ncm-network: support for managing network using nmstate #1601
Conversation
|
@aka7 ping to join the meeting |
|
|
||
| # Add dependency that can't be added to rpm directly | ||
| prefix '/software/packages'; | ||
| 'nmstate' = dict(); |
There was a problem hiding this comment.
you want to add NetworkManager-config-server here, and possibly in the early list of kickstart rpms, like
prefix "/system/aii/osinstall/ks";
"NetworkManager-config-server" = dict();
There was a problem hiding this comment.
mask the nmstate service
"/software/components/systemd/unit/nmstate/state" = "masked";
(or something like that).
There was a problem hiding this comment.
@stdweird configuring another component in the context of a component configuration is quite unusual... At the same time I understand that it is a requirement and is probably better done here that somewhere in the template library. A site may use this component without using the template library or using an outdated version of it... May be worth a comment at least...
There was a problem hiding this comment.
@jouvin i don't follow. the relevant comment is there: this is for rpm dependencies that we can set in the component
starting a new module to manage networking using nmstate declarative approach. reusing functions from network.pm as much as possible. Changes made in network.pm is minimal and should be backward compatible for existing configs. following is supported for initial tech preview. - single interface, and bonding - vlan inteface - policy routing - ethtool setting via cli support only. - new nm_manage_dns option is added to schema to decided if NM should manage dns, we use ncm-resolver so to avoid clash. NM by default manages dns which will intefere with ncm-resolver. - aliases, bridge etc configuration not yet supported, and possibly many other advance options I haven't thought about yet.
aka7
force-pushed
the
ncm_network_nmstate
branch
from
f3a254b
to
2be2fab
Compare
Some commits to clarify perl structure
|
|
||
| # Add dependency that can't be added to rpm directly | ||
| prefix '/software/packages'; | ||
| 'nmstate' = dict(); |
There was a problem hiding this comment.
@stdweird configuring another component in the context of a component configuration is quite unusual... At the same time I understand that it is a requirement and is probably better done here that somewhere in the template library. A site may use this component without using the template library or using an outdated version of it... May be worth a comment at least...
- changes to generate the right hash entries needed by nmstate - addded deletion of conneciton if config is removed. - if nm_manage_dns then add resolver config for nmstate and apply.
aka7
force-pushed
the
ncm_network_nmstate
branch
from
58e1b63
to
9253e89
Compare
ncm-network: nmstate: more unittest fixes
nmstate determines this automatically when applied but adding it for clearity.
- changed so config can be set accodringly when nm_manage_dnsis set. - added mtu if set.
aka7
force-pushed
the
ncm_network_nmstate
branch
from
99edc9f
to
d244ea5
Compare
| my @data = ('[main]'); | ||
|
|
||
| if ( $manage_dns ) { | ||
| # set nothing, will use default. |
There was a problem hiding this comment.
if the behaviour of nm_manage_dns = true means to not disable it, it needs a very clear explanaiton in the the schema.
i would force it here and not rely on default behaviour (eg another config file might set it to none).
|
|
||
| if ( $manage_dns ) { | ||
| # set nothing, will use default. | ||
| $self->verbose("Networkmanager defaults will be used to manage resolv.conf"); |
There was a problem hiding this comment.
could be other config files as well
|
|
||
| # group all eth bound to a bond together in a hashref for to be used as | ||
| # - port in nmstate config file | ||
| sub get_bonded_eth |
There was a problem hiding this comment.
this hwole sub is
[ grep {defined($interfaces->{$_}->{master})} sort keys %$interfaces ]
There was a problem hiding this comment.
But perhaps the sub is easier to read?
| $filestatus = $NEW; | ||
| } | ||
| } else { | ||
| if ($filename ne $NM_RESOLV_YML) |
There was a problem hiding this comment.
invert the logc and swap the blocks: instead of
if not something
x
else
y
it's easier to read and understand to do
if something:
y
else
x
| return $nm_dns_config | ||
| } | ||
|
|
||
| # enable NetworkManager service |
| # nmstate service applies all files found in /etc/nmstate and changes to .applied, which will keep changing if component is managing the .yml file. | ||
| # we don't need this. | ||
| # | ||
| sub disable_nmstate_service |
| # it means this connection existed before nmstate did its first apply. | ||
| # doesn't break anything as nmstate resuses the conn, but worth a warning to highlight it? | ||
| if ("$name" ne "$ifacename"){ | ||
| $self->warn("connection name '$name' doesn't match $ifacename for device $dev, possible connection reuse occured") |
There was a problem hiding this comment.
i would add the whole $output in the message to help debugging.
| foreach my $conn_name (@existing_conn) { | ||
| $conn_name =~ s/\s+$//; | ||
| if ($conn_name =~ /Wired connection/){ | ||
| $self->verbose("Clearing default connections created automatically by NetworkManager [ $conn_name ]"); |
There was a problem hiding this comment.
make sure to add the extra rpm in kickstart and packages to make sure this doesn't happen in the first place
| push(@cmds, [$NMSTATECTL, "apply", $NM_RESOLV_YML]); | ||
| my $out = $self->runrun(@cmds); | ||
| $self->verbose($out); | ||
| $nwsrv->reload(); |
|
As requested, I'm going to squash and merge this into 23.6 as a technology preview. |
jrha
force-pushed
the
ncm_network_nmstate
branch
from
6a9e2bf
to
669859c
Compare
jrha
force-pushed
the
ncm_network_nmstate
branch
from
669859c
to
5c95662
Compare
|
Thanks James, I'm working on the other comments, all minor really. will
create a new PR for that.
…On Fri, 4 Aug 2023 at 11:05, James Adams ***@***.***> wrote:
As requested, I'm going to squash and merge this into 23.6 as a technology
preview.
The remaining comments still need to be looked at one way or another
though.
—
Reply to this email directly, view it on GitHub
<#1601 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADLYRYQRVC4KHI4R6NVHKNLXTTCPTANCNFSM6AAAAAA2CLAWLY>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
A. Karim
|
* ncm-network: support for managing network using nmstate A new module to manage networking using nmstate declarative approach. Reuses functions from network.pm as much as possible. Changes made in network.pm are minimal and should be backward compatible for existing configs. The following is supported in the initial tech preview: - single interface and bonding - vlan interface - policy routing - ethtool setting via cli support only. - new nm_manage_dns option is added to schema to decided if NM should manage DNS, we use ncm-resolver so to avoid clash. NM by default manages DNS which will interfere with ncm-resolver. - aliases, bridge etc configuration not yet supported, and possibly many other advanced options I haven't thought about yet. --------- Co-authored-by: Abdul Karim <Abdul.Karim@morganstanley.com> Co-authored-by: stdweird <stijn.deweirdt@ugent.be>
starting a new module to manage networking using nmstate declarative approach. reusing functions from network.pm as much as possible. Changes made in network.pm is minimal and should be backward compatible for existing configs.
following is supported for initial tech preview.
ifcfg support on rhel9 is not available. need a Modern way to manage networking.
None. this is new module. any changes made in parent is minimal to support this approach. should be noop to ifcfg configuration.
All tests performed on rhel9 hosts.