File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/states/__pycache__/network.cpython-310.pyc
o
�����N�g�_�����������������������@���s\���d�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�e���e���Z d�d���Z
d�d�d���Z�d�d ��Z�d
d���Z
d�S�)
a#)��
Configuration of network interfaces
===================================
The network module is used to create and manage network settings,
interfaces can be set as either managed or ignored. By default
all interfaces are ignored unless specified.
.. note::
RedHat-based systems (RHEL, CentOS, Scientific, etc.)
have been supported since version 2014.1.0.
Debian-based systems (Debian, Ubuntu, etc.) have been
supported since version 2017.7.0. The following options
are not supported: ipaddr_start, and ipaddr_end.
Other platforms are not yet supported.
.. note::
On Debian-based systems, networking configuration can be specified
in `/etc/network/interfaces` or via included files such as (by default)
`/etc/network/interfaces.d/*`. This can be problematic for configuration
management. It is recommended to use either `file.managed` *or*
`network.managed`.
If using ``network.managed``, it can be useful to ensure ``interfaces.d/``
is empty. This can be done using the following state
.. code-block:: yaml
/etc/network/interfaces.d:
file.directory:
- clean: True
Configuring Global Network Settings
-----------------------------------
Use the :py:func:`network.system <salt.states.network.system>` state to set
global network settings:
.. code-block:: yaml
system:
network.system:
- enabled: True
- hostname: server1.example.com
- gateway: 192.168.0.1
- gatewaydev: eth0
- nozeroconf: True
- nisdomain: example.com
- require_reboot: True
- apply_hostname: True
.. note::
The use of ``apply_hostname`` above will apply changes to the hostname
immediately.
.. versionchanged:: 2015.5.0
``apply_hostname`` added
retain_settings
***************
.. versionadded:: 2016.11.0
Use `retain_settings` to retain current network settings that are not otherwise
specified in the state. Particularly useful if only setting the hostname.
Default behavior is to delete unspecified network settings.
.. code-block:: yaml
system:
network.system:
- hostname: server2.example.com
- apply_hostname: True
- retain_settings: True
Configuring Network Routes
--------------------------
Use the :py:func:`network.routes <salt.states.network.routes>` state to set
network routes.
.. code-block:: yaml
routes:
network.routes:
- name: eth0
- routes:
- name: secure_network
ipaddr: 10.2.0.0
netmask: 255.255.255.0
gateway: 10.1.0.3
- name: HQ_network
ipaddr: 10.100.0.0
netmask: 255.255.0.0
gateway: 10.1.0.10
Managing Network Interfaces
---------------------------
The :py:func:`network.managed <salt.states.network.managed>` state is used to
configure network interfaces. Here are several examples:
Ethernet Interface
******************
.. code-block:: yaml
eth0:
network.managed:
- enabled: True
- type: eth
- proto: static
- ipaddr: 10.1.0.7
- netmask: 255.255.255.0
- gateway: 10.1.0.1
- enable_ipv6: true
- ipv6proto: static
- ipv6addrs:
- 2001:db8:dead:beef::3/64
- 2001:db8:dead:beef::7/64
- ipv6gateway: 2001:db8:dead:beef::1
- ipv6netmask: 64
- dns:
- 8.8.8.8
- 8.8.4.4
- channels:
rx: 4
tx: 4
other: 4
combined: 4
Ranged Interfaces (RHEL/CentOS Only)
************************************
.. versionadded:: 2015.8.0
Ranged interfaces can be created by including the word ``range`` in the
interface name.
.. important::
The interface type must be ``eth``.
.. code-block:: yaml
eth0-range0:
network.managed:
- type: eth
- ipaddr_start: 192.168.1.1
- ipaddr_end: 192.168.1.10
- clonenum_start: 10
- mtu: 9000
bond0-range0:
network.managed:
- type: eth
- ipaddr_start: 192.168.1.1
- ipaddr_end: 192.168.1.10
- clonenum_start: 10
- mtu: 9000
eth1.0-range0:
network.managed:
- type: eth
- ipaddr_start: 192.168.1.1
- ipaddr_end: 192.168.1.10
- clonenum_start: 10
- vlan: True
- mtu: 9000
bond0.1-range0:
network.managed:
- type: eth
- ipaddr_start: 192.168.1.1
- ipaddr_end: 192.168.1.10
- clonenum_start: 10
- vlan: True
- mtu: 9000
Bond Interfaces
***************
To configure a bond, you must do the following:
- Configure the bond slaves with a ``type`` of ``slave``, and a ``master``
option set to the name of the bond interface.
- Configure the bond interface with a ``type`` of ``bond``, and a ``slaves``
option defining the bond slaves for the bond interface.
.. code-block:: yaml
eth2:
network.managed:
- enabled: True
- type: slave
- master: bond0
eth3:
network.managed:
- enabled: True
- type: slave
- master: bond0
bond0:
network.managed:
- type: bond
- ipaddr: 10.1.0.1
- netmask: 255.255.255.0
- mode: gre
- proto: static
- dns:
- 8.8.8.8
- 8.8.4.4
- enabled: False
- slaves: eth2 eth3
- require:
- network: eth2
- network: eth3
- miimon: 100
- arp_interval: 250
- downdelay: 200
- lacp_rate: fast
- max_bonds: 1
- updelay: 0
- use_carrier: on
- hashing-algorithm: layer2
- mtu: 9000
- autoneg: on
- speed: 1000
- duplex: full
- rx: on
- tx: off
- sg: on
- tso: off
- ufo: off
- gso: off
- gro: off
- lro: off
VLANs
*****
Set ``type`` to ``vlan`` to configure a VLANs. These VLANs are configured on
the bond interface defined above.
.. code-block:: yaml
bond0.2:
network.managed:
- type: vlan
- ipaddr: 10.1.0.2
- use:
- network: bond0
- require:
- network: bond0
bond0.3:
network.managed:
- type: vlan
- ipaddr: 10.1.0.3
- use:
- network: bond0
- require:
- network: bond0
bond0.10:
network.managed:
- type: vlan
- ipaddr: 10.1.0.4
- use:
- network: bond0
- require:
- network: bond0
bond0.12:
network.managed:
- type: vlan
- ipaddr: 10.1.0.5
- use:
- network: bond0
- require:
- network: bond0
Bridge Interfaces
*****************
.. code-block:: yaml
eth4:
network.managed:
- enabled: True
- type: eth
- proto: dhcp
- bridge: br0
br0:
network.managed:
- enabled: True
- type: bridge
- proto: dhcp
- bridge: br0
- delay: 0
- ports: eth4
- bypassfirewall: True
- use:
- network: eth4
- require:
- network: eth4
.. note::
When managing bridged interfaces on a Debian/Ubuntu based system, the
``ports`` argument is required. RedHat-based systems will ignore the
argument.
Network Teaming (RHEL/CentOS 7 and later)
*****************************************
.. versionadded:: 3002
- Configure the members of the team interface with a ``type`` of ``teamport``,
and a ``team_master`` option set to the name of the bond interface.
- ``master`` also works, but will be ignored if both ``team_master`` and
``master`` are present.
- If applicable, include a ``team_port_config`` option. This should be
formatted as a dictionary. Keep in mind that due to a quirk of PyYAML,
dictionaries nested under a list item must be double-indented (see example
below for interface ``eth5``).
- Configure the team interface with a ``type`` of ``team``. The team
configuration should be passed via the ``team_config`` option. As with
``team_port_config``, the dictionary should be double-indented.
.. code-block:: yaml
eth5:
network.managed:
- type: teamport
- team_master: team0
- team_port_config:
prio: 100
eth6:
network.managed:
- type: teamport
- team_master: team0
team0:
network.managed:
- type: team
- ipaddr: 172.24.90.42
- netmask: 255.255.255.128
- enable_ipv6: True
- ipv6addr: 'fee1:dead:beef:af43::'
- team_config:
runner:
hwaddr_policy: by_active
name: activebackup
link_watch:
name: ethtool
.. note::
While ``teamd`` must be installed to manage a team interface, it is not
required to configure a separate :py:func:`pkg.installed
<salt.states.pkg.installed>` state for it, as it will be silently installed
if needed.
Configuring the Loopback Interface
**********************************
Use :py:func:`network.managed <salt.states.network.managed>` with a ``type`` of
``eth`` and a ``proto`` of ``loopback``.
.. code-block:: yaml
lo:
network.managed:
- name: lo
- type: eth
- proto: loopback
- onboot: yes
- userctl: no
- ipv6_autoconf: no
- enable_ipv6: true
Other Useful Options
--------------------
noifupdown
**********
The ``noifupdown`` option, if set to ``True``, will keep Salt from restart the
interface if changes are made, requiring them to be restarted manually. Here
are a couple examples:
.. code-block:: yaml
eth7:
network.managed:
- enabled: True
- type: eth
# Automatic IP/DNS
- proto: dhcp
- noifupdown: True
eth8:
network.managed:
- type: eth
- noifupdown: True
# IPv4
- proto: static
- ipaddr: 192.168.4.9
- netmask: 255.255.255.0
- gateway: 192.168.4.1
- enable_ipv6: True
# IPv6
- ipv6proto: static
- ipv6addr: 2001:db8:dead:c0::3
- ipv6netmask: 64
- ipv6gateway: 2001:db8:dead:c0::1
# override shared; makes those options v4-only
- ipv6ttl: 15
# Shared
- mtu: 1480
- ttl: 18
- dns:
- 8.8.8.8
- 8.8.4.4
�����Nc��������������������C���s ���t�j�j�����r�d�S�d�t�v�r�d�S�d�S�)�zf
Confine this module to non-Windows systems with the required execution
module available.
)�Fz!Only supported on non-Windows OSs��ip.get_interfaceT)�Fz�ip module could not be loaded)���salt��utils��platformZ
is_windows��__salt__��r����r�����G/opt/saltstack/salt/lib/python3.10/site-packages/salt/states/network.py��__virtual__����s
�������������r ���Tc����������������
���K���s����|�i�d�d�|���d���d���}�d�|�v�r�t���d�d���|�d�<�d�}�t�|���d�d�����}�d |�v�rJ|���d ��}�d
}�d�|�v�r9|�d�7�}�|�|�d�<�n�|�d
7�}�|�d�7�}�|���d�g�����|�����z~t�d���|���}�t�d���|�|�|�f�i�|�����} |�d���r�|�| k�rf �|�sw| rwd�|�d�<�d�|���d���|�d�<�nP|�| k�r�t�j�|�| d�d���}
d�|�d�<�d�� |�d��
|
����|�d�<�n4|�s�| r�d�|���d���|�d�<�d�|�d���d�<�d�}�n�|�| k�r�t�j�|�| d�d���}
d�|���d���|�d�<�d��
|
��|�d���d�<�d�}�W�n���t�y���}���z�d�|�d�<�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�d�k�r�|�S�|�d k���r�d!t�v���r�z�t�d!��|���}�t�d"��|�f�i�|�����} |�d�����r<|���s�| ��r�d�|�d�<�d#� |���|�d�<�nX|�| k���r;t�j�|�| d�d���}
d�|�d�<�d$� |�d��
|
����|�d�<�n;|���sW| ��rWd%|���d���|�d�<�d&|���d'��|�d���d <�d�}�n |�| k���rwt�j�|�| d�d���}
d%|���d���|�d�<�d��
|
��|�d���d <�d�}�W�n���t���y���}���z�d�|�d�<�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�d�����r�|�S�d(|�v���r�|���r�z�t�d)��d*��|�d�<�d+|�d�<�|�W�S���t���y���}���z�d�|�d�<�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�d�|�d�<�d,|�d�<�|�S�z�t
j�j�����}�d�}
|�|�v���r�|�|�����d-��}
nq|�D�]n}�d.|�|���v���r�|�|���d.��D�]�}�|���d/d���|�k���r�d�}
��q�|�d0k���red1|�|���v���r@|�|���d1��}�t�|���d2k���r@|�D�]�}�|���d/d���|�k���r>d�}
��q1d3|�|���v���re|�|���d3��}�t�|���d2k���re|�D�]�}�|���d/d���|�k���rcd�}
��qV��q�|���r�d4|�v���r�|
��r�|�d�����r�t�d5��|�|�����t�d6��|�|�����d�|���d7��|�d���d8<�n+t�d6��|�|�����d�|���d9��|�d���d8<�n�d4|�v���r�|
��r�t�d5��|�|�����d�|���d:��|�d���d8<�W�n���t���y���}���z�d�|�d�<�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�d k���rhd4|�v���rhd;|�v���rh|�d;����rht�d<��d=d>|���d?��g�������}�t�|�d;��t�����r�|�d;��}�n�|�d;������}�t�|���t�|�����}�|���r^t�d@��dAk���r]t�d<��dBdCg�������}�|���rKt���dDdE�
|���|�����|�|�g�t�|�����}�t�d<��|�d�dF����n�t���dG����dH� dE�
|���|���|�d���dI<�n
t���dJdE�
|���|�����|���rp|
��rp|�S�t�dK������|�S�)La����
Ensure that the named interface is configured properly.
name
The name of the interface to manage
type : eth
Type of interface and configuration
.. versionchanged:: 3002
enabled
Designates the state of this interface.
