mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
nmcli: Support gre tunnels (#3262)
* Add gre tunnel support * Add gre tunnel support * Fix Blank Lines * Fix unit test Add changelog fragment * Update plugins/modules/net_tools/nmcli.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update Docs * Update plugins/modules/net_tools/nmcli.py Co-authored-by: Ajpantuso <ajpantuso@gmail.com> * Update Docs Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
This commit is contained in:
parent
e40aa69e77
commit
b8a081b9b2
3 changed files with 162 additions and 4 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- "nmcli - add ``gre`` tunnel support (https://github.com/ansible-collections/community.general/issues/3105, https://github.com/ansible-collections/community.general/pull/3262)."
|
|
@ -55,7 +55,7 @@ options:
|
||||||
- Type C(generic) is added in Ansible 2.5.
|
- Type C(generic) is added in Ansible 2.5.
|
||||||
- Type C(infiniband) is added in community.general 2.0.0.
|
- Type C(infiniband) is added in community.general 2.0.0.
|
||||||
type: str
|
type: str
|
||||||
choices: [ bond, bond-slave, bridge, bridge-slave, dummy, ethernet, generic, infiniband, ipip, sit, team, team-slave, vlan, vxlan, wifi ]
|
choices: [ bond, bond-slave, bridge, bridge-slave, dummy, ethernet, generic, gre, infiniband, ipip, sit, team, team-slave, vlan, vxlan, wifi ]
|
||||||
mode:
|
mode:
|
||||||
description:
|
description:
|
||||||
- This is the type of device or network connection that you wish to create for a bond or bridge.
|
- This is the type of device or network connection that you wish to create for a bond or bridge.
|
||||||
|
@ -314,16 +314,28 @@ options:
|
||||||
type: str
|
type: str
|
||||||
ip_tunnel_dev:
|
ip_tunnel_dev:
|
||||||
description:
|
description:
|
||||||
- This is used with IPIP/SIT - parent device this IPIP/SIT tunnel, can use ifname.
|
- This is used with GRE/IPIP/SIT - parent device this GRE/IPIP/SIT tunnel, can use ifname.
|
||||||
type: str
|
type: str
|
||||||
ip_tunnel_remote:
|
ip_tunnel_remote:
|
||||||
description:
|
description:
|
||||||
- This is used with IPIP/SIT - IPIP/SIT destination IP address.
|
- This is used with GRE/IPIP/SIT - GRE/IPIP/SIT destination IP address.
|
||||||
type: str
|
type: str
|
||||||
ip_tunnel_local:
|
ip_tunnel_local:
|
||||||
description:
|
description:
|
||||||
- This is used with IPIP/SIT - IPIP/SIT local IP address.
|
- This is used with GRE/IPIP/SIT - GRE/IPIP/SIT local IP address.
|
||||||
type: str
|
type: str
|
||||||
|
ip_tunnel_input_key:
|
||||||
|
description:
|
||||||
|
- The key used for tunnel input packets.
|
||||||
|
- Only used when I(type=gre).
|
||||||
|
type: str
|
||||||
|
version_added: 3.6.0
|
||||||
|
ip_tunnel_output_key:
|
||||||
|
description:
|
||||||
|
- The key used for tunnel output packets.
|
||||||
|
- Only used when I(type=gre).
|
||||||
|
type: str
|
||||||
|
version_added: 3.6.0
|
||||||
zone:
|
zone:
|
||||||
description:
|
description:
|
||||||
- The trust level of the connection.
|
- The trust level of the connection.
