Linux network configuration with network manager

Version 1

    I am working on a project where I need to apply live, permanent networking configuration changes to Linux VMs that may not even have a network configured in the first place.

     

    To do so I am leveraging:

    • vSphere guest operations allowing to run commands in the guest OS even if it is not networked yet.
    • NetworkManager / nmcli which provides a command line way to get and set a broad set of network configurations that can be applied immediately and permanently . NetworkManager was first developed by Red Hat and is now available in several distributions.

     

    The VM network cards appear as network manager devices.

     

    The "Get all properties from a device" workflow will list all the devices and their properties in the workflow log and set a workflow output parameter of type array of properties

    The inputs are the virtual Machine hosting the Linux guest OS, the credentials to access the guest OS.

    Screen Shot 2015-09-28 at 18.34.11.png

     

    Here is a sample output showing some properties with the most important being :

    GENERAL.DEVICE later referred as "device name" and used in all workflows requiring a device name input.

    GENERAL.CONNECTION later referred as "connection profile" or "connection id" and used in all workflows requiring a connection name input.

    The list of properties is variable depending on the type of device and the connection profile it is bound to.

     

    GENERAL.DEVICE:eno33557248
    GENERAL.TYPE:ethernet
    GENERAL.VENDOR:VMware
    GENERAL.PRODUCT:VMXNET3 Ethernet Controller
    GENERAL.DRIVER:vmxnet3
    GENERAL.DRIVER-VERSION:1.1.30.0-k-NAPI
    GENERAL.FIRMWARE-VERSION:
    GENERAL.HWADDR:00:50:56:94:8D:26
    GENERAL.MTU:1500
    GENERAL.STATE:100 (connected)
    GENERAL.REASON:0 (No reason given)
    GENERAL.UDI:/sys/devices/pci0000:00/0000:00:16.0/0000:0b:00.0/net/eno33557248
    GENERAL.IP-IFACE:eno33557248
    GENERAL.IS-SOFTWARE:no
    GENERAL.NM-MANAGED:yes
    GENERAL.AUTOCONNECT:yes
    GENERAL.FIRMWARE-MISSING:no
    GENERAL.CONNECTION:ethernet-eno33557248
    GENERAL.CON-UUID:7eda20cc-5474-4192-b40a-ff61a57de7e0
    GENERAL.CON-PATH:/org/freedesktop/NetworkManager/ActiveConnection/37
    CAPABILITIES.CARRIER-DETECT:yes
    CAPABILITIES.SPEED:10000 Mb/s
    CAPABILITIES.IS-SOFTWARE:no
    WIRED-PROPERTIES.CARRIER:on
    IP4.ADDRESS[1]:192.168.1.32/24
    IP4.GATEWAY:192.168.1.254
    IP4.DNS[1]:192.168.1.254
    DHCP4.OPTION[1]:requested_domain_search = 1
    DHCP4.OPTION[2]:requested_nis_domain = 1
    DHCP4.OPTION[3]:requested_time_offset = 1
    DHCP4.OPTION[4]:requested_broadcast_address = 1
    DHCP4.OPTION[5]:requested_rfc3442_classless_static_routes = 1
    DHCP4.OPTION[6]:requested_classless_static_routes = 1
    DHCP4.OPTION[7]:requested_domain_name = 1
    DHCP4.OPTION[8]:expiry = 1443269566
    DHCP4.OPTION[9]:requested_wpad = 1
    DHCP4.OPTION[10]:next_server = 0.0.0.0
    DHCP4.OPTION[11]:broadcast_address = 192.168.1.255
    DHCP4.OPTION[12]:dhcp_message_type = 5
    DHCP4.OPTION[13]:requested_subnet_mask = 1
    DHCP4.OPTION[14]:dhcp_lease_time = 43200
    DHCP4.OPTION[15]:routers = 192.168.1.254
    DHCP4.OPTION[16]:ip_address = 192.168.1.32
    DHCP4.OPTION[17]:requested_static_routes = 1
    DHCP4.OPTION[18]:requested_interface_mtu = 1
    DHCP4.OPTION[19]:requested_nis_servers = 1
    DHCP4.OPTION[20]:requested_ntp_servers = 1
    DHCP4.OPTION[21]:subnet_mask = 255.255.255.0
    DHCP4.OPTION[22]:domain_name_servers = 192.168.1.254
    DHCP4.OPTION[23]:requested_ms_classless_static_routes = 1
    DHCP4.OPTION[24]:requested_routers = 1
    DHCP4.OPTION[25]:requested_domain_name_servers = 1
    DHCP4.OPTION[26]:network_number = 192.168.1.0
    DHCP4.OPTION[27]:requested_host_name = 1
    DHCP4.OPTION[28]:dhcp_server_identifier = 192.168.1.254
    IP6.ADDRESS[1]:2a01:e35:8bae:5370:250:56ff:fe94:8d26/128
    IP6.ADDRESS[2]:fe80::250:56ff:fe94:8d26/64
    IP6.GATEWAY:fe80::f6ca:e5ff:fe46:bb4a
    IP6.ROUTE[1]:dst = 2a01:e35:8bae:5370::/64, nh = ::, mt = 100
    IP6.DNS[1]:2a01:e00::2
    IP6.DNS[2]:2a01:e00::1
    CONNECTIONS.AVAILABLE-CONNECTION-PATHS:/org/freedesktop/NetworkManager/Settings/{6}
    CONNECTIONS.AVAILABLE-CONNECTIONS[1]:7eda20cc-5474-4192-b40a-ff61a57de7e0 | ethernet-eno33557248
    
