mir/kea
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/kea synced 2025-09-02 23:15:20 +00:00
Code Issues Releases Wiki Activity

[3644] Review and edit of kea-admin part of the guide

Browse Source 
The edit also included a reorganisation of the sections.
This commit is contained in:
Stephen Morris
2015-01-26 13:45:22 +00:00
parent 97a03ea1c4
commit 5d1bc8d88d
2 changed files with 344 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

576
doc/guide/admin.xml
View File

@@ -4,276 +4,366 @@
<!ENTITY mdash "&#x2014;" > <!ENTITY mdash "&#x2014;" >
]> ]>
<chapter id="admin"> <chapter id="admin">
<title>Database administration</title> <title>Kea Database Administration</title>
<section id="kea-admin"> <section id="kea-database-version">
<title>kea-admin tool</title> <title>Databases and Database Version Numbers</title>
<para> <para>
Kea is able to store leases in one of several supported databases. Kea stores leases in one of several supported databases.
Additional types of data, like host reservation details, will As future versions of Kea are released, the structure of those
be supported in the near future. To manage those databases, a databases will change. For example, Kea currently only stores
tool called <command>kea-admin</command> was introduced. Currently lease information: in the future, additional data - such as host
it is able to initialize new database, check its version reservation details - will also be stored.
and perform database upgrade, if needed. </para>
</para>
<para> <para>
Kea mantains separate version numbering for its database backends. These A given version of Kea expects a particular structure in
are independent of the Kea version. It is possible that the backend the database. It ensures this by checking the version of the
revision will stay the same through several Kea revisions. Likewise, it database it is using. Separate version numbers are maintained for
is possible that a backend may go up several times between two Kea backend databases, independent of the version of Kea itself. It
revisions, if there were several changes introduced that required database is possible that the backend database version will stay the same
schema change. Versions for each backend are independent, so a bump through several Kea revisions. Likewise, it is possible that the
in MySQL version does not imply bump in the Postgres version. version of backend database may go up several revisions during a
</para> Kea upgrade. Versions for each database are independent, so an
increment in the MySQL database version does not imply an increment
in that of PostgreSQL.
</para>
<para> <para>
Backend versions are specified in major.minor format. Minor number is Backend versions are specified in
increased when there are backward compatibile changes introduced. For a <replaceable>major.minor</replaceable> format. The minor
example, a new index is added. It is desirable, but not mandatory to number is increased when there are backward compatibile changes
have it. You can run on older database version if you want to. On introduced. For example, ithe addition of a new index. It is
the other hand, major number is increased when there's an incompatible desirable, but not mandatory to to apply such a change; you
change introduced, for example an extra column is added. If you try can run on older database version if you want to. (Although, in
to run Kea software on a database that is too old (which is signified the example given, running without the new index may be at the
by mismatched major backend version number), Kea will refuse to run expense of a performance penalty.) On the other hand, the major
and an administrative action will be required to upgrade the database. number is increased when an incompatible change is introduced,
</para> for example an extra column is added to a table. If you try to
run Kea software on a database that is too old (as signified by
<para> mismatched backend major version number), Kea will refuse to run:
<command>kea-admin</command> takes two mandatory parameters: administrative action will be required to upgrade the database.
<command>command</command> and <command>backend</command>. Additional, </para>
non-mandatory options may be specified. Currently supported commands </section>
are:
<itemizedlist> <section id="kea-admin">
<title>The kea-admin Tool</title>
<listitem> <para>
<simpara> To manage the databases, Kea provides the
<command>lease-init</command> &mdash; <command>kea-admin</command> tool. It is able to initialize
Initializes a new lease database. Useful during first Kea a new database, check its version number, and perform a
installation. The database is initialized to the latest version database upgrade.
supported by the version of the software. </para>
</simpara>
</listitem>
<listitem> <para>
<simpara> <command>kea-admin</command> takes two mandatory
<command>lease-version</command> &mdash; parameters: <command>command</command> and
Reports lease database version. This is not necessarily <command>backend</command>. Additional, non-mandatory options
equal to Kea version as each backend has its own versioning may be specified. Currently supported commands are:
scheme.
</simpara>
</listitem>
<listitem> <itemizedlist>
<simpara> <listitem>
<command>lease-upgrade</command> &mdash; <simpara>
Conducts lease database upgrade. This is useful when <command>lease-init</command> &mdash;
migrating between old and new Kea versions. Initializes a new lease database. Useful during first
</simpara> Kea installation. The database is initialized to the
</listitem> latest version supported by the version of the software.
