1# This file is part of cloud-init. See LICENSE file ... 2 3import copy 4import os 5 6from . import renderer 7from .network_state import ( 8 NetworkState, 9 subnet_is_ipv6, 10 NET_CONFIG_TO_V2, 11 IPV6_DYNAMIC_TYPES, 12) 13 14from cloudinit import log as logging 15from cloudinit import util 16from cloudinit import subp 17from cloudinit import safeyaml 18from cloudinit.net import SYS_CLASS_NET, get_devicelist 19 20KNOWN_SNAPD_CONFIG = b"""\ 21# This is the initial network config. 22# It can be overwritten by cloud-init or console-conf. 23network: 24 version: 2 25 ethernets: 26 all-en: 27 match: 28 name: "en*" 29 dhcp4: true 30 all-eth: 31 match: 32 name: "eth*" 33 dhcp4: true 34""" 35 36LOG = logging.getLogger(__name__) 37 38 39def _get_params_dict_by_match(config, match): 40 return dict((key, value) for (key, value) in config.items() 41 if key.startswith(match)) 42 43 44def _extract_addresses(config, entry, ifname, features=None): 45 """This method parse a cloudinit.net.network_state dictionary (config) and 46 maps netstate keys/values into a dictionary (entry) to represent 47 netplan yaml. 48 49 An example config dictionary might look like: 50 51 {'mac_address': '52:54:00:12:34:00', 52 'name': 'interface0', 53 'subnets': [ 54 {'address': '192.168.1.2/24', 55 'mtu': 1501, 56 'type': 'static'}, 57 {'address': '2001:4800:78ff:1b:be76:4eff:fe06:1000", 58 'mtu': 1480, 59 'netmask': 64, 60 'type': 'static'}], 61 'type: physical', 62 'accept-ra': 'true' 63 } 64 65 An entry dictionary looks like: 66 67 {'set-name': 'interface0', 68 'match': {'macaddress': '52:54:00:12:34:00'}, 69 'mtu': 1501} 70 71 After modification returns 72 73 {'set-name': 'interface0', 74 'match': {'macaddress': '52:54:00:12:34:00'}, 75 'mtu': 1501, 76 'address': ['192.168.1.2/24', '2001:4800:78ff:1b:be76:4eff:fe06:1000"], 77 'ipv6-mtu': 1480} 78 79 """ 80 81 def _listify(obj, token=' '): 82 "Helper to convert strings to list of strings, handle single string" 83 if not obj or type(obj) not in [str]: 84 return obj 85 if token in obj: 86 return obj.split(token) 87 else: 88 return [obj, ] 89 90 if features is None: 91 features = [] 92 addresses = [] 93 routes = [] 94 nameservers = [] 95 searchdomains = [] 96 subnets = config.get('subnets', []) 97 if subnets is None: 98 subnets = [] 99 for subnet in subnets: 100 sn_type = subnet.get('type') 101 if sn_type.startswith('dhcp'): 102 if sn_type == 'dhcp': 103 sn_type += '4' 104 entry.update({sn_type: True}) 105 elif sn_type in IPV6_DYNAMIC_TYPES: 106 entry.update({'dhcp6': True}) 107 elif sn_type in ['static', 'static6']: 108 addr = "%s" % subnet.get('address') 109 if 'prefix' in subnet: 110 addr += "/%d" % subnet.get('prefix') 111 if 'gateway' in subnet and subnet.get('gateway'): 112 gateway = subnet.get('gateway') 113 if ":" in gateway: 114 entry.update({'gateway6': gateway}) 115 else: 116 entry.update({'gateway4': gateway}) 117 if 'dns_nameservers' in subnet: 118 nameservers += _listify(subnet.get('dns_nameservers', [])) 119 if 'dns_search' in subnet: 120 searchdomains += _listify(subnet.get('dns_search', [])) 121 if 'mtu' in subnet: 122 mtukey = 'mtu' 123 if subnet_is_ipv6(subnet) and 'ipv6-mtu' in features: 124 mtukey = 'ipv6-mtu' 125 entry.update({mtukey: subnet.get('mtu')}) 126 for route in subnet.get('routes', []): 127 to_net = "%s/%s" % (route.get('network'), 128 route.get('prefix')) 129 new_route = { 130 'via': route.get('gateway'), 