Running KEA DHCP as a Podman Container: A Step-by-Step

A SUSE BCI (Base Container Image) for the Kea DHCP server is now available in the SUSE registry. This image can be deployed within a Podman network to facilitate IP address assignment to containers.To use it on your Podman network, simply follow these instructions.

Step 1: Create your podman network

Let’s set up an internal Podman network using your specific subnet and gateway configurations.

$ podman network create --internal --subnet=172.25.0.0/16 --gateway=172.25.0.1 test-internal-network

Step 2: Create a valid dhcp configuration file

Ensure the DHCP configuration’s subnet and gateway values precisely match your pre-existing network, and define a valid IP address range for allocation

$ cat config/kea/kea-dhcp4.conf
{
"Dhcp4": {
"interfaces-config": {
"interfaces": ["*"]
},
"subnet4": [
{
"subnet": "172.25.0.0/16",
"pools": [
{ "pool": "172.25.1.100 - 172.25.1.200" }
],
"option-data": [
{ "name": "routers", "data": "172.25.0.1" }
],
"id": 1
}
],
"lease-database": {
"type": "memfile",
"persist": true,
"name": "/var/lib/kea/dhcp4.leases"
},
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "/var/log/kea/kea-dhcp4.log",
"maxsize": 1048576,
"maxver": 8
}
],
"severity": "DEBUG"
},
{
"name": "kea-dhcp4.packets",
"output_options": [
{
"output": "/var/log/kea/kea-dhcp4-packets.log",
"maxver": 10
}
],
"severity": "DEBUG",
"debuglevel": 99
}
]
}
}

Step 3: Run kea container

$ podman run -d --network=test-internal-network --privileged --entrypoint kea-dhcp4 --volume=./config/kea:/etc/kea -it registry.suse.com/suse/kea:2.6 -c /etc/kea/kea-dhcp4.conf

Step 4: Build a dhcp client container and request ip from there

Create a dockerfile for dhcp client

$ cat Dockerfile
FROM registry.suse.com/bci/bci-base:15.7
RUN zypper refresh && zypper --non-interactive install --no-recommends dhcp-client && zypper clean --all
CMD ["/bin/bash"]

Build dhcp client image

$ podman build -t dhcpclient .
STEP 1/3: FROM registry.suse.com/bci/bci-base:15.7
STEP 2/3: RUN zypper refresh && zypper --non-interactive install --no-recommends dhcp-client && zypper clean --all
....
....
Successfully tagged localhost/dhcpclient:latest
b23c7dba4e60bdba34893a9037028b1c020b19bf2a5f144281e8c4a03fadd68b

Run the dhcp client in the test-internal-network and request ip

$ podman run --network=test-internal-network --privileged -it dhcpclient dhclient -v
Internet Systems Consortium DHCP Client 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/9a:15:21:49:fe:f7
Sending on LPF/eth0/9a:15:21:49:fe:f7
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 2 (xid=0x17ab62e0)
DHCPOFFER of 172.25.1.101 from 172.25.0.2
DHCPREQUEST for 172.25.1.101 on eth0 to 255.255.255.255 port 67 (xid=0x17ab62e0)
DHCPACK of 172.25.1.101 from 172.25.0.2 (xid=0x17ab62e0)
bound to 172.25.1.101 -- renewal in 3569 seconds.

we can see that the ip 172.25.1.101 is assigned to the interface eth0.

Requesting a specific ip:

To request a specific ip in the range configure dhcp client with expected ip address

$ podman run --network=test-internal-network --privileged -it dhcpclient sh -c "printf 'interface \"eth0\" {\n  send dhcp-requested-address 172.25.1.103; \n}' > test.conf && dhclient -v -cf test.conf"
Internet Systems Consortium DHCP Client 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/02:02:ae:69:44:40
Sending on   LPF/eth0/02:02:ae:69:44:40
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4 (xid=0x5d223ee9)
DHCPOFFER of 172.25.1.103 from 172.25.0.2
DHCPREQUEST for 172.25.1.103 on eth0 to 255.255.255.255 port 67  (xid=0x5d223ee9)
DHCPACK of 172.25.1.103 from 172.25.0.2 (xid=0x5d223ee9)
bound to 172.25.1.103 -- renewal in 2955 seconds.

we can see that the requested ip 172.25.1.103 is offered.