Compare commits

...

21 Commits
c8 ... a8

Author SHA1 Message Date
1f0dca570d Merge branch 'c8' into a8 2024-09-24 11:40:33 +03:00
4658885b13 Merge branch 'c8' into a8 2024-08-14 19:19:32 +03:00
dd50a98be4 Merge branch 'c8' into a8 2024-07-03 12:57:16 +03:00
4416a206ed Merge branch 'c8' into a8 2024-05-23 13:56:46 +03:00
51be451cf8 - tests/unittests: add a new unit test for network manager net
activator
- rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
 in cloud.cfg
- net/nm: check for presence of ifcfg files when nm connection
 files are absent
2024-01-15 12:48:35 +03:00
2ea0fc34f6 Merge branch 'c8' into a8 2024-01-15 12:08:49 +03:00
d6635242f0 - Check for null ssh_genkeytypes value in cloud.cfg that breaks ssh connectivity after upgrade to a newer version of cloud-init. 2023-08-09 12:10:43 +03:00
eabdullin
c5d22940af Merge branch 'c8' into a8 2023-05-16 07:06:55 +00:00
2c0dd31b0c Fix and Improve AlmaLinux support 2023-02-22 12:33:21 +00:00
eabdullin
22c0ba2138 Merge branch 'c8' into a8 2023-02-21 09:41:15 +00:00
eabdullin
c5c5336095 Merge branch 'c8' into a8 2022-11-08 11:53:26 +00:00
eabdullin
7a3307e917 Merge branch 'c8' into a8 2022-06-28 11:00:42 +00:00
eabdullin
2344282569 Merge branch 'c8' into a8 2022-05-23 09:17:50 +00:00
5387e49f25 Fix changelog 2022-05-10 19:25:05 +03:00
d47c75e378 Fix changelog 2022-05-10 18:41:44 +03:00
eabdullin
2ce431529e Merge branch 'c8' into a8 2022-05-10 08:01:35 +00:00
eabdullin
d64121db93 Merge branch 'c8' into a8 2022-04-26 18:07:55 +00:00
eabdullin
8b91a21033 Merge branch 'c8' into a8 2022-03-25 11:09:50 +00:00
eabdullin
70d9bad6a5 Merge branch 'c8' into a8 2021-12-24 08:41:45 +00:00
eabdullin
2dcb114744 AlmaLinux changes 2021-11-17 14:47:32 +03:00
1508331c91 AlmaLinux changes 2021-09-14 11:36:44 +00:00
5 changed files with 765 additions and 1 deletions