131 'to': to_net, 132 } 133 if 'metric' in route: 134 new_route.update({'metric': route.get('metric', 100)}) 135 routes.append(new_route) 136 137 addresses.append(addr) 138 139 if 'mtu' in config: 140 entry_mtu = entry.get('mtu') 141 if entry_mtu and config['mtu'] != entry_mtu: 142 LOG.warning( 143 "Network config: ignoring %s device-level mtu:%s because" 144 " ipv4 subnet-level mtu:%s provided.", 145 ifname, config['mtu'], entry_mtu) 146 else: 147 entry['mtu'] = config['mtu'] 148 if len(addresses) > 0: 149 entry.update({'addresses': addresses}) 150 if len(routes) > 0: 151 entry.update({'routes': routes}) 152 if len(nameservers) > 0: 153 ns = {'addresses': nameservers} 154 entry.update({'nameservers': ns}) 155 if len(searchdomains) > 0: 156 ns = entry.get('nameservers', {}) 157 ns.update({'search': searchdomains}) 158 entry.update({'nameservers': ns}) 159 if 'accept-ra' in config and config['accept-ra'] is not None: 160 entry.update({'accept-ra': util.is_true(config.get('accept-ra'))}) 161 162 163def _extract_bond_slaves_by_name(interfaces, entry, bond_master): 164 bond_slave_names = sorted([name for (name, cfg) in interfaces.items() 165 if cfg.get('bond-master', None) == bond_master]) 166 if len(bond_slave_names) > 0: 167 entry.update({'interfaces': bond_slave_names}) 168 169 170def _clean_default(target=None): 171 # clean out any known default files and derived files in target 172 # LP: #1675576 173 tpath = subp.target_path(target, "etc/netplan/00-snapd-config.yaml") 174 if not os.path.isfile(tpath): 175 return 176 content = util.load_file(tpath, decode=False) 177 if content != KNOWN_SNAPD_CONFIG: 178 return 179 180 derived = [subp.target_path(target, f) for f in ( 181 'run/systemd/network/10-netplan-all-en.network', 182 'run/systemd/network/10-netplan-all-eth.network', 183 'run/systemd/generator/netplan.stamp')] 184 existing = [f for f in derived if os.path.isfile(f)] 185 LOG.debug("removing known config '%s' and derived existing files: %s", 186 tpath, existing) 187 188 for f in [tpath] + existing: 189 os.unlink(f) 190 191 192class Renderer(renderer.Renderer): 193 """Renders network information in a /etc/netplan/network.yaml format.""" 194 195 NETPLAN_GENERATE = ['netplan', 'generate'] 196 NETPLAN_INFO = ['netplan', 'info'] 197 198 def __init__(self, config=None): 199 if not config: 200 config = {} 201 self.netplan_path = config.get('netplan_path', 202 'etc/netplan/50-cloud-init.yaml') 203 self.netplan_header = config.get('netplan_header', None) 204 self._postcmds = config.get('postcmds', False) 205 self.clean_default = config.get('clean_default', True) 206 self._features = config.get('features', None) 207 208 @property 209 def features(self): 210 if self._features is None: 211 try: 212 info_blob, _err = subp.subp(self.NETPLAN_INFO, capture=True) 213 info = util.load_yaml(info_blob) 214 self._features = info['netplan.io']['features'] 215 except subp.ProcessExecutionError: 216 # if the info subcommand is not present then we don't have any 217 # new features 218 pass 219 except (TypeError, KeyError) as e: 220 LOG.debug('Failed to list features from netplan info: %s', e) 221 return self._features 222 223 def render_network_state(self, network_state, templates=None, target=None): 224 # check network state for version 225 # if v2, then extract network_state.config 226 # else render_v2_from_state 227 fpnplan = os.path.join(subp.target_path(target), self.netplan_path) 