Chapter 4. Using System Roles to configure network connections
The network
system role on RHEL enables administrators to automate network-related configuration and management tasks using Ansible.
4.1. Configuring an Ethernet connection
This section describes different ways how to configure an Ethernet connection with static and dynamic IP addresses.
4.1.1. Configuring a static Ethernet connection using RHEL System Roles
This procedure describes how to use RHEL System roles to remotely add an Ethernet connection for the enp7s0
interface with the following settings by running an Ansible playbook:
-
A static IPv4 address -
192.0.2.1
with a/24
subnet mask -
A static IPv6 address -
2001:db8:1::1
with a/64
subnet mask -
An IPv4 default gateway -
192.0.2.254
-
An IPv6 default gateway -
2001:db8:1::fffe
-
An IPv4 DNS server -
192.0.2.200
-
An IPv6 DNS server -
2001:db8:1::ffbb
-
A DNS search domain -
example.com
Run this procedure on the Ansible control node.
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node. - The host uses NetworkManager to configure the network.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/ethernet-static-IP.yml
playbook with the following content:--- - name: Configure an Ethernet connection with static IP hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: - name: enp7s0 type: ethernet autoconnect: yes ip: address: - 192.0.2.1/24 - 2001:db8:1::1/64 gateway4: 192.0.2.254 gateway6: 2001:db8:1::fffe dns: - 192.0.2.200 - 2001:db8:1::ffbb dns_search: - example.com state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/ethernet-static-IP.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/ethernet-static-IP.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.1.2. Configuring a dynamic Ethernet connection using RHEL System Roles
This procedure describes how to use RHEL System Roles to remotely add a dynamic Ethernet connection for the enp7s0
interface by running an Ansible playbook. With this setting, the network connection requests the IP settings for this connection from a DHCP server. Run this procedure on the Ansible control node.
Prerequisites
- A DHCP server is available in the network.
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node. - The host uses NetworkManager to configure the network.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/ethernet-dynamic-IP.yml
playbook with the following content:--- - name: Configure an Ethernet connection with dynamic IP hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: - name: enp7s0 type: ethernet autoconnect: yes ip: dhcp4: yes auto6: yes state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/ethernet-dynamic-IP.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/ethernet-dynamic-IP.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command promptsv for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.2. Configuring VLAN tagging
This section describes how to configure Virtual Local Area Network (VLAN). A VLAN is a logical network within a physical network. The VLAN interface tags packets with the VLAN ID as they pass through the interface, and removes tags of returning packets.
You create a VLAN interface on top of another interface, such as an Ethernet, bond, team, or bridge device. This interface is called the parent interface
.
4.2.1. Configuring VLAN tagging using System Roles
You can use the networking
RHEL System Role to configure VLAN tagging. This procedure describes how to add an Ethernet connection and a VLAN with ID 10
that uses this Ethernet connection. As the parent device, the VLAN connection contains the IP, default gateway, and DNS configurations.
Depending on your environment, adjust the play accordingly. For example:
-
To use the VLAN as a port in other connections, such as a bond, omit the
ip
attribute, and set the IP configuration in the parent configuration. -
To use team, bridge, or bond devices in the VLAN, adapt the
interface_name
andtype
attributes of the ports you use in the VLAN.
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/vlan-ethernet.yml
playbook with the following content:--- - name: Configure a VLAN that uses an Ethernet connection hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: # Add an Ethernet profile for the underlying device of the VLAN - name: enp1s0 type: ethernet interface_name: enp1s0 autoconnect: yes state: up ip: dhcp4: no auto6: no # Define the VLAN profile - name: vlan10 type: vlan ip: address: - "192.0.2.1/24" - "2001:db8:1::1/64" gateway4: 192.0.2.254 gateway6: 2001:db8:1::fffe dns: - 192.0.2.200 - 2001:db8:1::ffbb dns_search: - example.com vlan_id: 10 parent: enp1s0 state: up
The
parent
attribute in the VLAN profile configures the VLAN to operate on top of theenp1s0
device.Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/vlan-ethernet.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/vlan-ethernet.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.3. Configuring a network bridge
A network bridge is a link-layer device which forwards traffic between networks based on a table of MAC addresses. The bridge builds the MAC addresses table by listening to network traffic and thereby learning what hosts are connected to each network. For example, you can use a software bridge on a Red Hat Enterprise Linux 8 host to emulate a hardware bridge or in virtualization environments, to integrate virtual machines (VM) to the same network as the host.
