declare your linux network state
play

Declare Your Linux Network State! with nmstate Edward Haas, Red Hat - PowerPoint PPT Presentation

Jan 16, 2024 •153 likes •532 views

Declare Your Linux Network State! with nmstate Edward Haas, Red Hat < edwardh@redhat.com > Till Maas, Red Hat < till@redhat.com > Linux kernel Hardware 3 Red Hat oVirt Ifcfg initscripts iproute2 ethtool Netlink Linux kernel

  1. Declare Your Linux Network State! with nmstate Edward Haas, Red Hat < edwardh@redhat.com > Till Maas, Red Hat < till@redhat.com >

  3. Linux kernel Hardware 3 Red Hat

  4. oVirt Ifcfg initscripts iproute2 ethtool Netlink Linux kernel Hardware 4 Red Hat

  5. OpenStack oVirt Ifcfg initscripts iproute2 ethtool Netlink Linux kernel Hardware 5 Red Hat

  6. Cockpit OpenStack oVirt Ifcfg initscripts NM D-Bus NetworkManager iproute2 ethtool Netlink Linux kernel Hardware 6 Red Hat

  7. Cockpit Ansible OpenStack oVirt nmcli libnm Ifcfg initscripts NM D-Bus NetworkManager iproute2 ethtool Netlink Linux kernel Hardware 7 Red Hat

  8. OpenShift/ Cockpit Ansible OpenStack oVirt OKD/K8S nmcli libnm Ifcfg initscripts NM D-Bus NetworkManager iproute2 ethtool Netlink Linux kernel Hardware 8 Red Hat

  9. OpenShift/ Cockpit Ansible OpenStack oVirt okd nmcli libnm Ifcfg initscripts NM D-Bus NetworkManager iproute2 ethtool Netlink Linux kernel Hardware

  10. Configure a Bond Bond (mybond0) NIC (eth1) NIC (eth2)

  11. Configure a Bond (nmcli) $ nmcli con add type bond ifname mybond0 mode active-backup $ nmcli con add type ethernet ifname eth1 master mybond0 $ nmcli con add type ethernet ifname eth2 master mybond0 $ nmcli con mod mybond0 ipv4.method manual ipv4.address "1.2.3.4/24"

  12. Configure a Bond (iproute2) # ip link add mybond0 type bond # ip link set eth1 master mybond0 # ip link set eth2 master mybond0 # ip addr add 1.2.3.4/24 dev mybond0

  13. Configure a Bond (ifcfg) TYPE=Ethernet DEVICE=mybond0 mode=active-backup NAME=eth1 DEVICE=eth1 TYPE=Bond BONDING_MASTER=yes ONBOOT=yes MASTER=mybond0 IPV6INIT=no NAME=bond00 SLAVE=yes ONBOOT=yes BOOTPROTO=none TYPE=Ethernet IPADDR=1.2.3.4 NAME=eth2 PREFIX=24 DEVICE=eth2 DEFROUTE=yes ONBOOT=yes MASTER=mybond0 SLAVE=yes

  14. Configure a Bond (nmstate) interfaces: - name: mybond0 type: bond state: up link-aggregation: mode: active-backup slaves: - eth1 - eth2 ipv4: enabled: true address: - ip: 1.2.3.4 prefix-length: 24

  15. OpenShift/ Cockpit Ansible OpenStack oVirt okd nmstate libnm NM D-Bus NetworkManager iproute2 ethtool Netlink Linux kernel Hardware 15

