Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2024-03-21T15:03:05Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/3301Add missing YANG nodes before the 2.6.0 release2024-03-21T15:03:05ZAndrei Pavelandrei@isc.orgAdd missing YANG nodes before the 2.6.0 releaseMissing YANG nodes:
- `ddns-conflict-resolution-mode`
- `retry-on-startup`Missing YANG nodes:
- `ddns-conflict-resolution-mode`
- `retry-on-startup`kea2.6.0https://gitlab.isc.org/isc-projects/kea/-/issues/3216Setting YANG list elements with singlequotes in key values is not possible in...2024-01-18T14:58:00ZAndrei Pavelandrei@isc.orgSetting YANG list elements with singlequotes in key values is not possible in our unit testing frameworkOur internal NETCONF test framework in the form of `YangRepr`, particularly the `YangRepr::set` functionality does not support setting list elements that have singlequotes in the value of a key. This is because setting a node is done by ...Our internal NETCONF test framework in the form of `YangRepr`, particularly the `YangRepr::set` functionality does not support setting list elements that have singlequotes in the value of a key. This is because setting a node is done by providing the xpath as a plain string and singlequotes are used to delimit the value of the key, so upon finding a singlequote in the value, the libyang parser thinks the value ends sooner than it actually does and does not know what to do with the rest of the xpath.
This is not a problem in production code, because production code has no need for setting YANG nodes, but instead is only concerned with retrieving them from the sysrepo datastore.
The issue may become more prevalent if issue 3198 gets merged as it was written at the time this issue was created. It makes `data` a key which is more likely to contain a singlequote than other keys, which is also why this issue became obvious there. The issue occurred in unit tests.
```
[ RUN ] ConfigTestKeaV4.examples4
libyang[0]: Invalid character 0x73 ('s'), perhaps "'Error: here'" is supposed to be a function call.
config_unittests.cc:332: Failure
Failed
json = loadFile(path) threw type: N3isc4yang12NetconfErrorE, what: setting item 'nullopt' at '/kea-dhcp4-server:config/option-data[code='56'][space='dhcp4'][data='Error: here's a DHCPNAK!']': Session::setItem: Couldn't set '/kea-dhcp4-server:config/option-data[code='56'][space='dhcp4'][data='Error: here's a DHCPNAK!']': SR_ERR_INVAL_ARG
Google Test trace:
config_unittests.cc:330:
* Tested file: /home/andrei/work/isc/kea-3198-vivso-suboptions-not-properly-supported-in-netconf/doc/examples/kea4/all-options.json
[ FAILED ] ConfigTestKeaV4.examples4 (509 ms)
```
This change was done to avoid it:
```diff
diff --git a/doc/examples/kea4/all-options.json b/doc/examples/kea4/all-options.json
index 5e7d7ccbc7..f52105691b 100644
--- a/doc/examples/kea4/all-options.json
+++ b/doc/examples/kea4/all-options.json
@@ -691,3 +691,3 @@
"code": 56,
- "data": "Error: here's a DHCPNAK!",
+ "data": "Error: here is a DHCPNAK!",
"name": "dhcp-message"
```
One may think of encoding the singlequote as Kea does with the commas in user-context under the lease CSV files. That is not ideal, if even possible, since the singlequote would need to be decoded in get unctionality which means it has an effect on production code, but moreover it might not be compatible with setting outside `YangRepr`, via e.g. sysrepocfg.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/2818Read YAML configuration file2023-04-13T13:47:19ZVicky Riskvicky@isc.orgRead YAML configuration fileIn today's webinar on configuring custom options, a participant asked whether we could enable configuration in YAML instead of JSON. Carsten revealed that he uses a YAML <-> JSON translator so he can work in YAML but still feed Kea JSON....In today's webinar on configuring custom options, a participant asked whether we could enable configuration in YAML instead of JSON. Carsten revealed that he uses a YAML <-> JSON translator so he can work in YAML but still feed Kea JSON. It was suggested that maybe we could make Kea recognize whether the configuration file is in YAML or JSON, and in case of YAML, run this translator first. It seems like there might be a useful usability improvement in here somewhere.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1994automatic YANG translators2023-03-19T15:47:12ZAndrei Pavelandrei@isc.orgautomatic YANG translatorsUniversal/softcoded/automatic translators.