T�
Interface z� is up to date.����name��changes��result��comment��testF��typeZ�eth��addrz%'addr' is not a valid argument name, ��hwaddrz0its value has been assigned to 'hwaddr' instead.z)it has been ignored in favor of 'hwaddr'.z1 Update your SLS file to get rid of this warning.��warningsr����z�ip.build_interfaceNr����z� is set to be added.r��������Z�linetermz%Interface {} is set to be updated:
{}��
z� added.z�Added network interface.r
���Z interfacez updated.��sourceZ�bondz�ip.get_bondz
ip.build_bondz%Bond interface {} is set to be added.z*Bond interface {} is set to be updated:
{}z�Bond interface z�Added bond ��.��rangez�service.restart��networkz1network restarted for change of ranged interfacesz�no change, passing itZ�upZ secondaryZ�label��loZ�inet�����Z�inet6Z
noifupdownz�ip.downz�ip.upz� restart to validate��statusz� is upz� downZ�slavesz�cmd.run��catz�/sys/class/net/z�/bonding/slavesZ os_familyZ�Suse��whichZ ifenslavez#Adding slaves '%s' to the master %s�� )�Z�python_shellz�Command 'ifenslave' not foundz Added slaves '{}' to master '{}'Z�enslavezGAll slaves '%s' are already added to the master %s, no actions requiredz�saltutil.refresh_grains)���__opts__��get��str��pop�
setdefault��appendr������difflib��unified_diff��format��join��AttributeError� Exceptionr����r����r�����
interfaces��len��split�
isinstance��list��setZ
__grains__��strip��log��info��error)�r������enabled��kwargs��retZ�apply_ranged_settingZ
iface_typer������msg��old��new��diffr7���r.���Z�interface_statusZ�iface��secondZ inet_data��dataZ
inet6_dataZ�present_slavesZ�desired_slavesZ�missing_slavesZ�ifenslave_path��cmdr����r����r������managed����s~���������
�������������
�������
���������������������������������
�������������������������������������������������
���������
�
�������
���������������
�����������������������
���
�����������������������������������
���������������
�������������������������������
���
�����
���������������
�������������������������������������
���������������������������
���
���
�����������������
���rB���c����������������
���K���s����|�i�d�d�|���d���d���}�d�}�d�|�v�r�t���d�d���|�d�<�z�t�d���|���}�t�d���|�f�i�|�����}�|�d���rf|�|�k�r5|�W�S�|�sH|�rHd |�d
<�d�|���d���|�d�<�|�W�S�|�|�k�rft�j�|�|�d
d���}�d |�d
<�d���|�d���|�����|�d�<�|�W�S�|�s|�rd�}�d�|���d���|�d�<�d�|���d���|�d���d�<�n�|�|�k�r�t�j�|�|�d
d���}�d�}�d�|���d���|�d�<�d���|���|�d���d�<�W�n���t�y���}���z�d�|�d
<�t�|���|�d�<�|�W���Y�d }�~�S�d }�~�w�w�|�r�z�t�d���d�i�|�������W�|�S���t�y���}���z�d�|�d
<�t�|���|�d�<�|�W���Y�d }�~�S�d }�~�w�w�|�S�)�z�
Manage network interface static routes.
name
Interface name to apply the route to.
kwargs
Named routes
Tr
���z� routes are up to date.r����Fr����z
ip.get_routesz�ip.build_routesNr����z� routes are set to be added.r����r����r����z-Interface {} routes are set to be updated:
{}r����z� routes added.z�Added interface z� routes.r
���Z�network_routesz� routes updated.��ip.apply_network_settingsr����) r"���r#���r����r(���r)���r*���r+���r,���r$���)�r����r9���r:���Z�apply_routesr<���r=���r>���r7���r����r����r������routes����sj���������
�������������������������������������
�������������������������������������������������������������rD���c����������������
���K���s����|�i�d�d�d���}�d�}�t�d���|�d�<�zkt�d�����}�t�d���d�i�|�����}�t�d���rU|�|�k�r)|�W�S�|�s8|�r8d�|�d <�d
|�d�<�|�W�S�|�|�k�rUt�j�|�|�d�d
��}�d�|�d <�d���d���|�����|�d�<�|�W�S�|�sb|�rbd�}�d�|�d���d�<�n�|�|�k�ryt�j�|�|�d�d
��}�d�}�d���|���|�d���d�<�W�n;��t�y���}���z�d�|�d <�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w���t�y���}���z�d�|�d <�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�r�z�t�d���d�i�|�������W�|�S���t�y���}���z�d�|�d <�t�|���|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�S�)�z�
Ensure that global network settings are configured properly.
name
Custom name to represent this configuration change.
kwargs
The global parameters for the system.
Tz'Global network settings are up to date.r����Fr����z�ip.get_network_settingsz�ip.build_network_settingsNr����z,Global network settings are set to be added.r����r����r����z1Global network settings are set to be updated:
{}r����z�Added global network settings.r
���Z�network_settingsrC���r����) r"���r����r(���r)���r*���r+���r,���r$�����KeyError)�r����r9���r:���Z�apply_net_settingsr<���r=���r>���r7���r����r����r������system����sn�������������������
���������������������������������������������������������������������������������������������rF���)�T)���__doc__r(�����loggingZ�salt.loaderr����Z�salt.utils.networkZ�salt.utils.platform� getLogger��__name__r5���r ���rB���rD���rF���r����r����r����r������<module>����s����������9��������
���
���j�B