community.general
community.general copied to clipboard
Nmcli doesn't want to update existing connection
Summary
I am using Ansible with vagrant to create a multimachine VM network. The VM is already issued an connection through vagrant. Unfortunately, when using Ansible to add a static route, it complains that the IPv4 address must be set which is already set by Vagrant.
Issue Type
Bug Report
Component Name
nmcli
Ansible Version
$ ansible --version
ansible [core 2.12.7]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/martijn/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.10/site-packages/ansible
ansible collection location = /home/martijn/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.6 (main, Aug 2 2022, 00:00:00) [GCC 12.1.1 20220507 (Red Hat 12.1.1-1)]
jinja version = 3.1.1
libyaml = True
Community.general Version
$ ansible-galaxy collection list community.general
# /usr/lib/python3.10/site-packages/ansible_collections
Collection Version
----------------- -------
community.general 4.8.2
Configuration
OS / Environment
Almalinux 9
Steps to Reproduce
Vagrant file:
Vagrant.configure("2") do |config|
config.vm.define "web" do |host|
host.vm.box = "almalinux/9"
host.vm.hostname = "web"
host.vm.network "private_network", ip: "172.30.42.2", netmask: "255.255.255.192", virtualbox__intnet: "servers"
host.vm.provider :virtualbox do |v|
v.name = "web"
v.cpus = "1"
v.memory = "2048"
end
host.vm.provision "ansible", host_key_checking: true do |ansible|
ansible.playbook = "provisioning/web-playbook.yml"
end
end
end
Ansible playbook:
---
- hosts: web
become: yes
tasks:
- name: Add static route
community.general.nmcli:
conn_name: "System enp0s8"
ifname: enp0s8
routes4:
- "172.30.128.0/25 172.30.42.1"
- "192.168.56.0/24 172.30.42.1"
state: present
Expected Results
I expect Ansible to modify the existing connection to add the ipv4 routes with nmcli.
Actual Results
$ vagrant up web --provision
Bringing machine 'web' up with 'virtualbox' provider...
==> web: Importing base box 'almalinux/9'...
==> web: Matching MAC address for NAT networking...
==> web: Checking if box 'almalinux/9' version '9.0.20220830' is up to date...
==> web: Setting the name of the VM: web
==> web: Clearing any previously set network interfaces...
==> web: Preparing network interfaces based on configuration...
web: Adapter 1: nat
web: Adapter 2: intnet
==> web: Forwarding ports...
web: 22 (guest) => 2222 (host) (adapter 1)
==> web: Running 'pre-boot' VM customizations...
==> web: Booting VM...
==> web: Waiting for machine to boot. This may take a few minutes...
web: SSH address: 127.0.0.1:2222
web: SSH username: vagrant
web: SSH auth method: private key
web: Warning: Remote connection disconnect. Retrying...
web: Warning: Connection reset. Retrying...
web:
web: Vagrant insecure key detected. Vagrant will automatically replace
web: this with a newly generated keypair for better security.
web:
web: Inserting generated public key within guest...
web: Removing insecure key from the guest if it's present...
web: Key inserted! Disconnecting and reconnecting using new SSH key...
==> web: Machine booted and ready!
==> web: Checking for guest additions in VM...
==> web: Setting hostname...
==> web: Configuring and enabling network interfaces...
==> web: Mounting shared folders...
web: /vagrant => /home/martijn/git/CyberCSA-lab-template
==> web: Running provisioner: ansible...
web: Running ansible-playbook...
PLAY [web] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [web]
TASK [Add static route] ********************************************************
fatal: [web]: FAILED! => {"changed": false, "msg": "Error: Failed to modify connection 'System enp0s8': ipv4.addresses: this property cannot be empty for 'method=manual'\n", "name": "System enp0s8", "rc": 1}
PLAY RECAP *********************************************************************
web : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
So the provisioning failed, however when I log in into the VM and check the settings of the connection using nmcli
:
[vagrant@web ~]$ nmcli con show "System enp0s8" | grep ipv4
ipv4.method: manual
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: --
ipv4.dns-priority: 0
ipv4.addresses: 172.30.42.2/26
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.routing-rules: --
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: yes
ipv4.dhcp-client-id: --
ipv4.dhcp-iaid: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.dhcp-hostname-flags: 0x0 (none)
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.required-timeout: -1 (default)
ipv4.dad-timeout: -1 (default)
ipv4.dhcp-vendor-class-identifier: --
ipv4.dhcp-reject-servers: --
If I now log into the VM and try to modify the connection manually, it just works wihout having to set ipv4.adresses (as these have already been set):
[vagrant@web ~]$ ip r
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
172.30.42.0/26 dev enp0s8 proto kernel scope link src 172.30.42.2 metric 101
[vagrant@web ~]$ sudo nmcli con mod "System enp0s8" +ipv4.routes "172.30.128.0/25 172.30.42.1"
[vagrant@web ~]$ sudo nmcli con mod "System enp0s8" +ipv4.routes "192.168.56.0/24 172.30.42.1"
[vagrant@web ~]$ sudo nmcli con down "System enp0s8"
Connection 'System enp0s8' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
[vagrant@web ~]$ sudo nmcli con up "System enp0s8"
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[vagrant@web ~]$ ip r
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
172.30.42.0/26 dev enp0s8 proto kernel scope link src 172.30.42.2 metric 101
172.30.128.0/25 via 172.30.42.1 dev enp0s8 proto static metric 101
192.168.56.0/24 via 172.30.42.1 dev enp0s8 proto static metric 101
Probably nmcli
tries to create instead of modify the connection?
Code of Conduct
- [X] I agree to follow the Ansible Code of Conduct
Files identified in the description:
If these files are incorrect, please update the component name
section of the description or use the !component
bot command.
cc @alcamie101 click here for bot help
Files identified in the description:
If these files are incorrect, please update the component name
section of the description or use the !component
bot command.