Introducing NetworkManager/system-connections

EL9 (almalinux,centos,rhel,rocky) have deprecated support for reading old network-scripts files in NetworkManager, though you can still install a package to keep this functionality. These new templates implement (partial) functionality of network-scripts with NetworkManager/system-connections.
michaelrigart · Oct 21, 2022 · 132eea6 · 132eea6
1 parent ba56352
commit 132eea6
Show file tree

Hide file tree

Showing 9 changed files with 316 additions and 7 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,5 +1,6 @@
 ---
 interfaces_use_networkmanager: "{{ ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version | int >= 9 }}"
+interfaces_use_nmconnection: "{{ ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version | int >= 9 }}"
 
 interfaces_pkgs:
   debian:

diff --git a/tasks/bond_configuration.yml b/tasks/bond_configuration.yml
@@ -12,12 +12,28 @@
   vars:
     bond_check: "{{ item | bond_check }}"
 
+- name: Create the nmconnection file for bond devices
+  become: true
+  template:
+    src: "bond_nmconnection.j2"
+    dest: "/etc/NetworkManager/system-connections/{{ item.device }}.nmconnection"
+    mode: "0600"
+  with_items: '{{ interfaces_bond_interfaces }}'
+  when:
+    - interfaces_use_nmconnection
+  register: bond_result
+  notify:
+    - Make sure the bonding module is loaded
+    - Bounce network devices
+
 - name: Create the network configuration file for bond devices
   become: true
   template:
     src: 'bond_{{ ansible_facts.os_family }}.j2'
     dest: '{{ interfaces_net_path[ansible_facts.os_family|lower] }}/ifcfg-{{ item.device }}'
   with_items: '{{ interfaces_bond_interfaces }}'
+  when:
+    - not interfaces_use_nmconnection
   register: bond_result
   notify:
     - Check whether /etc/modules-load.d exists
@@ -35,6 +51,7 @@
   when:
     - item.route is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: bond_route_add_result
   notify:
     - Bounce network devices
@@ -46,7 +63,7 @@
     state: absent
   with_items: '{{ interfaces_bond_interfaces }}'
   when:
-    - item.route is not defined
+    - item.route is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: bond_route_del_result
   notify:
@@ -61,6 +78,7 @@
   when:
     - item.rules is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: bond_rule_add_result
   notify:
     - Bounce network devices
@@ -72,12 +90,28 @@
     state: absent
   with_items: '{{ interfaces_bond_interfaces }}'
   when:
-    - item.rules is not defined
+    - item.rules is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: bond_rule_del_result
   notify:
     - Bounce network devices
 
+- name: Create the nmconnection file for slave in the bond devices
+  become: true
+  template:
+    src: "bond_slave_nmconnection.j2"
+    dest: "/etc/NetworkManager/system-connections/{{ item.1 }}.nmconnection"
+    mode: "0600"
+  with_subelements:
+    - "{{ interfaces_bond_interfaces }}"
+    - bond_slaves
+  when:
+    - interfaces_bond_setup_slaves
+    - interfaces_use_nmconnection
+  register: bond_slave_result
+  notify:
+    - Bounce network devices
+
 - name: Create the network configuration file for slave in the bond devices
   become: true
   template:
@@ -88,6 +122,7 @@
     - bond_slaves
   when:
     - interfaces_bond_setup_slaves
+    - not interfaces_use_nmconnection
   register: bond_slave_result
   notify:
     - Bounce network devices

diff --git a/tasks/bridge_configuration.yml b/tasks/bridge_configuration.yml
@@ -12,12 +12,27 @@
   vars:
     bridge_check: "{{ item | bridge_check }}"
 
