kea: add ddns support

kea: add more subnets, pools and reservations
kea: define options and classes for dect-rfps and voip-phones
2024-05-28 17:48:42 +02:00 · 2024-05-21 22:51:41 +02:00 · 2024-05-21 22:44:43 +02:00 · 2024-05-21 22:44:43 +02:00 · 2024-05-21 22:44:40 +02:00 · 2024-05-21 22:44:34 +02:00
5 changed files with 591 additions and 0 deletions
--- a/roles/kea/handlers/main.yml
+++ b/roles/kea/handlers/main.yml
@ -0,0 +1,10 @@
 ---
 - name: Restart kea-dhcp4-server
  service: name=kea-dhcp4-server state=restarted
 - name: Restart kea-dhcp-ddns-server
  service: name=kea-dhcp-ddns-server state=restarted
 - name: Restart kea-ctrl-agent
  service: name=kea-ctrl-agent state=restarted
--- a/roles/kea/tasks/main.yml
+++ b/roles/kea/tasks/main.yml
@ -0,0 +1,38 @@
 ---
 - name: Install the kea dhcp server
  apt:
    name:
    - kea-ctrl-agent
    - kea-dhcp4-server
    - kea-dhcp-ddns-server
 - name: Configure the kea dhcp4 server
  template:
    src: kea/kea-dhcp4.conf.j2
    dest: /etc/kea/kea-dhcp4.conf
 #   validate: kea-dhcp4 -t %s
  notify: Restart kea-dhcp4-server
 - name: Start the kea dhcp4 server
  service: name=kea-dhcp4-server state=started enabled=yes
 - name: Configure the kea dhcp-ddns server
  template:
    src: kea/kea-dhcp-ddns.conf.j2
    dest: /etc/kea/kea-dhcp-ddns.conf
 #   validate: kea-dhcp-ddns -t %s
  notify: Restart kea-dhcp-ddns-server
 - name: Start the kea dhcp-ddns server
  service: name=kea-dhcp-ddns-server state=started enabled=yes
 - name: Configure the kea control agent
  template:
    src: kea/kea-ctrl-agent.conf.j2
    dest: /etc/kea/kea-ctrl-agent.conf
 #   validate: kea-ctrl-agent -t %s
  notify: Restart kea-ctrl-agent
 - name: Start the kea control agent
  service: name=kea-ctrl-agent state=started enabled=yes
--- a/roles/kea/templates/kea/kea-ctrl-agent.conf.j2
+++ b/roles/kea/templates/kea/kea-ctrl-agent.conf.j2
@ -0,0 +1,37 @@
 {
    "Control-agent":
    {
        "http-host": "0.0.0.0",
        "http-port": 8000,
        "control-sockets":
        {
            "dhcp4":
            {
                "comment": "socket to DHCP4 server",
                "socket-type": "unix",
                "socket-name": "/tmp/kea4-ctrl-socket"
            },
            "d2":
            {
                "socket-type": "unix",
                "socket-name": "/tmp/kea-ddns-ctrl-socket",
                "user-context": { "in-use": false }
            }
        },
        "loggers": [
            {
                "name": "kea-ctrl-agent",
                "output_options": [
                    {
                        "output": "stdout",
                        "pattern": "%-5p %m\n"
                    }
                ],
                "severity": "INFO",
                "debuglevel": 0
            }
        ]
    }
 }
--- a/roles/kea/templates/kea/kea-dhcp-ddns.conf.j2
+++ b/roles/kea/templates/kea/kea-dhcp-ddns.conf.j2
@ -0,0 +1,38 @@
 {
 "DhcpDdns": {
    "ip-address": "127.0.0.1",
    "port": 53001,
    "control-socket": {
        "socket-type": "unix",
      "socket-name": "/run/kea/kea-ddns-ctrl-socket"
    },
    "forward-ddns": {
        "ddns-domains": [
            {
                "name": "users.binary.kitchen.",
                "dns-servers": [
                    { "ip-address": "{{ dns_primary }}" }
                ]
            }
        ]
    },
    "reverse-ddns": {
    },
    "loggers": [
        {
            "name": "kea-dhcp4",
            "output_options": [
                {
                    "output": "stdout",
                    "pattern": "%-5p %m\n"
                }
            ],
            "severity": "INFO",
            "debuglevel": 0
        }
    ]
 }
 }
--- a/roles/kea/templates/kea/kea-dhcp4.conf.j2
+++ b/roles/kea/templates/kea/kea-dhcp4.conf.j2
@ -0,0 +1,468 @@
 {
 "Dhcp4": {
    "interfaces-config": {
        "interfaces": [ "{{ ansible_default_ipv4['interface'] }}" ]
    },
    "control-socket": {
        "socket-type": "unix",
        "socket-name": "/run/kea/kea4-ctrl-socket"
    },
    "dhcp-ddns": {
        "enable-updates": true,
        "server-ip": "127.0.0.1",
        "server-port": 53001,
        "sender-ip": "",