</simpara>
</listitem>
</itemizedlist> <listitem>
<simpara>
<command>lease-version</command> &mdash;
Reports the lease database version number. This is
not necessarily equal to the Kea version number as
each backend has its own versioning scheme.
</simpara>
</listitem>
The <command>backend</command> specified backend type. Currently <listitem>
allowed backends are: memfile, mysql and pgsql. There are additional <simpara>
parameters that may be needed, depending on your setup and specific <command>lease-upgrade</command> &mdash;
operation: specify username, password and database name or the directory Conducts a lease database upgrade. This is useful when
where specific files are located. See appropriate manual page for upgrading Kea.
details (<command>man 8 kea-admin</command>). </simpara>
</para> </listitem>
</itemizedlist>
</section> <command>backend</command> specifies the backend type. Currently
supported types are:
<itemizedlist>
<listitem>
<simpara>
<command>memfile</command> &mdash; Lease information is
stored on disk in a text file.
</simpara>
</listitem>
<listitem>
<simpara>
<command>mysql</command> &mdash;
Lease information is stored in a MySQL relational
database.
</simpara>
</listitem>
<listitem>
<simpara>
<command>pgsql</command> &mdash;
Lease information is stored in a PostgreSQL relational
database.
</simpara>
</listitem>
</itemizedlist>
Additional parameters may be needed, depending on your setup
and specific operation: username, password and database name or
the directory where specific files are located. See appropriate
manual page for details (<command>man 8 kea-admin</command>).
</para>
</section>
<section>
<title>Supported Databases</title>
<section> <section>
<title>memfile</title> <title>memfile</title>
<para>There are no special initialization steps necessary for memfile <para>
backend. During the first run, both <command>kea-dhcp4</command> and There are no special initialization steps necessary
<command>kea-dhcp6</command> will create an empty lease file, if it is not for the memfile backend. During the first run, both
present. Necessary disk write permission is required. <command>kea-dhcp4</command> and <command>kea-dhcp6</command>
will create an empty lease file if one is not
present. Necessary disk write permission is required.
</para> </para>
<!-- @todo: document lease file upgrades once they are implemented in kea-admin --> <!-- @todo: document lease file upgrades once they are implemented in kea-admin -->
</section> </section>
<section> <section>
<title>MySQL</title> <title>MySQL</title>
<para> <para>
MySQL database must be properly set up if you want Kea to store lease The MySQL database must be properly set up if you want Kea to
and other information in MySQL. This step can be safely skipped if you store information in MySQL. This section can be safely ignored
chose to store the data in other backends, like memfile or PosgreSQL. if you chose to store the data in other backends.
</para> </para>
<section id="mysql-database-create">
<title>Initialize the MySQL Database using kea-admin</title>
<para> <section id="mysql-database-create">
There are two ways to initialize the database. The first one involves <title>First Time Creation of Kea Database</title>
running <command>kea-admin</command> tool, which attempts to automate
the process. It is convenient to use, but may not cover more complex
cases. The second alternative is to run all the commands
manually.
</para>
<para> <para>
When <command>kea-admin</command> is told to initialize the database, it If you are setting the MySQL database for the first time,
assumes that the database and database user has been created. If not, you need to create the database area within MySQL and set up
please follow the necessary instructions in <xref the MySQL user ID under which Kea will access the database.
linkend="mysql-database-create-manual" />. This needs to be done manually: <command>kea-admin</command>
</para> is not able to do this for you.
</para>
<para> <para>
To initialize new MySQL database using <command>kea-admin</command>, use the To create the database:
following command:
<screen>$ <userinput>kea-admin lease-init mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput> <orderedlist>
<listitem>
<para>
Log into MySQL as "root":
<screen>
$ <userinput>mysql -u root -p</userinput>
Enter password:
mysql>
</screen> </screen>
</para>
</listitem>
<command>kea-admin</command> has rudimentary checks implemented. It will <listitem>
refuse to initialize a database that has any existing tables. If you want <para>
to start from scratch, you must remove existing data manually. This process Create the MySQL database:
is left manual on purpose to avoid mistakes that could not be undone. <screen>
</para> mysql> <userinput>CREATE DATABASE <replaceable>database-name</replaceable>;</userinput>
</section>
<section id="mysql-upgrade">
<title>Upgrading MySQL database from earlier Kea versions</title>
<para>Sometime a new Kea version may use newer database schema and there may
be a need to upgrade existing database. This can be done using <command>kea-admin</command>.
