network
network copied to clipboard
linux-system-roles
not idempotent when nic is already configured.
When running a playbook a second time, it not detecting that the interface is already up and errors out.
# ansible-playbook -l util6vm net_demo.yml -vv
ansible-playbook 2.5.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible-playbook
python version = 2.7.5 (default, Feb 20 2018, 09:19:12) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: net_demo.yml ******************************************************************************************************************************
1 plays in net_demo.yml
PLAY [all] ******************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************
task path: /home/tbowling/src/virt-demo/ansible/net_demo.yml:7
ok: [util6vm]
META: ran handlers
TASK [linux-system-roles.network : Set version specific variables] **********************************************************************************
task path: /etc/ansible/roles/linux-system-roles.network/tasks/main.yml:1
ok: [util6vm] => (item=/etc/ansible/roles/linux-system-roles.network/vars/RedHat-6.yml) => {"ansible_facts": {"network_provider_default": "initscripts"}, "ansible_included_var_files": ["/etc/ansible/roles/linux-system-roles.network/vars/RedHat-6.yml"], "changed": false, "item": "/etc/ansible/roles/linux-system-roles.network/vars/RedHat-6.yml"}
TASK [linux-system-roles.network : Install packages] ************************************************************************************************
task path: /etc/ansible/roles/linux-system-roles.network/tasks/main.yml:9
ok: [util6vm] => {"changed": false, "msg": "", "rc": 0, "results": []}
TASK [linux-system-roles.network : Enable network service] ******************************************************************************************
task path: /etc/ansible/roles/linux-system-roles.network/tasks/main.yml:14
ok: [util6vm] => {"changed": false, "enabled": true, "name": "network", "state": "started"}
TASK [linux-system-roles.network : Configure networking connection profiles] ************************************************************************
task path: /etc/ansible/roles/linux-system-roles.network/tasks/main.yml:20
[WARNING]: [015] <info> #0, state:up, "net1": ifcfg-rh profile "net1" already up to date
[WARNING]: [016] <info> #0, state:up, "net1": up connection net1 (not-active)
[WARNING]: [017] <info> #0, state:up, "net1": call `ifup net1`: rc=1, out=" Determining IP information for eth1... failed. ", err="dhclient(29031)
is already running - exiting. This version of ISC DHCP is based on the release available on ftp.isc.org. Features have been added and other
changes have been made to the base software release in order to make it work better with this distribution. Please report for this software via the
Red Hat Bugzilla site: http://bugzilla.redhat.com exiting. "
[WARNING]: [018] <error> #0, state:up, "net1": call `ifup net1` failed with exit status 1
fatal: [util6vm]: FAILED! => {"changed": true, "msg": "error: call `ifup net1` failed with exit status 1"}
to retry, use: --limit @/home/tbowling/src/virt-demo/ansible/net_demo.retry
PLAY RECAP ******************************************************************************************************************************************
util6vm : ok=4 changed=0 unreachable=0 failed=1
I guess this is specific to RHEL6 and dhcp?
Could you please provide net_demo.yml ?
Interestingly, such issue was supposed to be fixed already (https://bugzilla.redhat.com/show_bug.cgi?id=1476053, 5deb2afd469d85ed9880bf7bd54d502896c2408f). Note though that that commit message says:
Now, try to determine whether the desire "up" or "down" state is already reached and do nothing. For "nm" provider that is easy and quite safe. (...) For "initscripts" this is much more fragile. There isn't really much that can be done about it, because the role doesn't know what is currently configured on the system.
Here is my playbook.
---
- hosts: all
become: yes
become_method: sudo
become_user: root
# DO NOT MODIFY ETH0!!!!
vars:
network_connections:
- name: net1 # Secondary interface for mgmt or other stuff
state: present
type: ethernet
# interface_name: eth4
mac: "{{ hostvars[inventory_hostname].net1_mac }}"
autoconnect: yes
ip:
dhcp4: yes
auto6: no
Ansible has absolute ability to understand all of the network configuration. I had shared this info with the developers before. It simply requires more logic in the module.
Here's a simply playbook to extract facts, as well as a few other commands you can execute to see them.
ansible rhel74-test -m setup -a 'gather_subset=network'
ansible rhel74-test -m setup -a 'gather_subset=network filter=ansible_interfaces'
ansible rhel74-test -m setup -a 'gather_subset=network' |grep -e ansible_e -e macaddr -e hostname -e device
playbook example
- hosts: all
become: yes
become_method: sudo
become_user: root
tasks:
- name: find interface facts
debug:
msg: "{{ hostvars[inventory_hostname]['ansible_%s' | format(item)] }}"
with_items: "{{ ansible_interfaces }}"
I am noticing the same behavior using version 1.16.2 of rhel_system_roles via Red Hat Automation Hub. The underlying host is RHEL 8.5 (NetworkManager-1.32.10-4.el8.x86_64.); though, I have seen this with other earlier RHEL OSes.
