Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic Network Configuration in Cloud with NetworkManager (nm-cloud-setup) #320

Open
dustymabe opened this issue Dec 2, 2019 · 6 comments
Open

Automatic Network Configuration in Cloud with NetworkManager (nm-cloud-setup) #320

dustymabe opened this issue Dec 2, 2019 · 6 comments
Labels
component/NetworkManager status/decided status/pending-action Needs action

Comments

@dustymabe
Copy link
Member

The networkmanager community reached out to the Fedora Cloud community to ask about a proposed nm-cloud-setup utility/service: https://lists.fedoraproject.org/archives/list/cloud@lists.fedoraproject.org/message/FSQR6KL4KA37WHTUAXL774SXSWIBSYGI/

  • How does this fit in with what we are doing already with afterburn?
  • Does this have any implications on us for ignition?
@dustymabe
Copy link
Member Author

cc @lucab @ajeddeloh @bgilbert @jlebon

@lucab
Copy link
Contributor

lucab commented Dec 2, 2019
edited
Loading

The tool they started writing may have indeed quite some overlap with Afterburn, but at the moment they seem to target a different niche/usecase.

From a quick skim, relevant differences/points from my side are:

  • Afterburn network configuration happens in initramfs.
  • Afterburn is a non-recurring oneshot service.
  • Afterburn currently only integrates with systemd-networkd (but NM is in progress due to Network Management #24).
  • Afterburn currently only supports DigitalOcean, Packet and IBM Cloud.
  • Afterburn is written in a memory-safe and strongly-typed language.
  • Afterburn does not have a dedicated development team, nor deep network expertise among its developers.

As it stands, nm-cloud-setup seems to be designed as a recurrently-running network-configuration reconciliation tool, while Afterburn network logic tries to take care of one-time bootstrapping the network in early-boot.

/cc @thom311 @bengal

@thom311
Copy link

thom311 commented Dec 3, 2019

As it stands, nm-cloud-setup seems to be designed as a recurrently-running network-configuration reconciliation tool, while Afterburn network logic tries to take care of one-time bootstrapping the network in early-boot.

nm-cloud-setup can be called once/manually, but I think a main purpose to pick up changes dynamically. For that it can be triggered via a systemd.timer or a NetworkManager dispatcher script. If you can afford to pre-generate static configuration early at boot, then you don't really need this tool. You could instead just pre-generate the static connection profiles.

Another difference is that the configuration created by nm-cloud-setup is not persisted to file system (not even to /run/NetworkManager). It uses the Reapply() API of NetworkManager to perform runtime only changes. That was done intentionally, it seems that the information that we fetch from the meta data should not be persisted to disk. What is does is similar to calling nmcli device "$IFNAME" modify ipv4.routes ... ipv4.addresses ... ipv4.rules ....

I think another purpose of the tool is to provide a solution for users who use NetworkManager but don't use something like cloud-init/Afterburn.

@bgilbert bgilbert mentioned this issue Sep 24, 2020
Open
@lucab lucab mentioned this issue Dec 3, 2020
Merged
@lucab lucab added the meeting topics for meetings label Mar 1, 2021
@lucab
Copy link
Contributor

lucab commented Mar 1, 2021
edited
Loading

Some time ago we did some work to add support in Ignition for platform-specific fragments base.platform.d/ in (coreos/ignition#1108) and to verify whether it was powerful enough to enable+configure nm-cloud-setup.

The result of that exploration (coreos/fedora-coreos-config#760) was positive, so there should be no further blockers if we want to proceed. In the meanwhile, upstream added a docpage with all the details about that component: https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-cloud-setup.html.

However we didn't reach consensus on whether we wanted to 1) ship the binary, plus 2) ship the fragment for auto-configuration, plus 3) enable the timer unit by default on FCOS. I'm putting this up for discussion for the next IRC meeting.

@LorbusChris LorbusChris mentioned this issue Mar 1, 2021
Closed
@lucab lucab removed the meeting topics for meetings label Mar 4, 2021
@lucab
Copy link
Contributor

lucab commented Mar 5, 2021
edited
Loading

In the last IRC meeting we reached consensus that the next steps for nm-cloud-setup integration are:

@cgwalters
Copy link
Member

xref https://bugzilla.redhat.com/show_bug.cgi?id=1977984#c56 - may have some negative interactions with OpenShift SDN and I suspect more generally anyone doing nontrivial networking setup outside of the OS.

If we did add this it may warrant a "provisioning discontinuity" at least where only new nodes get it? (like cgroups v2)

Of note though if we did add it, disabling it should just be masking the systemd unit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/NetworkManager status/decided status/pending-action Needs action
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lucab @cgwalters @thom311 @dustymabe