On Tue, 2021-03-23 at 15:28 +0100, Jan Hutař via networkmanager-list
wrote:
> Hello.
>
> Hopefully this is good place to ask. If not, please suggest something
> else.
>
> For quite some time I'm trying to figure out how to create a bridge
> using main network interface (the only one which is routable to the
> host).
>
> I have tried these Ansible tasks:
>
> - name: "Get {{ public_nic }} connection name"
> shell: nmcli --terse device | grep "^{{ public_nic }}:" | cut -d
> ':' -f 4
> register: public_connection_cmd
> - name: "Extract {{ public_nic }} connection name"
> set_fact:
> public_connection: "{{
> public_connection_cmd.stdout_lines|first|trim }}"
>
> - name: "Create brpublic bridge connection"
> nmcli:
> conn_name: brpublic
> ifname: brpublic
> type: bridge
> stp: no
> state: present
>
> - name: "Put {{ public_nic }} device into brpublic"
> nmcli:
> conn_name: brpublic-slave
> ifname: "{{ public_nic }}"
> type: bridge-slave
> master: brpublic
> state: present
>
> - name: "Remove old {{ public_nic }} connection"
> nmcli:
> conn_name: "{{ public_connection }}"
> state: absent
> when: "public_connection != '' and public_connection !=
> 'brpublic-slave'"This is the ansible module "nmcli". I am not familiar with that, it might be fine though. FYI, there is also https://galaxy.ansible.com/linux-system-roles/network > but this breaks the network on the last task. > > I have also tried these two ways via "shell": > > set -xe > > old_connection=$( nmcli --terse device | grep "^{{ public_nic }}:" > | cut -d ':' -f 4 ) while not a big difference, I'd do: old_connection="$(nmcli -g DEVICE,CON-UUID device | sed -n 's/^{{ public_nic }}://p')" > > nmcli con add type bridge con-name brpublic ifname brpublic > ###nmcli con add type bridge-slave con-name brpublic-slave ifname > "{{ public_nic }}" master brpublic > nmcli connection modify "$old_connection" master brpublic nmcli connection modify uuid "$old_connection" master brpublic > > ###if [ -n "$old_connection" -a "$old_connection" != 'brpublic- > slave' ]; then > ### nmcli c delete "$old_connection" > ###fi > > nmcli con up brpublic if the port profile "$old_connection" was already activated, then this script does not change anything about that. Your script modifies "$old_connection", but modifying a profile only does that. If the profile is currently active, then those changes only take effect after activating the profile again (with `nmcli connection up uuid "$old_connection"`). > but this fails as well (script works, but at the end according to `ip > a` IP > is still on the main interface, not on "brpublic"). > > Mine end goal is to have VM on that bridge that can be accessible from > outside network. > > What is the right way to do that remotely? That sounds doable. But I'd suggest to test the script under circumstances where you can easily recover from looking connections. > Thank you in advance, > Jan
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
