<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hello Ben!</p>
<p>Thank you very much for your report. It will allow us to improve
the user experience of our Docker-related solutions.<br>
<br>
Currently, we are developing the official Docker images with Kea
and Kea + Stork. You can find them in the
<a class="moz-txt-link-freetext" href="https://gitlab.isc.org/isc-projects/kea-docker">https://gitlab.isc.org/isc-projects/kea-docker</a> repository. If you
already have some experience with containerizing Kea, we will be
honored if you decide to contribute.<br>
I have forwarded your report to the team that is working on this
repository.<br>
<br>
Answering to your points in the feedback:<br>
<br>
> [1.1] No package requirements are listed, though apparently
curl, bash, and sed are needed. Should specify.<br>
<br>
You are right. We will add the list of dependencies in #1147.<br>
<br>
> [1.2] (...) Apparently CloudSmith does not even host Alpine
binaries for Stork. Is the documentation in error or will Alpine
binaries be added in the near future?<br>
<br>
We have added support to prepare Alpine packages for the Stork
build system, and we were planning to publish them on CloudSmith.
Unfortunately, due to technical reasons, the packages were
rejected because their metadata was incomplete. Currently, we
don't have enough time to solve the problem. The mentions about
the installation script for Alpine will be removed in #1137.<br>
<br>
> [2] (...) This required a few dependencies not listed in the
documentation.<br>
<br>
The Stork build system is dynamically developed, so the list of
necessary dependencies may often be changed. To list the packages
that must be installed manually on your operating system, you
should call the `rake check:dist` command (for checking the
dependencies related to preparing distribution binaries and
packages).<br>
<br>
> [3] (...) Hence, a monolithic container containing all was
required. In my opinion, this is undesirable, at least for my type
of setup. Other connectivity options are desirable.<br>
<br>
Stork Agent detects the Kea and BIND 9 services by listing the
currently running processes. It is convenient because users don't
need to configure the Stork agent and provide the location of the
Kea DHCP daemon and CA or BIND 9 daemon. But as you noticed, in
the case of Docker deployment, it requires installing all
components in a single container and additionally running Stork
and Kea as the same user.<br>
<br>
Kea CA is able to communicate with the Kea DHCP daemons only by
the Unix sockets due to security reasons. The HTTP connections
would require any authentication solution (e.g., TLS
certificates). It would complicate the configuration. But there
are some early plans to unify Kea DHCP daemon and CA, so it may
change in the future (rather far future).<br>
<br>
> [4] Initialization using current PostgreSQL required
appending the following<br>
<br>
Sure, I opened #1148 to address this issue.<br>
<br>
> [5] (...) Could another environment variable be introduced to
distinguish between the Stork Agent hostname as called by Stork
Server and what Stork Agent binds to?<br>
<br>
I opened #1149 to address the problem.<br>
<br>
> <br>
After resolving these problems Stork is up and running. It looks
like it will be very useful. Kea functionality is very good. I
hope to see more BIND functionality added in the future.<br>
<br>
I'm glad to hear that you were able to deploy Kea and Stork in
your environment and that you have found it useful. Thank you
again for your feedback.<br>
<br>
Regards,<br>
Slawek<br>
<br>
<br>
<br>
<br>
</p>
<div class="moz-cite-prefix">On 30/08/2023 05:40, Ben Monroe wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAD+EcOBMVPPBUceTmpYbuye_uhd_oZayv=gjr-MmbSRAVy73AQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<p style="margin:0in;font-family:Calibri;font-size:11pt">Hi all.
