您好,登錄后才能下訂單哦!
這篇文章將為大家詳細講解有關Linux下如何安裝并使用NMState網絡管理器,小編覺得挺實用的,因此分享給大家做個參考,希望大家閱讀完這篇文章后可以有所收獲。
NMState 是一個網絡管理器,允許你按照聲明式方法配置主機。這意味著你通過一個北向的聲明式 API 定義所需的配置狀態,這個工具通過南向的提供者provider應用配置。
目前 NMState 支持的唯一的提供者是 NetworkManager,它是為 Fedora Linux 提供網絡功能的主要服務。不過,NMState 的開發計劃中將逐漸增加其他提供者。
網絡管理有時候是一項非常復雜的任務,這取決于環境的規模和多樣性。在 IT 的早期,網絡管理依賴于網絡管理員在網絡設備上手動執行命令。如今,基礎設施即代碼Infrastructure as Code(IaC)允許以不同的方式將這些任務自動化。z這基本上有兩種方法:命令式或聲明式。
在命令式方法中,你會定義“如何”達到所需的配置狀態。而在聲明式范式里則定義了“什么”是所需的配置狀態,所以它不確定哪些步驟是必需的,也不確定它們必須以何種順序執行。這種方法目前正在聚集更多的人員參與,你可以在目前使用的大多數管理和編排工具上找到它。
NMState 是一個網絡管理器,允許你按照聲明式方法配置主機。這意味著你通過一個北向的聲明式 API 定義所需的配置狀態,這個工具通過南向的提供者provider應用配置。
目前 NMState 支持的唯一的提供者是 NetworkManager,它是為 Fedora Linux 提供網絡功能的主要服務。不過,NMState 的開發計劃中將逐漸增加其他提供者。
關于 NMState 的進一步信息,請訪問其項目 站點 或 GitHub 倉庫。
NMState 在 Fedora Linux 29+ 上可用,需要在系統上安裝并運行 NetworkManager 1.26 或更高版本。下面是在 Fedora Linux 34 上的安裝情況:
$ sudo dnf -y install nmstate ... 輸出節略 ... Installed: NetworkManager-config-server-1:1.30.4-1.fc34.noarch gobject-introspection-1.68.0-3.fc34.x86_64 nispor-1.0.1-2.fc34.x86_64 nmstate-1.0.3-2.fc34.noarch python3-gobject-base-3.40.1-1.fc34.x86_64 python3-libnmstate-1.0.3-2.fc34.noarch python3-nispor-1.0.1-2.fc34.noarch python3-varlink-30.3.1-2.fc34.noarch Complete!
這樣,你可以使用 nmstatectl
作為 NMState 的命令行工具。請參考 nmstatectl -help
或 man nmstatectl
以了解關于這個工具的進一步信息。
首先要檢查系統中安裝的 NMState 版本:
$ nmstatectl version1.0.3
檢查一個網絡接口的當前配置,例如 eth0
的配置:
$ nmstatectl show eth0 2021-06-29 10:28:21,530 root DEBUG NetworkManager version 1.30.4 2021-06-29 10:28:21,531 root DEBUG Async action: Retrieve applied config: ethernet eth0 started 2021-06-29 10:28:21,531 root DEBUG Async action: Retrieve applied config: ethernet eth2 started 2021-06-29 10:28:21,532 root DEBUG Async action: Retrieve applied config: ethernet eth0 finished 2021-06-29 10:28:21,533 root DEBUG Async action: Retrieve applied config: ethernet eth2 finished --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 100 next-hop-address: '' next-hop-interface: eth0 table-id: 254 - destination: 0.0.0.0/0 metric: 100 next-hop-address: 192.168.122.1 next-hop-interface: eth0 table-id: 254 - destination: 192.168.122.0/24 metric: 100 next-hop-address: '' next-hop-interface: eth0 table-id: 254 interfaces: - name: eth0 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.238 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: true ipv6: enabled: true address: - ip: fe80::c3c9:c4f9:75b1:a570 prefix-length: 64 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true autoconf: true dhcp: true lldp: enabled: false mac-address: 52:54:00:91:E4:4E mtu: 1500
正如你在上面看到的,這個網絡配置顯示了四個主要部分:
dns-resolver
:這部分是這個接口的名字服務器配置。route-rules
:它說明了路由規則。routes
:它包括動態和靜態路由。interfaces
:這部分描述了 ipv4 和 ipv6 設置。你可以在兩種模式下修改所需的配置狀態:
nmstatectl edit
編輯接口配置。這個命令調用環境變量 EDITOR
定義的文本編輯器,因此可以用 yaml 格式編輯網絡狀態。完成編輯后,NMState 將應用新的網絡配置,除非有語法錯誤。nmstatectl apply
應用接口配置,它從先前創建的 yaml 或 json 文件中導入一個所需的配置狀態。下面幾節告訴你如何使用 NMState 來改變網絡配置。這些改變可能會對系統造成破壞,所以建議在測試系統或客戶虛擬機上執行這些任務,直到你對 NMState 有更好的理解。
這里使用的測試系統有兩個以太網接口,eth0
和 eth2
:
$ ip -br -4 alo UNKNOWN 127.0.0.1/8eth0 UP 192.168.122.238/24eth2 UP 192.168.122.108/24
使用 nmstatectl edit
命令將 eth0
接口的 MTU 改為 9000 字節,如下所示:
$ sudo nmstatectl edit eth0 --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 100 next-hop-address: '' next-hop-interface: eth0 table-id: 254 - destination: 0.0.0.0/0 metric: 100 next-hop-address: 192.168.122.1 next-hop-interface: eth0 table-id: 254 - destination: 192.168.122.0/24 metric: 100 next-hop-address: '' next-hop-interface: eth0 table-id: 254 interfaces: - name: eth0 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.123 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: true ipv6: enabled: true address: - ip: fe80::c3c9:c4f9:75b1:a570 prefix-length: 64 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true autoconf: true dhcp: true lldp: enabled: false mac-address: 52:54:00:91:E4:4E mtu: 9000
