea6/ha-hot-standby.json)83
2 files changed, 209 insertions, 38 deletions
diff --git a/doc/examples/kea6/ha-hot-standby-server1-with-tls.json b/doc/examples/kea6/ha-hot-standby-server1-with-tls.json
new file mode 100644
index 0000000000..ac5c63eb74
--- /dev/null
+++ b/doc/examples/kea6/ha-hot-standby-server1-with-tls.json
@@ -0,0 +1,164 @@
+// This is an example configuration of the Kea DHCPv6 server. It uses High
+// Availability hooks library and Lease Commands hooks library to enable
+// High Availability function for the DHCP server. Note that almost exactly
+// the same configuration must be used on the second server (partner).
+// The only difference is that "this-server-name" must be set to "server2"
+// on this other server. Also, the interface configuration and location of TLS
+// specific files depend on the network settings and configuration of the
+// particular machine.
+//
+// The servers using this configuration work in hot standby mode.
+{
+
+// DHCPv6 configuration starts here.
+"Dhcp6": {
+ // Add names of your network interfaces to listen on.
+ "interfaces-config": {
+ // The DHCPv6 server listens on this interface.
+ "interfaces": [ "eth0" ]
+ },
+
+ // Control socket is required for communication between the Control
+ // Agent and the DHCP server. High Availability requires Control Agent
+ // to be running because lease updates are sent over the RESTful
+ // API between the HA peers.
+ "control-socket": {
+ "socket-type": "unix",
+ "socket-name": "/tmp/kea6-ctrl-socket"
+ },
+
+ // Use Memfile lease database backend to store leases in a CSV file.
+ // Depending on how Kea was compiled, it may also support SQL databases
+ // (MySQL and/or PostgreSQL). Those database backends require more
+ // parameters, like name, host and possibly user and password.
+ // There are dedicated examples for each backend. See Section 7.2.2 "Lease
+ // Storage" for details.
+ "lease-database": {
+ // Memfile is the simplest and easiest backend to use. It's an in-memory
+ "type": "memfile"
+ },
+
+ // HA requires two hooks libraries to be loaded: libdhcp_lease_cmds.so and
+ // libdhcp_ha.so. The former handles incoming lease updates from the HA peers.
+ // The latter implements high availability feature for Kea.
+ "hooks-libraries": [
+ // The lease_cmds library must be loaded because HA makes use of it to
+ // deliver lease updates to the server as well as synchronize the
+ // lease database after failure.
+ {
+ "library": "/opt/lib/kea/hooks/libdhcp_lease_cmds.so",
+ "parameters": { }
+ },
+ {
+ // The HA hooks library should be loaded.
+ "library": "/opt/lib/kea/hooks/libdhcp_ha.so",
+ "parameters": {
+ // High Availability configuration is specified for the HA hook library.
+ // Each server should have the same HA configuration, except for the
+ // "this-server-name" parameter.
+ "high-availability": [ {
+ // This parameter points to this server instance. The respective
+ // HA peers must have this parameter set to their own names.
+ "this-server-name": "server1",
+ // The HA mode is set to hot-standby. This server will receive lease
+ // updates from the primary. The primary will be responding to all
+ // DHCP queries.
+ "mode": "hot-standby",
+ // Heartbeat is to be sent every 10 seconds if no other control
+ // commands are transmitted.
+ "heartbeat-delay": 10000,
+ // Maximum time for partner's response to a heartbeat, after which
+ // failure detection is started. This is specified in milliseconds.
+ "max-response-delay": 60000,
+ // The following parameters control how the server detects the
+ // partner's failure. The ACK delay sets the threshold for the
+ // 'secs' field of the received discovers. This is specified in
+ // milliseconds.
+ "max-ack-delay": 5000,
+ // This specifies the number of clients which send messages to
+ // the partner but appear to not receive any response.
+ "max-unacked-clients": 5,
+ // Trust anchor aka certificate authority file or directory.
+ "trust-anchor": "/usr/lib/kea/CA.pem",
+ // Client certificate file name.
+ "cert-file": "/usr/lib/kea/server_cert.pem",
+ // Private key file name.
+ "key-file": "/usr/lib/kea/server_key.pem",
+ "peers": [
+ // This is the configuration of our HA peer.
+ {
+ "name": "server1",
+ // Specifies the URL on which the partner's control
+ // channel can be reached. The Control Agent is required
+ // to run on the partner's machine with "http-host" and
+ // "http-port" values set to the corresponding values.
+ "url": "http://192.168.56.33:8000/",
+ // The partner is primary. Our is standby.
+ "role": "primary"
+ },
+ // This is the configuration of this server instance.
+ {
+ "name": "server2",
+ // This specifies the URL of our server instance. The
+ // Control Agent must run along with our DHCPv6 server
+ // instance and the "http-host" and "http-port" must be
+ // set to the corresponding values.
+ "url": "http://192.168.56.66:8000/",
+ // Out server is standby. The partner is primary.
+ "role": "standby"
+ }
+ ]
+ } ]
+ }
+ }
+ ],
+
+ // The following list defines subnets. Each subnet consists of at
+ // least subnet and pool entries.
+ "subnet6": [
+ {
+ "subnet": "2001:db8:1::/64",
+
+ "pools": [
+ {
+ "pool": "2001:db8:1::100 - 2001:db8:1::250"
+ }
+ ],
+
+ "interface": "eth0"
+ }
+ ],
+
+// The following configures logging. It assumes that messages with at
+// least informational level (info, warn, error and fatal) should be
+// logged to stdout. Alternatively, you can specify stderr here, a filename
+// or 'syslog', which will store output messages via syslog.