I am new to
the list and Stork, though I have been using Kea for a number
of years. I
recently setup Stork but ran into several issues that I hope
can be reported as
constructive feedback.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">For the
last few
years I have been running BIND and Kea in containers. This has
worked well, though
it was a little fragile and required some administration after
an unplanned
power outage. This gave me an opportunity to revisit this
setup. I decided to
re-implement this as a Kubernetes cluster, which gave me an
opportunity to
implement Stork.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">Note: I
am not
interested in debating whether this should be run as a
container. It suits my
environment and use-case. For those wondering, I am using
MetaLB for load
balancing and Longhorn for distributed storage. As for Kea
itself, it is located on a separate VLAN with DHCP relay on
switches forwarding broadcasts for VLANs that it services.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[1] The
documentation has an "Installing on Alpine" section. I spent a
while
trying to get this to work but ran into
multiple problems.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[1.1]
No package
requirements are listed, though apparently
curl, bash, and sed are needed. Should specify.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US">[1.2]
Section 2.5.1.3 indicates to curl </span><a
href="https://dl.cloudsmith.io/public/isc/stork/cfg/setup/setup.alpine.sh'"
moz-do-not-send="true"><span lang="ja">https://dl.cloudsmith.io/public/isc/stork/cfg/setup/setup.alpine.sh'</span></a><span
lang="en-US">. This returns "Not
found". A bit of investigation indicated to use '<a
href="http://bash.alpine.sh" moz-do-not-send="true">bash.alpine.sh</a>'
and pipe
it to bash instead.</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[1.3]
Finally,
trying to add the Stork server package results in the
following error:</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"> </span><span lang="ja">/ # apk add
--allow-untrusted isc-stork-server</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"> </span><span lang="ja">ERROR: unable to
select
packages:</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="ja"> </span><span lang="en-US"> </span><span
lang="ja">isc-stork-server (no
such package):</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="ja"> </span><span lang="en-US"> </span><span
lang="ja"> required by: world[isc-stork-server]</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"> </span><span lang="ja">/ #</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">Apparently
CloudSmith does not even host Alpine binaries for Stork. Is
the documentation
in error or will Alpine binaries be added in the near future?</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">Links:</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><a
href="https://stork.readthedocs.io/en/latest/install.html#installing-on-alpine"
moz-do-not-send="true" class="moz-txt-link-freetext">https://stork.readthedocs.io/en/latest/install.html#installing-on-alpine</a></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><a
href="https://cloudsmith.io/~isc/repos/stork/packages/"
moz-do-not-send="true" class="moz-txt-link-freetext">https://cloudsmith.io/~isc/repos/stork/packages/</a></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[2] I
am using
Alpine as it is typically the most light-weight for building
containers. So I
compiled my own build. This required a few dependencies not
listed in the
documentation. For reference, I will include them here (along
with a Docker
step).</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">
docker run -it --rm alpine:latest /bin/sh</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> apk
update</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> apk
add git ruby go npm protoc python3
openjdk17 openssh</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> gem
install rake</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> git
clone <a href="https://gitlab.isc.org/isc-projects/stork"
moz-do-not-send="true" class="moz-txt-link-freetext">https://gitlab.isc.org/isc-projects/stork</a></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> cd
stork</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> rake
build</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> rake
install:agent</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> rake
install:server</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">Following
this, copy
the output in stork/dist to an external location, create a
dockerfile copying
in Stork Server and upload to an image repository. Repeat for
Kea and add in
the Stork Agent.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[3]
Stork Agent and
all Kea components (kea-ctrl-agent, kea-dhcp4, kea-dhcp6, and
kea-dhcp-ddns)
all need to be installed together. Previously I ran each Kea
component in
separate containers. However, 1) Stork Agent must reside with
Kea CA, and 2) Kea
CA can only connect to DHCP4, DHCP6, and DDNS via Unix
sockets. Hence, a
monolithic container containing all was required. In my
opinion, this is
undesirable, at least for my type of setup. Other connectivity
options are desirable.</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt">[4]
Initialization
using current PostgreSQL required appending the following:</p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"> </span><span lang="ja">GRANT ALL ON SCHEMA
public TO stork;</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"> </p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US">[5]
Configuration of </span><span lang="ja">STORK_AGENT_HOST</span><span
lang="en-US">
required special handling. Within the Kea container, I do
not know what the IP
address will be. Setting it to 0.0.0.0 allows Stork Agent to
bind, but Stork
Server will naturally never be able to connect to this.
Stork
Server communicates with Kea via a ClusterIP service
pointing to Kea pod(s).
However, within the Kea pod, Stork Agent cannot bind to this
ClusterIP service.
In the end, I had to resort to DNS trickery: I let the Stork
Server pod resolve the
ClusterIP service name as normal, though within the Kea pod
this ClusterIP
service resolves to 0.0.0.0, which is sufficient for Stork
Agent to bind. (For
those interested, I used </span><span lang="ja">hostAliases</span><span
lang="en-US"> in the deployment YAML to override the pod
DNS.) Could another
environment variable be introduced to distinguish between
the Stork Agent hostname as called by Stork Server and what
Stork Agent binds to?</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"><br>
</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US">After resolving these problems Stork is up and
running. It looks like it will be very useful. Kea
functionality is very good. I hope to see more BIND
functionality added in the future.</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US"><br>
</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US">Best regards,</span></p>
<p style="margin:0in;font-family:Calibri;font-size:11pt"><span
lang="en-US">Ben Monroe</span></p>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
</body>
</html>