A bridge requires a network device in each network the bridge should connect. When you configure a bridge, the bridge is called master
and the devices it uses slave
devices.
You can create bridges on different types of slave devices, such as:
- Physical and virtual Ethernet devices
- Network bonds
- Network teams
- VLAN devices
Due to the IEEE 802.11 standard which specifies the use of 3-address frames in Wi-Fi for the efficient use of airtime, you cannot configure a bridge over Wi-Fi networks operating in Ad-Hoc or Infrastructure modes.
4.3.1. Configuring a network bridge using RHEL System Roles
You can use the networking
RHEL System Role to configure a Linux bridge. This procedure describes how to configure a network bridge that uses two Ethernet devices, and sets IPv4 and IPv6 addresses, default gateways, and DNS configuration.
Set the IP configuration on the bridge and not on the ports of the Linux bridge.
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node. - Two or more physical or virtual network devices are installed on the server.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/bridge-ethernet.yml
playbook with the following content:--- - name: Configure a network bridge that uses two Ethernet ports hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: # Define the bridge profile - name: bridge0 type: bridge interface_name: bridge0 ip: address: - "192.0.2.1/24" - "2001:db8:1::1/64" gateway4: 192.0.2.254 gateway6: 2001:db8:1::fffe dns: - 192.0.2.200 - 2001:db8:1::ffbb dns_search: - example.com state: up # Add an Ethernet profile to the bridge - name: bridge0-port1 interface_name: enp7s0 type: ethernet master: bridge0 slave_type: bridge state: up # Add a second Ethernet profile to the bridge - name: bridge0-port2 interface_name: enp8s0 type: ethernet master: bridge0 slave_type: bridge state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/bridge-ethernet.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/bridge-ethernet.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.4. Configuring network bonding
This section describes the basics of network bonding, the differences between bonding and teaming, and how to configure a network bond on Red Hat Enterprise Linux 8.
You can create bonds on different types of slave devices, such as:
- Physical and virtual Ethernet devices
- Network bridges
- Network teams
- VLAN devices
4.4.1. Configuring a network bond using RHEL System Roles
You can use the network
RHEL System Role to configure a network bond. This procedure describes how to configure a bond in active-backup mode that uses two Ethernet devices, and sets an IPv4 and IPv6 addresses, default gateways, and DNS configuration.
Set the IP configuration on the bridge and not on the ports of the Linux bridge.
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node. - Two or more physical or virtual network devices are installed on the server.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/bond-ethernet.yml
playbook with the following content:--- - name: Configure a network bond that uses two Ethernet ports hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: # Define the bond profile - name: bond0 type: bond interface_name: bond0 ip: address: - "192.0.2.1/24" - "2001:db8:1::1/64" gateway4: 192.0.2.254 gateway6: 2001:db8:1::fffe dns: - 192.0.2.200 - 2001:db8:1::ffbb dns_search: - example.com bond: mode: active-backup state: up # Add an Ethernet profile to the bond - name: bond0-port1 interface_name: enp7s0 type: ethernet master: bond0 state: up # Add a second Ethernet profile to the bond - name: bond0-port2 interface_name: enp8s0 type: ethernet master: bond0 state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/bond-ethernet.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/bond-ethernet.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.5. Authenticating a RHEL client to the network using the 802.1X standard
Administrators frequently use port-based Network Access Control (NAC) based on the IEEE 802.1X standard to protect a network from unauthorized LAN and Wi-Fi clients. The procedures in this section describe different options to configure network authentication.
4.5.1. Configuring a static Ethernet connection with 802.1X network authentication using RHEL System Roles
Using RHEL System Roles, you can automate the creation of an Ethernet connection that uses the 802.1X standard to authenticate the client. This procedure describes how to remotely add an Ethernet connection for the enp1s0
interface with the following settings by running an Ansible playbook:
-
A static IPv4 address -
192.0.2.1
with a/24
subnet mask -
A static IPv6 address -
2001:db8:1::1
with a/64
subnet mask -
An IPv4 default gateway -
192.0.2.254
-
An IPv6 default gateway -
2001:db8:1::fffe
-
An IPv4 DNS server -
192.0.2.200
-
An IPv6 DNS server -
2001:db8:1::ffbb
-
A DNS search domain -
example.com
-
802.1X network authentication using the
TLS
Extensible Authentication Protocol (EAP)
Run this procedure on the Ansible control node.