  16. Design Complete Linux host network state

  17. Design Configuration and reporting

  18. Design Declarative Describe WHAT you want and don’t bother with the HOW. https://imgs.xkcd.com/comics/pointers.png

  19. Design Inspired by IETF Network Modeling Working Group (NETCONF/YANG)

  20. Design Based on NetworkManager ● Open for provider extensions ●

  21. Design Atomic changes ALL NOTHING VOID

  22. Design Allow partial states https://commons.wikimedia.org/wiki/File:Partial_Eclipse_of_Moon.jpg

  23. Nmstate Design - simple API: - state = show() - apply(state) - allow partial states to configure only subset of all settings - verification of the configuration by comparing the runtime state - atomic configuration changes: Rollback to previous state on failure by default - Use power of NetworkManager but allow enhancements missing in NetworkManager

  24. Currently support devices Ethernet ● IPv4 & IPv6, static & dynamic ● Bonding ● Linux bridges ● OVS bridges (basic) ●

  25. Command-line interface # nmstatectl show eth0 --- interfaces: - name: eth0 type: ethernet state: up nmstatectl [show|set|edit] mtu: 1500 ipv4: enabled: true dhcp: true address: - ip: 192.168.122.197 prefix-length: 24

  26. Simple (Python) API state = netinfo.show() state[‘interfaces’][0][‘mtu’] = 9000 netapplier.apply(state)

  27. Verification with rollback

  28. Ansible network modules net_interface ● net_linkagg ● net_vlan ● net_l3_interface ● State Ansible Switch Linux

  29. Ansible network modules for Linux # Ansible # nmstate tasks: --- - net_linkagg: interfaces: name: web-bond - name: web-bond state: up type: bond members: state: up - eth1 link-aggregation: - eth2 mode: 802.3ad options: {} slaves: - eth1 - eth2

  30. kubernetes-nmstate (PoC) - Manage host/node network through Kubernetes. - Implements the suggested Kubernetes Node Network Configuration CRD. NodeNetworkState NodeNetConfPolicy Match on Nodes surrentState NodeNetworkState & Apply desireState snippet NodeNetworkState PoC: https://github.com/nmstate/kubernetes-nmstate

  31. kubernetes-nmstate (PoC) On every Node, On every SRIO interface, Define 8 VF. NodeNetworkState Define 8 VF on eth0 & eth1. NodeNetConfPolicy Define 8 VF on eth0. Match on Nodes surrentState NodeNetworkState & Apply desireState snippet Define 8 VF on eth2 & eth4. NodeNetworkState

  32. Ku kubernetes-nmstate (PoC) apiVersion: "k8s.cni.cncf.io/v1" status: kind: NodeNetworkState currentState: metadata: capabilities: [] name: my-node-netstate interfaces: spec: - if-index: 10 managed: true name: bond0 nodeName: my-node type: bond desiredState: state: up interfaces: phys-address: aa:bb:cc:dd:ee:ff - name: bond0 link-aggregation: type: bond mode: balance-rr state: up slaves: link-aggregation: - eth0 mode: balance-rr - eth1 slaves: ipv4: - eth0 enabled: true - eth1 address: ipv4: - ip: 10.10.10.2 enabled: true prefix-length: 24 address: ipv6: - ip: 10.10.10.2 enabled: false prefix-length: 24 ipv6: enabled: false 32

  33. Challenges # desired state # actual state --- --- interfaces: interfaces: - name: eth0 - name: eth0 type: ethernet type: ethernet state: up state: up ipv4: ipv4: enabled: true enabled: true dhcp: true dhcp: true address: - ip: 192.168.122.197 prefix-length: 24

  34. nmstate.io

  35. How to participate Development: https://github.com/nmstate/nmstate Planning: https://nmstate.atlassian.net Discussions: NetworkManager mailing list ● #nmstate on Freenode IRC ●

  36. Outlook Different state for configuration/persistence and runtime ● Support commit and confirm commands ● More interface types ● Add read-only report values ● Proprietary vendor interfaces ● NETCONF/YANG ● Routing (under review) ● Firewall ● Integration with oVirt, OpenStack, KubeVirt ●

  37. Thank you! nmstate.io

Recommend

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL) September 23, 2006 1 2 The State of the Linux Desktop Riding the Open Software Wave The Linux Desktop Markets Linux Desktop Market Data The Linux

