If enabled, a default route will be configured using the default gateway. If disabled,
the default route will be removed.
If this variable is not specified, the role will use the default behavior of the
`network_provider` selected.
Setting this option to `no` is equivalent to:
- `DEFROUTE = no` in initscripts, or
- `ipv4.never-default/ipv6.never-default yes` in nmcli
Signed-off-by: Jack Adolph <jack.adolph@gmail.com>
`dns_search` and `dns_options` should not be specific to the address
family. Previously, `dns_search` and `dns_options` were only supported
for IPv4 nameservers, so we also need to support `dns_search` and
`dns_options` for IPv6 nameservers.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
ETHTOOL Ring option is not supported by NetworkManager until
NM 1.25.2. Currently, ETHTOOL Ring option is not suppored by
Network role, so enable the support for ETHTOOL Ring option.
Configure ethtool ring option via:
```yaml
network_connections:
- name: testnic1
type: ethernet
state: up
ip:
dhcp4: no
auto6: no
ethtool:
ring:
rx: 128
rx_jumbo: 128
rx_mini: 128
tx: 128
```
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
There was recently an upgrade to python black which made function
documentation checking stricter. This caused network tox CI to
break. The fix is to format the function doc text in the manner
expected by black.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Automation Hub, and possibly Galaxy in the future, require the
collection to be screened with `ansible-test sanity` among other
checks. The role had a number of issues:
* Use `AssertionError` instead of `assert`
* Use of `logging` module not in accordance with standards, but these
are ok and the errors were suppressed
* Several import errors which are ok because they are checked
elsewhere
* __init__.py in the module_utils directories must be empty, so a
new file myerror.py was added to move the code from __init__.py
* NOTE: network_lsr/nm/__init__.py is not empty
* The documentation block in the module was not properly constructed
or formatted.
* shellcheck issues, including removing unused files
* use `unused` instead of `_` (underscore) for variables that are
unused
add WARNING to module docs - collection users should not use directly
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Use the correct parameter names for declaring static IPV6 connections
for the initscripts provider. Also, add integration and unit tests to
cover this.
Signed-off-by: Jack Adolph <jack.adolph@gmail.com>
Signed-off-by: Till Maas <opensource@till.name>
In order to promote a diverse and inclusive environment we are replacing
all the reference to "slave" for "port".
Test case added.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
In order to promote a diverse and inclusive environment we are replacing
all the reference to "master" for "controller".
Test case added.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Refactor the volatilize action of nm provider:
* Move code to `module_utils/network_lsr/nm`
* The `module_utils/network_lsr/nm` only volatilize profile by given UUID
instead of guess. The `library/network_connections.py` is responsible
on choosing UUID.
Signed-off-by: Gris Ge <fge@redhat.com>
The details of the issue is described in this ansible issue:
https://github.com/ansible/ansible/issues/68361
The workaround contains 2 changes.
1) Advice from @sivel:
replacing, e.g.,
from ansible.module_utils.network_lsr.nm.provider import NetworkManagerProvider
with
from ansible.module_utils.network_lsr.nm import provider
and then use provider.NetworkManagerProvider
2) In the later module_utils path finding path, gi.require_version("NM", "1.0")
in module_utils/network_lsr/nm/client.py fails with "ValueError: Namespace
NM not available" on the control node. By ignoring the exception, the failure
is worked around. Please note that the missing package issue never occurs
on the managed nodes since in case of "nm", the NetworkManager package is
installed in the network role.
Signed-off-by: Noriko Hosoi <nhosoi@redhat.com>
The line was too long, and needed to be wrapped in a way that was
compatible with python black formatting.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
When deactivating a profile in libNM, we should:
* Check `NM.ActionConnection` existence
* Check `NM.ActionConnection.props.state` not DEACTIVATED
* Use signal `state-changed` of `NM.ActionConnection`.
* Only invoke `NM.Client.deactivate_connection_async()` if not
in DEACTIVATING state.
* Ignore `NM.ManagerError.CONNECTIONNOTACTIVE` error.
This patch also introduced a new class `NetworkManagerProvider`
in `module_utils/network_lsr/nm`:
* Independent from Ansible but need to use absolute import due to
limitation of ansible 2.8.
* Provide sync function wrapping async calls of libNM.
* Use stable logging method of python.
* Only load this module when provider is nm.
