The storage plugin used by NM is an implementation detail that the role
does not care about, since it uses NM via libnm.
Signed-off-by: Till Maas <opensource@till.name>
Running the pytest with nm provider failed in the downstream testing
because the "NM_CONTROLLED=no" appeared in
`/etc/sysconfig/network-scripts/ifcfg-testeth` which caused the veth
`testeth` strictly unmanaged by NetworkManager. To fix it, clean up
such a connection profile at the end when running the pytest.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
The network role is using `main` for the default branch, so this needs
to be used in the workflow definition.
Signed-off-by: Till Maas <opensource@till.name>
The tests are giving failures that are unfortunately being ignored.
One of which is that pidof is not available by default on all platforms,
and on some platforms is not available at all (el7). Same with sysctl.
There are a couple of fixes:
* run the large embedded test `shell` with `set -euo pipefail` to
trigger script errors to be handled.
* install the procps or procps-ng package which provides the tools
such as pgrep, pkill, sysctl, etc.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
bz#2044640
The network role create an ifcfg file for initscripts. The file
used to append a comment "# this file was created by ansible".
This patch replaces the proprietary string with the ansible
standard {{ ansible_managed }} to adjust to the other system
roles.
For the implementation, it borrowed the method from kernel_settings,
getting the ansible managed comment using the get_ansible_managed.j2
template and pass the comment to network_connections which is added
to the ifcfg file.
In case network_provider is nm, the comment is not added to the
ifcfg file as the file is not managed by Ansible.
Note: the required parameter name to pass the ansible managed comment
to the network_connection module is "__header".
Do not use get_ansible_managed.j2 in the test scripts, but use a
hardcoded ansible managed comment to simplify the tests.
tests/tasks/get_profile_stat.yml: replace the '=' style with the YAML
notation in set_fact.
Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
The hostapd package was moved from EPEL to CentOS Stream and therefore
is not available anymore on EPEL, which made the installation failed.
To fix it, install the hostapd via CentOS Stream in order to run
managed host testing in RHEL-8.5.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
In order to enable user to flexibly control the network transmission
over the bonded interface, support all the bond options which are
currently supported by NetworkManager.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
The initscripts provider tests are unstable on Fedora and users are not
using the initscripts on Fedora, therefore, disable all initscripts
provider tests on Fedora.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
To ensure that new tests are going to be tested by the CI, only exclude
tests that are not supported instead of only included the supported
ones.
Signed-off-by: Till Maas <opensource@till.name>
The files must be named so that it explain what happens. In addition,
`down_profile+delete_interface` must use `changed_when` to match the
content of `delete_interface`.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Problem:
After `tests_bridge_initscripts.yml` passed, the `tests_bridge_nm.yml`
will fail with NetworkManager 1.18.
Root cause:
1. The `absent` and `down` action of initscript provider will not
remove the bridge interface which fail the assertion in
`tests_bridge_nm.yml`.
2. In initscript mode, network role will create ifcfg file with
`NM_CONTROLLED=no` instructing NetworkManager to mark the bridge as
unmanaged. The follow up `down` and `absent` action of initscript
provider will not change the NetworkManager's understanding on
unmanaged state of this interface.
Fixes:
1. We cannot change existing behaviour of initscript on not deleting
interface in `down` and `absent` action. So we change the test
function `tests/playbooks/down_profile.yml` to delete the interface
manually via `ip link del <ifname>` command.
2. Use `NM.Client.reload_connections_async()` to reload the
configuration for nm provider on NetworkManager 1.18.
Previous test infrastructure is running each test file in a brand new VM
or container which cause this problem not been found before.
Dedicate test case `tests/tests_switch_provider.yml` included.
