[Kea-announce] Kea 1.9.11, a new development release of Kea, is now available
Greg Choules
greg at isc.org
Tue Aug 31 18:40:27 UTC 2021
Internet Systems Consortium is pleased to announce the release of Kea 1.9.11.
Releases in the Kea 1.9.x sequence are part of the Kea 1.9 development branch,
where new features are provided for testing and evaluation before the branch
is designated stable and recommended for production use.
The current stable branch of Kea is Kea 1.8 and its most recent release is 1.8.2
The latest releases from each branch are available via the ISC downloads page: [ https://www.isc.org/download | https://www.isc.org/download ] ______________________________________________________________________
# Kea 1.9.11, August 31st 2021, Release Notes
Welcome to Kea 1.9.11, the twelfth monthly release of the 1.9
development branch. As with any other development release, use this with
caution: development releases are not recommended for production use.
As the 2.0.0 release approaches, we are adding fewer and less
significant new features. Instead, there are more bug fixes,
documentation edits, and small improvements. The most notable changes
introduced in this version are:
1. **Lease lifetimes in DHCPv6 client classes** - It is now possible to
configure preferred and valid lease lifetimes based on the client
classification. That feature has been available in DHCPv4 for a while
and now is available for DHCPv6 as well. This applies to both the
configuration file and Configuration Backend [#1172, #1710].
2. **NETCONF improvements**. The ability to detect Sysrepo installation
have been improved. One particular aspect may be convenient: If libyang
and Sysrepo are installed in the same directory, only one
`--with-sysrepo` option is necessary during configure script execution
[#1990]. Hammer, Kea's build tool has been extended with better Sysrepo
and libyang installation routines [#2045].
3. **GSS-TSIG hook (experimental)**. The work on the GSS-TSIG premium
hook continues. While the hook is not fully functional yet, we are
getting closer. Installation documentation has been shared [#2018].
Parts of the DHCP-DDNS daemon (D2) have been moved to a library. With
this code rearrangement, it is now possible for certain DNS
update-related actions to be conducted from a hook [#1963]. The security
context exchange is now more thorough when checking anti-replay and
authentication services [#2009]. The TKEY exchange, the major mechanism
to establish a security context with a Kerberos capable DNS server, has
now been implemented [#1960]. Additional hook points have been
implemented in D2, making it possible to offload some of the steps to an
external hook [#1897].
4. **Performance: lease reclamation fix on MySQL**. Earlier Kea versions
conducted lease reclamation of the leases stored in MySQL inefficiently
on some older MySQL versions. This caused the periodic lease reclamation
process to take an increasing amount of time. The issue is now fixed
[#2030].
5. **Bug fix: secondary HA server stops responding**. A problem was
reported shortly before this release. Under certain conditions (after
many commands are sent), the secondary server in a HA pair can stop
responding when running in HA+MT mode. A partial fix has been made
available. It should prevent the freeze, but the commands causing it
will fail. Please use Control Agent (CA) to process commands, even when
running in HA+MT mode [#2041, #2043].
6. **Qualifying suffix in DDNS**. In some cases, buggy clients misused
the hostname and FQDN options when sending Request messages, which could
have resulted in the qualifying suffix being appended twice. Now both
the DHCPv4 and DHCPv6 servers will append the `ddns-qualifying-suffix`
only if the input name does not already end with that suffix [#1529].
7. **Build improvements**. Better handling of Python location, which
should address some build issues on MacOS and Arch Linux [#2012]. Many
compilation warnings and spelling corrections [#2025]. Kea-msg-compiler,
a tool used to regenerate message files is a small tool typically used
by the Kea developers. The tool is now included in native packages,
which may be useful for hook developers [#1639]. Kea now compiles with
Boost 1.77 [#1980]. An OS image rebuilding has been fixed in ISC's
internal CI system [#2014].
8. **Documentation**. A section about `innodb_flush_log_at_trx_commit`
knob for MySQL has been reworded [#2024]. The developer's guide for
premium hooks has been migrated to doxygen 1.9.1 [#2025]. A PDF version
of the Kea Administrators Reference Manual has been tweaked to look
better [#866]. Kea tends to be strict about following the RFC standards.