View File

@ -0,0 +1,457 @@
From f4f100c0dddf1f11b239374a8dc452739b8e6a81 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <alukoshko@almalinux.org>
Date: Thu, 28 Mar 2024 14:24:08 +0000
Subject: [PATCH] Improvements for AlmaLinux OS and CloudLinux OS
Add AlmaLinux OS and CloudLinux OS support to:
Modules:
- cc_ca_certs
- cc_ntp
- cc_resolv_conf
Datasources:
- Rbx Cloud Datasource
Systemd services:
- cloud-final.service
- cloud-init-local.service
- cloud-init.service
---
cloudinit/config/cc_ca_certs.py | 8 ++++
cloudinit/config/cc_ntp.py | 11 ++---
cloudinit/config/cc_resolv_conf.py | 2 +
cloudinit/settings.py | 2 +-
cloudinit/sources/DataSourceRbxCloud.py | 2 +-
systemd/cloud-final.service.tmpl | 2 +-
systemd/cloud-init-local.service.tmpl | 10 ++--
systemd/cloud-init.service.tmpl | 2 +-
templates/chrony.conf.almalinux.tmpl | 51 ++++++++++++++++++++
templates/chrony.conf.cloudlinux.tmpl | 51 ++++++++++++++++++++
templates/ntp.conf.almalinux.tmpl | 64 +++++++++++++++++++++++++
templates/ntp.conf.cloudlinux.tmpl | 64 +++++++++++++++++++++++++
12 files changed, 252 insertions(+), 17 deletions(-)
create mode 100644 templates/chrony.conf.almalinux.tmpl
create mode 100644 templates/chrony.conf.cloudlinux.tmpl
create mode 100644 templates/ntp.conf.almalinux.tmpl
create mode 100644 templates/ntp.conf.cloudlinux.tmpl
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
index 8d3fd9a..4dd5843 100644
--- a/cloudinit/config/cc_ca_certs.py
+++ b/cloudinit/config/cc_ca_certs.py
@@ -57,6 +57,12 @@ for distro in (
):
DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"]
+for distro in (
+ "almalinux",
+ "cloudlinux",
+):
+ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["rhel"]
+
MODULE_DESCRIPTION = """\
This module adds CA certificates to the system's CA store and updates any
related files using the appropriate OS-specific utility. The default CA
@@ -72,6 +78,8 @@ configuration option ``remove_defaults``.
order to provide the ``update-ca-certificates`` command.
"""
distros = [
+ "almalinux",
+ "cloudlinux",
"alpine",
"debian",
"fedora",
diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py
index 9eef24f..1015d43 100644
--- a/cloudinit/config/cc_ntp.py
+++ b/cloudinit/config/cc_ntp.py
@@ -109,14 +109,6 @@ DISTRO_CLIENT_CONFIG = {
"service_name": "ntpd",
},
},
- "centos": {
- "ntp": {
- "service_name": "ntpd",
- },
- "chrony": {
- "service_name": "chronyd",
- },
- },
"cos": {
"chrony": {
"service_name": "chronyd",
@@ -224,6 +216,9 @@ DISTRO_CLIENT_CONFIG = {
for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"):
DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["opensuse"]
+for distro in ("almalinux", "centos", "cloudlinux"):
+ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"]
+
for distro in ("sle_hpc", "sle-micro"):
DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"]
diff --git a/cloudinit/config/cc_resolv_conf.py b/cloudinit/config/cc_resolv_conf.py
index aa88919..4eb1d76 100644
--- a/cloudinit/config/cc_resolv_conf.py
+++ b/cloudinit/config/cc_resolv_conf.py
@@ -57,7 +57,9 @@ meta: MetaSchema = {
"title": "Configure resolv.conf",
"description": MODULE_DESCRIPTION,
"distros": [
+ "almalinux",
"alpine",
+ "cloudlinux",
"fedora",
"mariner",
"opensuse",
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index 5ced21b..51cb115 100644
--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
@@ -61,7 +61,7 @@ CFG_BUILTIN = {
"cloud_dir": "/var/lib/cloud",
"templates_dir": "/etc/cloud/templates/",
},
- "distro": "rhel",
+ "distro": "almalinux",
"network": {"renderers": None},
},
"vendor_data": {"enabled": True, "prefix": []},
diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py
index 9214f1b..14880ec 100644
--- a/cloudinit/sources/DataSourceRbxCloud.py
+++ b/cloudinit/sources/DataSourceRbxCloud.py
@@ -60,7 +60,7 @@ def _sub_arp(cmd):
def gratuitous_arp(items, distro):
source_param = "-S"
- if distro.name in ["fedora", "centos", "rhel"]:
+ if distro.name in ["almalinux", "fedora", "centos", "cloudlinux", "rhel"]:
source_param = "-s"
for item in items:
try:
diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
index bcf8b00..6d34761 100644
--- a/systemd/cloud-final.service.tmpl
+++ b/systemd/cloud-final.service.tmpl