Signed-off-by: Gris Ge <fge@redhat.com>
The users want to use the policy routing (e.g. source routing), so
that they can forward the packet based on the other criteria except for
the destination address in the packet. In such scenario, the routing
tables have to be supported beforehand in static routes, so that the
users can define policy routing rules later to instruct the system
which table to use to determine the correct route.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
NetworkManager requires to configure DNS options (such as the search
setting) for each IP family even though it does not matter in the
system's DNS configuration. Also, NetworkManager only allows to
configure the DNS options for each IP family, when they are enabled. In
the network_connections dictionary, the DNS options are configured
without considering the IP family. Therefore, configure ipv4.dns-search
or ipv6.dns-search only if the IP family is enabled.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
NetworkManager only allows to configure the DNS options for each IP
family, when they are enabled. Therefore, reject DNS settings in
ArgValidator if no IP family is enabled.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
NetworkManager only allows to configure the IPv6 nameservers if the
IPv6 family is enabled. Therefore, reject the IPv6 nameservers setting
in ArgValidator if the IPv6 family is not enabled.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Use the new tox-lsr that uses ansible-core 2.12.
Use ansible-plugin-scan in CI.
Fix pylint errors found by new ansible-test pylinter.
CI test with py39
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
When static IPv6 is configured, configuring IPv6 DNS will not raise any
validation error. Add unit test to verify that.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Introduce Python26CompatTestCase to fix Python 2.6 support for unit
tests:
- Use TestCase.assertRaises on Python 2.6 because it does not support
TestCase.assertRaisesRegexp
- Use TestCase.assertRaisesRegex on Python 3.2 and newer because it
deprecates TestCase.assertRaisesRegexp
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Fix ensure_provider_tests.py so that the tests are correctly generated.
Because the generated tests have not been checked in a while, there was
some drift between the actual tests and what should have been generated,
so the new generated tests have also been included.
When `ensure_provider_tests.py` detects differences, it will now show
the diffs using a unified diff format.
Added a new tox testenv `ensure_provider_tests` - use
`tox -e ensure_provider_tests` to run - to pass arguments, use
`tox -e ensure_provider_tests -- generate`
Added `ensure_provider_tests` as one of the tox testenvs to run for
github tox CI.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Add support for using latest ansible-lint and ansible-test with
ansible-core 2.11. There are a few new warnings that need to
be addressed or suppressed.
One of the changes is to add `# noqa ignore-errors` to the places in
the role where `ignore_errors: true` is used. In general, it is not
a good idea to use `ignore_errors: true` - instead, it is better to
capture the result of the command using a `register`, then use
`failed_when`. Or, if that is not possible, use a `block`/`rescue`
for more complex error handling. However, in the case where the network
role is using `ignore_errors: true` in test code, it is acceptable.
see https://ansible-lint.readthedocs.io/en/latest/default_rules.html#ignore-errors
Another change is to have all tasks have a valid `name:`. This
is explained at https://ansible-lint.readthedocs.io/en/latest/default_rules.html#unnamed-task
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Users can easily configure or update network connection via matching
physical device path of the interface, which add certain flexibilty of
user experience.
Update connection profile via matching `path` setting:
```yaml
- name: eth0
type: ethernet
autoconnect: yes
# For PCI devices, the path has the form "pci-$domain:$bus:$device.$function"
# It will only update the interface with the path "pci-0000:00:03.0"
match:
path:
- pci-0000:00:03.0
```
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Users might want to use jinja2 templates to set properties. As such,
it's convenient to accept None as an alias for an empty dictionary.
For exmaple, setting like `"match": None` will be allowed by the role:
e.g.
network_connections:
- name: enp0s8
type: ethernet
persistent_state: present
state: up
match:
ip:
route_metric4: 10
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Users might want to use jinja2 templates to set properties. As such,
it's convenient to accept None as an alias for an empty list.
For exmaple, setting like `"match": {"path": None}` will be allowed by
the role:
network_connections:
- name: enp0s8
type: ethernet
persistent_state: present
state: up
match:
path:
ip:
route_metric4: 10
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
