mirror of
https://github.com/linux-system-roles/network.git
synced 2026-01-23 10:25:28 +00:00
38a61f76e9
We have a lot of requests to support Rocky and Alma in various system roles. The
first part of adding support is adding `vars/` files for these platforms. In
almost every case, for a given major version N, the vars file RedHat_N.yml can
be used for CentOS, Rocky, and Alma. Rather than making a copy of the
RedHat_N.yml file, just use a symlink to reduce size and maintenance burden, and
standardize this across all system roles for consistency.
NOTE: There is no Alma or Rocky version 7 or less.
NOTE: OracleLinux is not a strict clone, so we are not going to do this for
OracleLinux at this time. Support for OracleLinux will need to be done in
separate PRs. For more information, see
https://github.com/linux-system-roles/cockpit/issues/130
**Question**: Why not just use `ansible_facts["os_family"] == "RedHat"`?
**Answer**: This is what Ansible uses as the RedHat os_family:
1e6ffc1d02/lib/ansible/module_utils/facts/system/distribution.py (L511)
There are a lot of distributions in there. I know that Fedora is not a clone of
RHEL, but it is very closely related. Most of the others are not clones, and it
would generally not work to replace ansible_distribution in ['CentOS', 'Fedora',
'RedHat'] with ansible_facts['os_family'] == 'RedHat' (but it would probably
work in specific cases with specific distributions). For example, OracleLinux
is in there, and we know that doesn't generally work. The only ones we can be
pretty sure about are `RedHat`, `CentOS`, `Fedora`, `AlmaLinux`, and `Rocky`.
**Question**: Does my role really need this because it should already work on
RHEL clones?
**Answer**: Maybe not - but:
* it doesn't hurt anything
* it's there if we need it in the future
* the role will be inconsistent with the other system roles if we don't have this
**Question**: Why do I need the `tests/vars/rh_distros_vars.yml` file? Doesn't
the test load the vars from the role?
**Answer**: No, the test does not load the vars from the role until the role is
included, and many tests use version and distribution before including the role.
**Question**: Do we need to change the code now to use the new variables?
**Answer**: No, not now, in subsequent PRs, hopefully by Alma and Rocky users.
Note that there may be more work to be done to the role to fully support Rocky
and Alma. Many roles have conditionals like this:
```yaml
some_var: "{{ 'some value' if ansible_distribution in ['CentOS', 'RedHat'] else 'other value' }}"
another_var: "{{ 'some value' if ansible_distribution in ['CentOS', 'Fedora', 'RedHat'] else 'other value' }}"
...
- name: Do something
when: ansible_distribution in ['CentOS', 'RedHat']
...
- name: Do something else
when: ansible_distribution in ['CentOS', 'Fedora', 'RedHat']
...
```
Adding Rocky and AlmaLinux to these conditionals will have to be done
separately. In order to simplify the task, some new variables are being
introduced:
```yaml
__$rolename_rh_distros:
- AlmaLinux
- CentOS
- RedHat
- Rocky
__$rolename_rh_distros_fedora: "{{ __$rolename_rh_distros + ['Fedora'] }}"
__$rolename_is_rh_distro: "{{ ansible_distribution in __$rolename_rh_distros }}"
__$rolename_is_rh_distro_fedora: "{{ ansible_distribution in __$rolename_rh_distros_fedora }}"
```
Then the conditionals can be rewritten as:
```yaml
some_var: "{{ 'some value' if __$rolename_is_rh_distro else 'other value' }}"
another_var: "{{ 'some value' if __$rolename_is_rh_distro_fedora else 'other value' }}"
...
- name: Do something
when: __$rolename_is_rh_distro | bool
...
- name: Do something else
when: __$rolename_is_rh_distro_fedora | bool
...