|
||||||
|
@ -896,6 +908,14 @@ EXAMPLES = r'''
|
||||||
vxlan_local: 192.168.1.2
|
vxlan_local: 192.168.1.2
|
||||||
vxlan_remote: 192.168.1.5
|
vxlan_remote: 192.168.1.5
|
||||||
|
|
||||||
|
- name: Add gre
|
||||||
|
community.general.nmcli:
|
||||||
|
type: gre
|
||||||
|
conn_name: gre_test1
|
||||||
|
ip_tunnel_dev: eth0
|
||||||
|
ip_tunnel_local: 192.168.1.2
|
||||||
|
ip_tunnel_remote: 192.168.1.5
|
||||||
|
|
||||||
- name: Add ipip
|
- name: Add ipip
|
||||||
community.general.nmcli:
|
community.general.nmcli:
|
||||||
type: ipip
|
type: ipip
|
||||||
|
@ -1058,6 +1078,8 @@ class Nmcli(object):
|
||||||
self.ip_tunnel_dev = module.params['ip_tunnel_dev']
|
self.ip_tunnel_dev = module.params['ip_tunnel_dev']
|
||||||
self.ip_tunnel_local = module.params['ip_tunnel_local']
|
self.ip_tunnel_local = module.params['ip_tunnel_local']
|
||||||
self.ip_tunnel_remote = module.params['ip_tunnel_remote']
|
self.ip_tunnel_remote = module.params['ip_tunnel_remote']
|
||||||
|
self.ip_tunnel_input_key = module.params['ip_tunnel_input_key']
|
||||||
|
self.ip_tunnel_output_key = module.params['ip_tunnel_output_key']
|
||||||
self.nmcli_bin = self.module.get_bin_path('nmcli', True)
|
self.nmcli_bin = self.module.get_bin_path('nmcli', True)
|
||||||
self.dhcp_client_id = module.params['dhcp_client_id']
|
self.dhcp_client_id = module.params['dhcp_client_id']
|
||||||
self.zone = module.params['zone']
|
self.zone = module.params['zone']
|
||||||
|
@ -1190,6 +1212,11 @@ class Nmcli(object):
|
||||||
'ip-tunnel.parent': self.ip_tunnel_dev,
|
'ip-tunnel.parent': self.ip_tunnel_dev,
|
||||||
'ip-tunnel.remote': self.ip_tunnel_remote,
|
'ip-tunnel.remote': self.ip_tunnel_remote,
|
||||||
})
|
})
|
||||||
|
if self.type == 'gre':
|
||||||
|
options.update({
|
||||||
|
'ip-tunnel.input-key': self.ip_tunnel_input_key,
|
||||||
|
'ip-tunnel.output-key': self.ip_tunnel_output_key
|
||||||
|
})
|
||||||
elif self.type == 'vlan':
|
elif self.type == 'vlan':
|
||||||
options.update({
|
options.update({
|
||||||
'vlan.id': self.vlanid,
|
'vlan.id': self.vlanid,
|
||||||
|
@ -1247,6 +1274,7 @@ class Nmcli(object):
|
||||||
'dummy',
|
'dummy',
|
||||||
'ethernet',
|
'ethernet',
|
||||||
'generic',
|
'generic',
|
||||||
|
'gre',
|
||||||
'infiniband',
|
'infiniband',
|
||||||
'ipip',
|
'ipip',
|
||||||
'sit',
|
'sit',
|
||||||
|
@ -1293,6 +1321,7 @@ class Nmcli(object):
|
||||||
@property
|
@property
|
||||||
def tunnel_conn_type(self):
|
def tunnel_conn_type(self):
|
||||||
return self.type in (
|
return self.type in (
|
||||||
|
'gre',
|
||||||
'ipip',
|
'ipip',
|
||||||
'sit',
|
'sit',
|
||||||
)
|
)
|
||||||
|
@ -1592,6 +1621,7 @@ def main():
|
||||||
'dummy',
|
'dummy',
|
||||||
'ethernet',
|
'ethernet',
|
||||||
'generic',
|
'generic',
|
||||||
|
'gre',
|
||||||
'infiniband',
|
'infiniband',
|
||||||
'ipip',
|
'ipip',
|
||||||
'sit',
|
'sit',
|
||||||
|
@ -1663,6 +1693,9 @@ def main():
|
||||||
ip_tunnel_dev=dict(type='str'),
|
ip_tunnel_dev=dict(type='str'),
|
||||||
ip_tunnel_local=dict(type='str'),
|
ip_tunnel_local=dict(type='str'),
|
||||||
ip_tunnel_remote=dict(type='str'),
|
ip_tunnel_remote=dict(type='str'),
|
||||||
|
# ip-tunnel type gre specific vars
|
||||||
|
ip_tunnel_input_key=dict(type='str', no_log=True),
|
||||||
|