Turn this:
```
ConstElementPtr networks = getSharedNetworks(xpath);
if (networks && !networks->empty()) {
result->set("shared-networks", networks);
}
ConstElementPtr cla...Universal/softcoded/automatic translators.
Turn this:
```
ConstElementPtr networks = getSharedNetworks(xpath);
if (networks && !networks->empty()) {
result->set("shared-networks", networks);
}
ConstElementPtr classes = getClasses(xpath);
if (classes && !classes->empty()) {
result->set("client-classes", classes);
}
ConstElementPtr database = getDatabase(xpath + "/lease-database");
if (database) {
result->set("lease-database", database);
}
[...]
```
into something like this pseudocode:
```
ElementPtr result = Element::createMap();
for (S_Data_Node i : module->dataNodes()) {
result->set(i->xpath(), Element::from(i->valueStr()));
}
```
It would work with any module out-of-the-box and no node would be left out. When a new node gets added in the configuration, on top of the usual bison parser diligences, we would only need to update the YANG module.
The nodes of the Kea YANG modules would be 1:1 with the JSON configuration. For the IETF model, indeed the data would require changing, but at least this automatic translator would get you the YANG data in ElementPtr form and you would start from there.
Benefits:
* makes configuration maintenance easier
* is less error-prone
* improves performance because non-existing nodes are no longer checkedbackloghttps://gitlab.isc.org/isc-projects/kea/-/issues/333parser libraries for servers (for netconf)2022-11-02T15:24:02ZFrancis Dupontparser libraries for servers (for netconf)Build in DHCPv4 and DHCPv6 (at least) Makefiles a convenience library with the parser so a tool which just needs to parse a DHCPv4 (or DHCPv6) configuration including comments and includes can link with this library and calls a parse* me...Build in DHCPv4 and DHCPv6 (at least) Makefiles a convenience library with the parser so a tool which just needs to parse a DHCPv4 (or DHCPv6) configuration including comments and includes can link with this library and calls a parse* method to get a syntactic correct Element.
I have an use for this in netconf to port and improve a to-yang tool which translates such config to YANG and loads it to sysrepo datastore. IMHO config backend should use this too.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/384Add D2 support to netconf.2022-11-02T15:22:26ZFrancis DupontAdd D2 support to netconf.Finish the model and write translators.Finish the model and write translators.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/383Add CA support to netconf.2022-11-02T15:22:00ZFrancis DupontAdd CA support to netconf.Finish the model and write translators.
More urgent that the similar ticket for D2 because it gives for free a test for kea-netconf over HTTP.Finish the model and write translators.
More urgent that the similar ticket for D2 because it gives for free a test for kea-netconf over HTTP.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1985Sysrepo 1.4: clean up subscribe-notifications2022-11-02T15:10:41ZTomek MrugalskiSysrepo 1.4: clean up subscribe-notificationsThe following discussion from !1329 should be addressed:
- [ ] @andrei started a [discussion](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/1329#note_225561): (+3 comments)
> subscribe notifications is currently always ...The following discussion from !1329 should be addressed:
- [ ] @andrei started a [discussion](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/1329#note_225561): (+3 comments)
> subscribe notifications is currently always true. Would you like a kea-netconf config entry with that?
I (Tomek) think that we should always react to configuration changes. I'm not aware of any deployment that would make sense to ignore changes. Andrei pointed [here](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/1329#note_226816) that we don't have notifications in the models and we currently log an ERROR. We need to figure out a solution that detects changes introduced by an admin. If necessary, maybe we'd need to add notifications capability to the models?backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/906man pages should be conditional on built binary2022-11-02T15:10:19Ztoppkman pages should be conditional on built binaryhere's a trivial patch to not generate kea-netconf(8) man page if sysrepo support is not enabled.