    GENERAL.DEVICE:eno16777984
    GENERAL.TYPE:ethernet
    GENERAL.VENDOR:VMware
    GENERAL.PRODUCT:VMXNET3 Ethernet Controller
    GENERAL.DRIVER:vmxnet3
    GENERAL.DRIVER-VERSION:1.1.30.0-k-NAPI
    GENERAL.FIRMWARE-VERSION:
    GENERAL.HWADDR:00:50:56:94:51:00
    GENERAL.MTU:1500
    GENERAL.STATE:30 (disconnected)
    GENERAL.REASON:38 (The device's active connection disappeared)
    GENERAL.UDI:/sys/devices/pci0000:00/0000:00:15.0/0000:03:00.0/net/eno16777984
    GENERAL.IP-IFACE:
    GENERAL.IS-SOFTWARE:no
    GENERAL.NM-MANAGED:yes
    GENERAL.AUTOCONNECT:yes
    GENERAL.FIRMWARE-MISSING:no
    GENERAL.CONNECTION:--
    GENERAL.CON-UUID:--
    GENERAL.CON-PATH:--
    CAPABILITIES.CARRIER-DETECT:yes
    CAPABILITIES.SPEED:10000 Mb/s
    CAPABILITIES.IS-SOFTWARE:no
    WIRED-PROPERTIES.CARRIER:on
    CONNECTIONS.AVAILABLE-CONNECTION-PATHS:
    
    

     

    If you already know the device name (for example eth0) you can use the "Get all properties from a device" that will have the same inputs with the addition of the device name.

     

    The configured network interface have devices that are bound to a connection profile. The connection profile determines the configuration of the device.

     

    You can use the "Get all properties from all connections" workflow to get all general connection properties.

    The NAME property is the one containing the connection ID that we will use as workflow input to perform connection profile configuration changes

     

    NAME:ethernet-eno33557248
    UUID:7eda20cc-5474-4192-b40a-ff61a57de7e0
    TYPE:802-3-ethernet
    TIMESTAMP:1443239447
    TIMESTAMP-REAL:Sat 26 Sep 2015 05:50:47 AM CEST
    AUTOCONNECT:yes
    AUTOCONNECT-PRIORITY:0
    READONLY:no
    DBUS-PATH:/org/freedesktop/NetworkManager/Settings/6
    ACTIVE:yes
    DEVICE:eno33557248
    STATE:activated
    ACTIVE-PATH:/org/freedesktop/NetworkManager/ActiveConnection/37
    