ip_tunnel_output_key=dict(type='str', no_log=True),
|
||||||
# 802-11-wireless* specific vars
|
# 802-11-wireless* specific vars
|
||||||
ssid=dict(type='str'),
|
ssid=dict(type='str'),
|
||||||
wifi=dict(type='dict'),
|
wifi=dict(type='dict'),
|
||||||
|
|
|
@ -62,6 +62,12 @@ TESTCASE_CONNECTION = [
|
||||||
'state': 'absent',
|
'state': 'absent',
|
||||||
'_ansible_check_mode': True,
|
'_ansible_check_mode': True,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
'type': 'gre',
|
||||||
|
'conn_name': 'non_existent_nw_device',
|
||||||
|
'state': 'absent',
|
||||||
|
'_ansible_check_mode': True,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
'type': 'ipip',
|
'type': 'ipip',
|
||||||
'conn_name': 'non_existent_nw_device',
|
'conn_name': 'non_existent_nw_device',
|
||||||
|
@ -371,6 +377,39 @@ vxlan.local: 192.168.225.5
|
||||||
vxlan.remote: 192.168.225.6
|
vxlan.remote: 192.168.225.6
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
TESTCASE_GRE = [
|
||||||
|
{
|
||||||
|
'type': 'gre',
|
||||||
|
'conn_name': 'non_existent_nw_device',
|
||||||
|
'ifname': 'gre-existent_nw_device',
|
||||||
|
'ip_tunnel_dev': 'non_existent_gre_device',
|
||||||
|
'ip_tunnel_local': '192.168.225.5',
|
||||||
|
'ip_tunnel_remote': '192.168.225.6',
|
||||||
|
'ip_tunnel_input_key': '1',
|
||||||
|
'ip_tunnel_output_key': '2',
|
||||||
|
'state': 'present',
|
||||||
|
'_ansible_check_mode': False,
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
|
TESTCASE_GRE_SHOW_OUTPUT = """\
|
||||||
|
connection.id: non_existent_nw_device
|
||||||
|
connection.interface-name: gre-existent_nw_device
|
||||||
|
connection.autoconnect: yes
|
||||||
|
ipv4.ignore-auto-dns: no
|
||||||
|
ipv4.ignore-auto-routes: no
|
||||||
|
ipv4.never-default: no
|
||||||
|
ipv4.may-fail: yes
|
||||||
|
ipv6.ignore-auto-dns: no
|
||||||
|
ipv6.ignore-auto-routes: no
|
||||||
|
ip-tunnel.mode: gre
|
||||||
|
ip-tunnel.parent: non_existent_gre_device
|
||||||
|
ip-tunnel.local: 192.168.225.5
|
||||||
|
ip-tunnel.remote: 192.168.225.6
|
||||||
|
ip-tunnel.input-key: 1
|
||||||
|
ip-tunnel.output-key: 2
|
||||||
|
"""
|
||||||
|
|
||||||
TESTCASE_IPIP = [
|
TESTCASE_IPIP = [
|
||||||
{
|
{
|
||||||
'type': 'ipip',
|
'type': 'ipip',
|
||||||
|
@ -708,6 +747,13 @@ def mocked_vxlan_connection_unchanged(mocker):
|
||||||
execute_return=(0, TESTCASE_VXLAN_SHOW_OUTPUT, ""))
|
execute_return=(0, TESTCASE_VXLAN_SHOW_OUTPUT, ""))
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def mocked_gre_connection_unchanged(mocker):
|
||||||
|
mocker_set(mocker,
|
||||||
|
connection_exists=True,
|
||||||
|
execute_return=(0, TESTCASE_GRE_SHOW_OUTPUT, ""))
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def mocked_ipip_connection_unchanged(mocker):
|
def mocked_ipip_connection_unchanged(mocker):
|
||||||
mocker_set(mocker,
|
mocker_set(mocker,
|
||||||
|
@ -1630,6 +1676,83 @@ def test_eth_dhcp_client_id_con_create(mocked_generic_connection_create, capfd):
|
||||||
assert results['changed']
|
assert results['changed']
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('patch_ansible_module', TESTCASE_GRE, indirect=['patch_ansible_module'])
|
||||||
|
def test_create_gre(mocked_generic_connection_create, capfd):
|
||||||
|
"""
|
||||||
|
Test if gre created
|
||||||
|
"""
|
||||||
|