@@ -18,7 +18,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
RemainAfterExit=yes
TimeoutSec=0
KillMode=process
-{% if variant == "rhel" %}
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
# Restart NetworkManager if it is present and running.
ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
out=$(systemctl show --property=SubState $u) || exit; \
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
index 3a1ca7f..853ae2c 100644
--- a/systemd/cloud-init-local.service.tmpl
+++ b/systemd/cloud-init-local.service.tmpl
@@ -1,23 +1,23 @@
## template:jinja
[Unit]
Description=Initial cloud-init job (pre-networking)
-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
+{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel" ] %}
DefaultDependencies=no
{% endif %}
Wants=network-pre.target
After=hv_kvp_daemon.service
After=systemd-remount-fs.service
-{% if variant == "rhel" %}
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
Requires=dbus.socket
After=dbus.socket
{% endif %}
Before=NetworkManager.service
-{% if variant == "rhel" %}
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
Before=network.service
{% endif %}
Before=network-pre.target
Before=shutdown.target
-{% if variant == "rhel" %}
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
Before=firewalld.target
Conflicts=shutdown.target
{% endif %}
@@ -32,7 +32,7 @@ ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled
[Service]
Type=oneshot
-{% if variant == "rhel" %}
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
ExecStartPre=/bin/mkdir -p /run/cloud-init
ExecStartPre=/sbin/restorecon /run/cloud-init
ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
index bf91164..1ae88f7 100644
--- a/systemd/cloud-init.service.tmpl
+++ b/systemd/cloud-init.service.tmpl
@@ -1,7 +1,7 @@
## template:jinja
[Unit]
Description=Initial cloud-init job (metadata service crawler)
-{% if variant not in ["photon", "rhel"] %}
+{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %}
DefaultDependencies=no
{% endif %}
Wants=cloud-init-local.service
diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl
new file mode 100644
index 0000000..43b1f5d
--- /dev/null
+++ b/templates/chrony.conf.almalinux.tmpl
@@ -0,0 +1,51 @@
+## template:jinja
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+{% if pools %}# pools
+{% endif %}
+{% for pool in pools -%}
+pool {{pool}} iburst
+{% endfor %}
+{%- if servers %}# servers
+{% endif %}
+{% for server in servers -%}
+server {{server}} iburst
+{% endfor %}
+{% for peer in peers -%}
+peer {{peer}}
+{% endfor %}
+{% for a in allow -%}
+allow {{a}}
+{% endfor %}
+
+# Record the rate at which the system clock gains/losses time.
+driftfile /var/lib/chrony/drift
+
+# Allow the system clock to be stepped in the first three updates
+# if its offset is larger than 1 second.
+makestep 1.0 3
+
+# Enable kernel synchronization of the real-time clock (RTC).
+rtcsync
+
+# Enable hardware timestamping on all interfaces that support it.
+#hwtimestamp *
+
+# Increase the minimum number of selectable sources required to adjust
+# the system clock.
+#minsources 2
+
+# Allow NTP client access from local network.
+#allow 192.168.0.0/16
+
+# Serve time even if not synchronized to a time source.
+#local stratum 10
+
+# Specify file containing keys for NTP authentication.
+#keyfile /etc/chrony.keys
+
+# Specify directory for log files.
+logdir /var/log/chrony
+
+# Select which information is logged.
+#log measurements statistics tracking
diff --git a/templates/chrony.conf.cloudlinux.tmpl b/templates/chrony.conf.cloudlinux.tmpl
new file mode 100644
index 0000000..43b1f5d
--- /dev/null
+++ b/templates/chrony.conf.cloudlinux.tmpl
@@ -0,0 +1,51 @@
+## template:jinja
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+{% if pools %}# pools
+{% endif %}
+{% for pool in pools -%}
+pool {{pool}} iburst
+{% endfor %}
+{%- if servers %}# servers
+{% endif %}
+{% for server in servers -%}
+server {{server}} iburst
+{% endfor %}
+{% for peer in peers -%}
+peer {{peer}}
+{% endfor %}
+{% for a in allow -%}
+allow {{a}}
+{% endfor %}
+
+# Record the rate at which the system clock gains/losses time.
+driftfile /var/lib/chrony/drift
+
+# Allow the system clock to be stepped in the first three updates
