From f17da4e68bd1d8d165e02724885accddb8963d39 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 5 May 2026 15:13:24 -0400 Subject: [PATCH 1/4] Add management bond setup option --- setup/so-functions | 65 +++++++++++++++++++++++++++++++++-- setup/so-whiptail | 85 ++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 145 insertions(+), 5 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 3cd665076..4d60963c5 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -556,7 +556,7 @@ check_requirements() { local req_cores local req_storage local nic_list - readarray -t nic_list <<< "$(ip link| awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "bond0" | sed 's/ //g' | sed -r 's/(.*)(\.[0-9]+)@\1/\1\2/g')" + readarray -t nic_list <<< "$(ip link| awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "bond0\|bond1" | sed 's/ //g' | sed -r 's/(.*)(\.[0-9]+)@\1/\1\2/g')" local num_nics=${#nic_list[@]} if [[ $is_eval ]]; then @@ -745,6 +745,56 @@ configure_network_sensor() { return $err } +configure_management_bond() { + local bond_name="bond1" + local bond_mode=${MBOND_MODE:-active-backup} + + info "Setting up $bond_name management interface with mode $bond_mode" + + if [[ ${#MBNICS[@]} -eq 0 ]]; then + error "[ERROR] No management bond NICs were selected." + fail_setup + fi + + nmcli -t -f NAME con show | grep -Fxq "$bond_name" + local found_int=$? + + if [[ $found_int != 0 ]]; then + nmcli con add type bond ifname "$bond_name" con-name "$bond_name" mode "$bond_mode" -- \ + ipv6.method ignore \ + connection.autoconnect yes >> "$setup_log" 2>&1 + else + nmcli con mod "$bond_name" \ + bond.options "mode=$bond_mode" \ + ipv6.method ignore \ + connection.autoconnect yes >> "$setup_log" 2>&1 + fi + + local err=0 + for MBNIC in "${MBNICS[@]}"; do + local slave_name="$bond_name-slave-$MBNIC" + + nmcli -t -f NAME con show | grep -Fxq "$slave_name" + found_int=$? + + if [[ $found_int != 0 ]]; then + nmcli con add type ethernet ifname "$MBNIC" con-name "$slave_name" master "$bond_name" -- \ + connection.autoconnect yes >> "$setup_log" 2>&1 + else + nmcli con mod "$slave_name" \ + connection.master "$bond_name" \ + connection.slave-type bond \ + connection.autoconnect yes >> "$setup_log" 2>&1 + fi + + nmcli con up "$slave_name" >> "$setup_log" 2>&1 + local ret=$? + [[ $ret -eq 0 ]] || err=$ret + done + + return $err +} + configure_hyper_bridge() { info "Setting up hypervisor bridge" info "Checking $MNIC ipv4.method is auto or manual" @@ -990,7 +1040,7 @@ es_heapsize() { filter_unused_nics() { - if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi + if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0\|bond1"; else local grep_string="bond0\|bond1"; fi # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string if [[ $BNICS ]]; then @@ -999,6 +1049,11 @@ filter_unused_nics() { grep_string="$grep_string\|$BONDNIC" done fi + if [[ $MBNICS ]]; then + for BONDNIC in "${MBNICS[@]}"; do + grep_string="$grep_string\|$BONDNIC" + done + fi # Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use) filtered_nics=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "$grep_string" | sed 's/ //g' | sed -r 's/(.*)(\.[0-9]+)@\1/\1\2/g') @@ -2084,8 +2139,12 @@ set_initial_firewall_access() { # Set up the management interface on the ISO set_management_interface() { title "Setting up the main interface" + if [[ $MNIC == "bond1" ]]; then + configure_management_bond || fail_setup + fi + if [ "$address_type" = 'DHCP' ]; then - logCmd "nmcli con mod $MNIC connection.autoconnect yes" + logCmd "nmcli con mod $MNIC connection.autoconnect yes ipv4.method auto" logCmd "nmcli con up $MNIC" logCmd "nmcli -p connection show $MNIC" else diff --git a/setup/so-whiptail b/setup/so-whiptail index 9a1d21150..6188d3d30 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -845,18 +845,99 @@ whiptail_management_nic() { [ -n "$TESTING" ] && return filter_unused_nics + local management_nic_options=( "${nic_list_management[@]}" ) + if [[ $is_iso || $is_desktop_iso ]]; then + management_nic_options+=( "BOND" "Configure a bonded management interface" ) + fi - MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 