The interfaces are configured and each execution after continues to 'change':
TASK [redhat.rhel_system_roles.network : Configure networking connection profiles] ********************************************************************************************************************
changed: [testhost.example.com]
Thursday 02 June 2022 16:50:51 -0500 (0:00:00.753) 0:00:18.336 *********
Thursday 02 June 2022 16:50:51 -0500 (0:00:00.753) 0:00:18.336 *********
TASK [redhat.rhel_system_roles.network : Show debug messages] *****************************************************************************************************************************************
ok: [testhost.example.com] => {
"__network_connections_result": {
"_invocation": {
"module_args": {
"__debug_flags": "",
"connections": [
{
"autoconnect": true,
"bond": {
"mode": "active-backup"
},
"ip": {
"auto6": false,
"dhcp4": false
},
"name": "bond0",
"state": "up",
"type": "bond"
},
{
"controller": "bond0",
"interface_name": "em1",
"name": "bond0 member 1",
"state": "up",
"type": "ethernet"
},
{
"controller": "bond0",
"interface_name": "em2",
"name": "bond0 member 2",
"state": "up",
"type": "ethernet"
},
{
"autoconnect": true,
"ip": {
"address": [
"192.168.164.86/24"
],
"auto6": false,
"dhcp4": false,
"gateway4": "192.168.164.1"
},
"name": "bond0.164",
"parent": "bond0",
"state": "up",
"type": "vlan",
"vlan_id": 164
},
{
"autoconnect": true,
"bond": {
"mode": "active-backup"
},
"ip": {
"auto6": false,
"dhcp4": false
},
"name": "bond1",
"state": "up",
"type": "bond"
},
{
"controller": "bond1",
"interface_name": "p1p1",
"name": "bond1 member 1",
"state": "up",
"type": "ethernet"
},
{
"controller": "bond1",
"interface_name": "p1p2",
"name": "bond1 member 2",
"state": "up",
"type": "ethernet"
},
{
"autoconnect": true,
"ip": {
"address": [
"192.168.104.47/23"
],
"auto6": false,
"dhcp4": false
},
"name": "bond1.104",
"parent": "bond1",
"state": "up",
"type": "vlan",
"vlan_id": 104
}
],
"force_state_change": false,
"ignore_errors": false,
"provider": "nm"
}
},
"changed": true,
"failed": false,
"stderr": "[001] <info> #0, state:up persistent_state:present, 'bond0': update connection bond0, ad33d8b0-1f7b-cab9-9447-ba07f855b143\n[002] <info> #1, state:up persistent_state:present, 'bond0 member 1': connection bond0 member 1, bf30350e-a9ba-4521-9397-cb835bdb6384 already up to date\n[003] <info> #2, state:up persistent_state:present, 'bond0 member 2': connection bond0 member 2, 6b5c0e7d-7ecc-49ba-9fe8-8e2253c21360 already up to date\n[004] <info> #3, state:up persistent_state:present, 'bond0.164': connection bond0.164, dd50e58f-f252-c4a0-e053-2f5af94fa279 already up to date\n[005] <info> #4, state:up persistent_state:present, 'bond1': update connection bond1, 681a3df8-5bac-471a-82d2-71a832ffda56\n[006] <info> #5, state:up persistent_state:present, 'bond1 member 1': connection bond1 member 1, f4e01981-3543-4d14-8fac-0dadbcfaa01d already up to date\n[007] <info> #6, state:up persistent_state:present, 'bond1 member 2': connection bond1 member 2, 7862b1f7-e029-4ee1-889e-78c2e583cfae already up to date\n[008] <info> #7, state:up persistent_state:present, 'bond1.104': connection bond1.104, b2ef71bc-3c8e-4c82-8db2-094bbce16f90 already up to date\n[009] <info> #0, state:up persistent_state:present, 'bond0': up connection bond0, ad33d8b0-1f7b-cab9-9447-ba07f855b143 (is-modified)\n[010] <info> #1, state:up persistent_state:present, 'bond0 member 1': up connection bond0 member 1, bf30350e-a9ba-4521-9397-cb835bdb6384 (is-modified)\n[011] <info> #2, state:up persistent_state:present, 'bond0 member 2': up connection bond0 member 2, 