        "sender-port": 0,
        "max-queue-size": 1024,
        "ncr-protocol": "UDP",
        "ncr-format": "JSON"
    },
    "hooks-libraries": [
        {
            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so"
        },
        {
            "library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
            "parameters": {
                "high-availability": [ {
                    "this-server-name": "{{ inventory_hostname.split('.')[0] }}",
                    "mode": "hot-standby",
                    "heartbeat-delay": 10000,
                    "max-response-delay": 60000,
                    "max-ack-delay": 5000,
                    "max-unacked-clients": 5,
                    "sync-timeout": 60000,
                    "peers": [
                        {
                            "name": "{{ lookup('dig', dhcpd_primary+'/PTR', '@'+dns_primary).split('.')[0] }}",
                            "url": "http://{{ dhcpd_primary }}:8000/",
                            "role": "primary"
                        },
                        {
                            "name": "{{ lookup('dig', dhcpd_secondary+'/PTR', '@'+dns_primary).split('.')[0] }}",
                            "url": "http://{{ dhcpd_secondary }}:8000/",
                            "role": "standby"
                        }
                    ]
                } ]
            }
        }
    ],
    "lease-database": {
        "type": "memfile",
        "lfc-interval": 3600
    },
    "expired-leases-processing": {
        "reclaim-timer-wait-time": 10,
        "flush-reclaimed-timer-wait-time": 25,
        "hold-reclaimed-time": 3600,
        "max-reclaim-leases": 100,
        "max-reclaim-time": 250,
        "unwarned-reclaim-cycles": 5
    },
    "renew-timer": 900,
    "rebind-timer": 1800,
    "valid-lifetime": 3600,
    "option-def": [
        {
            "code": 43,
            "encapsulate": "sipdect",
            "name": "vendor-encapsulated-options",
            "space": "dhcp4",
            "type": "empty"
        },
        {
            "code": 10,
            "name": "ommip1",
            "space": "sipdect",
            "type": "ipv4-address"
        },
        {
            "code": 19,
            "name": "ommip2",
            "space": "sipdect",
            "type": "ipv4-address"
        },
        {
            "code": 14,
            "name": "syslogip",
            "space": "sipdect",
            "type": "ipv4-address"
        },
        {
            "code": 15,
            "name": "syslogport",
            "space": "sipdect",
            "type": "int16"
        },
        {
            "code": 224,
            "name": "magic_str",
            "space": "dhcp4",
            "type": "string"
        }
    ],
    "option-data": [
        {
            "name": "domain-name-servers",
            "data": "{{ name_servers | join(', ') }}"
        },
        {
            "name": "domain-name",
            "data": "binary.kitchen"
        },
        {
            "name": "domain-search",
            "data": "binary.kitchen"
        }
    ],
    "client-classes": [
        {
            "name": "voip-phone",
            "option-data": [
                {
                    "name": "tftp-server-name",
                    "data": "172.23.2.36"
                }
            ]
        },
        {
            "name": "dect-rfp",
            "option-data": [
                {
                    "name": "vendor-encapsulated-options"
                },
                {
                    "data": "172.23.2.35",
                    "name": "ommip1",
                    "space": "sipdect"
                },
                {
                    "data": "OpenMobilitySIP-DECT",
                    "name": "magic_str"
                }
            ]
        }
    ],
    "subnet4": [
        {
            "subnet": "172.23.1.0/24",
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.1.1"
                }
            ],
            "reservations": [
                {
                    "hw-address": "44:48:c1:ce:a9:00",
                    "ip-address": "172.23.1.41",
                    "hostname": "ap01"