```
For tests - tests that use such conditionals will need to use `vars_files` or
`include_vars` to load the variables that are defined in
`tests/vars/rh_distros_vars.yml`:
```yaml
vars_files:
- vars/rh_distros_vars.yml
```
We don't currently have CI testing for Rocky or Alma, so someone wanting to run
tests on those platforms would need to change the test code to use these.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
160 lines
6.7 KiB
YAML
160 lines
6.7 KiB
YAML
# SPDX-License-Identifier: BSD-3-Clause
|
|
---
|
|
network_connections: []
|
|
|
|
network_state: {}
|
|
|
|
network_allow_restart: false
|
|
|
|
# BEGIN - DO NOT EDIT THIS BLOCK - rh distros variables
|
|
# Ansible distribution identifiers that the role treats like RHEL
|
|
__network_rh_distros:
|
|
- AlmaLinux
|
|
- CentOS
|
|
- OracleLinux
|
|
- RedHat
|
|
- Rocky
|
|
|
|
# Same as above but includes Fedora
|
|
__network_rh_distros_fedora: "{{ __network_rh_distros + ['Fedora'] }}"
|
|
|
|
# Use this in conditionals to check if distro is Red Hat or clone
|
|
__network_is_rh_distro: "{{ ansible_distribution in __network_rh_distros }}"
|
|
|
|
# Use this in conditionals to check if distro is Red Hat or clone, or Fedora
|
|
__network_is_rh_distro_fedora: "{{ ansible_distribution in __network_rh_distros_fedora }}"
|
|
# END - DO NOT EDIT THIS BLOCK - rh distros variables
|
|
|
|
# Use initscripts for RHEL/CentOS < 7, nm otherwise
|
|
network_provider_os_default: "{{
|
|
'initscripts' if ansible_distribution in __network_rh_distros and
|
|
ansible_distribution_major_version is version('7', '<')
|
|
else 'nm' }}"
|
|
# If NetworkManager.service is running, assume that 'nm' is currently in-use,
|
|
# otherwise initscripts
|
|
__network_provider_current: "{{
|
|
'nm' if 'NetworkManager.service' in ansible_facts.services and
|
|
ansible_facts.services['NetworkManager.service']['state'] == 'running'
|
|
else 'initscripts' }}"
|
|
# Default to the auto-detected value
|
|
network_provider: "{{ __network_provider_current }}"
|
|
|
|
# check if any 802.1x connections are defined
|
|
__network_ieee802_1x_connections_defined: "{{ network_connections |
|
|
selectattr('ieee802_1x', 'defined') | list | count > 0 }}"
|
|
|
|
# check if any wireless connections are defined
|
|
__network_wireless_connections_defined: "{{ network_connections |
|
|
selectattr('type', 'defined') |
|
|
selectattr('type', 'match', '^wireless$') | list | count > 0 }}"
|
|
|
|
# NetworkManager-wireless is required for wireless connections
|
|
__network_packages_default_wireless: ["{%
|
|
if __network_wireless_connections_defined
|
|
%}NetworkManager-wifi{% endif %}"]
|
|
|
|
# check if any team connections are defined
|
|
__network_team_connections_defined: "{{ network_connections |
|
|
selectattr('type', 'defined') |
|
|
selectattr('type', 'match', '^team$') | list | count > 0 }}"
|
|
|
|
# NetworkManager-team is required for team connections
|
|
__network_packages_default_team: ["{%
|
|
if __network_team_connections_defined
|
|
%}NetworkManager-team{% endif %}"]
|
|
|
|
# wpa_supplicant is required if any 802.1x or wireless connections are defined
|
|
__network_wpa_supplicant_required: "{{
|
|
__network_ieee802_1x_connections_defined or
|
|
__network_wireless_connections_defined }}"
|
|
__network_packages_default_wpa_supplicant: ["{%
|
|
if __network_wpa_supplicant_required
|
|
%}wpa_supplicant{% endif %}"]
|
|
|
|
# The python-gobject-base package depends on the python version and
|
|
# distribution:
|
|
# - python-gobject-base on RHEL7 (no python2-gobject-base :-/)
|
|
# - python3-gobject-base on Fedora 28+
|
|
__network_packages_default_gobject_packages: ["python{{
|
|
ansible_python['version']['major'] | replace('2', '') }}-gobject-base"]
|
|
|
|
__network_service_name_default_nm: NetworkManager
|
|
__network_packages_default_nm: "{{ ['NetworkManager']
|
