Networkmanager

[eb4x]

network-scripts is deprecated (and removed from el9 releases if I'm not mistaken). In el8 networkmanager does a pretty good job of reading network-scripts, so might aswell try using it.

For el9 support we'll also need to convert the network-scripts files to nmconnection files.

[markgoddard]

@bbezak

[bbezak]

RHEL 9 still supports old network scripts and it can also do ifup/ifdown with NetworkManager-initscripts-updown package. I've tested it on Rocky 9, and it works well - https://github.com/bbezak/ansible-role-interfaces/commit/31ce70ee7919da914fc5710d9b186d0149335253

I've also started adding ethernet template for native NM keyfile format, however that still needs some work - https://github.com/bbezak/ansible-role-interfaces/commit/8aad4f91497a6ae74a2b1dbcb01fbe86ffc7d259

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/assembly_networking_considerations-in-adopting-rhel-9#ref_networkmanager-networking_assembly_networking

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/9.0_release_notes/index#BZ-2082303

[bbezak]

RHEL 9 still supports old network scripts and it can also do ifup/ifdown with NetworkManager-initscripts-updown package. I've tested it on Rocky 9, and it works well - bbezak@31ce70e

I've also started adding ethernet template for native NM keyfile format, however that still needs some work - bbezak@8aad4f9

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/assembly_networking_considerations-in-adopting-rhel-9#ref_networkmanager-networking_assembly_networking

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/9.0_release_notes/index#BZ-2082303

It is even more interesting, when one creates bonding with nmcli then only old school network script got created:

nmcli connection add type bond con-name bond42 ifname bond42 ipv4.method manual ipv4.addresses '192.0.2.1/24' ipv4.gateway '192.0.2.254' ipv4.dns '192.0.2.253' bond.options "mode=active-backup,miimon=1000"

cat /etc/sysconfig/network-scripts/ifcfg-bond42
BONDING_OPTS="mode=active-backup miimon=1000"
TYPE=Bond
BONDING_MASTER=yes
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
IPADDR=192.0.2.1
PREFIX=24
GATEWAY=192.0.2.254
DNS1=192.0.2.253
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=bond42
UUID=98f785d3-9c56-4aa7-9f89-ddd275e03132
DEVICE=bond42
ONBOOT=yes

[eb4x]

RHEL 9 still supports old network scripts and it can also do ifup/ifdown with NetworkManager-initscripts-updown package. I've tested it on Rocky 9, and it works well - bbezak@31ce70e

Could this get merged then? Installing that package seems like a good enough option to tie us over until we actually need nmconnection files.

I've also started adding ethernet template for native NM keyfile format, however that still needs some work - bbezak@8aad4f9

Cool, I've written some nmconnection files just to get a feel for it, I'll have a look at your work :)

[eb4x]

Not necessarily feature-complete, but this works for my setup.

[eno1,eno2] -> bond0 -> br-provision {ipv4 address, multiple routes} bond0.1000 -> br-internet {dhcp}

[eb4x]

Really starting to like this eb4x/ansible-role-interfaces@3215b4a0be7b9745df92b8e152aa6696e6c4be88 type of solution.

[eb4x]

Updated with smol modifications. will test if they still work. (I suspect the named regex groups should have \g and not \g when single-quoted.)

[eb4x]

The bounce networkmanager devices needs more thought/work. I think it needs to be a shellscript like the other one and run "con down/up" for certain interfaces to have their changes take.

[markgoddard]

The bounce networkmanager devices needs more thought/work. I think it needs to be a shellscript like the other one and run "con down/up" for certain interfaces to have their changes take.

Can you give more information about this - did it not work with a simple service restart, or was there some undesirable side-effect?

[eb4x]

Can you give more information about this - did it not work with a simple service restart, or was there some undesirable side-effect?

Once the interfaces are up, if there are changes to them later in the form of new/additional ips, those kinds of changes aren't effected.

[markgoddard]

Can you give more information about this - did it not work with a simple service restart, or was there some undesirable side-effect?

Once the interfaces are up, if there are changes to them later in the form of new/additional ips, those kinds of changes aren't effected.

Ok, that's a problem. Let's go with the other approach then.

[eb4x]

I've merged a fix from Pierre. Just modified the when clause to interfaces_use_nmconnection. I'm currently using NetworkManager with network-scripts store on EL8, (which is a possibility) and I'd rather not have any surprises.

[eb4x]

Looking at ifcfg removal some more, it didn't seem quite right. Changed the with_items to a list of all interfaces we manage. Needs testing.

[eb4x]

Well, that cleared out some dummy-files I created from network-scripts. So I suppose that works.

@priteau ab2d0484be38a599591d26430d0d57081582742f looks ok to you?

[eb4x]

I've "improved" upon the previous NM bouncer. It's not thoroughly tested, but it's using the same techniques as the other bouncer, so expecting equal outcome to that. Quick glance shows changes to existing interfaces (adding/removal of IPs) are effected.

[markgoddard]

Merge conflicts

[eb4x]

Thanks for catching the details here :+1:

I've applied fixups to the commits introducing/containing erroneous code.

[markgoddard]

https://github.com/michaelrigart/ansible-role-interfaces/releases/tag/v1.14.0