Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace ISC dhcp4-server with isc-kea-dhcp4-server #113

Merged
merged 7 commits into from
Jan 30, 2021
Merged

Replace ISC dhcp4-server with isc-kea-dhcp4-server #113

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ee5f7b9
ffh.dhcp_server: switch to Kea DHCP server
CodeFetch Jan 25, 2021
2f7e2ce
sn06: add configuration for test node
CodeFetch Jan 28, 2021
f693ce9
dhcp_server: WIP still includes syntax errors in config file
1977er Jan 28, 2021
937eb47
dhcp_server: re-integrate domain configs into single file
1977er Jan 28, 2021
7462b49
remove sn06 from PR
1977er Jan 28, 2021
7d3544f
dhcp_server: do not always_send mtu-interface option
1977er Jan 29, 2021
b9ec923
dhcp_server:
1977er Jan 29, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 4 additions & 12 deletions roles/ffh.dhcp_server/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,7 @@
---

legacy_dom0: true
dhcp_interface: "bat0"
dhcp_default_leasetime: 600
dhcp_max_leasetime: 600
dhcp_valid_leasetime: 600
dhcp_rebind_timer: 300
dhcp_renew_timer: 150
dhcp_domain_name: "ffh.zone"
dhcp_net:
net: 10.2.0.0
mask: 255.255.0.0
dhcp_range:
from: 10.2.0.2
to: 10.2.0.254
dhcp_options:
gateway: 10.2.0.1
dns_server: 10.2.0.1
2 changes: 1 addition & 1 deletion roles/ffh.dhcp_server/handlers/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
---

- name: Restart isc-dhcp-server
- name: Restart dhcpd
service: name=dhcpd state=restarted
120 changes: 68 additions & 52 deletions roles/ffh.dhcp_server/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,63 +1,79 @@
---
- name: Install isc-dhcp-server
apt: name=isc-dhcp-server update_cache=yes

- name: Install dhcpd-pools
apt: name=dhcpd-pools

- name: Ramdisk in fstab eintragen
notify: Restart isc-dhcp-server
mount: name=/var/lib/dhcp src=tmpfs fstype=tmpfs opts='defaults,size=100M' state=mounted
- name: "Add repo key"
apt_key:
url: "https://dl.cloudsmith.io/public/isc/kea-1-8/cfg/gpg/gpg.4DD5AE28ADA7268E.key"
state: "present"

- name: Generate dhcpd master config
notify: Restart isc-dhcp-server
template:
src: dhcpd.conf.j2
dest: /etc/dhcp/dhcpd.conf
- name: "Add isc repo"
register: "iscrepositoryadded"
apt_repository:
repo: "deb https://dl.cloudsmith.io/public/isc/kea-1-8/deb/debian {{ ansible_distribution_release }} main"

- name: Generate dhcpd bat0 config
notify: Restart isc-dhcp-server
template:
src: bat0.conf.j2
dest: /etc/dhcp/bat0.conf
when: legacy_dom0 == true

- name: Domain configs
include_tasks: per_domain.yml
with_items: "{{ domains }}"
loop_control:
loop_var: domain
when: domains is defined

- name: Generate firewall config stanza (ferm)
register: ferm_changed
template:
src: ferm.conf.j2
dest: /etc/ferm/conf.d/50-dhcpd.conf
notify: reload ferm
- name: "Update apt chache to get isc packages"
apt:
update_cache: "yes"
when: "iscrepositoryadded is changed"

- name: Deploy systemd service file
template:
src: dhcpd.service.j2
dest: /etc/systemd/system/dhcpd.service
- name: "Install kea dhcpd from repo"
register: "keainstall"
apt:
name: "isc-kea-dhcp4-server"

- name: Stop isc-dhcp-server via systemd
systemd:
name: isc-dhcp-server
state: stopped
enabled: no
ignore_errors: yes
- name: "Stop service after initial installation"
service:
name: "isc-kea-dhcp4-server"
state: "stopped"
when: "keainstall is changed"

- name: Disable isc-dhcp-server sysv scripts
- name: "Remove artifact isc-kea-dhcp4-server sysv script"
file:
path: /etc/init.d/isc-dhcp-server
state: absent
path: "/etc/init.d/isc-kea-dhcp4-server"
state: "absent"
when: "keainstall is changed"

- name: Reload systemd daemon
command: systemctl daemon-reload
- name: "Remove artifact isc-kea-dhcp4-server rc entries"
command: "update-rc.d isc-kea-dhcp4-server remove"
when: "keainstall is changed"

- name: "Add a ramdisk entry in fstab"
notify: "Restart dhcpd"
mount:
name: "/var/lib/kea"
src: "tmpfs"
fstype: "tmpfs"
opts: "defaults,size=10M"
state: "mounted"

- name: Enable dhcpd
command: systemctl enable dhcpd
- name: "Generate kea-dhcp4.conf config"
notify: "Restart dhcpd"
template:
src: "dhcpd.conf.j2"
dest: "/etc/kea/kea-dhcp4.conf"
mode: "0644"
owner: "root"
group: "root"

- name: "Generate firewall config stanza (ferm)"
notify: "reload ferm"
template:
src: "ferm.conf.j2"
dest: "/etc/ferm/conf.d/50-dhcpd.conf"
mode: "0644"
owner: "root"
group: "root"

- name: Start dhcpd
command: systemctl start dhcpd
- name: "Deploy systemd service file"
template:
src: "dhcpd.service.j2"
dest: "/etc/systemd/system/dhcpd.service"
mode: "0644"
owner: "root"
group: "root"

- name: "Start service"
systemd:
name: "dhcpd"
state: "started"
enabled: "yes"
daemon_reload: "yes"
18 changes: 0 additions & 18 deletions roles/ffh.dhcp_server/tasks/per_domain.yml
View file
Open in desktop

This file was deleted.