                },
                {
                    "hw-address": "74:9e:75:ce:93:54",
                    "ip-address": "172.23.1.44",
                    "hostname": "ap04"
                },
                {
                    "hw-address": "bc:9f:e4:c3:6f:aa",
                    "ip-address": "172.23.1.45",
                    "hostname": "ap05"
                },
                {
                    "hw-address": "94:b4:0f:c0:1d:a0",
                    "ip-address": "172.23.1.46",
                    "hostname": "ap06"
                },
                {
                    "hw-address": "00:30:42:1B:73:5A",
                    "ip-address": "172.23.1.111",
                    "client-classes": [ "dect-rfp" ],
                    "hostname": "rfp01"
                },
                {
                    "hw-address": "00:30:42:21:D4:D5",
                    "ip-address": "172.23.1.112",
                    "client-classes": [ "dect-rfp" ],
                    "hostname": "rfp02"
                }
            ]
        },
        {
            "subnet": "172.23.2.0/24",
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.2.1"
                }
            ],
            "reservations": [
                {
                    "hw-address": "b8:27:eb:d8:b9:ad",
                    "ip-address": "172.23.2.12",
                    "hostname": "lock"
                },
                {
                    "hw-address": "b8:27:eb:ed:22:58",
                    "ip-address": "172.23.2.13",
                    "hostname": "matrix"
                },
                {
                    "hw-address": "08:00:37:B8:55:44",
                    "ip-address": "172.23.2.91",
                    "hostname": "strammermax"
                },
                {
                    "hw-address": "ec:9a:74:35:35:cf",
                    "ip-address": "172.23.2.92",
                    "hostname": "obatzda"
                }
            ]
        },
        {
            "subnet": "172.23.3.0/24",
            "pools": [ { "pool": "172.23.3.10 - 172.23.3.230" } ],
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.3.1"
                },
                {
                    "name": "domain-search",
                    "data": "binary.kitchen, users.binary.kitchen"
                }
            ],
            "ddns-send-updates": true,
            "ddns-override-client-update": true,
            "ddns-override-no-update": true,
            "ddns-qualifying-suffix": "users.binary.kitchen",
            "ddns-generated-prefix": "dhcp",
            "ddns-replace-client-name": "when-not-present",
            "ddns-update-on-renew": true,
            "reservations": [
                {
                    "hw-address": "b8:27:eb:18:5c:11",
                    "ip-address": "172.23.3.250",
                    "hostname": "cannelloni"
                },
                {
                    "hw-address": "b8:27:eb:1d:b9:bf",
                    "ip-address": "172.23.3.240",
                    "hostname": "fusilli"
                },
                {
                    "hw-address": "74:da:38:6e:e6:9d",
                    "ip-address": "172.23.3.241",
                    "hostname": "klopi"
                },
                {
                    "hw-address": "b8:27:eb:f5:9e:a1",
                    "ip-address": "172.23.3.246",
                    "hostname": "maccaroni"
                },
                {
                    "hw-address": "74:da:38:7d:ed:84",
                    "ip-address": "172.23.3.244",
                    "hostname": "mirror"
                },
                {
                    "hw-address": "b8:27:eb:0f:d3:8b",
                    "ip-address": "172.23.3.242",
                    "hostname": "mpcnc"
                },
                {
                    "hw-address": "b8:27:eb:56:2b:7c",
                    "ip-address": "172.23.3.251",
                    "hostname": "noodlehub"
                },
                {
                    "hw-address": "b8:27:eb:eb:e5:88",
                    "ip-address": "172.23.3.245",
                    "hostname": "spaghetti"
