Compare commits
3 Commits
Author | SHA1 | Date |
---|---|---|
Kishi85 | 065f105f9f | |
Kishi85 | 9235672954 | |
Markus | e185703198 |
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Restart kea-dhcp4-server
|
||||||
|
service: name=kea-dhcp4-server state=restarted
|
||||||
|
|
||||||
|
- name: Restart kea-ctrl-agent
|
||||||
|
service: name=kea-ctrl-agent state=restarted
|
|
@ -0,0 +1,28 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Install the kea dhcp server
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- kea-ctrl-agent
|
||||||
|
- kea-dhcp4-server
|
||||||
|
- kea-dhcp-ddns-server
|
||||||
|
|
||||||
|
- name: Configure the kea dhcp4 server
|
||||||
|
template:
|
||||||
|
src: kea/kea-dhcp4.conf.j2
|
||||||
|
dest: /etc/kea/kea-dhcp4.conf
|
||||||
|
# validate: kea-dhcp4 -t %s
|
||||||
|
notify: Restart kea-dhcp4-server
|
||||||
|
|
||||||
|
- name: Start the kea dhcp server
|
||||||
|
service: name=kea-dhcp4-server state=started enabled=yes
|
||||||
|
|
||||||
|
- name: Configure the kea control agent
|
||||||
|
template:
|
||||||
|
src: kea/kea-ctrl-agent.conf.j2
|
||||||
|
dest: /etc/kea/kea-ctrl-agent.conf
|
||||||
|
# validate: kea-ctrl-agent -t %s
|
||||||
|
notify: Restart kea-ctrl-agent
|
||||||
|
|
||||||
|
- name: Start the kea control agent
|
||||||
|
service: name=kea-ctrl-agent state=started enabled=yes
|
|
@ -0,0 +1,67 @@
|
||||||
|
// This is an example of a configuration for Control-Agent (CA) listening
|
||||||
|
// for incoming HTTP traffic. This is necessary for handling API commands,
|
||||||
|
// in particular lease update commands needed for HA setup.
|
||||||
|
{
|
||||||
|
"Control-agent":
|
||||||
|
{
|
||||||
|
// We need to specify where the agent should listen to incoming HTTP
|
||||||
|
// queries.
|
||||||
|
"http-host": "0.0.0.0",
|
||||||
|
|
||||||
|
// This specifies the port CA will listen on.
|
||||||
|
"http-port": 8000,
|
||||||
|
|
||||||
|
"control-sockets":
|
||||||
|
{
|
||||||
|
// This is how the Agent can communicate with the DHCPv4 server.
|
||||||
|
"dhcp4":
|
||||||
|
{
|
||||||
|
"comment": "socket to DHCP4 server",
|
||||||
|
"socket-type": "unix",
|
||||||
|
"socket-name": "/tmp/kea4-ctrl-socket"
|
||||||
|
},
|
||||||
|
|
||||||
|
// Location of the DHCPv6 command channel socket.
|
||||||
|
//"dhcp6":
|
||||||
|
//{
|
||||||
|
// "socket-type": "unix",
|
||||||
|
// "socket-name": "/tmp/kea6-ctrl-socket"
|
||||||
|
//},
|
||||||
|
|
||||||
|
// Location of the D2 command channel socket.
|
||||||
|
//"d2":
|
||||||
|
//{
|
||||||
|
// "socket-type": "unix",
|
||||||
|
// "socket-name": "/tmp/kea-ddns-ctrl-socket",
|
||||||
|
// "user-context": { "in-use": false }
|
||||||
|
//}
|
||||||
|
},
|
||||||
|
|
||||||
|
|
||||||
|
// Similar to other Kea components, CA also uses logging.
|
||||||
|
"loggers": [
|
||||||
|
{
|
||||||
|
"name": "kea-ctrl-agent",
|
||||||
|
"output_options": [
|
||||||
|
{
|
||||||
|
"output": "/var/log/kea-ctrl-agent.log",
|
||||||
|
|
||||||
|
// Several additional parameters are possible in addition
|
||||||
|
// to the typical output. Flush determines whether logger
|
||||||
|
// flushes output to a file. Maxsize determines maximum
|
||||||
|
// filesize before the file is being rotated. maxver
|
||||||
|
// specifies the maximum number of rotated files being
|
||||||
|
// kept.
|
||||||
|
"flush": true,
|
||||||
|
"maxsize": 204800,
|
||||||
|
"maxver": 4,
|
||||||
|
// We use pattern to specify custom log message layout
|
||||||
|
"pattern": "%d{%y.%m.%d %H:%M:%S.%q} %-5p [%c/%i] %m\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"severity": "INFO",
|
||||||
|
"debuglevel": 0 // debug level only applies when severity is set to DEBUG.
