-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ncm-network: support for managing network using nmstate #1601
Conversation
@aka7 ping to join the meeting |
|
||
# Add dependency that can't be added to rpm directly | ||
prefix '/software/packages'; | ||
'nmstate' = dict(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you want to add NetworkManager-config-server
here, and possibly in the early list of kickstart rpms, like
prefix "/system/aii/osinstall/ks";
"NetworkManager-config-server" = dict();
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mask the nmstate service
"/software/components/systemd/unit/nmstate/state" = "masked";
(or something like that).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stdweird configuring another component in the context of a component configuration is quite unusual... At the same time I understand that it is a requirement and is probably better done here that somewhere in the template library. A site may use this component without using the template library or using an outdated version of it... May be worth a comment at least...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jouvin i don't follow. the relevant comment is there: this is for rpm dependencies that we can set in the component
starting a new module to manage networking using nmstate declarative approach. reusing functions from network.pm as much as possible. Changes made in network.pm is minimal and should be backward compatible for existing configs. following is supported for initial tech preview. - single interface, and bonding - vlan inteface - policy routing - ethtool setting via cli support only. - new nm_manage_dns option is added to schema to decided if NM should manage dns, we use ncm-resolver so to avoid clash. NM by default manages dns which will intefere with ncm-resolver. - aliases, bridge etc configuration not yet supported, and possibly many other advance options I haven't thought about yet.
f3a254b
to
2be2fab
Compare
Some commits to clarify perl structure
|
||
# Add dependency that can't be added to rpm directly | ||
prefix '/software/packages'; | ||
'nmstate' = dict(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stdweird configuring another component in the context of a component configuration is quite unusual... At the same time I understand that it is a requirement and is probably better done here that somewhere in the template library. A site may use this component without using the template library or using an outdated version of it... May be worth a comment at least...
- changes to generate the right hash entries needed by nmstate - addded deletion of conneciton if config is removed. - if nm_manage_dns then add resolver config for nmstate and apply.
58e1b63
to
9253e89
Compare
ncm-network: nmstate: more unittest fixes
nmstate determines this automatically when applied but adding it for clearity.
- changed so config can be set accodringly when nm_manage_dnsis set. - added mtu if set.
99edc9f
to
d244ea5
Compare
my @data = ('[main]'); | ||
|
||
if ( $manage_dns ) { | ||
# set nothing, will use default. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if the behaviour of nm_manage_dns = true
means to not disable it, it needs a very clear explanaiton in the the schema.
i would force it here and not rely on default behaviour (eg another config file might set it to none).
|
||
if ( $manage_dns ) { | ||
# set nothing, will use default. | ||
$self->verbose("Networkmanager defaults will be used to manage resolv.conf"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could be other config files as well
|
||
# group all eth bound to a bond together in a hashref for to be used as | ||
# - port in nmstate config file | ||
sub get_bonded_eth |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this hwole sub is
[ grep {defined($interfaces->{$_}->{master})} sort keys %$interfaces ]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But perhaps the sub is easier to read?
$filestatus = $NEW; | ||
} | ||
} else { | ||
if ($filename ne $NM_RESOLV_YML) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
invert the logc and swap the blocks: instead of
if not something
x
else
y
it's easier to read and understand to do
if something:
y
else
x
return $nm_dns_config | ||
} | ||
|
||
# enable NetworkManager service |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
enable and start?
# nmstate service applies all files found in /etc/nmstate and changes to .applied, which will keep changing if component is managing the .yml file. | ||
# we don't need this. | ||
# | ||
sub disable_nmstate_service |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
disable and stop?
# it means this connection existed before nmstate did its first apply. | ||
# doesn't break anything as nmstate resuses the conn, but worth a warning to highlight it? | ||
if ("$name" ne "$ifacename"){ | ||
$self->warn("connection name '$name' doesn't match $ifacename for device $dev, possible connection reuse occured") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i would add the whole $output
in the message to help debugging.
foreach my $conn_name (@existing_conn) { | ||
$conn_name =~ s/\s+$//; | ||
if ($conn_name =~ /Wired connection/){ | ||
$self->verbose("Clearing default connections created automatically by NetworkManager [ $conn_name ]"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
make sure to add the extra rpm in kickstart and packages to make sure this doesn't happen in the first place
push(@cmds, [$NMSTATECTL, "apply", $NM_RESOLV_YML]); | ||
my $out = $self->runrun(@cmds); | ||
$self->verbose($out); | ||
$nwsrv->reload(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this needed?
As requested, I'm going to squash and merge this into 23.6 as a technology preview. |
6a9e2bf
to
669859c
Compare
669859c
to
5c95662
Compare
Thanks James, I'm working on the other comments, all minor really. will
create a new PR for that.
…On Fri, 4 Aug 2023 at 11:05, James Adams ***@***.***> wrote:
As requested, I'm going to squash and merge this into 23.6 as a technology
preview.
The remaining comments still need to be looked at one way or another
though.
—
Reply to this email directly, view it on GitHub
<#1601 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADLYRYQRVC4KHI4R6NVHKNLXTTCPTANCNFSM6AAAAAA2CLAWLY>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
A. Karim
|
* ncm-network: support for managing network using nmstate A new module to manage networking using nmstate declarative approach. Reuses functions from network.pm as much as possible. Changes made in network.pm are minimal and should be backward compatible for existing configs. The following is supported in the initial tech preview: - single interface and bonding - vlan interface - policy routing - ethtool setting via cli support only. - new nm_manage_dns option is added to schema to decided if NM should manage DNS, we use ncm-resolver so to avoid clash. NM by default manages DNS which will interfere with ncm-resolver. - aliases, bridge etc configuration not yet supported, and possibly many other advanced options I haven't thought about yet. --------- Co-authored-by: Abdul Karim <Abdul.Karim@morganstanley.com> Co-authored-by: stdweird <stijn.deweirdt@ugent.be>
starting a new module to manage networking using nmstate declarative approach. reusing functions from network.pm as much as possible. Changes made in network.pm is minimal and should be backward compatible for existing configs.
following is supported for initial tech preview.
ifcfg support on rhel9 is not available. need a Modern way to manage networking.
None. this is new module. any changes made in parent is minimal to support this approach. should be noop to ifcfg configuration.
All tests performed on rhel9 hosts.