CentOS Stream 10
Sponsored Link

Kea DHCP : Use Kea Control Agent2025/03/12
 

To start Kea control agent, it allows you to manage Kea DHCP via API.

[1] Start Kea control agent.
[root@dlp ~]#
vi /etc/kea/kea-dhcp4.conf 
"Dhcp4": {
    // add follows
    "control-socket": {
        "socket-type": "unix",
        "socket-name": "/run/kea/kea4-ctrl-socket"
    },
.....
.....
[root@dlp ~]#
vi /etc/kea/kea-ctrl-agent.conf 
    // line 20 : listening IP address
    "http-host": "127.0.0.1",

    // line 27 : listening port
    "http-port": 8000,

    // add follows
    "authentication": {
        "type": "basic",
        "realm": "Kea Control Agent",
        "directory": "/etc/kea",
        "clients": [
            {
                "user": "kea-api",
                "password-file": "kea-api-password"
            }
        ]
    },

    // line 45 : change to the file name you set in [kea-dhcp4.conf] above
    "control-sockets": {
        "dhcp4": {
            "socket-type": "unix",
            "socket-name": "/run/kea/kea4-ctrl-socket"
        },
[root@dlp ~]#
echo -n password > /etc/kea/kea-api-password

[root@dlp ~]#
chown root:kea /etc/kea/kea-api-password

[root@dlp ~]#
chmod 640 /etc/kea/kea-api-password

[root@dlp ~]#
systemctl reload kea-dhcp4

[root@dlp ~]#
systemctl enable --now kea-ctrl-agent

[2] If Firewalld is running and also you use API from other hosts, allow service port.
[root@dlp ~]#
firewall-cmd --add-port=8000/tcp

success
[root@dlp ~]#
firewall-cmd --runtime-to-permanent

success
[3] This is an example of using command via API.
[root@dlp ~]#
curl -u kea-api -s -H "Content-Type: application/json" -d '{"command": "list-commands", "service": ["dhcp4"]}' localhost:8000 | jq 

Enter host password for user 'kea-api':   # enter the admin password you set
[
  {
    "arguments": [
      "build-report",
      "config-backend-pull",
      "config-get",
      "config-hash-get",
      "config-reload",
      "config-set",
      "config-test",
      "config-write",
      "dhcp-disable",
      "dhcp-enable",
      "leases-reclaim",
      "list-commands",
      "server-tag-get",
      "shutdown",
      "statistic-get",
      "statistic-get-all",
      "statistic-remove",
      "statistic-remove-all",
      "statistic-reset",
      "statistic-reset-all",
      "statistic-sample-age-set",
      "statistic-sample-age-set-all",
      "statistic-sample-count-set",
      "statistic-sample-count-set-all",
      "status-get",
      "version-get"
    ],
    "result": 0
  }
]
[root@dlp ~]#
curl -u kea-api -s -H "Content-Type: application/json" -d '{"command": "config-get", "service": ["dhcp4"]}' localhost:8000 | jq 

Enter host password for user 'kea-api':
[
  {
    "arguments": {
      "Dhcp4": {
        "allocator": "iterative",
        "authoritative": false,
        "boot-file-name": "",
        "calculate-tee-times": false,
        "control-socket": {
          "socket-name": "/tmp/kea4-ctrl-socket",
          "socket-type": "unix"
        },
.....
.....
[root@dlp ~]#
curl -u kea-api -s -H "Content-Type: application/json" -d '{"command": "statistic-get-all", "service": ["dhcp4"]}' localhost:8000 | jq 

Enter host password for user 'kea-api':
[
  {
    "arguments": {
      "cumulative-assigned-addresses": [
        [
          11,
          "2025-03-12 12:43:34.156426"
        ],
        [
          10,
          "2025-03-12 12:41:33.912558"
        ],
        [
          9,
          "2025-03-12 12:37:35.943072"
        ],
.....
.....
Matched Content