在保存并退出編輯器后,NMState 應用新的網絡期望狀態:
2021-06-29 11:29:05,726 root DEBUG Nmstate version: 1.0.3 2021-06-29 11:29:05,726 root DEBUG Applying desire state: {'dns-resolver': {'config': {}, 'running': {'search': [], 'server': ['192.168.122.1']}}, 'route-rules': {'config': []}, 'routes': {'config': [], 'running': [{'destination': 'fe80::/64', 'metric': 102, 'next-hop-address': '', 'next-hop-interface': 'eth0', 'table-id': 254}, {'destination': '0.0.0.0/0', 'metric': 102, 'next-hop-address': '192.168.122.1', 'next-hop-interface': 'eth0', 'table-id': 254}, {'destination': '192.168.122.0/24', 'metric': 102, 'next-hop-address': '', 'next-hop-interface': 'eth0', 'table-id': 254}]}, 'interfaces': [{'name': 'eth0', 'type': 'ethernet', 'state': 'up', 'ipv4': {'enabled': True, 'address': [{'ip': '192.168.122.238', 'prefix-length': 24}], 'auto-dns': True, 'auto-gateway': True, 'auto-route-table-id': 0, 'auto-routes': True, 'dhcp': True}, 'ipv6': {'enabled': True, 'address': [{'ip': 'fe80::5054:ff:fe91:e44e', 'prefix-length': 64}], 'auto-dns': True, 'auto-gateway': True, 'auto-route-table-id': 0, 'auto-routes': True, 'autoconf': True, 'dhcp': True}, 'lldp': {'enabled': False}, 'mac-address': '52:54:00:91:E4:4E', 'mtu': 9000}]} --- output omitted --- 2021-06-29 11:29:05,760 root DEBUG Async action: Update profile uuid:2bdee700-f62b-365a-bd1d-69d9c31a9f0c iface:eth0 type:ethernet started 2021-06-29 11:29:05,792 root DEBUG Async action: Update profile uuid:2bdee700-f62b-365a-bd1d-69d9c31a9f0c iface:eth0 type:ethernet finished
現在,使用 ip
命令和 eth0
的配置文件來檢查 eth0
的 MTU
是不是 9000 字節。
$ ip link show eth0 2: eth0: mtu 9000 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 52:54:00:91:e4:4e brd ff:ff:ff:ff:ff:ff altname enp1s0 $ sudo cat /etc/NetworkManager/system-connections/eth0.nmconnection [sudo] password for admin: [connection] id=eth0 uuid=2bdee700-f62b-365a-bd1d-69d9c31a9f0ctype=ethernet interface-name=eth0 lldp=0 permissions= [ethernet] cloned-mac-address=52:54:00:91:E4:4E mac-address-blacklist= mtu=9000 [ipv4] dhcp-client-id=mac dhcp-timeout=2147483647 dns-search= method=auto [ipv6] addr-gen-mode=eui64 dhcp-duid=ll dhcp-iaid=mac dhcp-timeout=2147483647 dns-search= method=auto ra-timeout=2147483647 [proxy]
讓我們使用基于文件的方法來設置一個新的配置狀態。這里我們禁用 eth2
接口的 IPv6 配置。
首先,創建一個 yaml 文件來定義 eth2
接口的期望狀態。使用 nmstatectl show
來保存當前設置,然后使用 nmstatectl edit
來禁用 IPv6。
$ nmstatectl show eth2 > eth2.yaml $ vi eth2.yaml --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 - destination: 0.0.0.0/0 metric: 101 next-hop-address: 192.168.122.1 next-hop-interface: eth2 table-id: 254 - destination: 192.168.122.0/24 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 interfaces: - name: eth2 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.108 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: true ipv6: enabled: false address: - ip: fe80::5054:ff:fe3c:9b04 prefix-length: 64 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true autoconf: true dhcp: true lldp: enabled: false mac-address: 52:54:00:3C:9B:04 mtu: 1500
保存新的配置后,用它來應用新的狀態:
$ vi eth2.yaml --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 - destination: 0.0.0.0/0 metric: 101 next-hop-address: 192.168.122.1 next-hop-interface: eth2 table-id: 254 - destination: 192.168.122.0/24 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 interfaces: - name: eth2 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.110 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: false ipv6: enabled: false lldp: enabled: false mac-address: 52:54:00:3C:9B:04 mtu: 1500
