network
network copied to clipboard
linux-system-roles
Need further output from "check" mode
Hi,
Is there a way to see the intended changes using "check" mode?
The below play will add route 200.52.100.128/26 via 10.140.4.129 (this is the desired outcome).
---
- name: Configure the network
hosts: test01.test.com
tasks:
- name: Configure an Ethernet connection with static IP
ansible.builtin.include_role:
name: rhel-system-roles.network
vars:
network_connections:
- name: eno2
interface_name: eno2
type: ethernet
ip:
address:
- 10.140.4.138/28
route:
- network: 198.51.100.128
prefix: 26
gateway: 10.140.4.129
- network: 199.51.100.128
prefix: 26
gateway: 10.140.4.129
- network: 200.51.100.128
prefix: 26
gateway: 10.140.4.129
- network: 200.52.100.128
prefix: 26
gateway: 10.140.4.129
state: up
Running the play shows the below.
TASK [rhel-system-roles.network : Show stderr messages] *******************************************************************
ok: [test01.test.com] => {
"__network_connections_result.stderr_lines": [
"[001] <info> #0, state:up persistent_state:present, 'eno2': update connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5",
"[002] <info> #0, state:up persistent_state:present, 'eno2': up connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5 (is-modified)"
]
}
We see "update connection eno2" but we're unable to gather any further information on the expected change.
Is there any method that would show the route to be added using "check" mode?
How does the role determine that a route needs to be added? I suspect we could simply add a "debug" to that specific task to view the intended outcome?
Is there any method that would show the route to be added using "check" mode?
The check mode (or dry run mode) does not actually apply any changes to the system. It only simulates the changes and reports what would be changed if the playbook were run without check mode.
How does the role determine that a route needs to be added?
The role uses its backend (provider) initscripts and NetworkManager to configure the user-specified routes, if the backend reports any issue, then the error will be populated and logged by the role. And the check mode is for testing and verifying the playbooks, it helps ensure that the playbooks are idempotent and changes are predictable.
Thanks for the update.
We'd like to see the routes being added (or removed) using check mode. Is there a way of doing this?
We use the network role extensively for managing routes, bonding, vlan tagging, ethtool setting etc.
Right now we can see that eno2 "is-modified", however we can't see what is actually changed. For example the pending change below could be a static route, or modified ethtool parameter etc. Is there a way of confirming what's actually being modified on eno2?
TASK [rhel-system-roles.network : Show stderr messages] *******************************************************************
ok: [test01.test.com] => {
"__network_connections_result.stderr_lines": [
"[001] <info> #0, state:up persistent_state:present, 'eno2': update connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5",
"[002] <info> #0, state:up persistent_state:present, 'eno2': up connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5 (is-modified)"
]
}
As per the previous comment : I would find a more granular audit function very useful.
Thanks for the update.
We'd like to see the routes being added (or removed) using check mode. Is there a way of doing this?
We use the network role extensively for managing routes, bonding, vlan tagging, ethtool setting etc.
Right now we can see that eno2 "is-modified", however we can't see what is actually changed. For example the pending change below could be a static route, or modified ethtool parameter etc. Is there a way of confirming what's actually being modified on eno2?
TASK [rhel-system-roles.network : Show stderr messages] ******************************************************************* ok: [test01.test.com] => { "__network_connections_result.stderr_lines": [ "[001] <info> #0, state:up persistent_state:present, 'eno2': update connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5", "[002] <info> #0, state:up persistent_state:present, 'eno2': up connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5 (is-modified)" ] }
Thanks for the response. Ansible nmcli module supports the diff_mode, https://docs.ansible.com/ansible/latest/collections/community/general/nmcli_module.html#attributes, I think that you are suggesting supporting the diff_mode in the network role, right?
Thanks for the update. We'd like to see the routes being added (or removed) using check mode. Is there a way of doing this? We use the network role extensively for managing routes, bonding, vlan tagging, ethtool setting etc. Right now we can see that eno2 "is-modified", however we can't see what is actually changed. For example the pending change below could be a static route, or modified ethtool parameter etc. Is there a way of confirming what's actually being modified on eno2?
TASK [rhel-system-roles.network : Show stderr messages] ******************************************************************* ok: [test01.test.com] => { "__network_connections_result.stderr_lines": [ "[001] <info> #0, state:up persistent_state:present, 'eno2': update connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5", "[002] <info> #0, state:up persistent_state:present, 'eno2': up connection eno2, cea93b93-c22c-4393-bdfe-3f01b1b07ca5 (is-modified)" ] }Thanks for the response. Ansible nmcli module supports the
diff_mode, https://docs.ansible.com/ansible/latest/collections/community/general/nmcli_module.html#attributes, I think that you are suggesting supporting thediff_modein the network role, right?
Yes, would it be possible to introduce diff_mode into the network role?
@ts97783 Let me try it out, by the way, the patch is welcome if you want to support the diff_mode into the network role.