Hello Dulux-Oz, Not sure if you’re using hot-standby or load-balancing (or passive backup) HA, but the HA hook chapter 16 for config section of each mode does have some sample configs and describes the use of basic-auth-user and basic-auth-password (or alternative basic-auth-password-file should you wish to store password outside of your config file).
https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html?highlight=basic-auth-password#hot-standby-configuration or https://kea.readthedocs.io/en/kea-2.2.0/arm/hooks.html?highlight=basic-auth-password#load-balancing-configuration From: Kea-users <[email protected]> on behalf of duluxoz <[email protected]> Date: Friday, January 27, 2023 at 2:32 AM To: Veronique Lefebure <[email protected]>, [email protected] <[email protected]> Subject: Re: [Kea-users] Kea HA Heartbeat Failure CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hi Veronique, Thanks for that - that's what we were missing: the auth info inside the peers block. A note to the Kea Document Maintainers: I do not recall *ever* reading *anywhere* in the doco or sample config files where the basic-auth-user and basic-auth-password need to be included in the ha->peers block. Of course, I may have missed it, but still, it may behove you to make something like this much more predominant in the documentation *and* sample config files. Thanks to everyone who helped us out in this - we really appreciate it Cheers Dulux-Oz On 27/01/2023 18:49, Veronique Lefebure wrote: We have this in the kea-ctrl-agent config and it works fine: "authentication": { "type": "basic", "realm": "kea-control-agent", "clients": [ { "user": "xxxxx", "password": "yyyy" } ] } and in kea-dhcp4.conf: "parameters": { "high-availability": [ { ... "peers": [ { "auto-failover": true, "basic-auth-password": "yyyy", "basic-auth-user": "xxxx", "name": "kea1.example.com", "role": "primary", "url": "http://xx.xxx.xx.xx:90xx/"; }, ... Sensitivity: Internal
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
