Skip to content

Commit

Permalink
Add network flushing before setting up network (#58)
Browse files Browse the repository at this point in the history 
This should allow for using the nbde_client role with machines that use
static IP configurations, as network flushing should undo the network
setup done at the initramfs, allowing the system to use its regular
configuration.

Approach based on the answers posted here:
https://unix.stackexchange.com/questions/506331/networkmanager-doesnt-change-ip-address-when-dracut-cmdline-provided-static-ip/541108
  • Loading branch information
@sergio-correia
sergio-correia committed Jan 13, 2022
1 parent 16f4973 commit 017e2d8
Show file tree
Hide file tree
Showing 14 changed files with 119 additions and 7 deletions.
9 changes: 9 additions & 0 deletions files/nbde_client-network-flush
View file
@@ -0,0 +1,9 @@
#!/bin/sh

for f in /sys/class/net/*; do
iface="${f##*/}"
[ "${iface}" = "lo" ] && continue
ip -statistics address flush dev "${iface}"
done

# vim:set ts=2 sw=2 et:
10 changes: 10 additions & 0 deletions files/nbde_client-network-flush.service
View file
@@ -0,0 +1,10 @@
[Unit]
Description=Network flush service for nbde_client Ansible role
Before=network-pre.target
Wants=network-pre.target

[Service]
ExecStart=/usr/bin/nbde_client-network-flush

[Install]
WantedBy=default.target
35 changes: 35 additions & 0 deletions tasks/main-clevis.yml
View file
Expand Up @@ -4,6 +4,18 @@
name: "{{ __nbde_client_packages }}"
state: present

- name: Enable clevis askpass unit
service:
name: clevis-luks-askpass.path
enabled: yes

- name: Generate nbde_client dracut config
template:
src: nbde_client.conf
dest: /etc/dracut.conf.d/nbde_client.conf
owner: root
mode: '0444'

- name: Check whether devices are at the desired state
when:
- nbde_client_bindings | default([])
Expand Down Expand Up @@ -56,4 +68,27 @@
- __nbde_client_clevis_check_state is defined
- __nbde_client_clevis_check_state is changed

- name: Set-up network flushing
block:
- name: Deploy network flushing script
copy:
src: "{{ role_path }}/files/nbde_client-network-flush"
dest: /usr/bin/nbde_client-network-flush
mode: '0755'

- name: Deploy network flushing service
copy:
src: "{{ role_path }}/files/nbde_client-network-flush.service"
dest: /etc/systemd/system/nbde_client-network-flush.service
mode: '0644'

- name: Reload systemd config
systemd:
daemon_reload: yes

- name: Enable network flushing service
service:
name: nbde_client-network-flush.service
enabled: yes

# vim:set ts=2 sw=2 et:
4 changes: 4 additions & 0 deletions templates/nbde_client.conf
View file
@@ -0,0 +1,4 @@
# nbde_client dracut config
{% for line in __nbde_client_dracut_settings %}
{{ line }}
{% endfor %}
1 change: 1 addition & 0 deletions tests/roles/linux-system-roles.nbde_client/files
View file
@@ -0,0 +1 @@
../../../files
1 change: 1 addition & 0 deletions tests/roles/linux-system-roles.nbde_client/templates
View file
@@ -0,0 +1 @@
../../../templates
9 changes: 8 additions & 1 deletion vars/CentOS_7.yml
View file
Expand Up @@ -7,6 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

__nbde_client_initramfs_update_cmd: dracut -f
# vim:set ts=2 sw=2 et:
8 changes: 6 additions & 2 deletions vars/CentOS_8.yml
View file
Expand Up @@ -7,9 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd

- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all --hostonly-cmdline
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
19 changes: 19 additions & 0 deletions vars/CentOS_9.yml
View file
@@ -0,0 +1,19 @@
# SPDX-License-Identifier: MIT
---
# Put internal variables here with CentOS 9 specific values.

__nbde_client_packages:
- clevis
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
7 changes: 6 additions & 1 deletion vars/Fedora.yml
View file
Expand Up @@ -7,8 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all --hostonly-cmdline
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
8 changes: 7 additions & 1 deletion vars/RedHat_7.yml
View file
Expand Up @@ -7,7 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: dracut -f
__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
7 changes: 6 additions & 1 deletion vars/RedHat_8.yml
View file
Expand Up @@ -7,8 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all --hostonly-cmdline
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
7 changes: 6 additions & 1 deletion vars/RedHat_9.yml
View file
Expand Up @@ -7,8 +7,13 @@ __nbde_client_packages:
- clevis-dracut
- clevis-luks
- clevis-systemd
- iproute

__nbde_client_initramfs_update_cmd: >
dracut -fv --regenerate-all --hostonly-cmdline
dracut -fv --regenerate-all
__nbde_client_dracut_settings:
- kernel_cmdline="rd.neednet=1"
- omit_dracutmodules+="ifcfg"

# vim:set ts=2 sw=2 et:
1 change: 1 addition & 0 deletions vars/default.yml
View file
Expand Up @@ -4,5 +4,6 @@

__nbde_client_packages: []
__nbde_client_initramfs_update_cmd: ""
__nbde_client_dracut_settings: []

# vim:set ts=2 sw=2 et:

0 comments on commit 017e2d8

Please sign in to comment.