12 changes: 0 additions & 12 deletions roles/ffh.dhcp_server/templates/bat0.conf.j2
View file
Open in desktop

This file was deleted.

12 changes: 0 additions & 12 deletions roles/ffh.dhcp_server/templates/batX.conf.j2
View file
Open in desktop

This file was deleted.

101 changes: 92 additions & 9 deletions roles/ffh.dhcp_server/templates/dhcpd.conf.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,100 @@
ddns-update-style none;
{
"Dhcp4": {
// Reply with NACK to requests with false networks
"authoritative": true,

option domain-name "{{ dhcp_domain_name }}";
option domain-name-servers ns1.example.org, ns2.example.org;
"interfaces-config": {
// Set to UDP to avoid raw socket performance penalty
// "dhcp-socket-type": "udp",
"interfaces": [ {% if legacy_dom0 == true %}"bat0",{% endif %} {% for domain in domains | default( [] ) %} "bat{{ domain.id }}"{% if not loop.last %}, {% endif %}{% endfor %} ]
},

default-lease-time {{ dhcp_default_leasetime }};
max-lease-time {{ dhcp_max_leasetime}};
"sanity-checks": {
// Delete leases that have incorrect subnet-id values
"lease-checks": "del"
},

log-facility local7;
"lease-database": {
// Store leases in memory
"type": "memfile",
"lfc-interval": 900
},

"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
},

// Addresses will be assigned with a lifetime of {{ dhcp_valid_leasetime }} seconds.
// The client is told to start renewing after {{ dhcp_renew_timer }} seconds. If the server
// does not respond within {{ dhcp_rebind_timer }} seconds of the lease being granted, client
// is supposed to start REBIND procedure (emergency renewal that allows switching to a different server).
"valid-lifetime": {{ dhcp_valid_leasetime }},
"renew-timer": {{ dhcp_renew_timer }},
"rebind-timer": {{ dhcp_rebind_timer }},

// RFC6842 says that the server is supposed to echo back client-id option.
// However, some older clients do not support this and are getting confused
// when they get their own client-id. Kea can disable RFC6842 support.
"echo-client-id": false,

// use MAC address for IP address calculation
"match-client-id": false,

"loggers": [{
"name": "kea-dhcp4",
"output_options": [{ "output": "syslog:dhcpd" }],
"severity": "WARN"
}],

"option-data": [
{
"name": "domain-name",
"data": "{{ dhcp_domain_name }}"
},
{
"name": "interface-mtu",
"data": "1280"
// "always-send": true
}
],

"subnet4": [
{% if legacy_dom0 == true %}
include "/etc/dhcp/bat0.conf";
{
"interface": "bat0",
"subnet": "10.2.0.0/16",
"pools": [{ "pool": "10.2.{{ sn }}0.2 - 10.2.{{ sn }}9.254" }],
"option-data": [
{
"name": "domain-name-servers",
"data": "10.2.{{ sn }}0.1"
},
{
"name": "routers",
"data": "10.2.{{ sn }}0.1"
}
]
},
{% endif %}

{% for domain in domains | default( [] ) %}
include "/etc/dhcp/bat{{ domain.id }}.conf";
{
"interface": "bat{{ domain.id }}",
"subnet": "10.{{ domain.id }}.0.0/16",
"pools": [{ "pool": "10.{{ domain.id }}.{{ sn }}0.2 - 10.{{ domain.id }}.{{ sn }}8.254" }],
"option-data": [
{
"name": "domain-name-servers",
"data": "10.{{ domain.id }}.0.1"
},
{
"name": "routers",
"data": "10.{{ domain.id }}.{{ sn }}0.1"
}
]
}{% if not loop.last %},{% endif %}
{% endfor %}

]
}
}
15 changes: 7 additions & 8 deletions roles/ffh.dhcp_server/templates/dhcpd.service.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,20 @@
[Unit]
Description=ISC DHCP Server for IPv4 (dhcpd.conf)
Description=Kea DHCP Server for IPv4 (kea-dhcp4.conf)
After=network.target
ConditionPathExists=/etc/dhcp/dhcpd.conf
ConditionPathExists=/etc/kea/kea-dhcp4.conf
{% if legacy_dom0 == true %}
After=sys-subsystem-net-devices-bat0.device
# Requires=sys-subsystem-net-devices-bat0.device
{% endif %}
{% for domain in domains | default([]) %}
After=sys-subsystem-net-devices-bat{{ domain.id }}.device
# Requires=sys-subsystem-net-devices-bat{{ domain.id }}.device
{% endfor %}

[Service]
Environment="DHCPD_CONF=/etc/dhcp/dhcpd.conf"
ExecStartPre=/usr/bin/touch /var/lib/dhcp/dhcpd.leases
ExecStartPre=/usr/sbin/dhcpd -f -t -4 -q $OPTIONS -cf "$DHCPD_CONF"
ExecStart=/usr/sbin/dhcpd -f -4 -q $OPTIONS -cf "$DHCPD_CONF"
Environment="DHCPD_CONF=/etc/kea/kea-dhcp4.conf"
ExecStartPre=/usr/bin/touch /var/lib/kea/kea-leases4.csv
# Testing the config file will work in the future
#ExecStartPre=/usr/sbin/kea-dhcp4 $OPTIONS -t "$DHCPD_CONF"
ExecStart=/usr/sbin/kea-dhcp4 $OPTIONS -c "$DHCPD_CONF"

[Install]
WantedBy=multi-user.target