+# if its offset is larger than 1 second.
+makestep 1.0 3
+
+# Enable kernel synchronization of the real-time clock (RTC).
+rtcsync
+
+# Enable hardware timestamping on all interfaces that support it.
+#hwtimestamp *
+
+# Increase the minimum number of selectable sources required to adjust
+# the system clock.
+#minsources 2
+
+# Allow NTP client access from local network.
+#allow 192.168.0.0/16
+
+# Serve time even if not synchronized to a time source.
+#local stratum 10
+
+# Specify file containing keys for NTP authentication.
+#keyfile /etc/chrony.keys
+
+# Specify directory for log files.
+logdir /var/log/chrony
+
+# Select which information is logged.
+#log measurements statistics tracking
diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl
new file mode 100644
index 0000000..9884df5
--- /dev/null
+++ b/templates/ntp.conf.almalinux.tmpl
@@ -0,0 +1,64 @@
+## template:jinja
+
+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+# Permit time synchronization with our time source, but do not
+# permit the source to query or modify the service on this system.
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+
+# Permit all access over the loopback interface. This could
+# be tightened as well, but to do so would effect some of
+# the administrative functions.
+restrict 127.0.0.1
+restrict -6 ::1
+
+# Hosts on local network are less restricted.
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+{% if pools %}# pools
+{% endif %}
+{% for pool in pools -%}
+pool {{pool}} iburst
+{% endfor %}
+{%- if servers %}# servers
+{% endif %}
+{% for server in servers -%}
+server {{server}} iburst
+{% endfor %}
+{% for peer in peers -%}
+peer {{peer}}
+{% endfor %}
+
+#broadcast 192.168.1.255 autokey # broadcast server
+#broadcastclient # broadcast client
+#broadcast 224.0.1.1 autokey # multicast server
+#multicastclient 224.0.1.1 # multicast client
+#manycastserver 239.255.254.254 # manycast server
+#manycastclient 239.255.254.254 autokey # manycast client
+
+# Enable public key cryptography.
+#crypto
+
+includefile /etc/ntp/crypto/pw
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography.
+keys /etc/ntp/keys
+
+# Specify the key identifiers which are trusted.
+#trustedkey 4 8 42
+
+# Specify the key identifier to use with the ntpdc utility.
+#requestkey 8
+
+# Specify the key identifier to use with the ntpq utility.
+#controlkey 8
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats
diff --git a/templates/ntp.conf.cloudlinux.tmpl b/templates/ntp.conf.cloudlinux.tmpl
new file mode 100644
index 0000000..9884df5
--- /dev/null
+++ b/templates/ntp.conf.cloudlinux.tmpl
@@ -0,0 +1,64 @@
+## template:jinja
+
+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+# Permit time synchronization with our time source, but do not
+# permit the source to query or modify the service on this system.
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+
+# Permit all access over the loopback interface. This could
+# be tightened as well, but to do so would effect some of
+# the administrative functions.
+restrict 127.0.0.1
+restrict -6 ::1
+
+# Hosts on local network are less restricted.
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+{% if pools %}# pools
+{% endif %}
+{% for pool in pools -%}
+pool {{pool}} iburst
+{% endfor %}
+{%- if servers %}# servers
+{% endif %}
+{% for server in servers -%}
+server {{server}} iburst
+{% endfor %}
+{% for peer in peers -%}
+peer {{peer}}
+{% endfor %}
+
+#broadcast 192.168.1.255 autokey # broadcast server
+#broadcastclient # broadcast client
+#broadcast 224.0.1.1 autokey # multicast server
+#multicastclient 224.0.1.1 # multicast client
+#manycastserver 239.255.254.254 # manycast server
+#manycastclient 239.255.254.254 autokey # manycast client
+
+# Enable public key cryptography.
+#crypto
+
+includefile /etc/ntp/crypto/pw
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography.
+keys /etc/ntp/keys
+
+# Specify the key identifiers which are trusted.
+#trustedkey 4 8 42
+
+# Specify the key identifier to use with the ntpdc utility.
+#requestkey 8
+
+# Specify the key identifier to use with the ntpq utility.
+#controlkey 8
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats
--
2.27.0