+- name: Create the nmconnection file for bridge devices
+  become: true
+  template:
+    src: "bridge_nmconnection.j2"
+    dest: "/etc/NetworkManager/system-connections/{{ item.device }}.nmconnection"
+    mode: "0600"
+  with_items: '{{ interfaces_bridge_interfaces }}'
+  when:
+    - interfaces_use_nmconnection
+  register: bridge_result
+  notify:
+    - Bounce network devices
+
 - name: Create the network configuration file for bridge devices
   become: true
   template:
     src: 'bridge_{{ ansible_facts.os_family }}.j2'
     dest: '{{ interfaces_net_path[ansible_facts.os_family|lower] }}/ifcfg-{{ item.device }}'
   with_items: '{{ interfaces_bridge_interfaces }}'
+  when:
+    - not interfaces_use_nmconnection
   register: bridge_result
   notify:
     - Bounce network devices
@@ -31,6 +46,7 @@
   when:
     - item.route is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: bridge_route_add_result
   notify:
     - Bounce network devices
@@ -42,7 +58,7 @@
     state: absent
   with_items: '{{ interfaces_bridge_interfaces }}'
   when:
-    - item.route is not defined
+    - item.route is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: bridge_route_del_result
   notify:
@@ -57,6 +73,7 @@
   when:
     - item.rules is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: bridge_rule_add_result
   notify:
     - Bounce network devices
@@ -68,12 +85,30 @@
     state: absent
   with_items: '{{ interfaces_bridge_interfaces }}'
   when:
-    - item.rules is not defined
+    - item.rules is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: bridge_rule_del_result
   notify:
     - Bounce network devices
 
+- name: Create the nmconnection file for port on the bridge devices
+  become: true
+  template:
+    src: "bridge_port_nmconnection.j2"
+    dest: "/etc/NetworkManager/system-connections/{{ item.1 }}.nmconnection"
+    mode: "0600"
+  with_subelements:
+    - "{{ interfaces_bridge_interfaces }}"
+    - ports
+  # Don't configure bridge ports that are bonds here - they will have been
+  # configured by the bond tasks.
+  when:
+    - item.1 not in interfaces_bond_interfaces | map(attribute='device') | list
+    - interfaces_use_nmconnection
+  register: bridge_port_result
+  notify:
+    - Bounce network devices
+
 - name: Create the network configuration file for port on the bridge devices
   become: true
   template:
@@ -86,6 +121,7 @@
   # configured by the bond tasks.
   when:
     - item.1 not in interfaces_bond_interfaces | map(attribute='device') | list
+    - not interfaces_use_nmconnection
   register: bridge_port_result
   notify:
     - Bounce network devices

diff --git a/tasks/ethernet_configuration.yml b/tasks/ethernet_configuration.yml
@@ -12,12 +12,27 @@
   vars:
     ether_check: "{{ item | ether_check }}"
 
+- name: Create the nmconnection file for ethernet devices
+  become: true
+  template:
+    src: "ethernet_nmconnection.j2"
+    dest: "/etc/NetworkManager/system-connections/{{ item.device }}.nmconnection"
+    mode: "0600"
+  with_items: '{{ interfaces_ether_interfaces }}'
+  when:
+    - interfaces_use_nmconnection
+  register: ether_result
+  notify:
+    - Bounce network devices
+
 - name: Create the network configuration file for ethernet devices
   become: true
   template:
     src: 'ethernet_{{ ansible_facts.os_family }}.j2'
     dest: '{{ interfaces_net_path[ansible_facts.os_family|lower] }}/ifcfg-{{ item.device }}'
   with_items: '{{ interfaces_ether_interfaces }}'
+  when:
+    - not interfaces_use_nmconnection
   register: ether_result
   notify:
     - Bounce network devices
@@ -31,6 +46,7 @@
   when:
     - item.route is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: ether_route_add_result
   notify:
     - Bounce network devices
@@ -45,6 +61,7 @@
     - item.ip6 is defined
     - item.ip6.route is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: ether_route6_add_result
   notify:
     - Bounce network devices
@@ -56,7 +73,7 @@
     state: absent
   with_items: '{{ interfaces_ether_interfaces }}'
   when:
-    - item.route is not defined
+    - item.route is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: ether_route_del_result
   notify:
@@ -69,7 +86,7 @@
     state: absent
   with_items: '{{ interfaces_ether_interfaces }}'
   when:
-    - item.ip6 is not defined
+    - item.ip6 is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: ether_route6_del_result
   notify:
@@ -84,6 +101,7 @@
   when:
     - item.rules is defined
     - ansible_facts.os_family == 'RedHat'
+    - not interfaces_use_nmconnection
   register: ether_rule_add_result
   notify:
     - Bounce network devices
@@ -95,7 +113,7 @@
     state: absent
   with_items: '{{ interfaces_ether_interfaces }}'
   when:
-    - item.rules is not defined
+    - item.rules is not defined or interfaces_use_nmconnection
     - ansible_facts.os_family == 'RedHat'
   register: ether_rule_del_result
   notify:

