Allow to install an host with IPv6 management interface #2
Conversation
|
Hi, any comments on this? :) |
netutil.py
Outdated
| if int(el) > 255: | ||
| return False | ||
| return True | ||
| ipv4_re = '^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}' |
There was a problem hiding this comment.
Both regexp are constructed from the same patterns repeatedly. I'd like to see the patterns bound to names and the final regexp (which is just a string) composed from the names.
https://stackoverflow.com/questions/6930982/how-to-use-a-variable-inside-a-regular-expression
There was a problem hiding this comment.
Why are we not using the ipaddress library here, is it just because we don't include it in the install image?
There was a problem hiding this comment.
It is indeed not included. Should it be and used?
Since this code is kind of a small ip lib i assumed it was by design not included.
There was a problem hiding this comment.
The code doesn't use ipaddress because it long predates its introduction in Python 3.3.
We could use one of the unofficial Python 2 backports but I'd probably prefer that we move to Python 3 first and then do further improvements.
In the meantime, I think using a regex here would be OK if the repeated patterns were condensed.
There was a problem hiding this comment.
I removed the use of regex to instead use socket.inet_pton. Is that okay with you?
netinterface.py
Outdated
| @@ -32,8 +32,8 @@ class NetInterface: | |||
| Autoconf = 3 | |||
|
|
|||
| def __init__(self, mode, hwaddr, ipaddr=None, netmask=None, gateway=None, | |||
There was a problem hiding this comment.
all of the conditionals in this make this scream out for some heavy refactoring, splitting into different classes with static/dhcp helpers
There was a problem hiding this comment.
I agree, but I'd wager that this PR adds a new feature, to add refactoring on top of that would make it even more complex.
IMHO, a new PR (or several) should be created to refactor the code and perhaps adds some GH actions to enforce coding style and such.
There was a problem hiding this comment.
Typically the process is to refactor before adding the new feature and refactor after all changes to remove duplication and complexity.
There was a problem hiding this comment.
Just realising: a netintrface can be configured for both IPv4 and IPv6 so splitting in 2 classes is not possible.
There was a problem hiding this comment.
I've created a NetinterfaceV6 class, inheriting from Netinterface, to split the __init__ codes between the 2 classes.
netutil.py
Outdated
| if int(el) > 255: | ||
| return False | ||
| return True | ||
| ipv4_re = '^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}' |
There was a problem hiding this comment.
Why are we not using the ipaddress library here, is it just because we don't include it in the install image?
tui/installer/screens.py
Outdated
| @@ -941,7 +942,7 @@ def nsvalue(answers, id): | |||
| answers['manual-nameservers'][1].append(ns2_entry.value()) | |||
| if ns3_entry.value() != '': | |||
| answers['manual-nameservers'][1].append(ns3_entry.value()) | |||
| if 'net-admin-configuration' in answers and answers['net-admin-configuration'].isStatic(): | |||
| if 'net-admin-configuration' in answers and answers['net-admin-configuration'].valid() and not answers['net-admin-configuration'].isDHCP(): | |||
There was a problem hiding this comment.
This check is now complex enough to warrant pulling it out as a well named method.
tui/network.py
Outdated
| dns_field.value(), vlan=vlan_value) | ||
| return RIGHT_FORWARDS, answers | ||
|
|
||
| def get_ipv6_configuration(nic, txt, defaults, include_dns): |
There was a problem hiding this comment.
far too long and far too complicated
There was a problem hiding this comment.
Not sure how to do better than a subfunction per screen.
TUI in code is very verbose.
There was a problem hiding this comment.
I'v mutualized the codes for both IPv4 and IPv6 interface configuration form
upgrade.py
Outdated
| @@ -487,6 +487,11 @@ def completeUpgrade(self, mounts, prev_install, target_disk, backup_partnum, log | |||
| nfd.write("NETWORKING_IPV6=no\n") | |||
| nfd.close() | |||
| netutil.disable_ipv6_module(mounts["root"]) | |||
| else: | |||
There was a problem hiding this comment.
