From e7399a57b174e496d76890c0cda6bb4c63c3446e Mon Sep 17 00:00:00 2001 From: Wen Liang Date: Tue, 20 Feb 2024 14:25:46 -0500 Subject: [PATCH 1/3] docs: Update the description about the variable `network_allow_restart` Signed-off-by: Wen Liang --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index b849e5f7..a480573b 100644 --- a/README.md +++ b/README.md @@ -92,11 +92,14 @@ the name prefix. List of variables: - `network_connections` - The connection profiles are configured as `network_connections`, which is a list of dictionaries that include specific options. -- `network_allow_restart` - Certain configurations require the role to restart - network services. For example, if a wireless connection is configured and - NetworkManager-wifi is not installed, NetworkManager must be restarted prior - to the connection being configured. Setting this to `false` will prevent the - role from restarting network service. +- `network_allow_restart` - It defaults to `false`. To load NetworkManager plugins + after installation, NetworkManager requires to be restarted. For example, if a + wireless connection is configured and NetworkManager-wifi is not installed, + NetworkManager must be restarted prior to the connection being configured. The + restart can result in connectivity loss and therefore the role does not allow it + without explicit consent. The user can consent to it by setting + `network_allow_restart` to `true`. Setting `network_allow_restart` to `false` will + prevent the role from restarting NetworkManager. - `network_state` - The network state settings can be configured in the managed host, and the format and the syntax of the configuration should be consistent with the [nmstate state examples](https://nmstate.io/examples.html) (YAML). From 840b243a9b446e293ed8260efac4cda32608520a Mon Sep 17 00:00:00 2001 From: Wen Liang Date: Tue, 20 Feb 2024 14:03:32 -0500 Subject: [PATCH 2/3] fix: Ask user's consent to restart NM due to wireless or team interfaces If updates for network packages are available and wireless or team connections are specified, NetworkManager must be restarted, the role requires user's consent to restart NetworkManager. Otherwise, there might be property conflicts between NetworkManager daemon and plugin, or NetworkManager plugin is not taking effect. `update_cache` is enabled in the module tasks to check if updates for network packages are available due to wireless or team interfaces, in that case, NetworkManager needs user's explicit consent to be restarted after the network package updates. And using `state: latest` for checking the network package updates because we have to guarantee that NetworkManager and its plugin have the same and most recent version for configuring the network connections settings in the backend. It is worthwhile to mention that we have both tasks using dnf and yum module for checking available updates for network packages. Because checking package cache update is not supported in Ansible package module, Fedora and RHEL8+ use DNF package manager by default, RHEL7 uses yum package manager by default. This commit will address the situation that users forget to explicitly specify `network_allow_restart: true` when specifying wireless or team connections. Signed-off-by: Wen Liang --- tasks/main.yml | 50 +++++++++++- tests/ensure_provider_tests.py | 1 + .../tests_wireless_and_network_restart.yml | 80 +++++++++++++++++++ .../assert_network_connections_failed.yml | 10 +++ tests/tasks/assert_package_installed.yml | 11 +++ ...reate_wireless_profile_restart_network.yml | 21 +++++ tests/tasks/remove_package.yml | 6 ++ .../tests_wireless_and_network_restart_nm.yml | 24 ++++++ 8 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 tests/playbooks/tests_wireless_and_network_restart.yml create mode 100644 tests/tasks/assert_network_connections_failed.yml create mode 100644 tests/tasks/assert_package_installed.yml create mode 100644 tests/tasks/create_wireless_profile_restart_network.yml create mode 100644 tests/tasks/remove_package.yml create mode 100644 tests/tests_wireless_and_network_restart_nm.yml diff --git a/tasks/main.yml b/tasks/main.yml index c55f5efe..a26c504b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -24,6 +24,53 @@ when: - network_state is defined - ansible_distribution_major_version | int < 8 + +- name: Check if updates for network packages are available through the DNF + package manager due to wireless or team interfaces + dnf: + update_cache: true + name: "{{ network_packages }}" + state: latest # noqa package-latest + register: dnf_package_update_info + check_mode: true + when: + - ansible_distribution == 'Fedora' or + ansible_distribution_major_version | int > 7 + - __network_wireless_connections_defined + or __network_team_connections_defined + - not __network_is_ostree + +- name: Check if updates for network packages are available through the YUM + package manager due to wireless or team interfaces + yum: + update_cache: true + name: "{{ network_packages }}" # noqa package-latest + state: latest + register: yum_package_update_info + check_mode: true + when: + - ansible_distribution_major_version | int < 8 + - __network_wireless_connections_defined + or __network_team_connections_defined + - not __network_is_ostree + +- name: Ask user's consent to restart NetworkManager due to wireless or team + interfaces + fail: + msg: NetworkManager needs to be restarted to be able to proceed + because wireless and team interfaces are defined. This might + disturb the connectivity of the managed system. Please set + `network_allow_restart` to `true` if you are prepared for this. + Notice that the necessary action is to install NetworkManager-wifi or + NetworkManager-team plugin and to restart NetworkManager. + register: __network_service_restart_requested + when: + - __network_wireless_connections_defined + or __network_team_connections_defined + - network_provider == "nm" + - not network_allow_restart + - dnf_package_update_info is changed or yum_package_update_info is changed + # Depending on the plugins, checking installed packages might be slow # for example subscription manager might slow this down # Therefore install packages only when rpm does not find them @@ -70,7 +117,8 @@ ansible_distribution_major_version | int > 8 # If network packages changed and wireless or team connections are specified, -# NetworkManager must be restarted +# NetworkManager must be restarted, and the user needs to explicitly consent +# to restart NetworkManager by setting `network_allow_restart` to `true` - name: Restart NetworkManager due to wireless or team interfaces service: name: NetworkManager diff --git a/tests/ensure_provider_tests.py b/tests/ensure_provider_tests.py index 2b851a85..105c6c0a 100755 --- a/tests/ensure_provider_tests.py +++ b/tests/ensure_provider_tests.py @@ -108,6 +108,7 @@ "playbooks/tests_wireless.yml": { EXTRA_RUN_CONDITION: "ansible_distribution_major_version == '7'", }, + "playbooks/tests_wireless_and_network_restart.yml": {}, "playbooks/tests_wireless_plugin_installation.yml": {}, "playbooks/tests_wireless_wpa3_owe.yml": { "comment": "# OWE has not been supported by NetworkManager 1.18.8 on \ diff --git a/tests/playbooks/tests_wireless_and_network_restart.yml b/tests/playbooks/tests_wireless_and_network_restart.yml new file mode 100644 index 00000000..2438f088 --- /dev/null +++ b/tests/playbooks/tests_wireless_and_network_restart.yml @@ -0,0 +1,80 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Play for testing wifi and network restart + hosts: all + vars: + interface: wlan0 + profile: "{{ interface }}" + package: NetworkManager-wifi + wifi_restart_network: false + network_connections_result_error: + NetworkManager needs to be restarted to be able to proceed + because wireless and team interfaces are defined. This might + disturb the connectivity of the managed system. Please set + `network_allow_restart` to `true` if you are prepared for this. + Notice that the necessary action is to install NetworkManager-wifi or + NetworkManager-team plugin and to restart NetworkManager. + lsr_fail_debug: + - __network_connections_result + tasks: + - name: Show playbook name + debug: + msg: "this is: playbooks/tests_wireless_and_network_restart.yml" + tags: + - always + + - name: Cannot test ostree systems because the package can not be removed + or installed - 'NetworkManager-wifi' + meta: end_host + when: __network_is_ostree | d(false) + + - name: Test the wifi connection without NetworkManager restarted + tags: + - tests::wifi:create + block: + - name: Include the task 'run_test.yml' + include_tasks: tasks/run_test.yml + vars: + lsr_description: + Given a system with '{{ package }}' package removed, + when creating a wifi connection without NetworkManager restarted, + then the role should fail with the error specified in + `network_connections_result_error`. + lsr_setup: + - tasks/delete_interface.yml + - tasks/assert_device_absent.yml + - tasks/remove_package.yml + lsr_test: + - tasks/create_wireless_profile_restart_network.yml + lsr_assert: + - tasks/assert_network_connections_failed.yml + lsr_cleanup: + - tasks/check_network_dns.yml + + - name: "Reset testing variables" + set_fact: + wifi_restart_network: true + + - name: Test the wifi connection with NetworkManager restarted + tags: + - tests::wifi:restart + block: + - name: Include the task 'run_test.yml' + include_tasks: tasks/run_test.yml + vars: + lsr_description: + Given a system with '{{ package }}' package removed, + when creating a wifi connection with NetworkManager restarted, + then the wifi device and profile are present and + the '{{ package }}' package is installed in the system. + lsr_setup: + - tasks/delete_interface.yml + - tasks/assert_device_absent.yml + - tasks/remove_package.yml + lsr_test: + - tasks/create_wireless_profile_restart_network.yml + lsr_assert: + - tasks/assert_package_installed.yml + lsr_cleanup: + - tasks/cleanup_profile+device.yml + - tasks/check_network_dns.yml diff --git a/tests/tasks/assert_network_connections_failed.yml b/tests/tasks/assert_network_connections_failed.yml new file mode 100644 index 00000000..aaaa4850 --- /dev/null +++ b/tests/tasks/assert_network_connections_failed.yml @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Assert that configuring network connections failed + assert: + that: + - __network_service_restart_requested is failed + - __network_service_restart_requested is search( + network_connections_result_error) + msg: Configuring network connections is not failed with the error + "{{ network_connections_result_error }}" diff --git a/tests/tasks/assert_package_installed.yml b/tests/tasks/assert_package_installed.yml new file mode 100644 index 00000000..4a0dee97 --- /dev/null +++ b/tests/tasks/assert_package_installed.yml @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: "Get the rpm package facts" + package_facts: + manager: "auto" + +- name: "Assert installed package '{{ package }}'" + assert: + that: + - package in ansible_facts.packages + msg: "'{{ package }}' is not installed" diff --git a/tests/tasks/create_wireless_profile_restart_network.yml b/tests/tasks/create_wireless_profile_restart_network.yml new file mode 100644 index 00000000..6e8505f6 --- /dev/null +++ b/tests/tasks/create_wireless_profile_restart_network.yml @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: Create wireless connection with rescue + block: + - name: Import network role + import_role: + name: linux-system-roles.network + vars: + network_allow_restart: '{{ wifi_restart_network }}' + network_connections: + - name: "{{ interface }}" + type: wireless + wireless: + ssid: "My WPA2-PSK Network" + key_mgmt: "wpa-psk" + password: "p@55w0rD" + + rescue: + - name: Show rescue result + debug: + var: __network_service_restart_requested diff --git a/tests/tasks/remove_package.yml b/tests/tasks/remove_package.yml new file mode 100644 index 00000000..731348a5 --- /dev/null +++ b/tests/tasks/remove_package.yml @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: BSD-3-Clause +--- +- name: "Remove the package '{{ package }}'" + package: + name: "{{ package }}" + state: absent diff --git a/tests/tests_wireless_and_network_restart_nm.yml b/tests/tests_wireless_and_network_restart_nm.yml new file mode 100644 index 00000000..ddcd489e --- /dev/null +++ b/tests/tests_wireless_and_network_restart_nm.yml @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: BSD-3-Clause +# This file was generated by ensure_provider_tests.py +--- +# set network provider and gather facts +# yamllint disable rule:line-length +- name: Run playbook 'playbooks/tests_wireless_and_network_restart.yml' with nm as provider + hosts: all + tasks: + - name: Include the task 'el_repo_setup.yml' + include_tasks: tasks/el_repo_setup.yml + - name: Set network provider to 'nm' + set_fact: + network_provider: nm + tags: + - always + + +# The test requires or should run with NetworkManager, therefore it cannot run +# on RHEL/CentOS 6 +- name: Import the playbook 'playbooks/tests_wireless_and_network_restart.yml' + import_playbook: playbooks/tests_wireless_and_network_restart.yml + when: + - ansible_distribution_major_version != '6' + - ansible_distribution != 'Fedora' From 0fca71056bca620beaa9bca47ae0bd04dcf7ed62 Mon Sep 17 00:00:00 2001 From: Wen Liang Date: Tue, 20 Feb 2024 14:44:31 -0500 Subject: [PATCH 3/3] tests: Consent to restart network when specifying wireless or team connections Signed-off-by: Wen Liang --- tests/playbooks/tests_team_plugin_installation.yml | 1 + tests/playbooks/tests_wireless_plugin_installation.yml | 1 + tests/tasks/create_team_profile.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/tests/playbooks/tests_team_plugin_installation.yml b/tests/playbooks/tests_team_plugin_installation.yml index f7c53f8a..7b0b5667 100644 --- a/tests/playbooks/tests_team_plugin_installation.yml +++ b/tests/playbooks/tests_team_plugin_installation.yml @@ -26,6 +26,7 @@ include_role: name: linux-system-roles.network vars: + network_allow_restart: true network_connections: # Specify the team profile - name: team0 diff --git a/tests/playbooks/tests_wireless_plugin_installation.yml b/tests/playbooks/tests_wireless_plugin_installation.yml index b59a775a..fd5d3fee 100644 --- a/tests/playbooks/tests_wireless_plugin_installation.yml +++ b/tests/playbooks/tests_wireless_plugin_installation.yml @@ -26,6 +26,7 @@ include_role: name: linux-system-roles.network vars: + network_allow_restart: true network_connections: - name: wlan0 type: wireless diff --git a/tests/tasks/create_team_profile.yml b/tests/tasks/create_team_profile.yml index 458a66f5..5d8ea72d 100644 --- a/tests/tasks/create_team_profile.yml +++ b/tests/tasks/create_team_profile.yml @@ -4,6 +4,7 @@ include_role: name: linux-system-roles.network vars: + network_allow_restart: true network_connections: - name: "{{ interface }}" persistent_state: present