- tests/unittests: add a new unit test for network manager net

activator - rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg - net/nm: check for presence of ifcfg files when nm connection files are absent
2024-01-15 12:24:22 +03:00 · 2024-01-15 12:24:22 +03:00 · 95659faf41
commit 95659faf41
parent 2ea0fc34f6
4 changed files with 318 additions and 1 deletions
--- a/SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
+++ b/SOURCES/ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
@ -0,0 +1,60 @@
+From 5d6674508c6478fa2ca3d8c5d39b533a0bbb317a Mon Sep 17 00:00:00 2001
+From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+Date: Thu, 20 May 2021 08:53:55 +0200
+Subject: [PATCH] rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
+ in cloud.cfg
+
+RH-Author: Ani Sinha <None>
+RH-MergeRequest: 113: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
+RH-Jira: RHEL-16572
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+RH-Commit: [1/1] f506bf58dc5458f50624342ec33bcd390aa0b719 (anisinha/rhel-cloud-init)
+
+RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
+RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f
+RH-Bugzilla: 1957532
+RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
+RH-Acked-by: Cathy Avery <cavery@redhat.com>
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
+
+Currently genkeytypes in cloud.cfg is set to None, so together with
+ssh_deletekeys=1 cloudinit on first boot it will just delete the existing
+keys and not generate new ones.
+
+Just removing that property in cloud.cfg is not enough, because
+settings.py provides another empty default value that will be used
+instead, resulting to no key generated even when the property is not defined.
+
+Removing genkeytypes also in settings.py will default to GENERATE_KEY_NAMES,
+but since we want only 'rsa', 'ecdsa' and 'ed25519', add back genkeytypes in
+cloud.cfg with the above defaults.
+
+Also remove ssh_deletekeys in settings.py as we always need
+to 1 (and it also defaults to 1).
+
+Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
+(cherry picked from commit b545a0cbabe8924d048b7172b30e7aad59ed32d5)
+(cherry picked from commit 855dec5dcc0892c0f7cedf06b025a794769a2a8d)
+---
+ cloudinit/settings.py | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/cloudinit/settings.py b/cloudinit/settings.py
+index a36c518d..859ad546 100644
+--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
+@@ -55,8 +55,6 @@ CFG_BUILTIN = {
+     "log_cfgs": [],
+     "syslog_fix_perms": [],
+     "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
+-    "ssh_deletekeys": False,
+-    "ssh_genkeytypes": [],
+     "system_info": {
+         "paths": {
+             "cloud_dir": "/var/lib/cloud",
+-- 
+2.41.0
+
--- a/SOURCES/net-nm-check-for-presence-of-ifcfg.patch
+++ b/SOURCES/net-nm-check-for-presence-of-ifcfg.patch
@ -0,0 +1,112 @@
+From d1d5166895da471cff3606c70d4e8ab6eec1c006 Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Thu, 7 Dec 2023 02:39:51 +0530
+Subject: [PATCH] net/nm: check for presence of ifcfg files when nm connection
+ files are absent (#4645)
+
+On systems that use network manager to manage connections and activate network
+interfaces, they may also use ifcfg files for configuring
+interfaces using ifcfg-rh network manager plugin. When network manager is used
+as the activator, we need to also check for the presence of ifcfg interface
+config file when the network manager connection file is absent and if ifcfg-rh
+plugin is present.
+Hence, with this change, network manager activator first tries to use network
+manager connection files to bring up or bring down the interface. If the
+connection files are not present and if ifcfg-rh plugin is present, it tries to
+use ifcfg files for the interface. If the plugin or the ifcfg files are not
+present, the activator fails to activate or deactivate the interface and it
+bails out with warning log.
+
+Fixes: GH-4640
+
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+---
+ cloudinit/net/activators.py      |  7 +++++++
+ cloudinit/net/network_manager.py | 33 ++++++++++++++++++++++++++++++--
+ 2 files changed, 38 insertions(+), 2 deletions(-)
+
+diff --git a/cloudinit/net/activators.py b/cloudinit/net/activators.py
+index e69da40d371..dd85886212c 100644
+--- a/cloudinit/net/activators.py
+++ b/cloudinit/net/activators.py
+@@ -135,6 +135,13 @@ class NetworkManagerActivator(NetworkActivator):
+         from cloudinit.net.network_manager import conn_filename
+ 
+         filename = conn_filename(device_name)
+        if filename is None:
+            LOG.warning(
+                "Unable to find an interface config file. "
+                "Unable to bring up interface."
+            )
+            return False
+
+         cmd = ["nmcli", "connection", "load", filename]
+         if _alter_interface(cmd, device_name):
+             cmd = ["nmcli", "connection", "up", "filename", filename]
+diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
+index 8a99eb3a1c5..76a0ac15eaa 100644
+--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
+@@ -17,10 +17,12 @@ from cloudinit import log as logging
+ from cloudinit import subp, util
+ from cloudinit.net import is_ipv6_address, renderer, subnet_is_ipv6
+ from cloudinit.net.network_state import NetworkState
+from cloudinit.net.sysconfig import available_nm_ifcfg_rh
+ 
+ NM_RUN_DIR = "/etc/NetworkManager"
+ NM_LIB_DIR = "/usr/lib/NetworkManager"
+ NM_CFG_FILE = "/etc/NetworkManager/NetworkManager.conf"
+IFCFG_CFG_FILE = "/etc/sysconfig/network-scripts"
+ NM_IPV6_ADDR_GEN_CONF = """# This is generated by cloud-init. Do not edit.
+ #
+ [.config]
+@@ -374,7 +376,7 @@ class Renderer(renderer.Renderer):
+         for con_id, conn in self.connections.items():
+             if not conn.valid():
+                 continue
+-            name = conn_filename(con_id, target)
+            name = nm_conn_filename(con_id, target)
+             util.write_file(name, conn.dump(), 0o600)
+ 
+         # Select EUI64 to be used by default by NM for creating the address
+@@ -384,12 +386,39 @@ class Renderer(renderer.Renderer):
+         )
+ 
+ 
+-def conn_filename(con_id, target=None):
+def nm_conn_filename(con_id, target=None):
+     target_con_dir = subp.target_path(target, NM_RUN_DIR)
+     con_file = f"cloud-init-{con_id}.nmconnection"
