NetworkManager-libnm (or NetworkManager-glib on older systems)
nmcli
version_added: “2.0”
description:
Manage the network devices. Create, modify and manage various connection and device type e.g., ethernet, teams, bonds, vlans etc.
'On CentOS and Fedora like systems, the requirements can be met by installing the following packages: NetworkManager-glib,
'On CentOS 8 and Fedora >=29 like systems, the requirements can be met by installing the following packages: NetworkManager-nmlib,
libsemanage-python, policycoreutils-python.’
'On CentOS 7 and Fedora <=28 like systems, the requirements can be met by installing the following packages: NetworkManager-glib,
The full traceback is:
Traceback (most recent call last):
File “/tmp/ansible_nmcli_payload_su0694xg/ansible_nmcli_payload.zip/ansible/modules/net_tools/nmcli.py”, line 568, in
File “/usr/lib64/python3.6/site-packages/gi/init.py”, line 130, in require_version
raise ValueError(‘Namespace %s not available’ % namespace)
ValueError: Namespace NMClient not available
},
“msg”: “Failed to import the required Python library (NetworkManager glib API) on dktest’s Python /usr/libexec/platform-python. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter”
}
I couldn’t work out from the github thread if the fix had been merged back into the code or not? the dev mentions at the end about making sure the library is there. I have installed the new library in centos8 and it makes no difference
How can i easily tell if this has actually made it back into master/an ansible release? it is not clear to me
NM seems to be the recommended way and where things are going so i would like to get this to work but obviously, i cant use the nmcli module to do so.
NM will still read the interface scripts and i have also tested /etc/networkmanager/conf.d configuration.
I didn’t really want to template the /etc/sysconfig/network-scripts/ifcfg files… all i really want to do at this stage is ensure DNS configuration is consistent across all servers and can be updated easily.
this would require:
Managing the directives DNS# in the interface scripts. Adding/updating entries could be prone to error
Adding this config to /etc/networkmanager/conf.d/dns.conf ( this could be a template )
Let me share couple of thoughts that might help you to make your choice.
The problem is the complexity. Both vertical and horizontal. Horizontal
across the distributions and vertical across the layers "User_land <-> D-Bus
<-> System_configuration <-> Device_drivers". A nightmare for any maintainer.
With Ansible, you connect to the remote host and escalate to root. Then you
use nmcli, which is user-land tool, and go through D-Bus to configure the
system. It's an overkill.
It's not a core module. The nmcli module is maintained by community and is in
preview.
Thank you for your insight and drawin my attention to the this issue - the community support of modules raises some concerns for me and this is an example of that. I missed that it was in preview.
RHEL/CentOS 8 is a reasonable update and there have been quite issues/things broken with many standard tools. I would prefer to stick to the core ansible modules that have been fully tested and more likely to work!
Just to clarify, i was referring to NetworkManger and not nmcli.
NM can be configure to configure global dns in the /etc/networkmanager/conf files. This could be a template
I could also disable NM from updating DNS and just make /etc/resolv.conf a template
It will also read the the standard /etc/sysconfig/network-scripts/ifcfg files, i could use lineinfile to insert/maintin the DNSX directives
This is true of the vast majority of ansible modules. The core team has no interest in taking on more modules. Even the very useful ini_file module is community and preview.
For the topic at hand, check out the linux-system-roles project, which is shipped and supported in RHEL as rhel-system-roles. [1]
Thanks for the input James! more food for thought… i’ve looked at quite a lot of the modules and a decent amount are from the community! Will have to watch the OS upgrades and upgrade accordinly.
thanks for the tip, that role has given me quite a few ideas and answered a few questions. Good to see it is supported by RHEL as well.
I notice they use some python scripts to do the configuration but couldn’t actually work out how they are called/used by the role. I am not familar with scripts within a role that provide the heavy lifting. do you know?