However, in some rare cases, exceptions are implemented on purpose. One
of those - handling the server-id option in the DHCPRELEASE packet - is
now documented [#1936]. We added a note about configuring timezones in
the databases [#1978]. A log message that indicates a successful
configuration reload has been added [#1893]. Links in the documentation
has been updated to our new public site https://reports.kea.isc.org. Old
links to Jenkins (jenkins.isc.org) are no longer available, as this
particular system is being retired [#1983].
## Incompatible Changes
1. YANG models have been extended with the ability to configure
`store-extended-info`. If you are using `kea-netconf`, please update
your deployment. Note that the previous Kea version migrated to new
Sysrepo and libyang versions [#1944].
## Known Issues
For details on known issues, visit:
https://gitlab.isc.org/isc-projects/kea/-/wikis/known-issues-list
And for the list of issues marked as bugs:
https://gitlab.isc.org/isc-projects/kea/issues?label_name%5B%5D=bug
## Release Model
The Kea project has a significant production deployment base with users
who are looking for stability, rather than a constant stream of new
"bleeding-edge" features. At the same time, we want to continue
developing the software and add some new powerful, but
difficult-to-implement, features. To meet these requirements we have
both Stable and Development branches.
Stable releases are what you would expect: stable, released
infrequently, without new features or significant changes, very
well-tested. These can be identified by an even-numbered minor version
number. The current stable release is 1.8.2. The older stable version of
1.6.3 is also available. If we discover important bugs that require
fixing, we may release additional maintenance versions on the 1.8
branch, but that will be determined on a case-by-case basis. The next
major stable version will be 2.0.0.
Development releases can be easily identified by an odd minor version
number: for example, 1.9.0 is a development release. Subsequent releases
on the same minor release branch get numbered with 1.9.1, 1.9.2, and so
on.
Our goal is to make the development release available on the last
Wednesday of each month. There may be exceptions (such as during
holidays), but that's the general plan.
We encourage users to test the development releases and report back
their findings.
For more details on the plan, see ISC's Software Support Policy at:
https://kb.isc.org/docs/aa-00896
## Kea Overview
Kea is a DHCP implementation developed by Internet Systems Consortium
that features fully functional DHCPv4 and DHCPv6 servers, a dynamic DNS
update daemon, a Control Agent (CA) that provides a REST API to control
the DHCP and DNS update servers, an example shell client to connect to
the CA, a daemon that is able to retrieve YANG configuration and updates
from Sysrepo, and a DHCP performance-measurement tool. Both DHCP servers
support server discovery, address assignment, renewal, rebinding,
release, decline, information request, DNS updates, client
classification, and host reservations. The DHCPv6 server also supports
prefix delegation. Lease information is stored in a CSV file by default;
it can optionally be stored in a MySQL, PostgreSQL, or Cassandra (now
deprecated) database instead. Host reservations can be stored in a
configuration file, or in a MySQL, PostgreSQL, or Cassandra (now
deprecated) database. They can also be retrieved from a RADIUS server,
although this functionality is somewhat limited. Kea DHCPv4 and DHCPv6
daemons provide support for YANG models, which are stored in a Sysrepo
datastore and can be configured via the NETCONF protocol.
This text references issue numbers. For more details, visit the Kea
GitLab page at:
https://gitlab.isc.org/isc-projects/kea/-/issues
## License
This version of Kea is released under the Mozilla Public License,
version 2.0.
https://www.mozilla.org/en-US/MPL/2.0
The premium and subscriber-only hooks libraries are provided in source
code form, under the terms of an End User License Agreement (you will
get the source code that you can modify freely, but you are not
permitted to redistribute it).
## Download
Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:
https://cloudsmith.io/~isc/repos/
The Kea source and PGP signature for this release may be downloaded from:
https://www.isc.org/download
The signature was generated with the ISC code-signing key which is
available at:
https://www.isc.org/pgpkey
ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual (ARM).