+     return f"{target_con_dir}/system-connections/{con_file}"
+ 
+ 
+def sysconfig_conn_filename(devname, target=None):
+    target_con_dir = subp.target_path(target, IFCFG_CFG_FILE)
+    con_file = f"ifcfg-{devname}"
+    return f"{target_con_dir}/{con_file}"
+
+
+def conn_filename(devname):
+    """
+    This function returns the name of the interface config file.
+    It first checks for presence of network manager connection file.
+    If absent and ifcfg-rh plugin for network manager is available,
+    it returns the name of the ifcfg file if it is present. If the
+    plugin is not present or the plugin is present but ifcfg file is
+    not, it returns None.
+    This function is called from NetworkManagerActivator class in
+    activators.py.
+    """
+    conn_file = nm_conn_filename(devname)
+    # If the network manager connection file is absent, also check for
+    # presence of ifcfg files for the same interface (if nm-ifcfg-rh plugin is
+    # present, network manager can handle ifcfg files). If both network manager
+    # connection file and ifcfg files are absent, return None.
+    if not os.path.isfile(conn_file) and available_nm_ifcfg_rh():
+        conn_file = sysconfig_conn_filename(devname)
+    return conn_file if os.path.isfile(conn_file) else None
+
+
+ def cloud_init_nm_conf_filename(target=None):
+     target_con_dir = subp.target_path(target, NM_RUN_DIR)
+     conf_file = "30-cloud-init-ip6-addr-gen-mode.conf"
--- a/SOURCES/tests-unittests-add-a-new-unit-test.patch
+++ b/SOURCES/tests-unittests-add-a-new-unit-test.patch
@ -0,0 +1,129 @@
+From bb474df78bfe45ea5f05907eb710e8d5de764fc8 Mon Sep 17 00:00:00 2001
+From: Ani Sinha <anisinha@redhat.com>
+Date: Thu, 7 Dec 2023 21:03:13 +0530
+Subject: [PATCH] tests/unittests: add a new unit test for network manager net
+ activator (#4672)
+
+Some changes in behavior in network manager net activator was brought in with
+the commit
+d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent")
+
+This change adds some unit tests that exercizes network manager activator's
+bring_up_interface() method that tests failure scenarios as well as cases
+where an ifcfg file is used to bring the interface up.
+
+Signed-off-by: Ani Sinha <anisinha@redhat.com>
+---
+ tests/unittests/test_net_activators.py | 103 +++++++++++++++++++++++++
+ 1 file changed, 103 insertions(+)
+
+diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py
+index 2a363ec415b..d53701efafb 100644
+--- a/tests/unittests/test_net_activators.py
+++ b/tests/unittests/test_net_activators.py
+@@ -347,3 +347,105 @@ class TestActivatorsBringDown:
+         activator.bring_down_all_interfaces(network_state)
+         for call in m_subp.call_args_list:
+             assert call in expected_call_list
+
+class TestNetworkManagerActivatorBringUp:
+    @patch("cloudinit.subp.subp", return_value=("", ""))
+    @patch(
+        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+        return_value=True,
+    )
+    @patch("os.path.isfile")
+    @patch("os.path.exists", return_value=True)
+    def test_bring_up_interface_no_nm_conn(
+        self, m_exists, m_isfile, m_plugin, m_subp
+    ):
+        """
+        There is no network manager connection file but ifcfg-rh plugin is
+        present and ifcfg interface config files are also present. In this
+        case, we should use ifcfg files.
+        """
+
+        def fake_isfile_no_nmconn(filename):
+            return False if filename.endswith(".nmconnection") else True
+
+        m_isfile.side_effect = fake_isfile_no_nmconn
+
+        expected_call_list = [
+            (
+                (
+                    [
+                        "nmcli",
+                        "connection",
+                        "load",
+                        "".join(
+                            [
+                                "/etc/sysconfig/network-scripts/ifcfg-eth0",
+                            ]
+                        ),
+                    ],
+                ),
+                {},
+            ),
+            (
+                (
+                    [
+                        "nmcli",
+                        "connection",
+                        "up",
+                        "filename",
+                        "".join(
+                            [
+                                "/etc/sysconfig/network-scripts/ifcfg-eth0",
+                            ]
+                        ),
+                    ],
+                ),
+                {},
+            ),
+        ]
+
+        index = 0
+        assert NetworkManagerActivator.bring_up_interface("eth0")
+        for call in m_subp.call_args_list:
+            assert call == expected_call_list[index]
+            index += 1
+
+    @patch("cloudinit.subp.subp", return_value=("", ""))
+    @patch(
+        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+        return_value=False,
+    )
+    @patch("os.path.isfile")
+    @patch("os.path.exists", return_value=True)
+    def test_bring_up_interface_no_plugin_no_nm_conn(
+        self, m_exists, m_isfile, m_plugin, m_subp
+    ):
+        """
+        The ifcfg-rh plugin is absent and nmconnection file is also
+        not present. In this case, we can't use ifcfg file and the
+        interface bring up should fail.
+        """
+
+        def fake_isfile_no_nmconn(filename):
+            return False if filename.endswith(".nmconnection") else True
+
+        m_isfile.side_effect = fake_isfile_no_nmconn
+        assert not NetworkManagerActivator.bring_up_interface("eth0")
+
+    @patch("cloudinit.subp.subp", return_value=("", ""))
+    @patch(
+        "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+        return_value=True,
+    )
+    @patch("os.path.isfile", return_value=False)
+    @patch("os.path.exists", return_value=True)
+    def test_bring_up_interface_no_conn_file(
+        self, m_exists, m_isfile, m_plugin, m_subp
+    ):
+        """
+        Neither network manager connection files are present nor
+        ifcfg files are present. Even if ifcfg-rh plugin is present,
+        we can not bring up the interface. So bring_up_interface()
+        should fail.
+        """
+        assert not NetworkManagerActivator.bring_up_interface("eth0")
--- a/SPECS/cloud-init.spec
+++ b/SPECS/cloud-init.spec
@ -6,7 +6,7 @@