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,231 @@
|
||||||
|
{
|
||||||
|
|
||||||
|
"Dhcp4": {
|
||||||
|
"interfaces-config": {
|
||||||
|
"interfaces": [ "{{ ansible_default_ipv4['interface'] }}" ]
|
||||||
|
},
|
||||||
|
|
||||||
|
"control-socket": {
|
||||||
|
"socket-type": "unix",
|
||||||
|
"socket-name": "/run/kea/kea4-ctrl-socket"
|
||||||
|
},
|
||||||
|
|
||||||
|
// HA requires two hooks libraries to be loaded: libdhcp_lease_cmds.so and
|
||||||
|
// libdhcp_ha.so. The former handles incoming lease updates from the HA peers.
|
||||||
|
// The latter implements high availability feature for Kea. Note the library name
|
||||||
|
// should be the same, but the path is OS specific.
|
||||||
|
"hooks-libraries": [
|
||||||
|
// The lease_cmds library must be loaded because HA makes use of it to
|
||||||
|
// deliver lease updates to the server as well as synchronize the
|
||||||
|
// lease database after failure.
|
||||||
|
{
|
||||||
|
"library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
// The HA hooks library should be loaded.
|
||||||
|
"library": "/usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so",
|
||||||
|
"parameters": {
|
||||||
|
// Each server should have the same HA configuration, except for the
|
||||||
|
// "this-server-name" parameter.
|
||||||
|
"high-availability": [ {
|
||||||
|
// This parameter points to this server instance. The respective
|
||||||
|
// HA peers must have this parameter set to their own names.
|
||||||
|
"this-server-name": "{{ inventory_hostname.split('.')[0] }}",
|
||||||
|
// The HA mode is set to hot-standby. In this mode, the active server handles
|
||||||
|
// all the traffic. The standby takes over if the primary becomes unavailable.
|
||||||
|
"mode": "hot-standby",
|
||||||
|
// Heartbeat is to be sent every 10 seconds if no other control
|
||||||
|
// commands are transmitted.
|
||||||
|
"heartbeat-delay": 10000,
|
||||||
|
// Maximum time for partner's response to a heartbeat, after which
|
||||||
|
// failure detection is started. This is specified in milliseconds.
|
||||||
|
// If we don't hear from the partner in 60 seconds, it's time to
|
||||||
|
// start worrying.
|
||||||
|
"max-response-delay": 60000,
|
||||||
|
// The following parameters control how the server detects the
|
||||||
|
// partner's failure. The ACK delay sets the threshold for the
|
||||||
|
// 'secs' field of the received discovers. This is specified in
|
||||||
|
// milliseconds.
|
||||||
|
"max-ack-delay": 5000,
|
||||||
|
// This specifies the number of clients which send messages to
|
||||||
|
// the partner but appear to not receive any response.
|
||||||
|
"max-unacked-clients": 5,
|
||||||
|
// This specifies the maximum timeout (in milliseconds) for the server
|
||||||
|
// to complete sync. If you have a large deployment (high tens or
|
||||||
|
// hundreds of thousands of clients), you may need to increase it
|
||||||
|
// further. The default value is 60000ms (60 seconds).
|
||||||
|
"sync-timeout": 60000,
|
||||||
|
"peers": [
|
||||||
|
// This is the configuration of this server instance.
|
||||||
|
{
|
||||||
|
"name": "{{ lookup('dig', dhcpd_primary+'/PTR').split('.')[0] }}",
|
||||||
|
// This specifies the URL of our server instance. The
|
||||||
|
// Control Agent must run along with our DHCPv4 server
|
||||||
|
// instance and the "http-host" and "http-port" must be
|
||||||
|
// set to the corresponding values.
|
||||||
|
"url": "http://{{ dhcpd_primary }}:8000/",
|
||||||
|
// This server is primary. The other one must be
|
||||||
|
// secondary.
|
||||||
|
"role": "primary"
|
||||||
|
},
|
||||||
|
// This is the configuration of our HA peer.
|
||||||
|
{
|
||||||
|
"name": "{{ lookup('dig', dhcpd_secondary+'/PTR').split('.')[0] }}",
|
||||||
|
// Specifies the URL on which the partner's control
|
||||||
|
// channel can be reached. The Control Agent is required
|
||||||
|
// to run on the partner's machine with "http-host" and
|
||||||
|
// "http-port" values set to the corresponding values.
