Role - edpm_network_config¶
Usage¶
This Ansible role does the following tasks:
Read the configured edpm_network_config_tool The following choices can be used to configure the host network: - nmstate, i.e based on systemroles.network - os-net-config, i.e based on custom tasks os-net-config is the default tool for this role
For os-net-config option, this role prepares the host by - creating necessary folders and files for rendering network templates and NIC mappings (optional) - Checks for the presence of required RPMS - Uses “provider” ifcfg/nmstate based on flag “edpm_network_config_nmstate”
- Note: * With nmstate-provider as the default for os-net-config,
using “edpm_network_config_nonconfigured_cleanup” is not recommended. Instead, enabling flag “edpm_network_config_remove_config” with appropriate remove_config section added in “edpm_network_config_template” is the supported option
“edpm_network_config_nonconfigured_cleanup” SHOULD NOT be set for update/adoption usecase
Here is an example playbook to run os-net-config tool:
- name: Apply network_config
block:
- name: Configure host network with edpm-ansible
include_role:
name: edpm_network_config
vars:
edpm_network_config_template: "{{ nic_config_file }}"
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Apply network configuration with os-net-config.
- name: Apply os-net-config configuration
become: true
block:
- name: Set nic_config_file fact
ansible.builtin.set_fact:
nic_config_file: "/etc/os-net-config/config.yaml"
- name: Render network_config from template
no_log: "{{ edpm_network_config_hide_sensitive_logs | bool }}"
ansible.builtin.copy:
content: "{{ edpm_network_config_template }}"
dest: "{{ nic_config_file }}"
mode: '0644'
backup: true
- name: Retrieve and output nic_config_file contents for debug before applying
when: edpm_network_config_debug|bool
block:
- name: Retrieve content of nic_config_file before applying
ansible.builtin.slurp:
path: "{{ nic_config_file }}"
register: os_net_config_config
- name: Debug print nic_config_file contents
ansible.builtin.debug:
msg: "{{ os_net_config_config['content'] | b64decode | trim }}"
- name: Run edpm_os_net_config_module with network_config
edpm_os_net_config:
cleanup: "{{ edpm_network_config_nonconfigured_cleanup }}"
config_file: "{{ nic_config_file }}"
debug: "{{ edpm_network_config_debug | bool }}"
detailed_exit_codes: true
safe_defaults: "{{ edpm_network_config_safe_defaults | bool }}"
use_nmstate: "{{ edpm_network_config_nmstate | bool }}"
remove_config: "{{ edpm_network_config_remove_config | bool }}"
async: "{{ edpm_network_config_async_timeout }}"
poll: "{{ edpm_network_config_async_poll }}"
register: network_config_result
when: not ansible_check_mode
Here is an example playbook to run os-net-config tool with –remove_config section:
- name: Cleanup and apply network configuration only
include_role:
name: edpm_network_config
vars:
edpm_network_config_template:
"{{ nic_config_file }}"
edpm_network_config:
remove_config: true
An example of using remove_config is available in:
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
gather_facts: false
vars:
edpm_network_config_template: |
---
remove_config:
- remove_type: vlan
remove_name: vlan200
network_config:
- type: vlan
vlan_id: 100
device: dummy0
use_dhcp: false
use_dhcpv6: false
addresses:
- ip_netmask: 192.168.180.2/24
routes:
- ip_netmask: 192.168.180.0/24
next_hop: 192.168.180.1
edpm_network_config_nonconfigured_cleanup: false
edpm_network_config_nmstate: false
edpm_network_config_hide_sensitive_logs: false
edpm_network_config_update: false
edpm_network_config_remove_config: true
edpm_bootstrap_network_resolvconf_update: false
edpm_network_config_debug: true
pre_tasks:
- name: Gather user fact
ansible.builtin.setup:
gather_subset:
- "!all"
- "!min"
- "user"
- name: set basic user fact
ansible.builtin.set_fact:
ansible_user: "{{ ansible_user_id | default(lookup('env', 'USER')) }}"
when:
- ansible_user is undefined
roles:
- role: "osp.edpm.edpm_network_config"
- name: Verify os-net-config rpm version and interface creation
hosts: all
gather_facts: false
tasks:
- name: Print os-net-config version
ansible.builtin.command: rpm -q os-net-config
register: onc_ver
changed_when: false
- name: Display version
ansible.builtin.debug:
msg: "{{ onc_ver.stdout }}"
- name: List /etc/sysconfig/network-scripts
ansible.builtin.command: ls -l /etc/sysconfig/network-scripts
register: netscripts_list
changed_when: false
- name: Debug listing of /etc/sysconfig/network-scripts
ansible.builtin.debug:
var: netscripts_list.stdout_lines
- name: List all NetworkManager connections
ansible.builtin.command: nmcli -t -f NAME,TYPE,DEVICE connection show
register: nmcli_conns
changed_when: false
- name: Debug NM connections
ansible.builtin.debug:
var: nmcli_conns.stdout_lines
- name: Show ip addr state
ansible.builtin.command: ip addr show
register: ip_addr
changed_when: false
- name: Verify vlan200 was removed by "remove_config" flag
ansible.builtin.assert:
that:
- "'vlan200' not in ip_addr.stdout"
fail_msg: "FAILED: vlan200 interface still exists in ip addr output"
success_msg: "SUCCESS: vlan200 interface was removed"
- name: Debug ip link state
ansible.builtin.debug:
var: ip_addr.stdout_lines