                },
                {
                    "hw-address": "00:1D:45:B6:99:2F",
                    "hostname": "voip01",
                    "client-classes": [ "voip-phone" ]
                },
                {
                    "hw-address": "00:1D:A2:66:B8:3E",
                    "hostname": "voip02",
                    "client-classes": [ "voip-phone" ]
                },
                {
                    "hw-address": "00:1E:BE:90:FB:DB",
                    "hostname": "voip03",
                    "client-classes": [ "voip-phone" ]
                },
                {
                    "hw-address": "00:1E:BE:90:FF:06",
                    "hostname": "voip04",
                    "client-classes": [ "voip-phone" ]
                }
            ]
        },
        {
            "subnet": "172.23.4.0/24",
            "pools": [ { "pool": "172.23.4.10 - 172.23.4.240" } ],
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.4.1"
                }
            ],
            "reservations": [
                {
                    "hw-address": "b8:27:eb:b6:62:be",
                    "ip-address": "172.23.4.241",
                    "hostname": "habdisplay1"
                },
                {
                    "hw-address": "b8:27:eb:df:0b:7b",
                    "ip-address": "172.23.4.242",
                    "hostname": "habdisplay2"
                },
                {
                    "hw-address": "dc:a6:32:bf:e2:3e",
                    "ip-address": "172.23.4.251",
                    "hostname": "openhabgw1"
                }
            ]
        },
        {
            "subnet": "172.23.12.0/24",
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.12.1"
                }
            ],
            "reservations": [
                {
                    "hw-address": "18:64:72:c6:c2:0c",
                    "ip-address": "172.23.12.41",
                    "hostname": "ap11"
                },
                {
                    "hw-address": "18:64:72:c6:c4:98",
                    "ip-address": "172.23.12.42",
                    "hostname": "ap12"
                },
                {
                    "hw-address": "00:30:42:1B:8B:9B",
                    "ip-address": "172.23.12.111",
                    "client-classes": [ "dect-rfp" ],
                    "hostname": "rfp11"
                }
            ]
        },
        {
            "subnet": "172.23.13.0/24",
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.13.1"
                }
            ]
        },
        {
            "subnet": "172.23.14.0/24",
            "pools": [ { "pool": "172.23.14.10 - 172.23.14.240" } ],
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.14.1"
                }
            ]
        },
        {
            "subnet": "172.23.15.0/24",
            "pools": [ { "pool": "172.23.15.10 - 172.23.15.240" } ],
            "option-data": [
                {
                    "name": "routers",
                    "data": "172.23.15.1"
                }
            ]
        }
    ],
    "loggers": [
        {
            "name": "kea-dhcp4",
            "output_options": [
                {
                    "output": "stdout",
                    "pattern": "%-5p %m\n"
                }
            ],
            "severity": "INFO",
            "debuglevel": 0
        }
    ]
 }
 }
Author	SHA1	Message	Date
Markus Hauschild	7890ca253f	kea: add ddns support	2024-05-28 17:48:42 +02:00
Markus Hauschild	12617b6e8f	kea: add more subnets, pools and reservations	2024-05-21 22:51:41 +02:00
Markus Hauschild	0b4224d867	kea: define options and classes for dect-rfps and voip-phones	2024-05-21 22:44:43 +02:00
Markus Hauschild	e86ae5f7ab	kea: query primary dns server for hostnames otherwise the role will fail if the host it is deployed from has VPN but is not using our DNS infra	2024-05-21 22:44:43 +02:00
Kishi85	4d9ee275ed	kea: configure control agent necessary for HA	2024-05-21 22:44:40 +02:00
Kishi85	d99ef6ad37	kea: add DHCP4 HA config (hot-standby)	2024-05-21 22:44:34 +02:00
Markus Hauschild	257099efe6	kea: new role (replaces dhcpd)	2024-05-21 22:44:24 +02:00