diff --git a/templates/bond_nmconnection.j2 b/templates/bond_nmconnection.j2
@@ -0,0 +1,65 @@
+# {{ ansible_managed }}
+
+[connection]
+id={{ item.device }}
+type=bond
+interface-name={{ item.device }}
+{% if item.zone is defined %}
+zone={{ item.zone }}
+{% endif %}
+
+{% for bridge in interfaces_bridge_interfaces %}
+{%   if item.device in bridge.ports %}
+master={{ bridge.device }}
+slave-type=bridge
+{%   endif %}
+{% endfor %}
+
+{% if item.mtu is defined %}
+[ethernet]
+mtu={{ item.mtu }}
+{% endif %}
+
+[bond]
+mode={{ item.bond_mode }}
+
+{% if item.bootproto == 'dhcp' or item.netmask is defined %}
+[ipv4]
+method={{ (item.bootproto == 'static') | ternary('manual', 'auto') }}
+{%   if item.address is defined and item.netmask is defined %}
+address1={{ (item.address ~'/'~ item.netmask) | ipaddr('host/prefix') }}
+{%   endif %}
+{%   if item.gateway is defined %}
+gateway={{ item.gateway }}
+{%   endif %}
+{%   if item.route is defined %}
+{%     for i in item.route %}
+{%       if 'gateway' in i %}
+route{{ loop.index }}={{ (i.network ~'/'~ i.netmask) | ipaddr('network/prefix') }},{{ i.gateway }}
+{%       endif %}
+{#       TODO: dev, table, options #}
+{%     endfor %}
+{%   endif %}
+{%   if item.dnsnameservers is defined %}
+dns={{ item.dnsnameservers | join(',') }}
+{%   endif %}
+{% endif %}
+
+{% if item.ip6 is defined %}
+[ipv6]
+method={{ (item.bootproto == 'static') | ternary('manual', 'auto') }}
+{%   if item.ip6.address is defined and item.ip6.netmask is defined %}
+address1={{ (item.ip6.address ~'/'~ item.ip6.netmask) | ipaddr('host/prefix') }}
+{%   endif %}
+{%   if item.ip6.gateway is defined %}
+gateway={{ item.ip6.gateway }}
+{%   endif %}
+{%   if item.ip6.route is defined %}
+{%     for i in item.ip6.route %}
+{%       if 'gateway' in i %}
+route{{ loop.index }}={{ (i.network ~'/'~ i.netmask) | ipaddr('network/prefix') }},{{ i.gateway }}
+{%       endif %}
+{#       TODO: dev, table, options #}
+{%     endfor %}
+{%   endif %}
+{% endif %}
diff --git a/templates/bond_slave_nmconnection.j2 b/templates/bond_slave_nmconnection.j2
@@ -0,0 +1,9 @@
+# {{ ansible_managed }}
+
+[connection]
+id={{ item.1 }}
+type=ethernet
+interface-name={{ item.1 }}
+
+master={{ item.0.device }}
+slave-type=bond