6b5c0e7d-7ecc-49ba-9fe8-8e2253c21360 (is-modified)\n[012] <info> #3, state:up persistent_state:present, 'bond0.164': up connection bond0.164, dd50e58f-f252-c4a0-e053-2f5af94fa279 (is-modified)\n[013] <info> #4, state:up persistent_state:present, 'bond1': up connection bond1, 681a3df8-5bac-471a-82d2-71a832ffda56 (is-modified)\n[014] <info> #5, state:up persistent_state:present, 'bond1 member 1': up connection bond1 member 1, f4e01981-3543-4d14-8fac-0dadbcfaa01d (is-modified)\n[015] <info> #6, state:up persistent_state:present, 'bond1 member 2': up connection bond1 member 2, 7862b1f7-e029-4ee1-889e-78c2e583cfae (is-modified)\n[016] <info> #7, state:up persistent_state:present, 'bond1.104': up connection bond1.104, b2ef71bc-3c8e-4c82-8db2-094bbce16f90 (is-modified)\n",
"stderr_lines": [
"[001] <info> #0, state:up persistent_state:present, 'bond0': update connection bond0, ad33d8b0-1f7b-cab9-9447-ba07f855b143",
"[002] <info> #1, state:up persistent_state:present, 'bond0 member 1': connection bond0 member 1, bf30350e-a9ba-4521-9397-cb835bdb6384 already up to date",
"[003] <info> #2, state:up persistent_state:present, 'bond0 member 2': connection bond0 member 2, 6b5c0e7d-7ecc-49ba-9fe8-8e2253c21360 already up to date",
"[004] <info> #3, state:up persistent_state:present, 'bond0.164': connection bond0.164, dd50e58f-f252-c4a0-e053-2f5af94fa279 already up to date",
"[005] <info> #4, state:up persistent_state:present, 'bond1': update connection bond1, 681a3df8-5bac-471a-82d2-71a832ffda56",
"[006] <info> #5, state:up persistent_state:present, 'bond1 member 1': connection bond1 member 1, f4e01981-3543-4d14-8fac-0dadbcfaa01d already up to date",
"[007] <info> #6, state:up persistent_state:present, 'bond1 member 2': connection bond1 member 2, 7862b1f7-e029-4ee1-889e-78c2e583cfae already up to date",
"[008] <info> #7, state:up persistent_state:present, 'bond1.104': connection bond1.104, b2ef71bc-3c8e-4c82-8db2-094bbce16f90 already up to date",
"[009] <info> #0, state:up persistent_state:present, 'bond0': up connection bond0, ad33d8b0-1f7b-cab9-9447-ba07f855b143 (is-modified)",
"[010] <info> #1, state:up persistent_state:present, 'bond0 member 1': up connection bond0 member 1, bf30350e-a9ba-4521-9397-cb835bdb6384 (is-modified)",
"[011] <info> #2, state:up persistent_state:present, 'bond0 member 2': up connection bond0 member 2, 6b5c0e7d-7ecc-49ba-9fe8-8e2253c21360 (is-modified)",
"[012] <info> #3, state:up persistent_state:present, 'bond0.164': up connection bond0.164, dd50e58f-f252-c4a0-e053-2f5af94fa279 (is-modified)",
"[013] <info> #4, state:up persistent_state:present, 'bond1': up connection bond1, 681a3df8-5bac-471a-82d2-71a832ffda56 (is-modified)",
"[014] <info> #5, state:up persistent_state:present, 'bond1 member 1': up connection bond1 member 1, f4e01981-3543-4d14-8fac-0dadbcfaa01d (is-modified)",
"[015] <info> #6, state:up persistent_state:present, 'bond1 member 2': up connection bond1 member 2, 7862b1f7-e029-4ee1-889e-78c2e583cfae (is-modified)",
"[016] <info> #7, state:up persistent_state:present, 'bond1.104': up connection bond1.104, b2ef71bc-3c8e-4c82-8db2-094bbce16f90 (is-modified)"
]
}
}
Thursday 02 June 2022 16:50:51 -0500 (0:00:00.198) 0:00:18.535 *********
Thursday 02 June 2022 16:50:51 -0500 (0:00:00.198) 0:00:18.534 *********
I just gave the latest tag release a try as well, v1.8.0, which I believe is later than what is included in the rhel_system_roles collection, and the 'changed' behavior exists as well.
I wish I could include more than the 'behavior exists'. I would be happy to gather additional detail; though, I would need to massage the data just a bit.