View File

@ -0,0 +1,60 @@
From 5d6674508c6478fa2ca3d8c5d39b533a0bbb317a Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Thu, 20 May 2021 08:53:55 +0200
Subject: [PATCH] rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set
in cloud.cfg
RH-Author: Ani Sinha <None>
RH-MergeRequest: 113: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
RH-Jira: RHEL-16572
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
RH-Commit: [1/1] f506bf58dc5458f50624342ec33bcd390aa0b719 (anisinha/rhel-cloud-init)
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f
RH-Bugzilla: 1957532
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
RH-Acked-by: Cathy Avery <cavery@redhat.com>
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
Currently genkeytypes in cloud.cfg is set to None, so together with
ssh_deletekeys=1 cloudinit on first boot it will just delete the existing
keys and not generate new ones.
Just removing that property in cloud.cfg is not enough, because
settings.py provides another empty default value that will be used
instead, resulting to no key generated even when the property is not defined.
Removing genkeytypes also in settings.py will default to GENERATE_KEY_NAMES,
but since we want only 'rsa', 'ecdsa' and 'ed25519', add back genkeytypes in
cloud.cfg with the above defaults.
Also remove ssh_deletekeys in settings.py as we always need
to 1 (and it also defaults to 1).
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
(cherry picked from commit b545a0cbabe8924d048b7172b30e7aad59ed32d5)
(cherry picked from commit 855dec5dcc0892c0f7cedf06b025a794769a2a8d)
---
cloudinit/settings.py | 2 --
1 file changed, 2 deletions(-)
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
index a36c518d..859ad546 100644
--- a/cloudinit/settings.py
+++ b/cloudinit/settings.py
@@ -55,8 +55,6 @@ CFG_BUILTIN = {
"log_cfgs": [],
"syslog_fix_perms": [],
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
- "ssh_deletekeys": False,
- "ssh_genkeytypes": [],
"system_info": {
"paths": {
"cloud_dir": "/var/lib/cloud",
--
2.41.0