It is possible to check existing database version:
<screen>$ <userinput>kea-admin lease-version mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput>
</screen> </screen>
See <xref linkend="kea-admin"/> for a discussion about versioning.</para> (<replaceable>database-name</replaceable> is the name
<para>It may be required to run database upgrade. This process is designed you have chosen for the database.)
to not discard any data, but depending on the nature of the changes, it </para>
may be impossible to downgrade to earlier Kea version. Please back up your </listitem>
database if you consider reverting to an earlier Kea version. To conduct
an upgrade, the following command should be used: <listitem>
<screen>$ <userinput>kea-admin lease-upgrade mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput> <para>
Create the user under which Kea will access the database
(and give it a password), then grant it access to the
database tables:
<screen>
mysql> <userinput>CREATE USER '<replaceable>user-name</replaceable>'@'localhost' IDENTIFIED BY '<replaceable>password</replaceable>';</userinput>
mysql> <userinput>GRANT ALL ON <replaceable>database-name</replaceable>.* TO '<replaceable>user-name</replaceable>'@'localhost';</userinput>
</screen> </screen>
</para> (<replaceable>user-name</replaceable> and
<replaceable>password</replaceable> are the user ID
and password you are using to allow Keas access to the
MySQL instance. All apostrophes in the command lines
above are required.)
</para>
</listitem>
</section> <listitem>
<para>
At this point, you may elect to create the database
tables. (Alternatively, you can exit MySQL and create
the tables using the <command>kea-admin</command> tool,
as explained below.) To do this:
<screen>
mysql> <userinput>CONNECT <replaceable>database-name</replaceable>;</userinput>
mysql> <userinput>SOURCE <replaceable>path-to-kea</replaceable>/share/kea/dhcpdb_create.mysql</userinput>
</screen>
(<replaceable>path-to-kea</replaceable> is the
location where you installed Kea.)
</para>
</listitem>
<section id="mysql-database-create-manual"> <listitem>
<title>Manually create the MySQL Database and the Kea User</title> <para>
Exit MySQL:
<screen>
mysql> <userinput>quit</userinput>
Bye
$
</screen>
</para>
</listitem>
</orderedlist>
</para>
<note>
<simpara>
This paragraph explains how to create and initialize MySQL database
manually. See <xref linkend="mysql-database-create" /> for a kea-admin,
a tool that automates most of those steps.
</simpara>
</note>
<para> <para>
The first task is to create both the lease database and the user under If you elected not to create the tables in step 4, you can do
which the servers will access it. A number of steps are required: so now by running the <command>kea-admin</command> tool:
<screen>
$ <userinput>kea-admin lease-init mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput>
</screen>
(Do not do this if you did create the tables in step 4.)
<command>kea-admin</command> implements rudimentary checks:
it will refuse to initialize a database that contains any
existing tables. If you want to start from scratch, you
must remove all data manually. (This process is a manual
operation on purpose to avoid possibly irretrievable mistakes
by <command>kea-admin</command>.)
</para> </para>
<para> </section>
1. Log into MySQL as "root":
<screen>$ <userinput>mysql -u root -p</userinput>
Enter password:<userinput/>
:<userinput/>
mysql></screen>
</para>
<para>
2. Create the database:
<screen>mysql> <userinput>CREATE DATABASE <replaceable>database-name</replaceable>;</userinput></screen>
(<replaceable>database-name</replaceable> is the name you
have chosen for the database.)
</para>
<para>
3. Create the database tables by running the dhcpdb_create.mysql script supplied as part of Kea:
<screen>mysql> <userinput>CONNECT <replaceable>database-name</replaceable>;</userinput>
mysql> <userinput>SOURCE <replaceable>path-to-kea</replaceable>/share/kea/dhcpdb_create.mysql</userinput></screen>
</para>
<para>
4. Create the user under which Kea will access the database (and give it a password), then grant it access to the database tables:
<screen>mysql> <userinput>CREATE USER '<replaceable>user-name</replaceable>'@'localhost' IDENTIFIED BY '<replaceable>password</replaceable>';</userinput>
mysql> <userinput>GRANT ALL ON <replaceable>database-name</replaceable>.* TO '<replaceable>user-name</replaceable>'@'localhost';</userinput></screen>
</para>
<para>
5. Exit MySQL:
<screen>mysql> <userinput>quit</userinput>
Bye<userinput/>
$</screen>
</para>
</section>
<section id="mysql-upgrade">
<title>Upgrading a MySQL Database from an Earlier Version of Kea</title>
<para>
Sometimes a new Kea version may use newer database schema, so
there will be a need to upgrade the existing database. This can
be done using the <command>kea-admin lease-upgrade</command>
command.
