Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nmstate/nmpolicy
https://github.com/nmstate/nmpolicy
Last synced: 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/nmstate/nmpolicy
- Owner: nmstate
- License: apache-2.0
- Created: 2021-09-17T07:39:53.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-07-12T13:18:41.000Z (over 1 year ago)
- Last Synced: 2024-06-19T11:37:18.186Z (7 months ago)
- Language: Go
- Size: 694 KB
- Stars: 7
- Watchers: 2
- Forks: 5
- Open Issues: 14
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
---
---
# Introduction
An expressions driven declarative API for dynamic network configuration
# Motivation
When networking configuration for a cluster is needed and all the details
are common between the nodes in the cluster a NMState yaml configuration is
enough.
Problems arise when some of the network configuration details
are different between nodes and depend on the current node network state.
For that a different NMState yaml configuration needs to be generated
per node and that's not convenient for big clusters and
also at scale up scenarios.
The NMPolicy goal is to solve this problem.
Given a node network state and a network configuration policy
(common to the cluster),
the NMPolicy tool will generate a node specific desired network state.
Previously without the help from NMPolicy a cluster user needed to apply the
following configurations per node at a three nodes cluster to create a linux-bridge on
top of an interface and clone the mac, also it has to hardcode the name of the
interface, that can be different between nodes on some clusters.
node01:
```yaml
desiredState:
interfaces:
- name: br1
type: linux-bridge
state: up
mac-address: 00:00:5E:00:00:01
ipv4:
dhcp: true
enabled: true
bridge:
options:
stp:
enabled: false
port:
- name: eth1
```
node02:
```yaml
desiredState:
interfaces:
- name: br1
type: linux-bridge
state: up
mac-address: 00:00:5E:00:00:02
ipv4:
dhcp: true
enabled: true
bridge:
options:
stp:
enabled: false
port:
- name: eth1
```
node03
```yaml
desiredState:
interfaces:
- name: br1
type: linux-bridge
state: up
mac-address: 00:00:5E:00:00:03
ipv4:
dhcp: true
enabled: true
bridge:
options:
stp:
enabled: false
port:
- name: eth1
```
The example at this page show how to do that without harcoding the nic name
and the mac addresses.
# How it works
It's implemented on top of [nmstate](https://nmstate.io/), nmpolicy generates a
nmstate desired state as output, given an input of a
[policy spec](https://nmstate.io/nmpolicy/user-guide/102-policy-syntax.html) and a
nmstate current state.
This is a simple nmpolicy example to connect a nic that is referenced by a
default gateway to a bridge:
```yaml
capture:
default-gw: routes.running.destination=="0.0.0.0/0"
base-iface: interfaces.name==capture.default-gw.routes.running.0.next-hop-interface
desiredState:
interfaces:
- name: br1
description: DHCP aware Linux bridge to connect a nic that is referenced by a default gateway
type: linux-bridge
state: up
mac-address: "{{ capture.base-iface.interfaces.0.mac-address }}"
ipv4:
dhcp: true
enabled: true
bridge:
port:
- name: "{{ capture.base-iface.interfaces.0.name }}"
```
# Use
To start using nmpolicy you can go directly to one of the following
[documentation](https://nmstate.io/nmpolicy) chapters:
- [library usage](https://nmstate.io/nmpolicy/user-guide/101-library.html)
- [policy syntax](https://nmstate.io/nmpolicy/user-guide/102-policy-syntax.html)
- [examples](https://nmstate.io/nmpolicy/examples.html)