Networkmanager #136
Networkmanager #136
Conversation
eb4x
force-pushed
the
networkmanager
branch
from
a10e17b
to
dd7fed1
Compare
|
RHEL 9 still supports old network scripts and it can also do ifup/ifdown with I've also started adding ethernet template for native NM keyfile format, however that still needs some work - bbezak@8aad4f9 |
It is even more interesting, when one creates bonding with |
Could this get merged then? Installing that package seems like a good enough option to tie us over until we actually need nmconnection files.
Cool, I've written some nmconnection files just to get a feel for it, I'll have a look at your work :) |
|
Not necessarily feature-complete, but this works for my setup. [eno1,eno2] -> bond0 -> br-provision {ipv4 address, multiple routes} |
|
Really starting to like this eb4x/ansible-role-interfaces@3215b4a type of solution. |
|
Updated with smol modifications. will test if they still work. (I suspect the named regex groups should have \g and not \g when single-quoted.) |
eb4x
force-pushed
the
networkmanager
branch
3 times, most recently
from
4a36f95
to
1dd77c0
Compare
|
The |
eb4x
force-pushed
the
networkmanager
branch
2 times, most recently
from
35ad095
to
e26d36f
Compare
Can you give more information about this - did it not work with a simple service restart, or was there some undesirable side-effect? |
Once the interfaces are up, if there are changes to them later in the form of new/additional ips, those kinds of changes aren't effected. |
Ok, that's a problem. Let's go with the other approach then. |
|
I've merged a fix from Pierre. Just modified the when clause to |
|
Looking at ifcfg removal some more, it didn't seem quite right. Changed the with_items to a list of all interfaces we manage. Needs testing. |
eb4x
force-pushed
the
networkmanager
branch
2 times, most recently
from
1e78008
to
bc11343
Compare
There was a problem hiding this comment.
This is looking really close. Let's get @bbezak's PR merged in and fix these last few bits, then we can finally merge and move on...
|
Merge conflicts |
This is what NetworkManager expects the type to be, and it is backwards compatible with network-scripts.
This keeps the NetworkManager connection names short and sweet.
NetworkManager is able to read legacy network-scripts files and configure interfaces as intended with just a simple `nmcli connection reload`
Shouldn't do any harm to existing usage, it'll continue to match as before, but now we can use the groups in regex_replace statements.
We're doing this for readability wrt. the upcoming nmconnection patch.
Putting these nested structures into vars allows us to load only the distribution specific values that we need. This uses a first_found lookup instead of a with_first_found loop so that the 'paths' parameter can be used. This ensures that only vars from the role are included, and not vars from a parent calling role. This can happen when a parent has a higher priority vars file available for inclusion than the role it calls.
EL9 (almalinux,centos,rhel,rocky) have changed where the default storage of network-configuration files. And also the format, from old network-scripts to NetworkManager keyfiles. These new templates implement (atleast partial) functionality of network-scripts in NetworkManager keyfile style. https://www.redhat.com/en/blog/rhel-9-networking-say-goodbye-ifcfg-files-and-hello-keyfiles
This path can be hardcoded, it's very redhat/network-scripts specific. And clears out any stale configuration in case of interfaces_net_path being set to NetworkManager/system-connections.
Existing ifcfg files in /etc/sysconfig/network-scripts (for example generated by cloud-init) shadow any nmconnection file we generate. Remove them when using NetworkManager with system-connections store to manage the same interfaces.
`nmcli connection reload` was all well and good for unconfigured devices, but didn't work in most cases of reconfiguring devices, like adding/updating IP addresses. This borrows heavily from the previous handler for bouncing network devices, using the suggested RedHat ordering.
By defaulting route to an empty list (when it's not defined), there's no output from the for-loop, skipping the need for an if defined check, which reduces nesting.
An attempt at supporting additional routing options. The example under tests/interfaces.yml is a list of strings, 'onlink' being the primary/only example. nmconnection wants this in the format of option=value (e.g. onlink=true). So we're introducing the possibility of using simple dicts as options. (i.e. '- onlink: true') while also maintaining backwards compatability with plain strings.
Adding the option to send rules as a dictionary, we seem to need the table_id when using nmconnections. As a dict, it's atleast feasible to try looking up an id from a name in the templates. We're not attempting to find the table name from a string in this iteration. So if using nmconnections the table name needs to be swapped for id. It looks like the older network-scripts rules on EL-systems start priority at 32765 and decrement as more are added, so we're mimicking that behavior. It is also possible to override with a priority added to the dict rule. Also making old rule_RedHat.j2 template compatible with dicts. Basing this on previous templates and documentation [1] [1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/configuring_and_managing_networking/configuring-policy-based-routing-to-define-alternative-routes_configuring-and-managing-networking
'nmcli connection up' works asynchronously so we need to check if interfaces are up.
Network scripts custom route needed to use dev with options. Network manager don't need it. Ignoring dev for backwards compatibility.
|
Thanks for catching the details here 👍 I've applied fixups to the commits introducing/containing erroneous code. |
There was a problem hiding this comment.
LGTM. Let's wait for a pass on https://review.opendev.org/c/openstack/kayobe/+/869977 then merge.
network-scripts is deprecated (and removed from el9 releases if I'm not mistaken). In el8 networkmanager does a pretty good job of reading network-scripts, so might aswell try using it.
For el9 support we'll also need to convert the network-scripts files to nmconnection files.