This patch also changed how logging is handling in
`Cmd_nm.run_action_down()` as initial step on isolate ansible log
mechanism from provider module.
By moving provider codes to `module_utils` folder, we can eventually
simplify the bloated `library/network_connections.py`.
Signed-off-by: Gris Ge <fge@redhat.com>
The task 56586 is for adding tests against the collection converted
format to the tox/travis CI to capture a problem before merging the
pr, if any. It'd be helpful to find out bugs in the conversion tool
lsr_role2collection.py, as well. The source of this commit is located
in linux-system-roles/template. They are synced by auto-maintenance/
sync-template.sh, then manually adjusted to the network role.
.travis/runcollection.sh is the test script. tox.ini is modified to run
it in the tox/travis CI. The script downloads lsr_role2collection.py,
then converts the network role into the conversion format in the working
directory .tox. In the collection, it runs a set of tests black, flake8,
yamllint, py38 to check the converted result.
tests/integration/test_ethernet.py is a script capable of using the network
module without executing it from Ansible and using Pytest. The example test
sets an ip in a test interface. The changes in tox.ini adapt the testing to the
new script. The __init__.py files were added to allow python2.7 compatibility.
Signed-off-by: Elvira García Ruiz <elviragr@riseup.net>
When a profile is specified as absent, ignore state requests if the
profile is already removed or not completely specified to improve
idempotence.
Also restructure the states test. This introduces a clear structure for
the individual test steps, properly assigns tags for each test from the
file and provides a clear error message with a description of the test
that failed in case of errors. Support for tests that expect a failure
is still missing.
Since `invocation` is an Ansible special value that is set for
triple verbosity, it is now visible for smaller verbosity. Therefore
rename it to `_invocation`, which seems to work with less verbosity.
Also adjust the content to match the regular `invocation` style.
To reduce problems with profile specification order and to support
creating and activating bond profiles in one run with initscripts,
create all profiles first.
WPA-PSK and WPA-EAP are supported. Uses existing 802.1x features of the role.
Added extra functionality to ArgValidatorStr to enforce a min and max length.
Ethtool features should use underscores instead of dashes. A
warning shows in case dashes used, and it fails if underscore and dashes are
mixed. Unit tests and integration tests have been added. Since nm already
needed underscores, the string processing that was made in nm_provider is now
unneeded and therefore removed.
This patch implements the ETHTOOL_GPERMADDR command in order to retrieve
the permanent address from ethtool instead using command line tool.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
According to PEP8 [1], the import are always put at the top of the file,
just after any module comments and docstrings, and before module globals
and constants.
[1] https://www.python.org/dev/peps/pep-0008/#imports
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Logs are now separed by severity level. Warnings and failures are the only logs
that appear now on the output. All logs are saved into a new json parameter
called "stderr" that is later shown on a different task. In case of
failure, all logs are shown as output. Tests have been created and modified in
order to assure that this feature works.
Signed-off-by: Elvira Garcia Ruiz <elviragr@riseup.net>
Role now supports validating the domain name of the EAP server certificate.
Regenerated the CA certificate as the private key for the original CA has been lost.
Updated test certificates to include a domain name in the CN so the domain-suffix-match
feature can be tested.
This removes warnings like:
[WARNING]: The value False (type bool) in a string field was converted
to u'False' (type string). If this does not look like what you expect,
quote the entire value to ensure it does not change.
time.sleep() does not sleep an exact amount of time, hence, adding
up the sleep-times will not give the exact total wait-time.
An alternative would be to take a CLOCK_BOOTTIME timestamp (or similar)
and determine the elapsed time based on that.
Instead, do something different, and use a GLib timeout for polling.
- persistent_state represents whether a profile is stored on disk
- persistent_state defaults to 'present'
- When there is no type specified for the profile, it is enough for a
profile with the same name to be stored on the target's systems file
system. Otherwise the role will fail
- state now represents the runtime state and can be up, down or
unspecified
- translate the state definitions into actions that will be performed.
The actions correspond to the previous states.
- add the possibility to write unit tests to only verify parts of the
resulting connection dictionary to only check for the expected changes
instead of the full connection that can also contain unrelated defaults
* by default ```name``` is used as ```interface_name```
* if ```interface_name``` is set to the empty string, it will not be set
* if ```mac``` is specified, ```interface_name``` defaults to not being set
This fixes#41