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, you must have appropriatesudo
permissions on the managed node. - The network supports 802.1X network authentication.
- The managed node uses NetworkManager.
The following files required for TLS authentication exist on the control node:
-
The client key stored in the
/srv/data/client.key
file. -
The client certificate stored in the
/srv/data/client.crt
file. -
The Certificate Authority (CA) certificate stored in the
/srv/data/ca.crt
file.
-
The client key stored in the
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/enable-802.1x.yml
playbook with the following content:--- - name: Configure an Ethernet connection with 802.1X authentication hosts: node.example.com become: true tasks: - name: Copy client key for 802.1X authentication copy: src: "/srv/data/client.key" dest: "/etc/pki/tls/private/client.key" mode: 0600 - name: Copy client certificate for 802.1X authentication copy: src: "/srv/data/client.crt" dest: "/etc/pki/tls/certs/client.crt" - name: Copy CA certificate for 802.1X authentication copy: src: "/srv/data/ca.crt" dest: "/etc/pki/ca-trust/source/anchors/ca.crt" - include_role: name: linux-system-roles.network vars: network_connections: - name: enp1s0 type: ethernet autoconnect: yes ip: address: - 192.0.2.1/24 - 2001:db8:1::1/64 gateway4: 192.0.2.254 gateway6: 2001:db8:1::fffe dns: - 192.0.2.200 - 2001:db8:1::ffbb dns_search: - example.com ieee802_1x: identity: user_name eap: tls private_key: "/etc/pki/tls/private/client.key" private_key_password: "password" client_cert: "/etc/pki/tls/certs/client.crt" ca_cert: "/etc/pki/ca-trust/source/anchors/ca.crt" domain_suffix_match: example.com state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/enable-802.1x.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/ethernet-static-IP.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the 802.1X parameters, see the
ieee802_1x
section in the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.6. Managing the default gateway setting
The default gateway is a router that forwards network packets when no other route matches the destination of a packet. In a local network, the default gateway is typically the host that is one hop closer to the internet.
4.6.1. Setting the default gateway on an existing connection using System Roles
You can use the networking
RHEL System Role to set the default gateway.
When you run a play that uses the networking
RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example, the IP configuration already exists. Otherwise, the role resets these values to their defaults.
Depending on whether it already exists, the procedure creates or updates the enp1s0
connection profile with the following settings:
-
A static IPv4 address -
198.51.100.20
with a/24
subnet mask -
A static IPv6 address -
2001:db8:1::1
with a/64
subnet mask -
An IPv4 default gateway -
198.51.100.254
-
An IPv6 default gateway -
2001:db8:1::fffe
-
An IPv4 DNS server -
198.51.100.200
-
An IPv6 DNS server -
2001:db8:1::ffbb
-
A DNS search domain -
example.com
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/ethernet-connection.yml
playbook with the following content:--- - name: Configure an Ethernet connection with static IP and default gateway hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: - name: enp1s0 type: ethernet autoconnect: yes ip: address: - 198.51.100.20/24 - 2001:db8:1::1/64 gateway4: 198.51.100.254 gateway6: 2001:db8:1::fffe dns: - 198.51.100.200 - 2001:db8:1::ffbb dns_search: - example.com state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/ethernet-connection.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/ethernet-connection.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.7. Configuring static routes
By default, and if a default gateway is configured, Red Hat Enterprise Linux forwards traffic for networks that are not directly connected to the host to the default gateway. Using a static route, you can configure that Red Hat Enterprise Linux forwards the traffic for a specific host or network to a different router than the default gateway. This section describes different options how to configure static routes.
4.7.1. Configuring a static route using RHEL System Roles
You can use the networking
RHEL System Role to configure static routes.
When you run a play that uses the networking
RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example, the IP configuration already exists. Otherwise, the role resets these values to their defaults.