</para>
<para>
To check the current version of the database, use the following command:
<screen>
$ <userinput>kea-admin lease-version mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput>
</screen>
(See <xref linkend="kea-database-version"/> for a discussion
about versioning.) If the version does not match the minimum
required for the new version of Kea (as described in the
release notes), the database needs to be upgraded.
</para>
<para>
Before upgrading, please make sure that the database is
backed up. The upgrade process does not discard any data but,
depending on the nature of the changes, it may be impossible
to subsequently downgrade to an earlier version. To perform
an upgrade, issue the following command:
<screen>
$ <userinput>kea-admin lease-upgrade mysql -u <replaceable>database-user</replaceable> -p <replaceable>database-password</replaceable> -d <replaceable>database-name</replaceable></userinput>
</screen>
</para>
</section>
</section> <!-- end of MySQL sections --> </section> <!-- end of MySQL sections -->
<section> <section>
<title>PostgreSQL</title> <title>PostgreSQL</title>
<para> <para>
PostgreSQL database must be properly set up if you want Kea to store lease A PostgreSQL database must be set up if you want Kea to store
and other information in PostgreSQL. This step can be safely skipped if you lease and other information in PostgreSQL. This step can be
chose to store the data in other backends, like memfile or MySQL. safely ignored if you are using other database backends.
</para> </para>
<section>
<title>Initialize the PostgreSQL Database using kea-admin</title>
<para>
Support for PostgreSQL in kea-admin is currently not implemented.
</para>
<!-- @todo: document PgSQL upgrade once they are implemented in kea-admin -->
</section>
<section id="pgsql-database-create"> <section id="pgsql-database-create">
<title>Create PostgreSQL Database and Kea User</title> <title>Manually Create the PostgreSQL Database and the Kea User</title>
<para> <para>
The next task is to create both the lease database and the user under which the servers will The first task is to create both the lease database and the
access it. A number of steps are required: user under which the servers will access it. A number of steps
</para> are required:
<para>
1. Log into PostgreSQL as "root": <orderedlist>
<screen>$ <userinput>sudo -u postgres psql postgres</userinput> <listitem>
Enter password:<userinput/> <para>
:<userinput/> Log into PostgreSQL as "root":
postgres=#</screen> <screen>
</para> $ <userinput>sudo -u postgres psql postgres</userinput>
<para> Enter password:
2. Create the database: postgres=#
</screen>
</para>
</listitem>
<listitem>
<para>
Create the database:
<screen> <screen>
postgres=#<userinput> CREATE DATABASE <replaceable>database-name</replaceable>;</userinput> postgres=#<userinput> CREATE DATABASE <replaceable>database-name</replaceable>;</userinput>
CREATE DATABASE CREATE DATABASE
postgres=# postgres=#
</screen> </screen>
(<replaceable>database-name</replaceable> is the name you (<replaceable>database-name</replaceable> is the name
have chosen for the database.) you have chosen for the database.)
