// Name of the lease file. In the case of a database it specifies the
// database name.
- "name": "kea-dhcp4.csv",
+ "name": "kea-leases4.csv",
// memfile-specific parameter indicating whether leases should
// be saved on persistent storage (disk) or not. The true value
// Name of the lease file. In the case of a database it specifies the
// database name.
- "name": "kea-dhcp4.csv",
+ "name": "kea-leases4.csv",
// memfile-specific parameter indicating whether leases should
// be saved on persistent storage (disk) or not. The true value
"lease-database": {
"type": "memfile",
- "name": "kea-dhcp4.csv",
+ "name": "kea-leases4.csv",
"lfc-interval": 3600
},
// Name of the lease file. In the case of a database it specifies the
// database name.
- "name": "kea-dhcp6.csv",
+ "name": "kea-leases6.csv",
// memfile-specific parameter indicating whether leases should
// be saved on persistent storage (disk) or not. The true value
// Name of the lease file. In the case of a database it specifies the
// database name.
- "name": "kea-dhcp6.csv",
+ "name": "kea-leases6.csv",
// memfile-specific parameter indicating whether leases should
// be saved on persistent storage (disk) or not. The true value
"lease-database": {
"type": "memfile",
- "name": "kea-dhcp6.csv"
+ "name": "kea-leases6.csv"
},
"preferred-lifetime": 3000,
s2 << CfgMgr::instance().getDataDir() << "/kea-leases4.csv";
static_cast<void>(::remove(s2.str().c_str()));
- std::ostringstream s3;
- s3 << CfgMgr::instance().getDataDir() << "/kea-dhcp4.csv";
- static_cast<void>(::remove(s3.str().c_str()));
-
// Revert to original data directory.
CfgMgr::instance().getDataDir(true, original_datadir_);
s2 << CfgMgr::instance().getDataDir() << "/kea-leases6.csv";
static_cast<void>(::remove(s2.str().c_str()));
- std::ostringstream s3;
- s3 << CfgMgr::instance().getDataDir() << "/kea-dhcp6.csv";
- static_cast<void>(::remove(s3.str().c_str()));
-
// Revert to original data directory.
CfgMgr::instance().getDataDir(true, original_datadir_);
// is specifically for HA updates only.
"http-port": 8000,
+ // Allow access only to kea-api user.
+ // To make it work, please store your password in kea-api-password file.
+ // Make sure the password file has sufficiently restrictive access permissions,
+ // in particular it is not world-readable.
+ // The basic HTTP auth offers poor security for unencrypted channels.
+ // If possible, a better, stronger HTTPS mechanism should be deployed,
+ // in particular when the client authentication is enabled by setting the
+ // cert-required to true (the default). See trust-anchor, cert-file,
+ // key-file and cert-required below. For more details read the Kea Security
+ // section in the ARM.
+ "authentication": {
+ "type": "basic",
+ "realm": "Kea Control Agent",
+ "directory": "/etc/kea",
+ "clients": [
+ {
+ "user": "kea-api",
+ "password-file": "kea-api-password"
+ }
+ ]
+ },
+
+ // Configuration section containing HTTPS parameters:
+ // TLS trust anchor (Certificate Authority). This is a file name or
+ // (for OpenSSL only) a directory path.
+ // "trust-anchor": "kea-server-ca",
+ // TLS server certificate file name.
+ // "cert-file": "kea-server-cert",
+ // TLS server private key file name.
+ // "key-file": "kea-server-key",
+ // TLS require client certificates flag. Default is true and means
+ // require client certificates. False means they are optional.
+ // "cert-required": true
+
// Specify location of the files to which the Control Agent
// should connect to forward commands to the DHCPv4, DHCPv6
// and D2 servers via unix domain sockets.
projects / thirdparty / kea.git / commitdiff
