Reconfigure with an unusable lease back end, leaves the server in a non-working state (no rollback)
A running kea-dhcpX server can be rendered non-functional by issuing a reconfigure (either by command or signal) with a configuration containing a flawed lease back end specifications or to back end which cannot be reached.
After successfully parsing the configuration, the server attempts to connect to the new lease back end. This causes the LeaseMgrFactory to close the existing instance and subsequently fails to open a new one. The server will emit a log message that states reconfiguration has failed and at this point it will no longer process client packets.
A simple scenario:
- start server with memfile lease back end
- verify server hands out leases
- change configuration to MySQL back end with an invalid database or user name
- issue reconfig command
- verify server does not see or acknowledge packets
The basic issue is the LeaseMgrFactory only permits one instance to exist. There is no "Staged" instance and we do not restore the one we closed. We probably don't handle host back ends any differently.