puppet-foreman_network

Table of Contents

• Overview
• Usage
  • Install and enable foreman_network
  • Declare foreman_network
  • Configure nameservers
    • Additional nameservers
    • Custom nameservers
  • Configure resolv options
  • Overwrite network routes
    • Add static route and overwrite the default gateway on interface eth0
• Reference
• Limitations
• Development
  • Setup testing and development environment (MacOSX)
  • Running acceptance tests
  • Running unit tests
  • Updating documentation
• Release Notes

Overview

This module configures network interfaces, network routes and resolv.conf from Foreman ENC (external node classifier) node parameters.

Basically it parses the foreman_interfaces and domainname node parameters from foreman and pass it to other puppet modules to configure the settings.

More information about foreman: https://theforeman.org/

Information about Puppet ENC (external node classifier): https://puppet.com/docs/puppet/latest/nodes_external.html

NOTE: This module is only compatible with systems based on RHEL7 and RHEL8. It does not provide native support for NetworkManager, legacy network components are required.

Usage

All parameters for the module are contained within the main class, so for any function of the module, set the options you want. All configuration parameters can be assigned hiera. The default values are also lookuped up by hiera. See the common usages below for examples.

Install and enable foreman_network

include foreman_network

Declare foreman_network

To get foreman_network up and running just declare the class.

class { 'foreman_network': }

Declare the class with default values:

class { 'foreman_network':
  nameservers                      => [],
  nameservers_merge                => true,
  manage_resolv_conf               => true,
  route_overrides                  => {},
  manage_network_interface_restart => true,
  manage_if_from_facts_only        => true,
  resolv_conf_path                 => '/etc/resolv.conf',
  resolver_options                 => [],
  debug                            => false,
  searchpath_merge                 => true,
  searchpath                       => [],
}

Using Hiera with default values:

foreman_network:
  nameservers: []
  nameservers_merge: true
  manage_resolv_conf: true
  route_overrides: {}
  manage_network_interface_restart: true
  manage_if_from_facts_only: true
  resolv_conf_path: /etc/resolv.conf
  resolver_options: []
  debug: false
  searchpath_merge: true
  searchpath: []

Configure nameservers

IMPORTANT: When the boot mode of the primary interface from foreman is a DHCP, the resolv.conf will be always unmanaged even when the parameter manage_resolv_conf is true.

Additional nameservers

Foreman passes 2 nameservers via node parameters: dns_primary (eg. 1.1.1.1) and dns_secondary (eg. 2.2.2.2).

With the following configuration additional nameservers will be added via an unique merge:

class { 'foreman_network':
  nameservers_merge  => true,
  nameservers        => [
    '1.1.1.1',
    '8.8.8.8',
    '4.4.4.4'
  ],
}

Using Hiera:

foreman_network:
  nameservers_merge: true
  nameservers:
    - 8.8.8.8
    - 4.4.4.4

The result in /etc/resolv.conf will be:

[...]
nameserver 1.1.1.1
nameserver 2.2.2.2
nameserver 8.8.8.8
nameserver 4.4.4.4
[...]

Custom nameservers

Use custom nameservers and ignore foreman nameservers with the following configuration

class { 'foreman_network':
  nameservers_merge  => false,
  nameservers        => [
    '8.8.8.8',
    '4.4.4.4'
  ],
}

Using Hiera:

foreman_network:
  nameservers_merge: false
  nameservers:
    - 8.8.8.8
    - 4.4.4.4

The result in /etc/resolv.conf will be:

[...]
nameserver 8.8.8.8
nameserver 4.4.4.4
[...]

Configure resolv options

Add some resolver options to /etc/resolv.conf

class { 'foreman_network':
  resolver_options => [
    'timeout:1',
    'rotate'
  ],
}

Using Hiera:

foreman_network:
  resolver_options:
    - timeout:1
    - rotate

If a top scope variable $resolver_options exists (e.g. from Foreman ENC) it will be merged into your defined options here. This way you can tune your settings according to your infrastructure.

Overwrite network routes

IMPORTANT: When the boot mode of the primary interface from foreman is a DHCP, all routes for this interface will be ignored IMPORTANT: When NetworkManager is enabled no static routes will be set

Add static route and overwrite the default gateway on interface eth0

class { 'foreman_network':
  route_overrides => {
    '0.0.0.0/0'   => {
      'ensure'    => 'present',
      'gateway'   => '10.241.60.253',
      'interface' => 'eth0',
      'netmask'   => '255.255.255.0',
      'network'   => '10.241.60.0',
    },
    '10.1.2.0/24' => {
      'ensure'    => 'present',
      'gateway'   => '10.1.2.254',
      'interface' => 'eth0',
      'netmask'   => '255.255.255.0',
      'network'   => '10.1.2.0',
    },
  }
}

Using Hiera:

foreman_network:
  route_overrides:
    0.0.0.0/24:
      ensure: present
      gateway: 10.241.60.253
      interface: eth0
      netmask: 255.255.255.0
      network: 10.241.60.0 
    10.1.2.0/24:
      ensure: present
      gateway: 10.1.2.254
      interface: eth0
      netmask: 255.255.255.0
      network: 10.1.2.0  

Reference

See REFERENCE.md

Limitations

For a list of supported operating systems, see metadata.json

Development

This module uses puppet_litmus for development and acceptance testing.