Depending on whether it already exists, the procedure creates or updates the enp7s0
connection profile with the following settings:
-
A static IPv4 address -
198.51.100.20
with a/24
subnet mask -
A static IPv6 address -
2001:db8:1::1
with a/64
subnet mask -
An IPv4 default gateway -
198.51.100.254
-
An IPv6 default gateway -
2001:db8:1::fffe
-
An IPv4 DNS server -
198.51.100.200
-
An IPv6 DNS server -
2001:db8:1::ffbb
-
A DNS search domain -
example.com
Static routes:
-
192.0.2.0/24
with gateway198.51.100.1
-
203.0.113.0/24
with gateway198.51.100.2
-
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than
root
when you run the playbook, this user has appropriatesudo
permissions on the managed node.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/add-static-routes.yml
playbook with the following content:--- - name: Configure an Ethernet connection with static IP and additional routes hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: - name: enp7s0 type: ethernet autoconnect: yes ip: address: - 198.51.100.20/24 - 2001:db8:1::1/64 gateway4: 198.51.100.254 gateway6: 2001:db8:1::fffe dns: - 198.51.100.200 - 2001:db8:1::ffbb dns_search: - example.com route: - network: 192.0.2.0 prefix: 24 gateway: 198.51.100.1 - network: 203.0.113.0 prefix: 24 gateway: 198.51.100.2 state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/add-static-routes.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/add-static-routes.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Verification steps
Display the routing table:
#
ip -4 route
default via 198.51.100.254 dev enp7s0 proto static metric 100 192.0.2.0/24 via 198.51.100.1 dev enp7s0 proto static metric 100 203.0.113.0/24 via 198.51.100.2 dev enp7s0 proto static metric 100 ...
Additional resources
-
For details about the parameters used in
network_connections
and for additional information about thenetwork
System Role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.
4.8. Configuring ethtool offload features
Network interface cards can use the TCP offload engine (TOE) to offload processing certain operations to the network controller to improve the network throughput.
This section describes how to set offload features.
4.8.1. Using System Roles to set ethtool features
You can use the networking
RHEL System Role to configure ethtool
features of a NetworkManager connection.
When you run a play that uses the networking
RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example the IP configuration, already exists. Otherwise the role resets these values to their defaults.
Depending on whether it already exists, the procedure creates or updates the enp1s0
connection profile with the following settings:
-
A static IPv4 address -
198.51.100.20
with a/24
subnet mask -
A static IPv6 address -
2001:db8:1::1
with a/64
subnet mask -
An IPv4 default gateway -
198.51.100.254
-
An IPv6 default gateway -
2001:db8:1::fffe
-
An IPv4 DNS server -
198.51.100.200
-
An IPv6 DNS server -
2001:db8:1::ffbb
-
A DNS search domain -
example.com
ethtool
features:- Generic receive offload (GRO): disabled
- Generic segmentation offload (GSO): enabled
- TX Stream Control Transmission Protocol (SCTP) segmentation: disabled
Prerequisites
-
The
ansible
andrhel-system-roles
packages are installed on the control node. -
If you use a different remote user than root when you run the playbook, this user has appropriate
sudo
permissions on the managed node.
Procedure
If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the
/etc/ansible/hosts
Ansible inventory file:node.example.com
Create the
~/configure-ethernet-device-with-ethtool-features.yml
playbook with the following content:--- - name. Configure an Ethernet connection with ethtool features hosts: node.example.com become: true tasks: - include_role: name: linux-system-roles.network vars: network_connections: - name: enp1s0 type: ethernet autoconnect: yes ip: address: - 198.51.100.20/24 - 2001:db8:1::1/64 gateway4: 198.51.100.254 gateway6: 2001:db8:1::fffe dns: - 198.51.100.200 - 2001:db8:1::ffbb dns_search: - example.com ethtool: feature: gro: "no" gso: "yes" tx_sctp_segmentation: "no" state: up
Run the playbook:
To connect as
root
user to the managed host, enter:#
ansible-playbook -u root ~/configure-ethernet-device-with-ethtool-features.yml
To connect as a user to the managed host, enter:
#
ansible-playbook -u user_name --ask-become-pass ~/configure-ethernet-device-with-ethtool-features.yml
The
--ask-become-pass
option makes sure that theansible-playbook
command prompts for thesudo
password of the user defined in the-u user_name
option.
If you do not specify the
-u user_name
option,ansible-playbook
connects to the managed host as the user that is currently logged in to the control node.
Additional resources
-
For a full list of
ethtool
features and details about the parameters used innetwork_connections
, and for additional information about thenetwork
system role, see the/usr/share/ansible/roles/rhel-system-roles.network/README.md
file. -
For details about the
ansible-playbook
command, see theansible-playbook(1)
man page.