search

voxpupuli / puppet-network

Types and providers to manage network interfaces
https://forge.puppet.com/puppet/network
Apache License 2.0
66 stars 108 forks source link

Slave interfaces being created at everyrun #139

Closed jbertozzi closed 4 years ago

jbertozzi commented 8 years ago

Hi,

I am facing a strange behavior under RHEL7 when using this module for bonding configuration.

Here is the resource declaration:

network::bond { 'bond0':
    ipaddress => "$ipaddress",
    netmask   => "$netmask",
    method    => 'static',
    ensure    => present,
    slaves    => $nics,
}

Variable have correct values set and the files generated are as expected:

cat /etc/sysconfig/network-scripts/ifcfg-{enp2s0f0,enp2s0f1,bond0}
BOOTPROTO=static
ONBOOT=yes
DEVICE=enp2s0f0
HOTPLUG=yes
SLAVE=yes
MASTER=bond0

BOOTPROTO=static
ONBOOT=yes
DEVICE=enp2s0f1
HOTPLUG=yes
SLAVE=yes
MASTER=bond0

IPADDR=10.199.99.39
NETMASK=255.255.255.0
BOOTPROTO=static
ONBOOT=yes
DEVICE=bond0
HOTPLUG=yes
BONDING_OPTS="mode=active-backup miimon=100 downdelay=200 updelay=200 lacp_rate=slow primary=enp2s0f0 primary_reselect=always xmit_hash_policy=layer2"

The problem is that this resource is applied at everyrun:

puppet agent -t
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for 
Info: Applying configuration version '1455086111'
Notice: /Stage[main]/Network::Bond[bond0]/Network::Bond::Redhat[bond0]/Network_config[enp2s0f0]/ensure: created
Info: Computing checksum on file /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
Info: FileBucket got a duplicate file {md5}a30389b1cfc43dcfa7b903e478e6f04d
Notice: /Stage[main]/Network::Bond[bond0]/Network::Bond::Redhat[bond0]/Network_config[enp2s0f1]/ensure: created
Info: Computing checksum on file /etc/sysconfig/network-scripts/ifcfg-enp2s0f1
Info: FileBucket got a duplicate file {md5}c217a21bebade734979a509e68faf756
Notice: Finished catalog run in 9.15 seconds

My interfaces seem to be seen as absent from Puppet point of view on RHEL7:

puppet resource network_config enp2s0f0
network_config { 'enp2s0f0':
  ensure => 'absent',
}

While it is working on RHEL6:

puppet resource network_config eth0 -d
network_config { 'eth0':
  ensure  => 'present',
  family  => 'inet',
  hotplug => 'true',
  method  => 'static',
  mtu     => '1500',
  onboot  => 'true',
  options => {'MASTER' => 'bond0', 'SLAVE' => 'yes'},
}

Any thought why this behavior is different? Could this be linked to the Ruby version?

jyaworski commented 8 years ago

It's entirely possible that it's the ruby version. Do you have the facility to test with another ruby version on RHEL6 (IE software collections, IUS)?

Just for documentation, what version of ruby are you seeing this behavior with?

runejuhl commented 5 years ago

I'm seeing the same issue on RedHat 7.6:

Notice: /Stage[main]/Common::Network/Network::Bond[bond0]/Network::Bond::Redhat[bond0]/Network_config[eno5]/options: op
tions changed {
  'MASTER' => 'bond0',
  'SLAVE' => 'yes',
  'NM_CONTROLLED' => 'false',
  'ETHTOOL_OPTS' => 'speed 10000 duplex full autoneg off'
} to ETHTOOL_OPTS => speed 10000 duplex full autoneg off, MASTER => bond0, NM_CONTROLLED => false, SLAVE => yes
Info: Computing checksum on file /etc/sysconfig/network-scripts/ifcfg-eno5
Notice: /Stage[main]/Common::Network/Network::Bond[bond0]/Network::Bond::Redhat[bond0]/Network_config[eno6]/options: op
tions changed {
  'MASTER' => 'bond0',
  'SLAVE' => 'yes',
  'NM_CONTROLLED' => 'false',
  'ETHTOOL_OPTS' => 'speed 10000 duplex full autoneg off'
} to ETHTOOL_OPTS => speed 10000 duplex full autoneg off, MASTER => bond0, NM_CONTROLLED => false, SLAVE => yes
Info: Computing checksum on file /etc/sysconfig/network-scripts/ifcfg-eno6

Ruby version:

# /opt/puppetlabs/puppet/bin/ruby --version
ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux]
runejuhl commented 5 years ago

This turned out to be an issue with true/false/'yes'/'no', as the resource will happily accept boolean values in the slave_options parameter. I did a quick fix to our own Puppet wrapper:

    $bonded_interfaces.each |$_name, $_config| {
      $_merged_config = $_config + {
        # make sure we have 'yes'/'no' instead of booleans
        'slave_options' => $_config.dig('slave_options').lest || { {} }.reduce({}) |$acc, $kv| {
          [$k, $v] = $kv
          $acc + {
            $k => $v ? {
              Boolean => to_yesno($v),
              default => $v,
            }
          }
        }
      }

      network::bond { $_name:
        * => $_merged_config,
      }
    }

The function to_yesno is just what it says.

...not the most pretty, but works fine.

I've got a branch that has this at https://github.com/runejuhl/puppet-network/tree/coerce-boolean-values . I figure a proper PR should implement the same in Ruby instead, that'd be a lot prettier.