// This is a simple example of a configuration for Control-Agent (CA) or simply // Agent. This server provides RESTful interface for all Kea servers. { "Control-agent": { // We need to specify where the agent should listen to incoming HTTP // queries. "http-host": "127.0.0.1", // If enabling HA and multi-threading, the 8000 port is used by the HA // hook library http listener. When using HA hook library with // multi-threading to function, make sure the port used by dedicated // listener is different (e.g. 8001) than the one used by CA. Note // the commands should still be sent via CA. The dedicated listener // is specifically for HA updates only. "http-port": 8000, // Optional authentication. "authentication": { // Required authentication type. The only supported value is // basic for the basic HTTP authentication. "type": "basic", // An optional parameter is the basic HTTP authentication realm. // Its default is "kea-control-agent". "realm": "kea-control-agent", // This optional parameter can be used to specify a common // prefix for files handling client credentials. "directory": "/tmp/kea-creds", // This list specifies the user ids and passwords to use for // basic HTTP authentication. If empty or not present any client // is authorized. "clients": [ // This specifies an authorized client. { "comment": "admin is authorized", // The user id must not be empty or contain the ':' // character. It is a mandatory parameter. "user": "admin", // If password is not specified an empty password is used. "password": "1234" }, // This specifies a hiddent client. { // The user id is the content of the file /tmp/kea-creds/hiddenu. "user-file": "hiddenu", // The password is the content of the file /tmp/kea-creds/hiddenp. "password-file": "hiddenp" }, // This specifies a hidden client using a secret in a file. { // The secret is the content of the file /tmp/kea-creds/hiddens // which must be in the : format. "password-file": "hiddens" } ] }, // This map specifies where control channel of each server is configured // to listen on. See 'control-socket' object in the respective // servers. At this time the only supported socket type is "unix". // Make sure that the Agent and respective servers configuration // matches exactly, otherwise they won't be able to communicate. // One extra feature that requires some explanation is // user-context. This is a structure that you can define at // global scope, in control sockets and others. It is parsed by // Kea, but not used directly. It is intended to keep anything // you may want to put there - comments, extra designations, // floor or department names etc. These structures will be made // available to Kea hooks. A comment entry is translated into a // user-context with a "comment" property so you can include // comments inside the configuration itself. "control-sockets": { // This is how the Agent can communicate with the DHCPv4 server. "dhcp4": { "comment": "socket to DHCP4 server", "socket-type": "unix", "socket-name": "/tmp/kea4-ctrl-socket" }, // Location of the DHCPv6 command channel socket. "dhcp6": { "socket-type": "unix", "socket-name": "/tmp/kea6-ctrl-socket" }, // Location of the D2 command channel socket. "d2": { "socket-type": "unix", "socket-name": "/tmp/kea-ddns-ctrl-socket", "user-context": { "in-use": false } } }, // CA is able to load hook libraries that augment its operation. // The primary functionality is the ability to add new commands. "hooks-libraries": [ // Hook libraries list may contain more than one library. { // The only necessary parameter is the library filename. "library": "/opt/local/control-agent-commands.so", // Some libraries may support parameters. Make sure you // type this section carefully, as the CA does not validate // it (because the format is library specific). "parameters": { "param1": "foo" } } ], // Similar to other Kea components, CA also uses logging. "loggers": [ { "name": "kea-ctrl-agent", "output_options": [ { "output": "/var/log/kea-ctrl-agent.log", // Several additional parameters are possible in addition // to the typical output. Flush determines whether logger // flushes output to a file. Maxsize determines maximum // filesize before the file is being rotated. maxver // specifies the maximum number of rotated files being // kept. "flush": true, "maxsize": 204800, "maxver": 4, // We use pattern to specify custom log message layout "pattern": "%d{%y.%m.%d %H:%M:%S.%q} %-5p [%c/%i] %m\n" } ], "severity": "INFO", "debuglevel": 0 } ] } }