RHEL / CentOS nmcli madness I

nmcli

RHCSA is in the bag. I took the RHEL 8 exam and passed with a whopping 283 of 300 points. Next up is RHCE 7 (version 8 is completely Ansible related which will come at a later time), which for me is a whole different ballgame. So what about this nmcli madness?

Continuing my RHEL adventure with RHCE, I’ll definitely have more RHEL stuff to be writing about. Today I’m starting a two part post about nmcli: the Network Manager CLI. I remember when I came into contact with it a long time ago, the enormous commands disgusted me and I tried to avoid it at all costs.

Now that is has been explained to me properly, I can’t do without it anymore.

I’m working from a clean vagrant box with CentOS 7 and 3 network interfaces. First take a look at our config:

# nmcli dev show
# nmcli con show

The first will show you a lot of detailed info and the second your actual connection and it being up or down.

System eth0  5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03  ethernet  eth0   
System eth1  9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04  ethernet  eth1   
System eth2  3a73717e-65ab-93e8-b518-24f5af32dc0d  ethernet  eth2   

For vagrant, the eth0 interface is its bridge to my host machine and can be ignored. It’s the eth1 and eth2 interface with which we will be working with this and the next post.

These 3 interfaces and their configuration can be found in /etc/sysconfig/network-scripts, among many other files.

[root@centos7 network-scripts]# ls -al
total 248
drwxr-xr-x. 2 root    root     4096 Jun 27 11:51 .
drwxr-xr-x. 6 root    root     4096 Jun 13 20:58 ..
-rw-r--r--. 1 root    root      229 Jun 13 20:58 ifcfg-eth0
-rw-------. 1 vagrant vagrant   215 Jun 27 11:51 ifcfg-eth1
-rw-------. 1 vagrant vagrant   215 Jun 27 11:51 ifcfg-eth2
-rw-r--r--. 1 root    root      254 Aug 24  2018 ifcfg-lo

First to note, is an important difference between a connection and an interface: they are not the same. In the above ‘nmcli con show’ output, the connection is called ‘System eth1’ and the interface simply ‘eth1’. The first can be changed, the second is static. It doesn’t matter a great deal I think, but I like to keep the connection name and the interface name the same.

Keeping this in mind, from this point on we can do 2 things with eth1 and eth2:

  1. We can edit the existing connections to our liking
  2. We can bring the existing connections down and create new ones

To get our feet wet, we’ll do both. You can choose which way to go, it really doesn’t matter. We’ll be using the nmcli command for the first time. The commands look brutal but it’s really not when you know this: you can double tab at all times to see what your options are. Just try it. Also, despite of all the available options you only need these to setup a basic connection:

  • The connection name (con-name)
  • The connection type (type)
  • The interface name you want the connection to be using (ifname)
  • The IPv4 method and configuration (ipv4.method, addresses, etc.)

Scenario 1: editing our existing connections. First take a look at the current config:

# nmcli con show System\ eth1

or:

# cat /etc/sysconfig/network-scripts/ifcfg-eth1

Now with vagrant this is a bad example, since the config file will tell you to not touch it. But with your own hardware or VPS, you can do your thing.

Anyway, looking at the current config, you’ll have to decide what you want to do with it. For me, I want to change the name from ‘System eth1’ to just ‘eth1’:

# nmcli con mod System\ eth1 con-name eth1

Results in:

[root@centos7 network-scripts]# nmcli con show
NAME         UUID                                  TYPE      DEVICE 
eth1         9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04  ethernet  eth1   
System eth0  5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03  ethernet  eth0   
System eth2  3a73717e-65ab-93e8-b518-24f5af32dc0d  ethernet  eth2   

For basic connectability you can configure IPv4 via DHCP:

# nmcli con mod eth1 ipv4.method auto

Or manual:

# nmcli con mod eth1 ipv4.method manual ipv4.addresses 172.16.16.10/24 ipv4.gateway 172.16.16.1

Enable or disable auto start at boot:

# nmcli con mod eth1 autoconnect yes
# nmcli con mod eth1 autoconnect no

Finally bring you connection up if it isn’t already:

# nmcli con up eth1

You can do all of the same stuff with ‘System eth2’. Just remember that double tab and you’re fine! You can also always check all your changes along the way in the config file itself in /etc/sysconfig/network-scripts/.

Let’s not forget scenario 2: bring the existing connections down and create new ones. I’ll take ‘System eth2’ for this example.

Bring the connection down and delete it:

# nmcli con down System\ eth2
# nmcli con del System\ eth2

Create a complete new connection:

# nmcli con add con-name eth2 ifname eth2 type ethernet

And assign IPv4 config to it with one of these two:

# nmcli con mod eth2 ipv4.method auto
# con mod eth2 ipv4.method manual ipv4.addresses 172.16.16.20/24 ipv4.gateway 172.16.16.1

Finally you can bring it up and make it connect at boot:

# nmcli con up eth2
# nmcli con mod eth1 autoconnect no

I think this will form a pretty solid basis for working with nmcli and you’ll understand that the commands look more complicated than they actually are. Next week more madness.

Update: nmcli post 1 and post 2.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.