[0005-disablenetconf.patch](/uploads/c5c6042137f849a29567e421007a2077/0005-disablenetconf.patch)here's a trivial patch to not generate kea-netconf(8) man page if sysrepo support is not enabled.
[0005-disablenetconf.patch](/uploads/c5c6042137f849a29567e421007a2077/0005-disablenetconf.patch)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/108Need to quote some keys for yang.2022-11-02T15:08:43ZFrancis DupontNeed to quote some keys for yang.The Kea6 reservations.json example file use ```'somevalue'``` as the identifier of a (flex-id) host reservation. Yang uses the same character ```'``` for list keys so it conflicts.
The solution should be to convert the identifier in hexa...The Kea6 reservations.json example file use ```'somevalue'``` as the identifier of a (flex-id) host reservation. Yang uses the same character ```'``` for list keys so it conflicts.
The solution should be to convert the identifier in hexadecimal so:
- check the textual and hexadecimal forms can be used together / safely.
- check presence of problematic characters in a string used as a list key
- create an adaptor to quote or convert strings used as list key.
Nothing hard but low priority as this is clearly a corner case.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/196Improve netconf performance: keep the control socket connection open2022-11-02T15:08:43ZTomek MrugalskiImprove netconf performance: keep the control socket connection openIn 1.5 the kea-netconf agent opens up a new connection every time there is a new config to be set. This means that if you're changing the configuration frequently, there are many connections set up and torn down. It would be better to ha...In 1.5 the kea-netconf agent opens up a new connection every time there is a new config to be set. This means that if you're changing the configuration frequently, there are many connections set up and torn down. It would be better to have persistent connection (or the option to enable it).
This is out of scope for 1.5, though. Looks like a potential optimization in 1.6.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/329Add a verbose flag to developer YANG module check scripts.2022-11-02T15:08:43ZFrancis DupontAdd a verbose flag to developer YANG module check scripts.Add a verbose flag to `src/share/yang/modules/utils/check-{hashes, revisions}.sh`.
cf #204Add a verbose flag to `src/share/yang/modules/utils/check-{hashes, revisions}.sh`.
cf #204backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/328Using a model which is installed but unknown.2022-11-02T15:08:42ZFrancis DupontUsing a model which is installed but unknown.This issue is about the third case in this method called with the model for a managed server entry:
```
bool
NetconfAgent::checkModule(const string& module_name) const {
if (module_name.empty()) {
return (true);
}
auto modul...This issue is about the third case in this method called with the model for a managed server entry:
```
bool
NetconfAgent::checkModule(const string& module_name) const {
if (module_name.empty()) {
return (true);
}
auto module = modules_.find(module_name);
if (module == modules_.end()) {
LOG_ERROR(netconf_logger, NETCONF_MODULE_MISSING_ERR)
.arg(module_name);
return (false);
}
auto modrev = YANG_REVISIONS.find(module_name);
if (modrev == YANG_REVISIONS.end()) {
// Can't check revision?!
// It can happen only with a module which is not in
// YANG_REVISIONS but installed so likely on purpose.
return (true);
}
if (modrev->second != module->second) {
LOG_ERROR(netconf_logger, NETCONF_MODULE_REVISION_ERR)
.arg(module_name)
.arg(modrev->second)
.arg(module->second);
return (false);
}
return (true);
}
```
Tomek requested a warning, I added the comment after ```Can't check revision?!``` and answered:
No warning. In fact it means the module is installed but is not in yang revisions so either it is on purpose and the check was simply disabled, or it is a real error and the translator will raise a better error.