544 views • 40 slides
NETWORKING NETWORKING PART 2: LINUX UX commands PART 2: LINUX commands Agenda Agenda Network

NETWORKING NETWORKING PART 2: LINUX UX commands PART 2: LINUX commands Agenda Agenda Network

Moreno Baricevic CNR-INFM DEMOCRITOS Trieste, ITALY INTRO TO INTRO TO NETWORKING NETWORKING PART 2: LINUX UX commands PART 2: LINUX commands Agenda Agenda Network Interfaces Network Interfaces LINUX command line utilities LINUX

598 views • 38 slides
Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

The State of Desktop Linux: Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig www.mylinuxrig.com @steven_ovadia *** Associate Professor/Web Services Librarian LaGuardia Community College About My Linux

458 views • 27 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State

Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State

Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State University, Shreveport, LA 71115 Introducing Shells History of UNIX and GNU-Linux Heritage of Linux: UNIX What Is So Good About Linux? Overview

336 views • 15 slides
Linux Network Stack Test Automated and Portable Network Tests Red Hat Radek Pazdera February 2,

Linux Network Stack Test Automated and Portable Network Tests Red Hat Radek Pazdera February 2,

Linux Network Stack Test Automated and Portable Network Tests Red Hat Radek Pazdera February 2, 2013 Abstract Introduction of our approach towards effective network testing. Our Goal A library of network tests to easily catch regressions in

408 views • 20 slides
NETWORKING NETWORKING PART RT 2: 2: LI LINUX UX commands PART 2: LINUX commands Agenda

NETWORKING NETWORKING PART RT 2: 2: LI LINUX UX commands PART 2: LINUX commands Agenda

Moreno Baricevic CNR-IOM DEMOCRITOS Trieste, ITALY INTRO TO INTRO TO NETWORKING NETWORKING PART RT 2: 2: LI LINUX UX commands PART 2: LINUX commands Agenda Agenda Network Interfaces Network Interfaces LINUX command line utilities

612 views • 46 slides
Linux Network Programming with P4 Linux Plumbers 2018 Fabian Ruffy, William Tu, Mihai Budiu

Linux Network Programming with P4 Linux Plumbers 2018 Fabian Ruffy, William Tu, Mihai Budiu

Linux Network Programming with P4 Linux Plumbers 2018 Fabian Ruffy, William Tu, Mihai Budiu VMware Inc. and University of British Columbia Outline Introduction to P4 XDP and the P4 Compiler Fabian Testing Example

730 views • 53 slides
Maximizing Accessibility: Engaging People With Disabilities in the Linux Community Spencer

Maximizing Accessibility: Engaging People With Disabilities in the Linux Community Spencer

Maximizing Accessibility: Engaging People With Disabilities in the Linux Community Spencer Hunley State of Accessibility in Linux: Past CLIs Primitive GUIs Improvements with GNOME 2 and KDE enviroments Linux State of

352 views • 9 slides
The Linux Environment Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State

The Linux Environment Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State

The Linux Environment Programming with C CSCI 112, Spring 2015 Patrick Donnelly Montana State University Linux Flavors There are many different distributions of the Linux operating systems. Some of the most popular are as follows: Ubuntu

373 views • 10 slides
(Linux) Networking Nima Honarmand Fall 2017 :: CSE 306 Network Layer Diagrams OSI and

(Linux) Networking Nima Honarmand Fall 2017 :: CSE 306 Network Layer Diagrams OSI and

Fall 2017 :: CSE 306 (Linux) Networking Nima Honarmand Fall 2017 :: CSE 306 Network Layer Diagrams OSI and TCP/IP Stacks (From Understanding Linux Network Internals ) Used in Real World Fall 2017 :: CSE 306 Ethernet (IEEE 802.3)

615 views • 36 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 9 Linux Security &amp; Logging Linux Security Real-World Linux Security RHEL

739 views • 41 slides
Network Emulation using Linux Network Namespaces Daniel Schubert Friday 5 th July, 2019 IITM SS19

Network Emulation using Linux Network Namespaces Daniel Schubert Friday 5 th July, 2019 IITM SS19

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Network Emulation using Linux Network Namespaces Daniel Schubert Friday 5 th July, 2019 IITM SS19 Garching b. Mnchen, Germany Chair of

669 views • 22 slides
What do we believe about collaboration? 1 Stand and Declare Collaboration with

What do we believe about collaboration? 1 Stand and Declare Collaboration with

Community Engagement USBC Summer Pre Institute Washington DC Tom Wolff Ph.D. Tom Wolff &amp; Associates Stand and Declare What do we believe about collaboration? 1 Stand and Declare Collaboration with representatives from all parts

693 views • 29 slides
Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet

Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet

FOSDEM19 Brussels, 2019-02-02 Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet &lt;quentin.monnet@netronome.com&gt; @qeole Outline Several network filtering mechanisms in the Linux kernel What are they,

415 views • 22 slides
Reducing Latency in Linux Wireless Network Drivers Tim Shepard shep@alum.mit.edu netdev 1.1

Reducing Latency in Linux Wireless Network Drivers Tim Shepard shep@alum.mit.edu netdev 1.1

Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) Reducing Latency in Linux Wireless Network Drivers Tim Shepard shep@alum.mit.edu netdev 1.1 Sevilla, Espa na 10-12

520 views • 18 slides
The State of the Art in Bufferbloat Testing and Reduction on Linux Toke Hiland-Jrgensen

The State of the Art in Bufferbloat Testing and Reduction on Linux Toke Hiland-Jrgensen

The State of the Art in Bufferbloat Testing and Reduction on Linux Toke Hiland-Jrgensen Roskilde University IETF 86, 12th March 2013 1 / 31 Outline Introduction Recent changes in the Linux kernel Testing methodology and best practices

689 views • 31 slides
10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His

10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His

10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His Praises! Wherever God is present, worship follows Where is Gods presence most uniquely experienced? The Tabernacle of God 1 10/3/2017

602 views • 7 slides
Pointers The Pointer Defined int *x; Read as: declare x as a pointer to a 32-bit integer

Pointers The Pointer Defined int *x; Read as: declare x as a pointer to a 32-bit integer

Pointers The Pointer Defined int *x; Read as: declare x as a pointer to a 32-bit integer Interpretation: declare x as a variable on the stack that holds the numeric address of the location in memory at which are 32 bits that we intend

359 views • 15 slides
Assembly Programming on Linux Assembly Programming on Linux Necessity OS Kernel Development

Assembly Programming on Linux Assembly Programming on Linux Necessity OS Kernel Development

Assembly Programming on Linux Assembly Programming on Linux Necessity OS Kernel Development 80x86 Sparc Alpha Some device drivers SCSI Controller Video Card Network Card Others that has ROM on board .. Compiler/Interpreter/Cross

283 views • 11 slides
KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016

KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016

Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016 netdevconf 1.1, February 10-12,

528 views • 39 slides
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN under Linux Netdev 2016, T okyo,

Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN under Linux Netdev 2016, T okyo,

Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN under Linux Netdev 2016, T okyo, Japan Stefan Schmidt stefan@osg.samsung.com Samsung Open Source Group Agenda Motivation Linux-wpan Project Wpan-tools Hardware and

713 views • 39 slides
Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG,

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG,

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016 Michael Boelen Open Source Lynis, Rootkit Hunter Business and Community Founder of CISOfy Board member and

454 views • 18 slides
Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range of systems ! CC BY-SA 2.0 FHKE, Flickr 2 Whats the difference between Linux on a big thing and Linux on a little thing? ! 3 ! Whats the

900 views • 52 slides

More recommend