+ "loggers": [
+ {
+ // This section affects kea-dhcp6, which is the base logger for DHCPv6
+ // component. It tells DHCPv6 server to write all log messages (on
+ // severity INFO or more) to a file.
+ "name": "kea-dhcp6",
+ "output_options": [
+ {
+ "output": "stdout"
+ }
+ ],
+ "severity": "INFO",
+ "debuglevel": 0
+ },
+ {
+ // This section specifies configuration of the HA hooks library specific
+ // logger.
+ "name": "kea-dhcp6.ha-hooks",
+ "output_options": [
+ {
+ "output": "stdout"
+ }
+ ],
+ "severity": "INFO",
+ "debuglevel": 99
+ }
+ ]
+}
+}
diff --git a/doc/examples/kea6/ha-hot-standby.json b/doc/examples/kea6/ha-hot-standby-server2.json
index a0752d5e4d..1b9d3dde00 100644
--- a/doc/examples/kea6/ha-hot-standby.json
+++ b/doc/examples/kea6/ha-hot-standby-server2.json
@@ -6,12 +6,14 @@
// on this other server. Also, the interface configuration depends on the
// network settings of the particular machine.
//
-// The servers using this configuration work in hot standby mode..
-{ "Dhcp6":
-
+// The servers using this configuration work in hot standby mode.
{
-// Kea is told to listen on eth0 interface only.
+
+// DHCPv6 configuration starts here.
+"Dhcp6": {
+ // Add names of your network interfaces to listen on.
"interfaces-config": {
+ // The DHCPv6 server listens on this interface.
"interfaces": [ "eth0" ]
},
@@ -31,7 +33,7 @@
// There are dedicated examples for each backend. See Section 7.2.2 "Lease
// Storage" for details.
"lease-database": {
- // Memfile is the simplest and easiest backend to use. It's a in-memory
+ // Memfile is the simplest and easiest backend to use. It's an in-memory
"type": "memfile"
},
@@ -39,6 +41,9 @@
// libdhcp_ha.so. The former handles incoming lease updates from the HA peers.
// The latter implements high availability feature for Kea.
"hooks-libraries": [
+ // The lease_cmds library must be loaded because HA makes use of it to
+ // deliver lease updates to the server as well as synchronize the
+ // lease database after failure.
{
"library": "/opt/lib/kea/hooks/libdhcp_lease_cmds.so",
"parameters": { }
@@ -73,30 +78,30 @@
// the partner but appear to not receive any response.
"max-unacked-clients": 5,
"peers": [
- // This is the configuration of our HA peer.
- {
- "name": "server1",
- // Specifies the URL on which the partner's control
- // channel can be reached. The Control Agent is required
- // to run on the partner's machine with "http-host" and
- // "http-port" values set to the corresponding values.
- "url": "http://192.168.56.33:8000/",
- // Th partner is primary. Our is standby.
- "role": "primary"
- },
- // This is the configuration of this server instance.
- {
- "name": "server2",
- // This specifies the URL of our server instance. The
- // Control Agent must run along with our DHCPv6 server
- // instance and the "http-host" and "http-port" must be
- // set to the corresponding values.
- "url": "http://192.168.56.66:8000/",
- // Out server is standby. The partner is primary.
- "role": "standby"
- }
- ]
- } ]
+ // This is the configuration of our HA peer.
+ {
+ "name": "server1",
+ // Specifies the URL on which the partner's control
+ // channel can be reached. The Control Agent is required
+ // to run on the partner's machine with "http-host" and
+ // "http-port" values set to the corresponding values.
+ "url": "http://192.168.56.33:8000/",
+ // The partner is primary. Our is standby.
+ "role": "primary"
+ },
+ // This is the configuration of this server instance.
+ {
+ "name": "server2",
+ // This specifies the URL of our server instance. The
+ // Control Agent must run along with our DHCPv6 server
+ // instance and the "http-host" and "http-port" must be
+ // set to the corresponding values.
+ "url": "http://192.168.56.66:8000/",
+ // Out server is standby. The partner is primary.
+ "role": "standby"
+ }
+ ]
+ } ]
}
}
],
@@ -105,17 +110,17 @@
// least subnet and pool entries.
"subnet6": [
{
- "subnet": "2001:db8:1::/64",
+ "subnet": "2001:db8:1::/64",
- "pools": [
+ "pools": [
{
"pool": "2001:db8:1::100 - 2001:db8:1::250"
}
- ],
+ ],
"interface": "eth0"
- }
- ],
+ }
+ ],
// The following configures logging. It assumes that messages with at
// least informational level (info, warn, error and fatal) should be
@@ -123,19 +128,22 @@
// or 'syslog', which will store output messages via syslog.
"loggers": [
{
+ // This section affects kea-dhcp6, which is the base logger for DHCPv6
+ // component. It tells DHCPv6 server to write all log messages (on
+ // severity INFO or more) to a file.
"name": "kea-dhcp6",
"output_options": [
{
"output": "stdout"
}
],
- "debuglevel": 0,
- "severity": "INFO"
+ "severity": "INFO",
+ "debuglevel": 0
},
{
// This section specifies configuration of the HA hooks library specific
// logger.
- "name": "kea-dhcp4.ha-hooks",
+ "name": "kea-dhcp6.ha-hooks",
"output_options": [
{
"output": "stdout"
@@ -146,5 +154,4 @@
}
]
}
-
}