20 75 12 "${nic_list_management[@]}" 3>&1 1>&2 2>&3 ) + MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 20 75 12 "${management_nic_options[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? whiptail_check_exitstatus $exitstatus while [ -z "$MNIC" ] do - MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 22 75 12 "${nic_list_management[@]}" 3>&1 1>&2 2>&3 ) + MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 22 75 12 "${management_nic_options[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? whiptail_check_exitstatus $exitstatus done + if [[ $MNIC == "BOND" ]]; then + whiptail_management_bond + fi +} + +whiptail_management_bond() { + + [ -n "$TESTING" ] && return + + MBOND_MODE=$(whiptail --title "$whiptail_title" --menu \ + "Choose the bond mode for the management interface.\n\nThe management bond will be created as bond1." 20 75 7 \ + "active-backup" "One active NIC with failover (recommended)" \ + "balance-rr" "Round-robin transmit policy" \ + "balance-xor" "Transmit based on selected hash policy" \ + "broadcast" "Transmit everything on all slave interfaces" \ + "802.3ad" "Dynamic link aggregation (requires switch support)" \ + "balance-tlb" "Adaptive transmit load balancing" \ + "balance-alb" "Adaptive load balancing" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + while [ -z "$MBOND_MODE" ] + do + MBOND_MODE=$(whiptail --title "$whiptail_title" --menu \ + "Choose the bond mode for the management interface.\n\nThe management bond will be created as bond1." 20 75 7 \ + "active-backup" "One active NIC with failover (recommended)" \ + "balance-rr" "Round-robin transmit policy" \ + "balance-xor" "Transmit based on selected hash policy" \ + "broadcast" "Transmit everything on all slave interfaces" \ + "802.3ad" "Dynamic link aggregation (requires switch support)" \ + "balance-tlb" "Adaptive transmit load balancing" \ + "balance-alb" "Adaptive load balancing" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + done + + whiptail_management_bond_nics + MNIC="bond1" + + export MBOND_MODE MNIC +} + +whiptail_management_bond_nics() { + + [ -n "$TESTING" ] && return + + MBNICS=() + filter_unused_nics + + MBNICS=$(whiptail --title "$whiptail_title" --checklist "Please add NICs to the Management Interface:" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + while [ -z "$MBNICS" ] + do + MBNICS=$(whiptail --title "$whiptail_title" --checklist "Please add NICs to the Management Interface:" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + done + + MBNICS=$(echo "$MBNICS" | tr -d '"') + + IFS=' ' read -ra MBNICS <<< "$MBNICS" + + for bond_nic in "${MBNICS[@]}"; do + for dev_status in "${nmcli_dev_status_list[@]}"; do + if [[ $dev_status == "${bond_nic}:unmanaged" ]]; then + whiptail \ + --title "$whiptail_title" \ + --msgbox "$bond_nic is unmanaged by Network Manager. Please remove it from other network management tools then re-run setup." \ + 8 75 + exit + fi + done + done + + export MBNICS } whiptail_net_method() { From 3b714db0bfcbfdde05c95e5aa2778338a422ae1b Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 5 May 2026 15:22:40 -0400 Subject: [PATCH 2/4] Show management bond option consistently --- setup/so-functions | 12 +++++++++++- setup/so-setup | 10 ++++++++++ setup/so-whiptail | 4 +--- 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 4d60963c5..571270227 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1443,7 +1443,7 @@ network_init() { title "Initializing Network" disable_ipv6 set_hostname - if [[ ( $is_iso || $is_desktop_iso ) ]]; then + if [[ $is_iso || $is_desktop_iso || $MNIC == "bond1" ]]; then set_management_interface fi } @@ -1465,6 +1465,16 @@ network_init_whiptail() { whiptail_network_notice whiptail_dhcp_warn whiptail_management_nic + if [[ $MNIC == "bond1" ]]; then + whiptail_dhcp_or_static + + if [ "$address_type" != 'DHCP' ]; then + collect_int_ip_mask + collect_gateway + collect_dns + collect_dns_domain + fi + fi ;; esac } diff --git a/setup/so-setup b/setup/so-setup index 7875b9c99..27aeef1f6 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -292,6 +292,16 @@ if ! [[ -f $install_opt_file ]]; then # Warn about the dangers of DHCP whiptail_dhcp_warn whiptail_management_nic + if [[ $MNIC == "bond1" ]]; then + whiptail_dhcp_or_static + + if [ "$address_type" != 'DHCP' ]; then + collect_int_ip_mask + collect_gateway + collect_dns + collect_dns_domain + fi + fi fi # Initializing the network based on the previous information network_init diff --git a/setup/so-whiptail b/setup/so-whiptail index 6188d3d30..a0c9d797b 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -846,9 +846,7 @@ whiptail_management_nic() { filter_unused_nics local management_nic_options=( "${nic_list_management[@]}" ) - if [[ $is_iso || $is_desktop_iso ]]; then - management_nic_options+=( "BOND" "Configure a bonded management interface" ) - fi + management_nic_options+=( "BOND" "Configure a bonded management interface" ) MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 20 75 12 "${management_nic_options[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? From ecb92d43fcca7ebd614d4b48de3d076d2d8fd029 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 5 May 2026 15:30:09 -0400 Subject: [PATCH 3/4] Limit management bond setup to ISO installs --- setup/so-functions | 14 ++------------ setup/so-setup | 10 ---------- setup/so-whiptail | 4 +++- 3 files changed, 5 insertions(+), 23 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 571270227..4dbbddecc 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1040,7 +1040,7 @@ es_heapsize() { filter_unused_nics() { - if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0\|bond1"; else local grep_string="bond0\|bond1"; fi + if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string if [[ $BNICS ]]; then @@ -1443,7 +1443,7 @@ network_init() { title "Initializing Network" disable_ipv6 set_hostname - if [[ $is_iso || $is_desktop_iso || $MNIC == "bond1" ]]; then + if [[ $is_iso || $is_desktop_iso ]]; then set_management_interface fi } @@ -1465,16 +1465,6 @@ network_init_whiptail() { whiptail_network_notice whiptail_dhcp_warn whiptail_management_nic - if [[ $MNIC == "bond1" ]]; then - whiptail_dhcp_or_static - - if [ "$address_type" != 'DHCP' ]; then - collect_int_ip_mask - collect_gateway - collect_dns - collect_dns_domain - fi - fi ;; esac } diff --git a/setup/so-setup b/setup/so-setup index 27aeef1f6..7875b9c99 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -292,16 +292,6 @@ if ! [[ -f $install_opt_file ]]; then # Warn about the dangers of DHCP whiptail_dhcp_warn whiptail_management_nic - if [[ $MNIC == "bond1" ]]; then - whiptail_dhcp_or_static - - if [ "$address_type" != 'DHCP' ]; then - collect_int_ip_mask - collect_gateway - collect_dns - collect_dns_domain - fi - fi fi # Initializing the network based on the previous information network_init diff --git a/setup/so-whiptail b/setup/so-whiptail index a0c9d797b..6188d3d30 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -846,7 +846,9 @@ whiptail_management_nic() { filter_unused_nics local management_nic_options=( "${nic_list_management[@]}" ) - management_nic_options+=( "BOND" "Configure a bonded management interface" ) + if [[ $is_iso || $is_desktop_iso ]]; then + management_nic_options+=( "BOND" "Configure a bonded management interface" ) + fi MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 20 75 12 "${management_nic_options[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? From 3e493222200bd45a07f7202cff66a20efb5747c0 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 5 May 2026 15:35:12 -0400 Subject: [PATCH 4/4] Allow preconfigured management bond in requirements --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 4dbbddecc..12dd5160a 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -556,7 +556,7 @@ check_requirements() { local req_cores local req_storage local nic_list - readarray -t nic_list <<< "$(ip link| awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "bond0\|bond1" | sed 's/ //g' | sed -r 's/(.*)(\.[0-9]+)@\1/\1\2/g')" + readarray -t nic_list <<< "$(ip link| awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "bond0" | sed 's/ //g' | sed -r 's/(.*)(\.[0-9]+)@\1/\1\2/g')" local num_nics=${#nic_list[@]} if [[ $is_eval ]]; then