Don't you need to write NETWORKING_IPV6=yes here to sysconfig/network?
Although since sysconfig/network is preserved across upgrades, I think it would be better to change the above if statement so that it only runs if sysconfig/network doesn't exist or if it exists but doesn't contain NETWORKING_IPV6 (i.e. to handle upgrades from old installations that didn't write it out).
There was a problem hiding this comment.
NETWORKING_IPV6 is written here.
upgrade.py
Outdated
| @@ -487,6 +487,11 @@ def completeUpgrade(self, mounts, prev_install, target_disk, backup_partnum, log | |||
| nfd.write("NETWORKING_IPV6=no\n") | |||
| nfd.close() | |||
| netutil.disable_ipv6_module(mounts["root"]) | |||
| else: | |||
| # Enable IPV6 | |||
| with open("%s/etc/sysctl.d/91-net-ipv6.conf" % mounts["root"], "w") as ipv6_conf: | |||
There was a problem hiding this comment.
You could add this to the restore list instead.
There was a problem hiding this comment.
I'm not sure to understand this comment. Could you point me towards this restore list?
I assume it allows to keep a config file upon an host upgrade.
Since this would be a new file is there something else to do?
upgrade.py
Outdated
| # Enable IPV6 | ||
| with open("%s/etc/sysctl.d/91-net-ipv6.conf" % mounts["root"], "w") as ipv6_conf: | ||
| for i in ['all', 'default']: | ||
| ipv6_conf.write('net.ipv6.conf.%s.disable_ipv6=0\n' % i) | ||
|
|
There was a problem hiding this comment.
Do you need to enable ip6tables here?
There was a problem hiding this comment.
I don't think so, the IPv6 is working without doing it.
tui/installer/screens.py
Outdated
| @@ -811,7 +811,8 @@ def ns_callback((enabled, )): | |||
| for entry in [ns1_entry, ns2_entry, ns3_entry]: | |||
| entry.setFlags(FLAG_DISABLED, enabled) | |||
|
|
|||
| hide_rb = answers['net-admin-configuration'].isStatic() | |||
| admin_config = answers['net-admin-configuration'] | |||
| hide_rb = admin_config.valid() and not admin_config.isDHCP() | |||
There was a problem hiding this comment.
I had the same comment earlier but setting nameservers shouldn't be conditional on DHCP should it?
There was a problem hiding this comment.
Here it's to hide the radio button to select the auto DHCP nameservers so I think this is correct.
The code before my PR was already making a condition on the config being static.
netutil.py
Outdated
| if int(el) > 255: | ||
| return False | ||
| return True | ||
| ipv4_re = '^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}' |
There was a problem hiding this comment.
The code doesn't use ipaddress because it long predates its introduction in Python 3.3.
We could use one of the unofficial Python 2 backports but I'd probably prefer that we move to Python 3 first and then do further improvements.
In the meantime, I think using a regex here would be OK if the repeated patterns were condensed.
|
Aside from the small comments above, I wonder if it would be possible to have a config option (or just a variable in constants.py) that controls whether the new configuration screens are shown? At least at this point, I don't think we'd want to expose this option to our users so it would be nice to have an easy way of hiding it. |
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
8ea4448
to
1791b5c
Compare
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
b206e90
to
5e8f0a2
Compare
|
@rosslagerwall a quick question about the config option for enabling/disabling IPv6 support in the installer. |
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
6e8c2dd
to
dd57535
Compare
|
I fixed a few things, refactored the code to mutualize as much as possible. For the rest this is good to review, it has been tested. |
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
a0c4f0d
to
9b0f0bd
Compare
benjamreis
force-pushed
the
allow-ipv6-install
branch
3 times, most recently
from
9b0f0bd
to
a469a6b
Compare
|
I've splitted the PR in several independant to commits to ease the review. I can add a settings to enable/disable the IPv6 configuration in TUI as discussed above if this is still wanted, i'm not sure it is though so i'm waiting for your feedback. |
netutil.py
Outdated
| return True | ||
|
|
||
| inet6s = filter(lambda x: x.startswith(" inet6 "), out.split("\n")) | ||
| return len(inet6s) > 1 # Not just the fe80:: address |
There was a problem hiding this comment.