I am creating an issue in the case a better option could be found.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/331kea-netconf should print out control channel being opened2022-11-02T15:08:42ZTomek Mrugalskikea-netconf should print out control channel being openedWhile reviewing !163 I've tried to start kea-netconf without dhcp4 or dhcp6 running. The error message I got was confusing. It was clear that some file is missing, but it was never said which file:
```
2018-12-10 19:40:24.202 INFO [kea...While reviewing !163 I've tried to start kea-netconf without dhcp4 or dhcp6 running. The error message I got was confusing. It was clear that some file is missing, but it was never said which file:
```
2018-12-10 19:40:24.202 INFO [kea-netconf.netconf/29469] NETCONF_STARTED Netconf (version 1.5.0-beta2-git) started
2018-12-10 19:40:24.203 INFO [kea-netconf.netconf/29469] NETCONF_GET_CONFIG_STARTED getting configuration from dhcp4 server
2018-12-10 19:40:24.203 ERROR [kea-netconf.netconf/29469] NETCONF_GET_CONFIG_FAILED getting configuration from dhcp4 server failed: config-get command failed with communication error: No such file or directory
2018-12-10 19:40:24.203 INFO [kea-netconf.netconf/29469] NETCONF_GET_CONFIG_STARTED getting configuration from dhcp6 server
2018-12-10 19:40:24.203 ERROR [kea-netconf.netconf/29469] NETCONF_GET_CONFIG_FAILED getting configuration from dhcp6 server failed: config-get command failed with communication error: No such file or directory
2018-12-10 19:40:24.203 INFO [kea-netconf.netconf/29469] NETCONF_SET_CONFIG_STARTED setting configuration to dhcp4 server
2018-12-10 19:40:24.217 DEBUG [kea-netconf.netconf/29469] NETCONF_SET_CONFIG set configuration to dhcp4 server: {
"Dhcp4": { }
}
2018-12-10 19:40:24.217 ERROR [kea-netconf.netconf/29469] NETCONF_SET_CONFIG_FAILED setting configuration to dhcp4 server failed: config-set command failed with communication error: No such file or directory
2018-12-10 19:40:24.217 INFO [kea-netconf.netconf/29469] NETCONF_SUBSCRIBE_CONFIG subscribing configuration changes for dhcp4 server with kea-dhcp4-server module
2018-12-10 19:40:24.229 INFO [kea-netconf.netconf/29469] NETCONF_SET_CONFIG_STARTED setting configuration to dhcp6 server
2018-12-10 19:40:24.243 DEBUG [kea-netconf.netconf/29469] NETCONF_SET_CONFIG set configuration to dhcp6 server: {
"Dhcp6": { }
}
2018-12-10 19:40:24.243 ERROR [kea-netconf.netconf/29469] NETCONF_SET_CONFIG_FAILED setting configuration to dhcp6 server failed: config-set command failed with communication error: No such file or directory
```
IMHO the netconf daemon should print out unix socket path/http URL on info level. This would be on par with what dhcp4/6 does, it prints the unix socket path when opening control channel:
```
COMMAND_ACCEPTOR_START Starting to accept connections via unix domain socket bound to /tmp/kea-dhcp4-ctrl.sock
```backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/2518RFC9243: YANG for DHCPv62022-10-14T11:17:11ZTomek MrugalskiRFC9243: YANG for DHCPv6Now that [rfc9243](https://datatracker.ietf.org/doc/html/rfc9243) has been published, it's a good time to consider whether we want to abandon Kea specific YANG model and migrate to a standard one or stick with it.
If you are a user who ...Now that [rfc9243](https://datatracker.ietf.org/doc/html/rfc9243) has been published, it's a good time to consider whether we want to abandon Kea specific YANG model and migrate to a standard one or stick with it.
If you are a user who deployed Kea with NETCONF, please share your thoughts on this.
Alternatively, we could support both models, but it seems more troublesome to maintain in the long term.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/475extend kea-admin with option to install/update yang models2021-06-18T09:35:04ZWlodzimierz Wencelextend kea-admin with option to install/update yang modelskea-admin is capable to handle mysql/pgsql/cql when it comes to leases and HR. And right now work on config backend will extend it for configuration storage. We should also extend it to handle yang models.kea-admin is capable to handle mysql/pgsql/cql when it comes to leases and HR. And right now work on config backend will extend it for configuration storage. We should also extend it to handle yang models.outstanding