你可以檢查看到 eth2
接口沒有配置任何 IPv6:
$ vi eth2.yaml --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 - destination: 0.0.0.0/0 metric: 101 next-hop-address: 192.168.122.1 next-hop-interface: eth2 table-id: 254 - destination: 192.168.122.0/24 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 interfaces: - name: eth2 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.110 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: false ipv6: enabled: false lldp: enabled: false mac-address: 52:54:00:3C:9B:04 mtu: 1500
NMState 的一個有趣的功能允許你臨時配置一個期望的網絡狀態。如果你對這個配置感到滿意,你可以事后提交。否則,當超時(默認為 60 秒)過后,它將回滾。
修改前面例子中的 eth2
配置,使它有一個 IPv4 靜態地址,而不是通過 DHCP 動態獲得。
$ vi eth2.yaml --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 - destination: 0.0.0.0/0 metric: 101 next-hop-address: 192.168.122.1 next-hop-interface: eth2 table-id: 254 - destination: 192.168.122.0/24 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 interfaces: - name: eth2 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.110 prefix-length: 24 auto-dns: true auto-gateway: true auto-route-table-id: 0 auto-routes: true dhcp: false ipv6: enabled: false lldp: enabled: false mac-address: 52:54:00:3C:9B:04 mtu: 1500
現在,使用選項 no-commit
臨時應用這個配置,讓它只在 30 秒內有效。這可以通過添加選項 timeout
來完成。同時,我們將運行 ip -br a
命令三次,看看配置在 eth2
接口的 IPv4 地址是如何變化的,然后配置就會回滾。
$ ip -br a && sudo nmstatectl apply --no-commit --timeout 30 eth2.yaml && sleep 10 && ip -br a && sleep 25 && ip -br a lo UNKNOWN 127.0.0.1/8 ::1/128 eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64 eth2 UP 192.168.122.108/24 2021-06-29 17:29:18,266 root DEBUG Nmstate version: 1.0.3 2021-06-29 17:29:18,267 root DEBUG Applying desire state: {'dns-resolver': {'config': {}, 'running': {'search': [], 'server': ['192.168.122.1']}}, 'route-rules': {'config': []}, 'routes': {'config': [], 'running': [{'destination': 'fe80::/64', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth2', 'table-id': 254}, {'destination': '0.0.0.0/0', 'metric': 101, 'next-hop-address': '192.168.122.1', 'next-hop-interface': 'eth2', 'table-id': 254}, {'destination': '192.168.122.0/24', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth2', 'table-id': 254}]}, 'interfaces': [{'name': 'eth2', 'type': 'ethernet', 'state': 'up', 'ipv4': {'enabled': True, 'address': [{'ip': '192.168.122.110', 'prefix-length': 24}], 'dhcp': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}, 'mac-address': '52:54:00:3C:9B:04', 'mtu': 1500}]} --- output omitted --- Desired state applied: --- dns-resolver: config: {} running: search: [] server: - 192.168.122.1 route-rules: config: [] routes: config: [] running: - destination: fe80::/64 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 - destination: 0.0.0.0/0 metric: 101 next-hop-address: 192.168.122.1 next-hop-interface: eth2 table-id: 254 - destination: 192.168.122.0/24 metric: 101 next-hop-address: '' next-hop-interface: eth2 table-id: 254 interfaces: - name: eth2 type: ethernet state: up ipv4: enabled: true address: - ip: 192.168.122.110 prefix-length: 24 dhcp: false ipv6: enabled: false lldp: enabled: false mac-address: 52:54:00:3C:9B:04 mtu: 1500 Checkpoint: NetworkManager|/org/freedesktop/NetworkManager/Checkpoint/7 lo UNKNOWN 127.0.0.1/8 ::1/128 eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64 eth2 UP 192.168.122.110/24 lo UNKNOWN 127.0.0.1/8 ::1/128 eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64 eth2 UP 192.168.122.108/24
從上面可以看到,eth2
的 IP 地址從 192.168.122.108
暫時變成了 192.168.122.110
,然后在超時結束后又回到了 192.168.122.108
。
關于“Linux下如何安裝并使用NMState網絡管理器”這篇文章就分享到這里了,希望以上內容可以對大家有一定的幫助,使各位可以學到更多知識,如果覺得文章不錯,請把它分享出去讓更多的人看到。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。