Documentation is included with the installation, at:
* https://kea.readthedocs.io/en/latest/
* or via https://kb.isc.org/docs/kea-administrator-reference-manual in
HTML, plain text, or PDF formats
ISC maintains a public open source code tree, a wiki, an issue tracking
system, milestone planning, and a roadmap at:
https://gitlab.isc.org/isc-projects/kea
We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list at:
https://lists.isc.org/mailman/listinfo/kea-users
We would also like to hear whether the documentation is adequate and
accurate. Please open tickets in the Kea GitLab project for bugs,
documentation omissions and errors, and enhancement requests. We want to
hear from you even if everything worked.
## Support
Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea development and
maintenance are funded with support subscriptions. For more information
on ISC's Kea and DHCP software support see:
https://www.isc.org/support/
Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at:
https://www.isc.org/community/mailing-List
If you have any comments or questions about working with Kea, please
share them on the Kea Users List:
https://lists.isc.org/mailman/listinfo/kea-users
Bugs and feature requests may be submitted via GitLab at:
https://gitlab.isc.org/isc-projects/kea/-/issues
## Changes
The following summarizes changes since the previous release of 1.9.10:
### In the core package
```
1940. [build] razvan
Library version numbers bumped for Kea 1.9.11 development
version.
(Gitlab #2053)
1939. [bug] tmark
Removed all MultiThreadingCriticalSections from lease_cmds
hooks library which can cause a dead-lock when running HA+MT.
The commands simply try to acquire the resource lock and fail
if the resource is unavailable also logging an error message.
(Gitlab #2051)
1938. [bug] razvan
Fix dead locks caused by commands with CS on http listener
threads and CS on main thread racing with CS on other threads.
(Gitlab #2041, #2043)
1937. [bug] razvan
The Config Backend is now capable of reestablishing database
connection after a failure.
(Gitlab #1982)
1936. [build] andrei
Kea attempts to first link with compatibility library OpenSSL 1.1
(usually found on CentOS 7) before falling back to the system
OpenSSL (1.0 on CentOS 7 which is out of support).
(Gitlab qa#261)
1935. [func] andrei
The store-extended-info config entry was added to Kea YANG
modules at root-level and at subnet-level.
(Gitlab #1944)
1934. [func] tmark
Kea-dhcp6 now supports specifying valid-lifetime and
preferred-lifetime values in client classes (via both
configuration file and Config Backend). Prior to this
it could only be specified at the global, shared-network,
and subnet scopes.
(Gitlab #1710)
1933. [doc] fdupont, tomek
Added a new ARM section about GSS-TSIG. Currently it describes
how to build Kea with GSS-API support. It will be expanded in
the future.
(Gitlab #2018)
1932. [func] tmark
MySQL indexing of leases database has been improved. It now
behaves better on older MySQL versions. In particular, the lease
reclamation no longer causes full scans to be performed. This
fix introduces MySQL schema update to 11.0. This should reduce
the periodic performance slowdowns.
(Gitlab #2030)
1931. [bug] tomek
Two hook messages HOOKS_CALLOUT_ERROR and HOOKS_CALLOUT_MESSAGES
are now printing the hook name and index properly. Thank you to
Shawn Routhier for reporting the issue.
(Gitlab #2020)
1930. [doc] razvan
Extended documentation section about setting up the timezones in
MySQL and PostgreSQL databases.
(Gitlab #1978)
1929. [build] andrei
Compatibility with upcoming boost 1.77 has been improved.
Thanks to Brad Smith for the patch!
(Gitlab #1980)
1928. [bug] tmark
Modified kea-dhcp4 and kea-dhcp6 to only append the
ddns-qualifying-suffix if the input name does not
already end with that suffix. Prior to this the
suffix was always added which could lead to names
including the suffix twice.
(Gitlab #1529)
```
Thank you again to everyone who assisted us in making this release
possible.
We look forward to receiving your feedback.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-announce/attachments/20210831/bcbf535f/attachment-0001.htm>
More information about the Kea-announce
mailing list