View File

@ -0,0 +1,112 @@
From d1d5166895da471cff3606c70d4e8ab6eec1c006 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 7 Dec 2023 02:39:51 +0530
Subject: [PATCH] net/nm: check for presence of ifcfg files when nm connection
files are absent (#4645)
On systems that use network manager to manage connections and activate network
interfaces, they may also use ifcfg files for configuring
interfaces using ifcfg-rh network manager plugin. When network manager is used
as the activator, we need to also check for the presence of ifcfg interface
config file when the network manager connection file is absent and if ifcfg-rh
plugin is present.
Hence, with this change, network manager activator first tries to use network
manager connection files to bring up or bring down the interface. If the
connection files are not present and if ifcfg-rh plugin is present, it tries to
use ifcfg files for the interface. If the plugin or the ifcfg files are not
present, the activator fails to activate or deactivate the interface and it
bails out with warning log.
Fixes: GH-4640
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
cloudinit/net/activators.py | 7 +++++++
cloudinit/net/network_manager.py | 33 ++++++++++++++++++++++++++++++--
2 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/cloudinit/net/activators.py b/cloudinit/net/activators.py
index e69da40d371..dd85886212c 100644
--- a/cloudinit/net/activators.py
+++ b/cloudinit/net/activators.py
@@ -135,6 +135,13 @@ class NetworkManagerActivator(NetworkActivator):
from cloudinit.net.network_manager import conn_filename
filename = conn_filename(device_name)
+ if filename is None:
+ LOG.warning(
+ "Unable to find an interface config file. "
+ "Unable to bring up interface."
+ )
+ return False
+
cmd = ["nmcli", "connection", "load", filename]
if _alter_interface(cmd, device_name):
cmd = ["nmcli", "connection", "up", "filename", filename]
diff --git a/cloudinit/net/network_manager.py b/cloudinit/net/network_manager.py
index 8a99eb3a1c5..76a0ac15eaa 100644
--- a/cloudinit/net/network_manager.py
+++ b/cloudinit/net/network_manager.py
@@ -17,10 +17,12 @@ from cloudinit import log as logging
from cloudinit import subp, util
from cloudinit.net import is_ipv6_address, renderer, subnet_is_ipv6
from cloudinit.net.network_state import NetworkState
+from cloudinit.net.sysconfig import available_nm_ifcfg_rh
NM_RUN_DIR = "/etc/NetworkManager"
NM_LIB_DIR = "/usr/lib/NetworkManager"
NM_CFG_FILE = "/etc/NetworkManager/NetworkManager.conf"
+IFCFG_CFG_FILE = "/etc/sysconfig/network-scripts"
NM_IPV6_ADDR_GEN_CONF = """# This is generated by cloud-init. Do not edit.
#
[.config]
@@ -374,7 +376,7 @@ class Renderer(renderer.Renderer):
for con_id, conn in self.connections.items():
if not conn.valid():
continue
- name = conn_filename(con_id, target)
+ name = nm_conn_filename(con_id, target)
util.write_file(name, conn.dump(), 0o600)
# Select EUI64 to be used by default by NM for creating the address
@@ -384,12 +386,39 @@ class Renderer(renderer.Renderer):
)
-def conn_filename(con_id, target=None):
+def nm_conn_filename(con_id, target=None):
target_con_dir = subp.target_path(target, NM_RUN_DIR)
con_file = f"cloud-init-{con_id}.nmconnection"
return f"{target_con_dir}/system-connections/{con_file}"
+def sysconfig_conn_filename(devname, target=None):
+ target_con_dir = subp.target_path(target, IFCFG_CFG_FILE)
+ con_file = f"ifcfg-{devname}"
+ return f"{target_con_dir}/{con_file}"
+
+
+def conn_filename(devname):
+ """
+ This function returns the name of the interface config file.
+ It first checks for presence of network manager connection file.
+ If absent and ifcfg-rh plugin for network manager is available,
+ it returns the name of the ifcfg file if it is present. If the
+ plugin is not present or the plugin is present but ifcfg file is
+ not, it returns None.
+ This function is called from NetworkManagerActivator class in
+ activators.py.
+ """
+ conn_file = nm_conn_filename(devname)
+ # If the network manager connection file is absent, also check for
+ # presence of ifcfg files for the same interface (if nm-ifcfg-rh plugin is
+ # present, network manager can handle ifcfg files). If both network manager
+ # connection file and ifcfg files are absent, return None.
+ if not os.path.isfile(conn_file) and available_nm_ifcfg_rh():
+ conn_file = sysconfig_conn_filename(devname)
+ return conn_file if os.path.isfile(conn_file) else None
+
+
def cloud_init_nm_conf_filename(target=None):
target_con_dir = subp.target_path(target, NM_RUN_DIR)
conf_file = "30-cloud-init-ip6-addr-gen-mode.conf"