 Name:           cloud-init
 Version:        23.1.1
-Release:        10%{?dist}.alma.1
+Release:        11%{?dist}.1.alma.1
 Summary:        Cloud instance init scripts

 Group:          System Environment/Base
@ -55,6 +55,14 @@ Patch29: ci-DS-VMware-modify-a-few-log-level-4284.patch
 # For bz#2229460 - [rhel-8.9] [RFE] Configure "ipv6.addr-gen-mode=eui64' as default in NetworkManager
 Patch30: ci-NM-renderer-set-default-IPv6-addr-gen-mode-for-all-i.patch

+# Patches were taken from:
+# https://github.com/canonical/cloud-init/commit/d1d5166895da471cff3606c70d4e8ab6eec1c006
+Patch31: net-nm-check-for-presence-of-ifcfg.patch
+# https://gitlab.com/redhat/centos-stream/rpms/cloud-init/-/commit/46b71b3a2dd8fb9cff34dbc217f5f4a69bad08cb
+Patch32: ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
+# https://github.com/canonical/cloud-init/commit/bb474df78bfe45ea5f05907eb710e8d5de764fc8
+Patch33: tests-unittests-add-a-new-unit-test.patch
+
 # AlmaLinux OS patches
 Patch100: 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch

@ -275,6 +283,14 @@ fi
 %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf

 %changelog
+* Mon Jan 15 2023 Eduard Abdullin <eabdullin@almalinux.org> - 23.1.1-11.1.alma.1 
+- tests/unittests: add a new unit test for network manager net
+ activator
+- rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
+ in cloud.cfg
+- net/nm: check for presence of ifcfg files when nm connection
+ files are absent
+
 * Tue Oct 10 2023 Elkhan Mammadli <elkhan@almalinux.org> - 23.1.1-10.alma.1
 - 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch