A declarative network manager API for hosts.
Copr build status:
- EPEL 7 GIT master:
- Fedora GIT master:
Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. The networking state is described by a pre-defined schema. Reporting of current state and changes to it (desired state) both conform to the schema.
Nmstate is aimed to satisfy enterprise needs to manage host networking through a northbound declarative API and multi provider support on the southbound. NetworkManager acts as the main (and currently the only) provider supported.
Nmstate uses the NetworkManager mailing
list
(Archives) for
discussions. Emails about nmstate should be tagged with [nmstate] in the
subject header to ease filtering.
Development planning (sprints and progress reporting) happens in (Jira). Access requires login.
There is also #nmstate on Freenode
IRC.
Nmstate uses tox to run unit tests and linters. Since Nmstate uses the binary
module PyGObject it also requires the build dependencies for it.
Recommended minimum installation:
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm # install EPEL for python-pip
subscription-manager repos --enable "rhel-*-optional-rpms" --enable "rhel-*-extras-rpms" # recommended for EPEL
yum install git python-pip
yum-builddep python-gobject # install build dependencies for PyGObject
pip install tox # python-tox in EPEL seems to be too oldRecommended minimum installation:
yum -y install epel-release
yum -y install \
NetworkManager \
NetworkManager-libnm \
git \
python-pip
yum-builddep python-gobject # install build dependencies for PyGObject
pip install tox # python-tox in EPEL seems to be too oldNote: This will not run the unit tests for Python 3.6 because this Python version is not available there.
Run Unit Tests:
toxDespite the pure python dependencies (see requirements.txt),
Nmstate also needs NetworkManager to be running on the local system
in order to configure the local network state.
To access NetworkManager, Nmstate needs libnm and the corresponding
introspection data (NM-1.0.typelib, provided by python-gobject-base).
To manage OvS, Nmstate needs the packages NetworkManager-ovs and openvswitch.
NetworkManager needs to be restarted in order to use the new configuration
parameters (conf.d/97-nmstate.conf) and the OvS plugin.
openvswitch service needs to be started.
NetworkManager requires special configuration snippets to overcome some existing limitations.
yum -y install epel-release
yum -y install \
dbus-python \
NetworkManager \
NetworkManager-libnm \
NetworkManager-ovs \
openvswitch \
python-gobject-base \
python-ipaddress \
python-jsonschema \
python-setuptools \
python2-pyyaml \
python2-six
echo -e "[device]\nmatch-device=*\nmanaged=0\n" >> \
/etc/NetworkManager/conf.d/97-nmstate.conf
echo -e "[main]\nno-auto-default=*\n" >> \
/etc/NetworkManager/conf.d/97-nmstate.conf
systemctl restart NetworkManager
systemctl restart openvswitch
# To keep NetworkManager and openvswitch running after reboot:
systemctl enable --now NetworkManager openvswitchyum -y install python2-pip
pip uninstall -y nmstate; pip install nmstateMinimal Nmstate installation:
# install binary dependencies; The development packages are needed to build
# python-dbus which is improperly packaged on RHEL 8:
# https://bugzilla.redhat.com/show_bug.cgi?id=1654774
yum install -y dbus-devel gcc glib2-devel make python3-devel python3-gobject-base
yum install -y python3-pip
pip3 uninstall -y nmstate; pip3 install nmstateFor all features, extra workarounds and other packages might be necessary, see the pre-requirements section for details.
Install just for the local user:
pip install --user --upgrade .Make sure that ~/.local/bin is in your PATH when installing as a local user.
The export command can be used to add it for the current session:
export PATH="${HOME}/.local/bin:${PATH}"Alternatively, install Nmstate system-wide:
pip uninstall -y nmstate; pip install .Nmstate also provides a container image based on CentOS 7 to try it:
CONTAINER_ID=$(sudo docker run --privileged -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro nmstate/centos7-nmstate)
sudo docker exec -ti "${CONTAINER_ID}" /bin/bash
# now play with nmstatectl in the container
nmstatectl show
# remove the container at the end
sudo docker stop "${CONTAINER_ID}"
sudo docker rm "${CONTAINER_ID}"Show current state:
nmstatectl showChange to desired state:
nmstatectl set desired-state.yml
nmstatectl set desired-state.jsonEdit current state of eth3 in a text editor:
nmstatectl edit eth3nmstatectl will also read from stdin when no file is specified:
nmstatectl set < desired-state.ymlDesired/Current state example (JSON):
{
"interfaces": [
{
"description": "Production Network",
"ethernet": {
"auto-negotiation": true,
"duplex": "full",
"speed": 1000
},
"ipv4": {
"address": [
{
"ip": "192.0.2.142",
"prefix-length": 24
}
],
"enabled": true
},
"mtu": 1500,
"name": "eth3",
"state": "up",
"type": "ethernet"
}
]
}See nmstatectl --help for additional command-line options.
- bond
- dummy
- ethernet
- ovs-bridge