RHCSA is in the bag. I took the RHEL 8 exam and passed with a whopping 283 of 300 points. Next up is RHCE 7 (version 8 is completely Ansible related which will come at a later time), which for me is a whole different ballgame. So what about this nmcli madness?
Continuing my RHEL adventure with RHCE, I’ll definitely have more RHEL stuff to be writing about. Today I’m starting a two part post about nmcli: the Network Manager CLI. I remember when I came into contact with it a long time ago, the enormous commands disgusted me and I tried to avoid it at all costs.
Now that is has been explained to me properly, I can’t do without it anymore.
I’m working from a clean vagrant box with CentOS 7 and 3 network interfaces. First take a look at our config:
# nmcli dev show # nmcli con show
The first will show you a lot of detailed info and the second your actual connection and it being up or down.
System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 System eth1 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 ethernet eth1 System eth2 3a73717e-65ab-93e8-b518-24f5af32dc0d ethernet eth2
For vagrant, the eth0 interface is its bridge to my host machine and can be ignored. It’s the eth1 and eth2 interface with which we will be working with this and the next post.
These 3 interfaces and their configuration can be found in /etc/sysconfig/network-scripts, among many other files.
[root@centos7 network-scripts]# ls -al total 248 drwxr-xr-x. 2 root root 4096 Jun 27 11:51 . drwxr-xr-x. 6 root root 4096 Jun 13 20:58 .. -rw-r--r--. 1 root root 229 Jun 13 20:58 ifcfg-eth0 -rw-------. 1 vagrant vagrant 215 Jun 27 11:51 ifcfg-eth1 -rw-------. 1 vagrant vagrant 215 Jun 27 11:51 ifcfg-eth2 -rw-r--r--. 1 root root 254 Aug 24 2018 ifcfg-lo
First to note, is an important difference between a connection and an interface: they are not the same. In the above ‘nmcli con show’ output, the connection is called ‘System eth1’ and the interface simply ‘eth1’. The first can be changed, the second is static. It doesn’t matter a great deal I think, but I like to keep the connection name and the interface name the same.
Keeping this in mind, from this point on we can do 2 things with eth1 and eth2:
- We can edit the existing connections to our liking
- We can bring the existing connections down and create new ones
To get our feet wet, we’ll do both. You can choose which way to go, it really doesn’t matter. We’ll be using the nmcli command for the first time. The commands look brutal but it’s really not when you know this: you can double tab at all times to see what your options are. Just try it. Also, despite of all the available options you only need these to setup a basic connection:
- The connection name (con-name)
- The connection type (type)
- The interface name you want the connection to be using (ifname)
- The IPv4 method and configuration (ipv4.method, addresses, etc.)
Scenario 1: editing our existing connections. First take a look at the current config:
# nmcli con show System\ eth1
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
Now with vagrant this is a bad example, since the config file will tell you to not touch it. But with your own hardware or VPS, you can do your thing.
Anyway, looking at the current config, you’ll have to decide what you want to do with it. For me, I want to change the name from ‘System eth1’ to just ‘eth1’:
# nmcli con mod System\ eth1 con-name eth1
[root@centos7 network-scripts]# nmcli con show NAME UUID TYPE DEVICE eth1 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 ethernet eth1 System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 ethernet eth0 System eth2 3a73717e-65ab-93e8-b518-24f5af32dc0d ethernet eth2
For basic connectability you can configure IPv4 via DHCP:
# nmcli con mod eth1 ipv4.method auto
# nmcli con mod eth1 ipv4.method manual ipv4.addresses 172.16.16.10/24 ipv4.gateway 172.16.16.1
Enable or disable auto start at boot:
# nmcli con mod eth1 autoconnect yes # nmcli con mod eth1 autoconnect no
Finally bring you connection up if it isn’t already:
# nmcli con up eth1
You can do all of the same stuff with ‘System eth2’. Just remember that double tab and you’re fine! You can also always check all your changes along the way in the config file itself in /etc/sysconfig/network-scripts/.
Let’s not forget scenario 2: bring the existing connections down and create new ones. I’ll take ‘System eth2’ for this example.
Bring the connection down and delete it:
# nmcli con down System\ eth2 # nmcli con del System\ eth2
Create a complete new connection:
# nmcli con add con-name eth2 ifname eth2 type ethernet
And assign IPv4 config to it with one of these two:
# nmcli con mod eth2 ipv4.method auto # con mod eth2 ipv4.method manual ipv4.addresses 172.16.16.20/24 ipv4.gateway 172.16.16.1
Finally you can bring it up and make it connect at boot:
# nmcli con up eth2 # nmcli con mod eth1 autoconnect no
I think this will form a pretty solid basis for working with nmcli and you’ll understand that the commands look more complicated than they actually are. Next week more madness.