community.general Nmcli doesn't want to update existing connection

Nmcli doesn't want to update existing connection

Open MartenBE opened this issue 1 year ago • 2 comments

Summary

I am using Ansible with vagrant to create a multimachine VM network. The VM is already issued an connection through vagrant. Unfortunately, when using Ansible to add a static route, it complains that the IPv4 address must be set which is already set by Vagrant.

Issue Type

Bug Report

Component Name

nmcli

Ansible Version

$ ansible --version
ansible [core 2.12.7]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/martijn/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.10/site-packages/ansible
  ansible collection location = /home/martijn/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.10.6 (main, Aug  2 2022, 00:00:00) [GCC 12.1.1 20220507 (Red Hat 12.1.1-1)]
  jinja version = 3.1.1
  libyaml = True

Community.general Version

$ ansible-galaxy collection list community.general
# /usr/lib/python3.10/site-packages/ansible_collections
Collection        Version
----------------- -------
community.general 4.8.2

Configuration

OS / Environment

Almalinux 9

Steps to Reproduce

Vagrant file:

Vagrant.configure("2") do |config|
  config.vm.define "web" do |host|
    host.vm.box = "almalinux/9"
    host.vm.hostname = "web"

    host.vm.network "private_network", ip: "172.30.42.2", netmask: "255.255.255.192", virtualbox__intnet: "servers"

    host.vm.provider :virtualbox do |v|
      v.name = "web"
      v.cpus = "1"
      v.memory = "2048"
    end

    host.vm.provision "ansible", host_key_checking: true do |ansible|
      ansible.playbook = "provisioning/web-playbook.yml"
    end
  end
end

Ansible playbook:

---
- hosts: web
  become: yes
  tasks:
      - name: Add static route
        community.general.nmcli:
            conn_name: "System enp0s8"
            ifname: enp0s8
            routes4:
                - "172.30.128.0/25 172.30.42.1"
                - "192.168.56.0/24 172.30.42.1"
            state: present

Expected Results

I expect Ansible to modify the existing connection to add the ipv4 routes with nmcli.

Actual Results

$ vagrant up web --provision
Bringing machine 'web' up with 'virtualbox' provider...
==> web: Importing base box 'almalinux/9'...
==> web: Matching MAC address for NAT networking...
==> web: Checking if box 'almalinux/9' version '9.0.20220830' is up to date...
==> web: Setting the name of the VM: web
==> web: Clearing any previously set network interfaces...
==> web: Preparing network interfaces based on configuration...
    web: Adapter 1: nat
    web: Adapter 2: intnet
==> web: Forwarding ports...
    web: 22 (guest) => 2222 (host) (adapter 1)
==> web: Running 'pre-boot' VM customizations...
==> web: Booting VM...
==> web: Waiting for machine to boot. This may take a few minutes...
    web: SSH address: 127.0.0.1:2222
    web: SSH username: vagrant
    web: SSH auth method: private key
    web: Warning: Remote connection disconnect. Retrying...
    web: Warning: Connection reset. Retrying...
    web: 
    web: Vagrant insecure key detected. Vagrant will automatically replace
    web: this with a newly generated keypair for better security.
    web: 
    web: Inserting generated public key within guest...
    web: Removing insecure key from the guest if it's present...
    web: Key inserted! Disconnecting and reconnecting using new SSH key...
==> web: Machine booted and ready!
==> web: Checking for guest additions in VM...
==> web: Setting hostname...
==> web: Configuring and enabling network interfaces...
==> web: Mounting shared folders...
    web: /vagrant => /home/martijn/git/CyberCSA-lab-template
==> web: Running provisioner: ansible...
    web: Running ansible-playbook...

PLAY [web] *********************************************************************

TASK [Gathering Facts] *********************************************************
ok: [web]

TASK [Add static route] ********************************************************
fatal: [web]: FAILED! => {"changed": false, "msg": "Error: Failed to modify connection 'System enp0s8': ipv4.addresses: this property cannot be empty for 'method=manual'\n", "name": "System enp0s8", "rc": 1}

PLAY RECAP *********************************************************************
web                        : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

So the provisioning failed, however when I log in into the VM and check the settings of the connection using nmcli:

[vagrant@web ~]$ nmcli con show "System enp0s8" | grep ipv4
ipv4.method:                            manual
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
ipv4.addresses:                         172.30.42.2/26
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.routing-rules:                     --
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   yes
ipv4.dhcp-client-id:                    --
ipv4.dhcp-iaid:                         --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.dhcp-hostname-flags:               0x0 (none)
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.required-timeout:                  -1 (default)
ipv4.dad-timeout:                       -1 (default)
ipv4.dhcp-vendor-class-identifier:      --
ipv4.dhcp-reject-servers:               --

If I now log into the VM and try to modify the connection manually, it just works wihout having to set ipv4.adresses (as these have already been set):

[vagrant@web ~]$ ip r
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 
172.30.42.0/26 dev enp0s8 proto kernel scope link src 172.30.42.2 metric 101 
[vagrant@web ~]$ sudo nmcli con mod "System enp0s8" +ipv4.routes "172.30.128.0/25 172.30.42.1"
[vagrant@web ~]$ sudo nmcli con mod "System enp0s8" +ipv4.routes "192.168.56.0/24 172.30.42.1"
[vagrant@web ~]$ sudo nmcli con down "System enp0s8"
Connection 'System enp0s8' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
[vagrant@web ~]$ sudo nmcli con up "System enp0s8"
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[vagrant@web ~]$ ip r
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 
172.30.42.0/26 dev enp0s8 proto kernel scope link src 172.30.42.2 metric 101 
172.30.128.0/25 via 172.30.42.1 dev enp0s8 proto static metric 101 
192.168.56.0/24 via 172.30.42.1 dev enp0s8 proto static metric 101

Probably nmcli tries to create instead of modify the connection?