|
+ __network_packages_default_gobject_packages | select() | list()
|
|
+ __network_packages_default_wpa_supplicant | select() | list()
|
|
+ __network_packages_default_wireless | select() | list()
|
|
+ __network_packages_default_team | select() | list() }}"
|
|
|
|
__network_service_name_default_initscripts: network
|
|
|
|
# initscripts requires bridge-utils to manage bridges, install it when the
|
|
# 'bridge' type is used in network_connections
|
|
__network_packages_default_initscripts_bridge: ["{%
|
|
if network_connections | selectattr('type', 'defined') |
|
|
selectattr('type', 'match', '^bridge$') | list | count > 0 and
|
|
ansible_distribution in __network_rh_distros and
|
|
ansible_distribution_major_version is version('7', '<=')
|
|
%}bridge-utils{% endif %}"]
|
|
__network_packages_default_initscripts_network_scripts: ["{%
|
|
if ansible_distribution in __network_rh_distros and
|
|
ansible_distribution_major_version is version('7', '<=')
|
|
%}initscripts{% else %}network-scripts{% endif %}"]
|
|
# Initscripts provider requires `/sbin/dhclient` to obtain DHCP address,
|
|
# which is provided by the dhcp client package
|
|
__network_packages_default_initscripts_dhcp_client: ["{%
|
|
if ansible_distribution in __network_rh_distros and
|
|
ansible_distribution_major_version is version('7', '<=')
|
|
%}dhclient{% else %}dhcp-client{% endif %}"]
|
|
# convert _network_packages_default_initscripts_bridge to an empty list if it
|
|
# contains only the empty string and add it to the default package list
|
|
# |select() filters the list to include only values that evaluate to true
|
|
# (the empty string is false)
|
|
# |list() converts the generator that |select() creates to a list
|
|
__network_packages_default_initscripts: "{{
|
|
__network_packages_default_initscripts_bridge | select() | list()
|
|
+ __network_packages_default_initscripts_network_scripts | select() | list()
|
|
+ __network_packages_default_initscripts_dhcp_client | select() | list()
|
|
}}"
|
|
|
|
|
|
# The user can explicitly set host variables "network_provider",
|
|
# "network_service_name" and "network_packages".
|
|
#
|
|
# Usually, the user only wants to select the "network_provider"
|
|
# (or not set it at all and let it be autodetected via the
|
|
# internal variable "{{ __network_provider_current }}". Hence,
|
|
# depending on the "network_provider", a different set of
|
|
# service-name and packages is chosen.
|
|
#
|
|
# That is done via the internal "__network_provider_setup" dictionary.
|
|
# If the user doesn't explicitly set "network_service_name" or
|
|
# "network_packages" (which he usually wouldn't), then the defaults
|
|
# from "__network_service_name_default_*" and "__network_packages_default_*"
|
|
# apply. These values are hard-coded in this file, but they also could
|
|
# be overwritten as host variables or via vars/*.yml.
|
|
__network_provider_setup:
|
|
nm:
|
|
service_name: "{{ __network_service_name_default_nm }}"
|
|
packages: "{{ __network_packages_default_nm }}"
|
|
initscripts:
|
|
service_name: "{{ __network_service_name_default_initscripts }}"
|
|
packages: "{{ __network_packages_default_initscripts }}"
|
|
|
|
network_packages: "{{
|
|
__network_provider_setup[network_provider]['packages'] }}"
|
|
network_service_name: "{{
|
|
__network_provider_setup[network_provider]['service_name'] }}"
|
|
|
|
# ansible_facts required by the role
|
|
__network_required_facts:
|
|
- distribution
|
|
- distribution_major_version
|
|
- distribution_version
|
|
- os_family
|
|
- python
|
|
|
|
# the subsets of ansible_facts that need to be gathered in case any of the
|
|
# facts in required_facts is missing; see the documentation of
|
|
# the 'gather_subset' parameter of the 'setup' module
|
|
__network_required_facts_subsets: "{{ ['!all', '!min'] +
|
|
__network_required_facts }}"
|