with pytest.raises(SystemExit):
|
||||||
|
nmcli.main()
|
||||||
|
|
||||||
|
assert nmcli.Nmcli.execute_command.call_count == 1
|
||||||
|
arg_list = nmcli.Nmcli.execute_command.call_args_list
|
||||||
|
args, kwargs = arg_list[0]
|
||||||
|
|
||||||
|
assert args[0][0] == '/usr/bin/nmcli'
|
||||||
|
assert args[0][1] == 'con'
|
||||||
|
assert args[0][2] == 'add'
|
||||||
|
assert args[0][3] == 'type'
|
||||||
|
assert args[0][4] == 'ip-tunnel'
|
||||||
|
assert args[0][5] == 'con-name'
|
||||||
|
assert args[0][6] == 'non_existent_nw_device'
|
||||||
|
|
||||||
|
args_text = list(map(to_text, args[0]))
|
||||||
|
for param in ['connection.interface-name', 'gre-existent_nw_device',
|
||||||
|
'ip-tunnel.local', '192.168.225.5',
|
||||||
|
'ip-tunnel.mode', 'gre',
|
||||||
|
'ip-tunnel.parent', 'non_existent_gre_device',
|
||||||
|
'ip-tunnel.remote', '192.168.225.6',
|
||||||
|
'ip-tunnel.input-key', '1',
|
||||||
|
'ip-tunnel.output-key', '2']:
|
||||||
|
assert param in args_text
|
||||||
|
|
||||||
|
out, err = capfd.readouterr()
|
||||||
|
results = json.loads(out)
|
||||||
|
assert not results.get('failed')
|
||||||
|
assert results['changed']
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('patch_ansible_module', TESTCASE_GRE, indirect=['patch_ansible_module'])
|
||||||
|
def test_gre_mod(mocked_generic_connection_modify, capfd):
|
||||||
|
"""
|
||||||
|
Test if gre modified
|
||||||
|
"""
|
||||||
|
with pytest.raises(SystemExit):
|
||||||
|
nmcli.main()
|
||||||
|
|
||||||
|
assert nmcli.Nmcli.execute_command.call_count == 1
|
||||||
|
arg_list = nmcli.Nmcli.execute_command.call_args_list
|
||||||
|
args, kwargs = arg_list[0]
|
||||||
|
|
||||||
|
assert args[0][0] == '/usr/bin/nmcli'
|
||||||
|
assert args[0][1] == 'con'
|
||||||
|
assert args[0][2] == 'modify'
|
||||||
|
assert args[0][3] == 'non_existent_nw_device'
|
||||||
|
|
||||||
|
args_text = list(map(to_text, args[0]))
|
||||||
|
for param in ['ip-tunnel.local', '192.168.225.5', 'ip-tunnel.remote', '192.168.225.6']:
|
||||||
|
assert param in args_text
|
||||||
|
|
||||||
|
out, err = capfd.readouterr()
|
||||||
|
results = json.loads(out)
|
||||||
|
assert not results.get('failed')
|
||||||
|
assert results['changed']
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('patch_ansible_module', TESTCASE_GRE, indirect=['patch_ansible_module'])
|
||||||
|
def test_gre_connection_unchanged(mocked_gre_connection_unchanged, capfd):
|
||||||
|
"""
|
||||||
|
Test : GRE connection unchanged
|
||||||
|
"""
|
||||||
|
with pytest.raises(SystemExit):
|
||||||
|
nmcli.main()
|
||||||
|
|
||||||
|
out, err = capfd.readouterr()
|
||||||
|
results = json.loads(out)
|
||||||
|
assert not results.get('failed')
|
||||||
|
assert not results['changed']
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.parametrize('patch_ansible_module', TESTCASE_ETHERNET_DHCP, indirect=['patch_ansible_module'])
|
@pytest.mark.parametrize('patch_ansible_module', TESTCASE_ETHERNET_DHCP, indirect=['patch_ansible_module'])
|
||||||
def test_ethernet_connection_dhcp_unchanged(mocked_ethernet_connection_dhcp_unchanged, capfd):
|
def test_ethernet_connection_dhcp_unchanged(mocked_ethernet_connection_dhcp_unchanged, capfd):
|
||||||
"""
|
"""
|
||||||
|
|
Loading…
Reference in a new issue