[kea-announce] Kea 2.1.5, a new development release of Kea, is now available

Everett B. Fulton ebf at isc.org
Wed Apr 27 15:18:41 UTC 2022 

Internet Systems Consortium is pleased to announce the release of Kea 2.1.5

Releases in the Kea 2.1.x sequence are part of the Kea 2.1 development
branch, where new features are provided for testing and evaluation before
the branch is designated stable and recommended for production use.

The current stable branch of Kea is Kea 2.0 and its most recent release
is 2.0.2

The latest releases from each branch are available via the ISC downloads
page:

     https://www.isc.org/download

______________________________________________________________________

# Kea 2.1.5, April 27 2022, Release Notes

Welcome to Kea 2.1.5, the sixth monthly release of the 2.1 development
branch. As with any other development release, use this with caution:
development releases are not recommended for production use.

Kea is a DHCP implementation developed by Internet Systems Consortium
(ISC) that features DHCPv4 and DHCPv6 servers with DNS updating and a
REST API; optional database support (MySQL and PostgreSQL); optional
RADIUS, Kerberos, and Yang/NETCONF support; and much more. Kea provides
extensive management capabilities, including but not limited to: TLS
support, run-time configuration monitoring and updates via a REST API,
host reservations, client classification, and more.

The text below references issue numbers. For more details, visit the Kea
GitLab page at https://gitlab.isc.org/isc-projects/kea/issues.

The following bugfixes and features have been implemented since the Kea
2.1.4 release:

1. **DDNS Tuning hook**: A new premium hook has been created. The DDNS
Tuning library adds custom behaviors related to Dynamic DNS updates on a
per-client basis. Its primary feature is to allow the host name used for
DNS to be calculated using an expression. This can be specified globally
or on a per-subnet basis [#1548, #2387, #2386].

2. **Opening sockets retries**: Earlier Kea versions produced an error
message when socket opening failed, but otherwise attempted to continue
normally. That was troublesome in some cases, especially during booting,
when the interface had not yet completed initialization. In that case
Kea started, printed an error, and then ran without open sockets. This
created the illusion that the service was healthy, when in fact it was
not usable. As of 2.1.5, Kea can be instructed to retry opening sockets,
with a configurable number of retries. Also, Kea can be told to shut
down when sockets fail to open completely after multiple retries [#1716].

3. **Role-Based Access Control (RBAC)**: Work is underway to provide
RBAC in Kea. In this release, the design has been updated and the HTTP
library has been instrumented. It can now make the connection details,
such as remote IP, TLS certificate, or authentication information,
available to other components [#1263]. The first feature using RBAC is
extended logging information: the Control Agent now prints the IP
address of the remote entity that sent commands [#687]. Development of a
full role-based access control capability is ongoing.

4. **Limits design**: We have begun to implement the ability to limit
the number of leases. Two primary scenarios are considered - limiting
the number of leases per second and the number of leases for certain
classes, e.g. one per household. Requirements (see
https://gitlab.isc.org/isc-projects/kea/-/wikis/designs/Lease-Limiting-an
d-Rate-Limiting-Requirements) and design documents
(https://gitlab.isc.org/isc-projects/kea/-/wikis/designs/Lease-Limiting-a
nd-Rate-Limiting-Design) have been written and are undergoing review. We
welcome your feedback; unfortunately, commenting on wiki pages is not
possible, so please add any feedback to the GitLab issue [#237].

5. **Subnet selection failure logs**: One of the crucial steps in Kea's
operation is subnet selection, i.e. an algorithm to determine which
subnet to use for allocating leases. This process is complex and can
fail. Kea is now more verbose regarding the details if subnet selection
fails, which should make debugging allocation failures easier [#2352].

6. **Split operator in expressions**: A new operator to split strings
has been added to expressions. For example, to get the `foo` hostname
from the fully qualified `foo.example.org`, the following expression can
be used: `split(‘foo.example.org’, ‘.’, 1)`. A particular use
case for this is the new DDNS Tuning hook that can split fully qualified
domain names into separate labels; however, the function is generic and
can also be used for other purposes [#2272].

7. **Documentation update**: We added an explanation of when it is
acceptable to configure overlapping pools for addresses and prefixes
[#1842], clarified the premium hook installation documentation [#2382].
`gss-tsig-rekey` and `gss-tsig-rekey-all` are now properly documented
[#2259]. We corrected the Framed-IPv6-Pool and Framed-Pool attributes in
the RADIUS hook documentation [#2337].

8. **Testing improvements**: We fixed a problem where tests failed if
the system under test had an "eth1" interface [#2377]. Hammer, our build
tool, is now able to configure TLS for MySQL, which is helpful in
testing environments [#2353].

9. **Cassandra, benchmarks support removed** The Cassandra database has
been deprecated for a while now and the code has been removed [#2116].
Cassandra support has been removed from the `hammer` tool [#2375].
Support for benchmarks, a developer feature that has not been
maintained, has been removed [#2372].