|
||||||
|
"url": "http://{{ dhcpd_secondary }}:8000/",
|
||||||
|
// The partner is a secondary. Our is primary.
|
||||||
|
"role": "standby"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
} ]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
|
"lease-database": {
|
||||||
|
"type": "memfile",
|
||||||
|
"lfc-interval": 3600
|
||||||
|
},
|
||||||
|
|
||||||
|
"expired-leases-processing": {
|
||||||
|
"reclaim-timer-wait-time": 10,
|
||||||
|
"flush-reclaimed-timer-wait-time": 25,
|
||||||
|
"hold-reclaimed-time": 3600,
|
||||||
|
"max-reclaim-leases": 100,
|
||||||
|
"max-reclaim-time": 250,
|
||||||
|
"unwarned-reclaim-cycles": 5
|
||||||
|
},
|
||||||
|
|
||||||
|
"renew-timer": 900,
|
||||||
|
"rebind-timer": 1800,
|
||||||
|
"valid-lifetime": 3600,
|
||||||
|
|
||||||
|
"option-data": [
|
||||||
|
{
|
||||||
|
"name": "domain-name-servers",
|
||||||
|
"data": "{{ name_servers | join(', ') }}"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"name": "domain-name",
|
||||||
|
"data": "binary.kitchen"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"name": "domain-search",
|
||||||
|
"data": "binary.kitchen"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
|
"subnet4": [
|
||||||
|
{
|
||||||
|
"subnet": "172.23.1.0/24",
|
||||||
|
|
||||||
|
"option-data": [
|
||||||
|
{
|
||||||
|
"name": "routers",
|
||||||
|
"data": "172.23.1.1"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
|
"reservations": [
|
||||||
|
{
|
||||||
|
"hw-address": "44:48:c1:ce:a9:00",
|
||||||
|
"ip-address": "172.23.1.41",
|
||||||
|
"hostname": "ap01"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"hw-address": "74:9e:75:ce:93:54",
|
||||||
|
"ip-address": "172.23.1.44",
|
||||||
|
"hostname": "ap04"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"hw-address": "bc:9f:e4:c3:6f:aa",
|
||||||
|
"ip-address": "172.23.1.45",
|
||||||
|
"hostname": "ap05"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"hw-address": "94:b4:0f:c0:1d:a0",
|
||||||
|
"ip-address": "172.23.1.46",
|
||||||
|
"hostname": "ap06"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"subnet": "172.23.2.0/24",
|
||||||
|
|
||||||
|
"option-data": [
|
||||||
|
{
|
||||||
|
"name": "routers",
|
||||||
|
"data": "172.23.2.1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"subnet": "172.23.3.0/24",
|
||||||
|
|
||||||
|
"pools": [ { "pool": "172.23.3.10 - 172.23.3.230" } ],
|
||||||
|
|
||||||
|
"option-data": [
|
||||||
|
{
|
||||||
|
"name": "routers",
|
||||||
|
"data": "172.23.3.1"
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"name": "domain-search",
|
||||||
|
"data": "binary.kitchen, users.binary.kitchen"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
|
"reservations": [
|
||||||
|
{
|
||||||
|
"hw-address": "1a:1b:1c:1d:1e:1f",
|
||||||
|
"ip-address": "172.23.3.201",
|
||||||
|
"hostname": "special-snowflake",
|
||||||
|
"option-data": [ {
|
||||||
|
"name": "domain-name-servers",
|
||||||
|
"data": "10.1.1.202, 10.1.1.203"
|
||||||
|
} ]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
|
||||||
|
{
|
||||||
|
"subnet": "172.23.4.0/24",
|
||||||
|
|
||||||
|
"pools": [ { "pool": "172.23.4.10 - 172.23.4.240" } ],
|
||||||
|
|
||||||
|
"option-data": [
|
||||||
|
{
|
||||||
|
"name": "routers",
|
||||||
|
"data": "172.23.4.1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
|
||||||
|
"loggers": [
|
||||||
|
{
|
||||||
|
"name": "kea-dhcp4",
|
||||||
|
"output_options": [
|
||||||
|
{
|
||||||
|
"output": "stdout",
|
||||||
|
"pattern": "%-5p %m\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"severity": "INFO",
|
||||||
|
"debuglevel": 0
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue