I'm using that setup as well: Pacemaker with a replicated postgres lease database. It works quite well. There's only one missing piece: a way to keep the configuration in sync across nodes. In the database, perhaps? (aside: the configuration is quite fluid in our production environment, changing multiple times per day).
From: Kea-users [mailto:[email protected]] On Behalf Of Hugh Connolly Sent: Wednesday, November 22, 2017 8:34 AM To: Klaus Steden; SoupNazi izaNpuoS Cc: KEA-Users ([email protected]) Subject: Re: [Kea-users] DHCP redundancy [faked-from] I'm working on something similar. It uses 2+ Kea instances with the postgresql lease db in Amazons RDS. To manage the VIP the cluster uses ocf_heartbeat_IPaddr2 (pacemaker) Works quite well thus far. What do you think? One improvement (beyond in-housing the Postgresql cluster) that comes to mind is better fencing in PCS to restart the service or shutdown the node if there is a problem. Something beyond just checking that the service is running, maybe checking the ports? Was fairly straight forward to setup ________________________________ From: Kea-users <[email protected]<mailto:[email protected]>> on behalf of Klaus Steden <[email protected]<mailto:[email protected]>> Sent: Friday, November 17, 2017 4:14:00 PM To: SoupNazi izaNpuoS Cc: KEA-Users ([email protected]<mailto:[email protected]>) Subject: Re: [Kea-users] DHCP redundancy Our implementation uses a single database backend (which is itself HA, but the endpoint is a VIP, so it appears to be just a single host) with a different server per environment running a Kea server. It seems they coexist quite happily as long as they're not trying to both handle the same row/table, which means each environment only uses a single IP helper. We use Monit on the servers themselves to keep the Kea daemon running, since as noted it doesn't retry when it encounters an error talking to the database; the whole system is generally fairly resilient, FWIW, even if it's less than industrial strength. cheers, Klaus On Fri, Nov 17, 2017 at 6:48 AM, SoupNazi izaNpuoS <[email protected]<mailto:[email protected]>> wrote: Not at all. It does split the pools, automatically. You just need to make sure you don't use more than 90% of your addresses as it may have difficulty transferring IPs amongst the devices if you do (say if the secondary runs out, the primary may not be able to send IPs to it). On Fri, Nov 17, 2017 at 9:44 AM, John Ratliff <[email protected]<mailto:[email protected]>> wrote: On 11/17/2017 9:37 AM, SoupNazi izaNpuoS wrote: Out of curiosity, was there a reason you didn't use the built in failover configuration in ISC DHCP? It's extremely confusing to me. Perhaps my understanding is flawed, but as I understand it, you need to split your pool and have one side responsible for their individual split. Our pools do not have enough spare IPs to allow that. It just never seemed work the effort. --John On Fri, Nov 17, 2017 at 9:25 AM, John Ratliff <[email protected]<mailto:[email protected]> <mailto:[email protected]<mailto:[email protected]>>> wrote: I'm seeking best practice advice on how to setup DHCP server redundancy with kea. With ISC DHCP, I used VRRP with two servers and configured it to send the dhcp-server-identifier option as the VRRP IP. Then I would run a script that sync'd the lease database automatically via cron. This process is messy and error prone, so I would like to use kea instead. The subnets I am allocating via DHCP is not the same subnet that the server is in, so we use ip-helper statements to forward DHCP requests to the server. I have kea using mySQL as a lease backend. The mySQL server is not on the same machine as kea. My first thought was to use VRRP and supply the dhcp-server-identifier option again. I ran into a problem though that if kea started before VRRP, it wouldn't listen on the VRRP IP. There is probably a solution to that, but I don't have one yet. So then I changed the router configuration to use two ip-helper statements, sending the request to both primary and secondary kea servers; I also removed the dhcp-server-identifier option. This seems to work. Is this a reasonable setup for DHCP redundancy with kea? Is there a better option I might want to consider? Are there any concerns I should be aware of with both servers being active? Thanks. _______________________________________________ Kea-users mailing list [email protected]<mailto:[email protected]> <mailto:[email protected]<mailto:[email protected]>> https://lists.isc.org/mailman/listinfo/kea-users <https://lists.isc.org/mailman/listinfo/kea-users> _______________________________________________ Kea-users mailing list [email protected]<mailto:[email protected]> https://lists.isc.org/mailman/listinfo/kea-users
_______________________________________________ Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