## Incompatible Changes

1. **Cassandra support has been removed**. This support has been
deprecated since 1.9.9. As we approach the 2.2.0 release, the time has
come to remove the code. Kea 2.1.5 still has the `--with-cql` switch,
but all it does is print an error about Cassandra no longer being
supported. If your deployment still uses Cassandra, please consider
migration to alternative backends - MySQL or PostgreSQL. There are
clustering solutions available for both of them that to some degree look
similar to Cassandra [#2116, #2375].

2. **Benchmarks have been removed**. Benchmarks was a developer-only
compilation option that enabled synthetic benchmarks for assessing raw
backend performance. This feature was not maintained and was superseded
by performance tests that are able to exercise Kea in much more lifelike
scenarios. There were also known problems with benchmarks; ISC did not
use them and was not aware of anyone using them. Thus, the decision has
been made to remove them. As this was not a user-visible feature, the
usual "deprecate then remove" procedure has not been followed [#2372].

## License

This version of Kea is released under the Mozilla Public License,
version 2.0.

https://www.mozilla.org/en-US/MPL/2.0

The premium and subscriber-only hook libraries are provided under the
terms of an End User License Agreement.

## Download

Pre-built ISC packages for current versions of the most popular Linux
operating systems are available at:

https://cloudsmith.io/\~isc/repos/

The Kea source and PGP signature for this release may be downloaded from:

https://www.isc.org/download

The signature was generated with the ISC code signing key, which is
available at:

https://www.isc.org/pgpkey

ISC provides detailed documentation, including installation instructions
and usage tutorials, in the Kea Administrator Reference Manual.
Documentation is included with the installation or at
https://kea.readthedocs.io/en/latest/index.html.

Limitations and known issues with this release can be found at
https://gitlab.isc.org/isc-projects/kea/wikis/known-issues-list.

We ask users of this software to please let us know how it worked for
you and what operating system you tested on. Feel free to share your
feedback on the Kea Users mailing list
(https://lists.isc.org/mailman/listinfo/kea-users. We would also like to
hear whether the documentation is adequate and accurate. Please open
tickets in the Kea GitLab project for bugs, documentation omissions and
errors, and enhancement requests. We want to hear from you even if
everything worked.

## Support

Professional support for Kea is available from ISC. We encourage all
professional users to consider this option; Kea maintenance is funded
with support subscriptions. For more information on ISC's Kea and DHCP
software support see https://www.isc.org/support/.

Free best-effort support is provided by our user community via a mailing
list. Information on all public email lists is available at
https://www.isc.org/community/mailing-list.

## Changes

The following summarizes changes and important upgrade notes since the
2.1.4 release for Kea core:

2015.	[bug]		tmark
	Fixed an issue in kea-dhcp6 that was causing the server
	not to update the FQDN option in outbound responses when
	the ddns-tuning hook lib calculates a new host name.
	(Gitlab #2392)

2014.	[bug]		tmark
	Correct an issue that was causing reconfigure to fail
	in kea-dhcp4 and kea-dhcp6 when using ddns-tuning hook
	library.
	(Gitlab #2390)

2013.	[build]		razvan
	Library version numbers bumped for Kea 2.1.5 development
	version.
	(Gitlab #2385)

2012.	[doc]		andrei
	Documented whether it's OK or not to have overlapping pools,
	including PD pools in IPv6.
	(Gitlab #1842)

2011.	[func]		djt
	Added CTRL_AGENT_COMMAND_RECEIVED log line with command and
	source address to the kea-ctrl-agent for commands which
	are not forwarded on to another daemon. Added client
	remote-address to CTRL_AGENT_COMMAND_FORWARDED log message if
	it is available.
	(Gitlab #687)

2010.	[func]		razvan
	Several extra log messages now detail the subnet selection
	process. The messages are available on debuglevel 40.
	(Gitlab #2352)

2009.	[func]		tmark
	Added new hook callout points: ddns4_update to Kea DHCPv4
	server and ddns6_update to Kea DHCPv6 server. This enables
	use of the ddns-tuning hook library.
	(Gitlab #1548)

2008.	[func]*		tomek
	The support for benchmarks have been removed.
	(Gitlab #2372)

2007.	[func]		tmark
	Added split() function to classification expression
	language.
	(GitLab #2272)

2006.	[func]		slawek
	Added ``service-sockets-require-all`` parameter to specify
	mandatory successfully binding all needed service sockets to
	initialize DHCP services (defaults to false). If any socket is
	unavailable, then the service fails to start. Added
	``service-sockets-max-retries`` parameter (defaults to 0) to
	specify the number of retries to open unavailable sockets and
	``service-sockets-retry-wait-time`` parameter to specify a time
	interval to wait between attempts.
	(Gitlab #1716)

2005.	[func]*		razvan
	The support for Cassandra database backend has been removed.
	(Gitlab #2116)


And for Kea premium:

142.	[func]		tmark
	Added ddns-tuning hook library.
	(Gitlab #1548)

141.	[func]*		razvan
	The support for Cassandra database backend has been removed.
	(Gitlab #2116)


See https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes for a
complete list of release notes.

Thank you again to everyone who assisted us in making this release
possible.

We look forward to receiving your feedback.
-- 
Everett B. Fulton
ISC Support

More information about the kea-announce mailing list