View File

@ -0,0 +1,129 @@
From bb474df78bfe45ea5f05907eb710e8d5de764fc8 Mon Sep 17 00:00:00 2001
From: Ani Sinha <anisinha@redhat.com>
Date: Thu, 7 Dec 2023 21:03:13 +0530
Subject: [PATCH] tests/unittests: add a new unit test for network manager net
activator (#4672)
Some changes in behavior in network manager net activator was brought in with
the commit
d1d5166895da ("net/nm: check for presence of ifcfg files when nm connection files are absent")
This change adds some unit tests that exercizes network manager activator's
bring_up_interface() method that tests failure scenarios as well as cases
where an ifcfg file is used to bring the interface up.
Signed-off-by: Ani Sinha <anisinha@redhat.com>
---
tests/unittests/test_net_activators.py | 103 +++++++++++++++++++++++++
1 file changed, 103 insertions(+)
diff --git a/tests/unittests/test_net_activators.py b/tests/unittests/test_net_activators.py
index 2a363ec415b..d53701efafb 100644
--- a/tests/unittests/test_net_activators.py
+++ b/tests/unittests/test_net_activators.py
@@ -347,3 +347,105 @@ class TestActivatorsBringDown:
activator.bring_down_all_interfaces(network_state)
for call in m_subp.call_args_list:
assert call in expected_call_list
+
+class TestNetworkManagerActivatorBringUp:
+ @patch("cloudinit.subp.subp", return_value=("", ""))
+ @patch(
+ "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+ return_value=True,
+ )
+ @patch("os.path.isfile")
+ @patch("os.path.exists", return_value=True)
+ def test_bring_up_interface_no_nm_conn(
+ self, m_exists, m_isfile, m_plugin, m_subp
+ ):
+ """
+ There is no network manager connection file but ifcfg-rh plugin is
+ present and ifcfg interface config files are also present. In this
+ case, we should use ifcfg files.
+ """
+
+ def fake_isfile_no_nmconn(filename):
+ return False if filename.endswith(".nmconnection") else True
+
+ m_isfile.side_effect = fake_isfile_no_nmconn
+
+ expected_call_list = [
+ (
+ (
+ [
+ "nmcli",
+ "connection",
+ "load",
+ "".join(
+ [
+ "/etc/sysconfig/network-scripts/ifcfg-eth0",
+ ]
+ ),
+ ],
+ ),
+ {},
+ ),
+ (
+ (
+ [
+ "nmcli",
+ "connection",
+ "up",
+ "filename",
+ "".join(
+ [
+ "/etc/sysconfig/network-scripts/ifcfg-eth0",
+ ]
+ ),
+ ],
+ ),
+ {},
+ ),
+ ]
+
+ index = 0
+ assert NetworkManagerActivator.bring_up_interface("eth0")
+ for call in m_subp.call_args_list:
+ assert call == expected_call_list[index]
+ index += 1
+
+ @patch("cloudinit.subp.subp", return_value=("", ""))
+ @patch(
+ "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+ return_value=False,
+ )
+ @patch("os.path.isfile")
+ @patch("os.path.exists", return_value=True)
+ def test_bring_up_interface_no_plugin_no_nm_conn(
+ self, m_exists, m_isfile, m_plugin, m_subp
+ ):
+ """
+ The ifcfg-rh plugin is absent and nmconnection file is also
+ not present. In this case, we can't use ifcfg file and the
+ interface bring up should fail.
+ """
+
+ def fake_isfile_no_nmconn(filename):
+ return False if filename.endswith(".nmconnection") else True
+
+ m_isfile.side_effect = fake_isfile_no_nmconn
+ assert not NetworkManagerActivator.bring_up_interface("eth0")
+
+ @patch("cloudinit.subp.subp", return_value=("", ""))
+ @patch(
+ "cloudinit.net.network_manager.available_nm_ifcfg_rh",
+ return_value=True,
+ )
+ @patch("os.path.isfile", return_value=False)
+ @patch("os.path.exists", return_value=True)
+ def test_bring_up_interface_no_conn_file(
+ self, m_exists, m_isfile, m_plugin, m_subp
+ ):
+ """
+ Neither network manager connection files are present nor
+ ifcfg files are present. Even if ifcfg-rh plugin is present,
+ we can not bring up the interface. So bring_up_interface()
+ should fail.
+ """
+ assert not NetworkManagerActivator.bring_up_interface("eth0")

View File

@ -6,7 +6,7 @@
Name: cloud-init
Version: 23.4
Release: 7%{?dist}.8
Release: 7%{?dist}.8.alma.1
Summary: Cloud instance init scripts
Group: System Environment/Base
@ -58,6 +58,9 @@ Patch31: ci-fix-Clean-cache-if-no-datasource-fallback-5499.patch
# For RHEL-54155 - [RHEL 8.10] cloud-init schema validation fails.
Patch32: ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch
# AlmaLinux OS patches
Patch100: 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch
BuildArch: noarch
BuildRequires: pkgconfig(systemd)
@ -272,6 +275,9 @@ fi
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
%changelog
* Tue Sep 24 2024 Eduard Abdullin <eabdullin@almalinux.org> - 23.4-7.el8_10.8.alma.1
- 0001-Improvements-for-AlmaLinux-OS-and-CloudLinux-OS.patch
* Tue Aug 20 2024 Jon Maloy <jmaloy@redhat.com> - 23.4-7.el8_10.8
- ci-fix-Add-subnet-ipv4-ipv6-to-network-schema-5191.patch [RHEL-54155]
- Resolves: RHEL-54155