This condition could be moved into the filter; this code is duplicated - so would it be worth to put it into a function?
There was a problem hiding this comment.
You mean having 1 filter for both IPv4 and IPv6?
The thing is, having one IPv4 is enough but having only one IPv6 is not fecause of the link local addresses.
There was a problem hiding this comment.
I was thinking to filter the output such that only inet6 that are not localhost remain. That would make it more explicit which ones you are looking for rather than assuming fe80:: is in the list or results.
There was a problem hiding this comment.
So something like:
inet6s = filter(lambda x: x.startswith(" inet6 ") and not x.startswith(" inet6 fe80::"), out.split("\n"))?
There was a problem hiding this comment.
Yes. Is there a risk that the formatting of the input changes such that it would be better to use x.strip().find("inet6") or similar?
There was a problem hiding this comment.
I don't think so. More recent versions of ipaddr still use this format.
benjamreis
force-pushed
the
allow-ipv6-install
branch
5 times, most recently
from
5c78f9e
to
8bb3b5d
Compare
| if self.isStatic6() and self.ipv6_gateway and util.runCmd2( | ||
| ['/usr/sbin/ndisc6', '-1', '-w', '120', self.ipv6_gateway, iface_name] | ||
| ): | ||
| return False |
There was a problem hiding this comment.
This code is equivalent to the arping code above but for IPv6 as arping only supports IPv4.
Please note this requires to have ndisc6 installed in host-installer image.
There was a problem hiding this comment.
Is this reflected in the corresponding RPM spec file?
There was a problem hiding this comment.
As far as I know your installer spec file repository is not public so I can't provide a PR to add ndisc6 which is why I commented my code for someone with access to reflect the change. :)
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
8bb3b5d
to
58e3ca0
Compare
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Add family specific validator as well Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
58e3ca0
to
d0bc68a
Compare
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Only static configuration should allow a user to fill the fields Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
In case of error return directly Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
benjamreis
force-pushed
the
allow-ipv6-install
branch
4 times, most recently
from
1bf7d15
to
0f18e5d
Compare
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
IPv4 for IPv4 only IPv6 for IPv6 only Dual for both (IPv4 will be primary in XAPI) Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Need to add `ndisc6` to the install.img Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Add `isDynamic` helper to `NetInterface` Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
Add `etc/sysctl.d/91-net-ipv6.conf` in the restore list Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
The file should always be written if the fileds have been filled. Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
6ffa420
to
7c3eb0d
Compare
Signed-off-by: BenjiReis <benjamin.reis@vates.fr>
benjamreis
force-pushed
the
allow-ipv6-install
branch
from
7c3eb0d
to
67389d6
Compare
|
Screens of the modified TUI: |
|
I don't know if this is pre-existing: the blue background for the text inside the pop-up make it really busy; I don't think these input elements need to be highlighted at all or a more subtle method should be used: text colouring or bold text but not changing background colour. |
|
@MarkSymsCtx commented that he would have liked to see a refactoring to avoid the heavy branching introduced by IPv6. While I think this is valid, I do like the counted work on this feature. |
I have splitted the PR in several commits to discriminate the refactorings and the changes of behavior to support IPv6 so reviewing commit per commit should allow to see what's what. 👍 |
AFAIK this was already like this |
There was a problem hiding this comment.
I reviewed the "backend" changes. I did not review the frontend changes, but I guess that IPv6 for xsconsole should be merged/integrated first and then both can be tested together.
I'll be away until about 16 August.
Not reviewed: tui/network.py
Adds a screen to choose between IPv4, IPv6
and dual stack (with IPv4 as primary address type for management).
Write network conf file for IPv6 so that netinstall work in IPv6's modes
Configure the host with an IPv6 management interface
Signed-off-by: BenjiReis benjamin.reis@vates.fr