2020-08-18 11:28:26 -04:00
|
|
|
.. _database-connectivity:
|
|
|
|
|
|
|
|
|
|
*********************
|
|
|
|
|
Database Connectivity
|
|
|
|
|
*********************
|
2021-10-13 20:42:23 +00:00
|
|
|
The Kea servers (``kea-dhcp4`` and ``kea-dhcp6``) can be configured to use a variety of
|
|
|
|
|
database backends for leases, hosts, and configuration. They can be
|
|
|
|
|
configured to support automatic recovery when connectivity is lost, via
|
2021-11-29 16:29:22 +01:00
|
|
|
the ``on-fail`` parameter. (The ``reconnect-wait-time`` and
|
2021-10-13 20:42:23 +00:00
|
|
|
``max-reconnect-tries`` parameters are described
|
|
|
|
|
in :ref:`database-configuration4` and :ref:`database-configuration6`.)
|
2020-08-18 11:28:26 -04:00
|
|
|
|
2020-12-23 21:08:13 +01:00
|
|
|
It is important to understand how and when automatic recovery comes into play.
|
|
|
|
|
Automatic recovery, when configured, only operates after a successful startup
|
|
|
|
|
or reconfiguration during which connectivity to all backends has been
|
2020-08-18 11:28:26 -04:00
|
|
|
successfully established.
|
|
|
|
|
|
2020-11-14 00:00:37 +00:00
|
|
|
During server startup, the inability to connect to any of the configured
|
|
|
|
|
backends is always considered fatal. A fatal error is logged and the server
|
|
|
|
|
exits, based on the idea that the configuration should be valid
|
|
|
|
|
at startup. Exiting to the operating system allows nanny scripts to detect
|
2020-08-18 12:02:08 -04:00
|
|
|
the problem.
|
2020-08-18 11:28:26 -04:00
|
|
|
|
2020-11-14 00:00:37 +00:00
|
|
|
During dynamic reconfiguration, all backends are disconnected and then
|
|
|
|
|
reconnected using the new configuration. If connectivity to any of the
|
|
|
|
|
backends cannot be established, the server logs a fatal error but remains
|
2020-12-23 21:08:13 +01:00
|
|
|
up. It is able to process commands but does not serve clients. This
|
2021-10-19 19:03:55 +00:00
|
|
|
allows the configuration to be corrected via the ``config-set`` or
|
|
|
|
|
``remote-*`` commands, if required.
|
2020-08-18 11:28:26 -04:00
|
|
|
|
2020-12-23 21:08:13 +01:00
|
|
|
During normal operations, if connectivity to any of the backends is lost and
|
2020-12-09 19:09:25 +02:00
|
|
|
automatic recovery for that backend is enabled, the server disconnects from the
|
|
|
|
|
respective backend and then attempts to reconnect. During the recovery process,
|
2021-03-25 23:27:38 +02:00
|
|
|
the server ceases to serve clients according to the ``on-fail`` configured
|
2021-10-13 20:42:23 +00:00
|
|
|
option but continues to respond to commands.
|
2021-03-25 23:27:38 +02:00
|
|
|
|
|
|
|
|
The ``on-fail`` parameter configures the actions the server should take when a
|
|
|
|
|
connection is lost. It can have one of the following values:
|
2021-03-26 16:23:48 +02:00
|
|
|
|
2021-10-13 20:42:23 +00:00
|
|
|
- ``stop-retry-exit`` - indicates that the server should stop the service
|
|
|
|
|
while it tries to recover the connection, and exit if recovery is not
|
2021-03-26 16:23:48 +02:00
|
|
|
successful after ``max-reconnect-tries``.
|
|
|
|
|
|
2021-10-13 20:42:23 +00:00
|
|
|
- ``serve-retry-exit`` - indicates that the server should not stop the
|
|
|
|
|
service while it tries to recover the connection, and exit if recovery is not
|
2021-03-26 16:23:48 +02:00
|
|
|
successful after ``max-reconnect-tries``.
|
|
|
|
|
|
2021-10-13 20:42:23 +00:00
|
|
|
- ``serve-retry-continue`` - indicates that the server should not stop the
|
|
|
|
|
service while it tries to recover the connection, and not exit if recovery is
|
2021-03-26 16:23:48 +02:00
|
|
|
not successful after ``max-reconnect-tries``.
|
2021-03-25 23:27:38 +02:00
|
|
|
|
|
|
|
|
If connectivity to all backends is restored, the server returns to normal
|
2021-10-13 20:42:23 +00:00
|
|
|
operations. If the connection cannot be restored and the server is configured
|
2021-06-08 15:00:54 +00:00
|
|
|
to exit, it issues a fatal error before shutdown.
|
2021-11-29 16:29:22 +01:00
|
|
|
|
|
|
|
|
The connection to the database server can optionally be protected by TLS.
|
|
|
|
|
Corresponding database configuration parameters for Kea servers are:
|
|
|
|
|
|
|
|
|
|
- The ``trust-anchor`` specifies the Certification Authority file name or
|
|
|
|
|
directory path.
|
|
|
|
|
|
|
|
|
|
- The ``cert-file`` specifies the client certificate file name.
|
|
|
|
|
|
|
|
|
|
- The ``key-file`` specifies the private key file name.
|
|
|
|
|
|
|
|
|
|
- The ``cipher-list`` specifies the list of TLS ciphers (the syntax of
|
|
|
|
|
the content of this parameter is described in the OpenSSL ciphers
|
|
|
|
|
manual).
|
|
|
|
|
|
|
|
|
|
These parameters are similar to the parameters of the secure connections
|
|
|
|
|
with the agent but are interpreted by different backends using database
|
|
|
|
|
configurations too.
|
|
|
|
|
|
|
|
|
|
Currently the support for each database is:
|
|
|
|
|
|
|
|
|
|
- MySQL supports the whole set, additional configuration must be done
|
|
|
|
|
in the MySQL local setup, for instance certificate revocation list,
|
|
|
|
|
choice of a specific TLS version, mutual authentication, ...
|
|
|
|
|
When a TLS connection was required but the actual connection is in
|
|
|
|
|
clear text an error log is emitted.
|
|
|
|
|
|
|
|
|
|
- PostgreSQL only uses the configuration to enable the SSL/TLS support
|
|
|
|
|
in the client library (libpq). Anything else must be done in the
|
|
|
|
|
PostgreSQL local configuration.
|
|
|
|
|
|
|
|
|
|
- Cassandra/CQL does not support this.
|