    

     

    The get all properties from a connection will require entering the connection id as input and will output a different set of properties:

     

    connection.id:ethernet-eno33557248
    connection.uuid:7eda20cc-5474-4192-b40a-ff61a57de7e0
    connection.interface-name:eno33557248
    connection.type:802-3-ethernet
    connection.autoconnect:yes
    connection.autoconnect-priority:0
    connection.timestamp:1443239447
    connection.read-only:no
    connection.permissions:
    connection.zone:--
    connection.master:--
    connection.slave-type:--
    connection.secondaries:
    connection.gateway-ping-timeout:0
    802-3-ethernet.port:--
    802-3-ethernet.speed:0
    802-3-ethernet.duplex:--
    802-3-ethernet.auto-negotiate:yes
    802-3-ethernet.mac-address:--
    802-3-ethernet.cloned-mac-address:--
    802-3-ethernet.mac-address-blacklist:
    802-3-ethernet.mtu:auto
    802-3-ethernet.s390-subchannels:
    802-3-ethernet.s390-nettype:--
    802-3-ethernet.s390-options:
    ipv4.method:auto
    ipv4.dns:
    ipv4.dns-search:
    ipv4.addresses:
    ipv4.gateway:--
    ipv4.routes:
    ipv4.route-metric:-1
    ipv4.ignore-auto-routes:no
    ipv4.ignore-auto-dns:no
    ipv4.dhcp-client-id:--
    ipv4.dhcp-send-hostname:yes
    ipv4.dhcp-hostname:--
    ipv4.never-default:no
    ipv4.may-fail:yes
    ipv6.method:auto
    ipv6.dns:
    ipv6.dns-search:
    ipv6.addresses:
    ipv6.gateway:--
    ipv6.routes:
    ipv6.route-metric:-1
    ipv6.ignore-auto-routes:no
    ipv6.ignore-auto-dns:no
    ipv6.never-default:no
    ipv6.may-fail:yes
    ipv6.ip6-privacy:-1 (unknown)
    ipv6.dhcp-send-hostname:yes
    ipv6.dhcp-hostname:--
    GENERAL.NAME:ethernet-eno33557248
    GENERAL.UUID:7eda20cc-5474-4192-b40a-ff61a57de7e0
    GENERAL.DEVICES:eno33557248
    GENERAL.STATE:activated
    GENERAL.DEFAULT:yes
    GENERAL.DEFAULT6:yes
    GENERAL.VPN:no
    GENERAL.ZONE:--
    GENERAL.DBUS-PATH:/org/freedesktop/NetworkManager/ActiveConnection/37
    GENERAL.CON-PATH:/org/freedesktop/NetworkManager/Settings/6
    GENERAL.SPEC-OBJECT:/
    GENERAL.MASTER-PATH:--
    IP4.ADDRESS[1]:192.168.1.32/24
    IP4.GATEWAY:192.168.1.254
    IP4.DNS[1]:192.168.1.254
    DHCP4.OPTION[1]:requested_domain_search = 1
    DHCP4.OPTION[2]:requested_nis_domain = 1
    DHCP4.OPTION[3]:requested_time_offset = 1
    DHCP4.OPTION[4]:requested_broadcast_address = 1
    DHCP4.OPTION[5]:requested_rfc3442_classless_static_routes = 1
    DHCP4.OPTION[6]:requested_classless_static_routes = 1
    DHCP4.OPTION[7]:requested_domain_name = 1
    DHCP4.OPTION[8]:expiry = 1443269566
    DHCP4.OPTION[9]:requested_wpad = 1
    DHCP4.OPTION[10]:next_server = 0.0.0.0
    DHCP4.OPTION[11]:broadcast_address = 192.168.1.255
    DHCP4.OPTION[12]:dhcp_message_type = 5
    DHCP4.OPTION[13]:requested_subnet_mask = 1
    DHCP4.OPTION[14]:dhcp_lease_time = 43200
    DHCP4.OPTION[15]:routers = 192.168.1.254
    DHCP4.OPTION[16]:ip_address = 192.168.1.32
    DHCP4.OPTION[17]:requested_static_routes = 1
    DHCP4.OPTION[18]:requested_interface_mtu = 1
    DHCP4.OPTION[19]:requested_nis_servers = 1
    DHCP4.OPTION[20]:requested_ntp_servers = 1
    DHCP4.OPTION[21]:subnet_mask = 255.255.255.0
    DHCP4.OPTION[22]:domain_name_servers = 192.168.1.254
    DHCP4.OPTION[23]:requested_ms_classless_static_routes = 1
    DHCP4.OPTION[24]:requested_routers = 1
    DHCP4.OPTION[25]:requested_domain_name_servers = 1
    DHCP4.OPTION[26]:network_number = 192.168.1.0
    DHCP4.OPTION[27]:requested_host_name = 1
    DHCP4.OPTION[28]:dhcp_server_identifier = 192.168.1.254
    IP6.ADDRESS[1]:2a01:e35:8bae:5370:250:56ff:fe94:8d26/128
    IP6.ADDRESS[2]:fe80::250:56ff:fe94:8d26/64
    IP6.GATEWAY:fe80::f6ca:e5ff:fe46:bb4a
    IP6.ROUTE[1]:dst = 2a01:e35:8bae:5370::/64, nh = ::, mt = 100
    IP6.DNS[1]:2a01:e00::2
    IP6.DNS[2]:2a01:e00::
    