Setup testing and development environment (MacOSX)

Install required software with brew

brew cask install docker
brew cask install puppetlabs/puppet/pdk
brew cask install puppet-bolt
brew install rbenv
rbenv init
echo 'eval "$(rbenv init -)"' >> $HOME/.zshrc
curl -fsSL https://github.com/rbenv/rbenv-installer/raw/master/bin/rbenv-doctor | bash
rbenv install 2.6.5

Install all needed gem dependencies:

./scripts/prepare_test_env.sh

Running acceptance tests

Create test environment:

./scripts/create_test_env.sh

Run the acceptance tests:

./scripts/run_tests.sh

Remove the test environment:

./scripts/remove_test_env.sh

Running unit tests

pdk test unit

Release Process

scripts/make-release

git push

Reference

Table of Contents

Classes

• foreman_network: Configure network interfaces, routes and resolv.conf from foreman ENC node parametes

Defined types

• foreman_network::network_restart: Restart a network interface

Classes

foreman_network

Configure network interfaces, routes and resolv.conf from foreman ENC node parametes

Parameters

The following parameters are available in the foreman_network class:

• debug
• foreman_interfaces
• foreman_searchpath
• manage_network_interface_restart
• manage_if_from_facts_only
• manage_resolv_conf
• nameservers
• nameservers_merge
• resolv_conf_path
• resolver_options
• route_overrides
• searchpath
• searchpath_merge

debug

Data type: Boolean

Turn on debug mode

foreman_interfaces

Data type: Array

ENC node parameter with key foreman_interfaces injected by foreman

Default value: $::foreman_interfaces

foreman_searchpath

Data type: Array

ENC node parameter with key domainname injected by foreman

Default value: [$::domainname]

manage_network_interface_restart

Data type: Boolean

True means the network interface will be configured (if down & up) immediately on change

manage_if_from_facts_only

Data type: Boolean

If true then only interfaces will be managed that exists in $facts['networking']['interfaces']

manage_resolv_conf

Data type: Boolean

Specify wether to manage resolve.conf or not. IMPORTANT: If DHCP is enabled on the primary interface resolv.conf will always be unmanged.

nameservers

Data type: Array

List of nameservers which will be either exclusive used or merged. Depends on nameservers_merge

nameservers_merge

Data type: Boolean

If true merges the entries the foreman dns servers with nameservers. if false then only use nameserver

resolv_conf_path

Data type: Stdlib::Absolutepath

The path of the resolv.conf. For docker accaptance test this could be modified

resolver_options

Data type: Array

ENC node parameter with key resolver_options injected by foreman

route_overrides

Data type: Hash

Overrides the default route provided by foreman and could also add additional static network routes. IMPORTANT: If DHCP enabled is enabled on the primary interface. All routes on the primary interface will be ignored.

searchpath

Data type: Array

Search list in resolv.conf. if searchpath_merge is true the array will me merged with foreman_searchpath

searchpath_merge

Data type: Boolean

If true then merge the entries the foreman_searchpath with searchpath. if false then only use searchpath from foreman

Defined types

foreman_network::network_restart

Apply configuration changes for a network interface

Parameters

The following parameters are available in the foreman_network::network_restart defined type:

• interface
• manage_network_interface_restart

interface

Data type: String

The network interface identifier eg. eth0

manage_network_interface_restart

Data type: Boolean

if true the network interface will be restarted

Default value: $foreman_network::manage_network_interface_restart

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

v1.3.0 - 2023-12-04

Added

• Add resolver options

v1.2.0 - 2023-08-21

Added

• Enable GitHub Actions

Changed

• Update OS support, dependencies and Puppet version
• Update PDK to 3.0.0

Fixed

• Fix typo in parameter name $manage_network_interface_restart
• Fix compatibility with puppetlabs/stdlib v9.0.0
• Fix unit tests
• Partially fix acceptance tests on Rocky 8

v1.1.0 - 2022-08-17

Fixed

• Fix network restart on EL8 (#1)

v1.0.0 - 2020-02-27

Initial release