228 229 util.ensure_dir(os.path.dirname(fpnplan)) 230 header = self.netplan_header if self.netplan_header else "" 231 232 # render from state 233 content = self._render_content(network_state) 234 235 if not header.endswith("\n"): 236 header += "\n" 237 util.write_file(fpnplan, header + content) 238 239 if self.clean_default: 240 _clean_default(target=target) 241 self._netplan_generate(run=self._postcmds) 242 self._net_setup_link(run=self._postcmds) 243 244 def _netplan_generate(self, run=False): 245 if not run: 246 LOG.debug("netplan generate postcmd disabled") 247 return 248 subp.subp(self.NETPLAN_GENERATE, capture=True) 249 250 def _net_setup_link(self, run=False): 251 """To ensure device link properties are applied, we poke 252 udev to re-evaluate networkd .link files and call 253 the setup_link udev builtin command 254 """ 255 if not run: 256 LOG.debug("netplan net_setup_link postcmd disabled") 257 return 258 setup_lnk = ['udevadm', 'test-builtin', 'net_setup_link'] 259 for cmd in [setup_lnk + [SYS_CLASS_NET + iface] 260 for iface in get_devicelist() if 261 os.path.islink(SYS_CLASS_NET + iface)]: 262 subp.subp(cmd, capture=True) 263 264 def _render_content(self, network_state: NetworkState): 265 266 # if content already in netplan format, pass it back 267 if network_state.version == 2: 268 LOG.debug('V2 to V2 passthrough') 269 return safeyaml.dumps({'network': network_state.config}, 270 explicit_start=False, 271 explicit_end=False) 272 273 ethernets = {} 274 wifis = {} 275 bridges = {} 276 bonds = {} 277 vlans = {} 278 content = [] 279 280 interfaces = network_state._network_state.get('interfaces', []) 281 282 nameservers = network_state.dns_nameservers 283 searchdomains = network_state.dns_searchdomains 284 285 for config in network_state.iter_interfaces(): 286 ifname = config.get('name') 287 # filter None (but not False) entries up front 288 ifcfg = dict((key, value) for (key, value) in config.items() 289 if value is not None) 290 291 if_type = ifcfg.get('type') 292 if if_type == 'physical': 293 # required_keys = ['name', 'mac_address'] 294 eth = { 295 'set-name': ifname, 296 'match': ifcfg.get('match', None), 297 } 298 if eth['match'] is None: 299 macaddr = ifcfg.get('mac_address', None) 300 if macaddr is not None: 301 eth['match'] = {'macaddress': macaddr.lower()} 302 else: 303 del eth['match'] 304 del eth['set-name'] 305 _extract_addresses(ifcfg, eth, ifname, self.features) 306 ethernets.update({ifname: eth}) 307 308 elif if_type == 'bond': 309 # required_keys = ['name', 'bond_interfaces'] 310 bond = {} 311 bond_config = {} 312 # extract bond params and drop the bond_ prefix as it's 313 # redundent in v2 yaml format 314 v2_bond_map = NET_CONFIG_TO_V2.get('bond') 315 for match in ['bond_', 'bond-']: 316 bond_params = _get_params_dict_by_match(ifcfg, match) 317 for (param, value) in bond_params.items(): 318 newname = v2_bond_map.get(param.replace('_', '-')) 319 if newname is None: 320 continue 321 bond_config.update({newname: value}) 322 323 if len(bond_config) > 0: 324 bond.update({'parameters': bond_config}) 325 if ifcfg.get('mac_address'): 326 bond['macaddress'] = ifcfg.get('mac_address').lower() 327 slave_interfaces = ifcfg.get('bond-slaves') 328 if slave_interfaces == 'none': 329 _extract_bond_slaves_by_name(interfaces, bond, ifname) 330 _extract_addresses(ifcfg, bond, ifname, self.features) 331 bonds.update({ifname: bond}) 332 333 elif if_type == 'bridge': 334 # required_keys = ['name', 'bridge_ports'] 335 ports = sorted(copy.copy(ifcfg.get('bridge_ports'))) 336 bridge = { 337 'interfaces': ports, 338 } 339 # extract bridge params and drop the bridge prefix as it's 340 # redundent in v2 yaml format 341 match_prefix = 'bridge_' 342 params = _get_params_dict_by_match(ifcfg, match_prefix) 343 br_config = {} 344 345 # v2 yaml uses different names for the keys 346 # and at least one value format change 347 v2_bridge_map = NET_CONFIG_TO_V2.get('bridge') 348 for (param, value) in params.items(): 349 newname = v2_bridge_map.get(param) 350 if newname is None: 351 continue 352 br_config.update({newname: value}) 353 if newname in ['path-cost', 'port-priority']: 354 # <interface> <value> -> <interface>: int(<value>) 355 newvalue = {} 356 for val in value: 357 (port, portval) = val.split() 358 newvalue[port] = int(portval) 359 br_config.update({newname: newvalue}) 360 361 if len(br_config) > 0: 362 bridge.update({'parameters': br_config}) 363 if ifcfg.get('mac_address'): 364 bridge['macaddress'] = ifcfg.get('mac_address').lower() 365 _extract_addresses(ifcfg, bridge, ifname, self.features) 366 bridges.update({ifname: bridge}) 367 368 elif if_type == 'vlan': 369 # required_keys = ['name', 'vlan_id', 'vlan-raw-device'] 370 vlan = { 371 'id': ifcfg.get('vlan_id'), 372 'link': ifcfg.get('vlan-raw-device') 373 } 374 macaddr = ifcfg.get('mac_address', None) 375 if macaddr is not None: 376 vlan['macaddress'] = macaddr.lower() 377 _extract_addresses(ifcfg, vlan, ifname, self.features) 378 vlans.update({ifname: vlan}) 379 380 # inject global nameserver values under each all interface which 381 # has addresses and do not already have a DNS configuration 382 if nameservers or searchdomains: 383 nscfg = {'addresses': nameservers, 'search': searchdomains} 384 for section in [ethernets, wifis, bonds, bridges, vlans]: 385 for _name, cfg in section.items(): 386 if 'nameservers' in cfg or 'addresses' not in cfg: 387 continue 388 cfg.update({'nameservers': nscfg}) 389 390 # workaround yaml dictionary key sorting when dumping 391 def _render_section(name, section): 392 if section: 393 dump = safeyaml.dumps({name: section}, 394 explicit_start=False, 395 explicit_end=False, 396 noalias=True) 397 txt = util.indent(dump, ' ' * 4) 398 return [txt] 399 return [] 400 401 content.append("network:\n version: 2\n") 402 content += _render_section('ethernets', ethernets) 403 content += _render_section('wifis', wifis) 404 content += _render_section('bonds', bonds) 405 content += _render_section('bridges', bridges) 406 content += _render_section('vlans', vlans) 407 408 return "".join(content) 409 410 411def available(target=None): 412 expected = ['netplan'] 413 search = ['/usr/sbin', '/sbin'] 414 for p in expected: 415 if not subp.which(p, search=search, target=target): 416 return False 417 return True 418 419 420def network_state_to_netplan(network_state, header=None): 421 # render the provided network state, return a string of equivalent eni 422 netplan_path = 'etc/network/50-cloud-init.yaml' 423 renderer = Renderer({ 424 'netplan_path': netplan_path, 425 'netplan_header': header, 426 }) 427 if not header: 428 header = "" 429 if not header.endswith("\n"): 430 header += "\n" 431 contents = renderer._render_content(network_state) 432 return header + contents 433 434 435# vi: ts=4 expandtab 436