    

     

    In case you need to get this set of properties for all connections I have created a "Get really all properties from all connections" workflow that work in 2 steps:

    • First it gets all the connection names
    • Then it run a command for each connection and outputting an aggregated array of properties.

     

     

    The workflows "Get connection names for given property values" and "Get devices names for given property values" allow you to find out the name of a connection or a device that has a set of property values matching the one you request.

    For example if I need to change the IP address of a connection without knowing its name I can for example get the connections that have and ipv4 gateway set to a given IP.

     

    Screen Shot 2015-09-28 at 19.17.14.png

     

    Another example would be to find out devices without a connection. This would be the case if a new NIC would be added via vSphere but no configuration would be done yet in the OS. For this the "Get device names for given property values" could be used with the device property "GENERAL.STATE" with a value of "30 (disconnected)" or with an empty connection : "GENERAL.CONNECTION" property with "--" value.

     

    The "Run network manager command" workflow assist you to  generate a network manager command and runs it.

     

    Screen Shot 2015-09-28 at 18.29.37.png

    The timeout is the time the workflow will wait for the command to complete before failing.

    The second time is the period in seconds the result of the command is going to be checked.

     

    Screen Shot 2015-09-28 at 18.32.43.png

    The second screen allows to select the object you will be acting on, the command, the ID / name of the device or connection if these are required.

    The last field is the command string being built. You may need to add additional parameters manually if you want to do more complex operations or if the workflow run tells you it is missing a parameter.

     

    The "Commands samples" folder contains workflows that have hard coded network manager commands I used often and provide simple inputs to be used as part of your custom workflows.

     

    Screen Shot 2015-09-28 at 19.34.29.png

    You should find most of the workflows you need to operate and change settings on connections and devices. If not it is easy to duplicate one of these workflows and to modify the nmcli command to be run.

     

    The sample flows category contains an example of a flow called "Change IP addresses and hostname on Oracle RAC node" with multiple get / set operations:

    Screen Shot 2015-09-29 at 15.45.49.png

     

    Basically the node we need to configure has 2 devices (one for public, one for private access) and the only information we have at run time is the network gateway used for each of these networks. By getting all the connection properties the workflow finds the unactive connections having the gateways we are looking for and assign new IPs for each. As a last step the hostname is changed.

     

    Screen Shot 2015-09-28 at 19.50.07.png

    Note that the IP addresses include the sub-netting in the form /xx and that to make an IP address change immediate the "Set a connection IP V4 addresses" workflow run an additional "nmcli connection up" command.

     

    Here is a demo of this workflow:

     

     

    You can download the networkManager package from flowgrab.