</para> </para>
<para> </listitem>
3. Create the user under which Kea will access the database (and give it a password), then grant it access to the database:
<screen>postgres=#<userinput> CREATE USER <replaceable>user-name</replaceable> WITH PASSWORD '<replaceable>password</replaceable>';</userinput> <listitem>
<para>
Create the user under which Kea will access the database
(and give it a password), then grant it access to the
database:
<screen>
postgres=#<userinput> CREATE USER <replaceable>user-name</replaceable> WITH PASSWORD '<replaceable>password</replaceable>';</userinput>
CREATE ROLE CREATE ROLE
postgres=# postgres=#
postgres=#<userinput> GRANT ALL PRIVILEGES ON DATABASE <replaceable>database-name</replaceable> TO <replaceable>user-name</replaceable>;</userinput> postgres=#<userinput> GRANT ALL PRIVILEGES ON DATABASE <replaceable>database-name</replaceable> TO <replaceable>user-name</replaceable>;</userinput>
GRANT GRANT
postgres=# postgres=#
</screen> </screen>
</para> </para>
<para> </listitem>
4. Exit PostgreSQL:
<screen>postgres=# <userinput>\q</userinput> <listitem>
Bye<userinput/> <para>
$</screen> Exit PostgreSQL:
</para> <screen>
<para> postgres=# <userinput>\q</userinput>
5. Create the database tables using the new user's credentials and the dhcpdb_create.pgsql script supplied with Kea. Bye
After entering the following command, you will be prompted for the new $
user's password. When the command completes you will be returned to </screen>
the shell prompt. You should see output similar to following: </para>
<screen>$ <userinput>psql -d <replaceable>database-name</replaceable> -U <replaceable>user-name</replaceable> -f <replaceable>path-to-kea</replaceable>/share/kea/dhcpdb_create.pgsql</userinput> </listitem>
<listitem>
<para>
Create the database tables using the new user's
credentials and the dhcpdb_create.pgsql script supplied
with Kea. After entering the following command, you
will be prompted for the new user's password. When the
command completes you will be returned to the shell
prompt. You should see output similar to following:
<screen>
$ <userinput>psql -d <replaceable>database-name</replaceable> -U <replaceable>user-name</replaceable> -f <replaceable>path-to-kea</replaceable>/share/kea/dhcpdb_create.pgsql</userinput>
Password for user <replaceable>user-name</replaceable>: Password for user <replaceable>user-name</replaceable>:
CREATE TABLE CREATE TABLE
CREATE INDEX CREATE INDEX
@@ -292,36 +382,56 @@ INSERT 0 1
COMMIT COMMIT
$ $
</screen> </screen>
</para> (<replaceable>path-to-kea</replaceable> is the location
<para> where you installed Kea.)
If instead you encounter an error like: </para>
</para>
<para>
If instead you encounter an error like:
<screen> <screen>
psql: FATAL: no pg_hba.conf entry for host "[local]", user "<replaceable>user-name</replaceable>", database "<replaceable>database-name</replaceable>", SSL off psql: FATAL: no pg_hba.conf entry for host "[local]", user "<replaceable>user-name</replaceable>", database "<replaceable>database-name</replaceable>", SSL off
</screen> </screen>
<para> ... you will need to alter the PostgreSQL configuration.
... you will need to alter the PostgreSQL configuration. Kea uses password authentication when connecting to
Kea uses password authentication when connecting to the database and must the database and must have the appropriate entries
have the appropriate entries added to PostgreSQL's pg_hba.conf file. This added to PostgreSQL's pg_hba.conf file. This file is
file is normally located in the primary data directory for your PostgreSQL normally located in the primary data directory for your
server. The precise path may vary but the default location for PostgreSQL 9.3 PostgreSQL server. The precise path may vary but the
on Centos 6.5 is: default location for PostgreSQL 9.3 on Centos 6.5 is:
<filename>/var/lib/pgsql/9.3/data/pg_hba.conf</filename>. <filename>/var/lib/pgsql/9.3/data/pg_hba.conf</filename>.
Assuming Kea is running on the same host as PostgreSQL, adding lines similar </para>
to following should be sufficient to provide password-authenticated access to
Kea's database: <para>
</para> Assuming Kea is running on the same host as PostgreSQL,
adding lines similar to following should be sufficient to
provide password-authenticated access to Kea's database:
<screen> <screen>
local <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> password local <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> password
host <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> 127.0.0.1/32 password host <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> 127.0.0.1/32 password
host <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> ::1/128 password host <replaceable>database-name</replaceable> <replaceable>user-name</replaceable> ::1/128 password
</screen> </screen>
<para> </para>
Please consult your PostgreSQL user manual before making these changes as they
may expose your other databases that you run on the same system. <para>
</para> Please consult your PostgreSQL user manual before making
these changes as they may expose your other databases
that you run on the same system.
</para>
</listitem>
</orderedlist>
</para>
</section> </section>
</section> <!-- end of postgres sections --> <section>
<title>Initialize the PostgreSQL Database Using kea-admin</title>
</chapter> <para>
Support for PostgreSQL in <command>kea-admin</command> is
currently not implemented.
</para>
<!-- @todo: document PgSQL upgrade once they are implemented in kea-admin -->
</section>
</section> <!-- end of PostgreSQL sections -->
</section> <!-- End of Database sections -->
</chapter>

2
doc/guide/install.xml
View File

@@ -478,7 +478,7 @@ Debian and Ubuntu:
</para> </para>
<para> <para>
See <xref linkend="pgsql-database-create"/> for details regarding See <xref linkend="pgsql-database-create"/> for details regarding
MySQL database configuration. PostgreSQL database configuration.
</para> </para>
</section> </section>
</section> </section>