feat: added score to enable snmp_server on brocade switch and a working example

Reviewed-on: #185
Reviewed-by: johnride <jg@nationtech.io>

brocade/src/fast_iron.rs

@@ -1,7 +1,8 @@
 use super::BrocadeClient;
 use crate::{
     BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo, MacAddressEntry,
-    PortChannelId, PortOperatingMode, parse_brocade_mac_address, shell::BrocadeShell,
+    PortChannelId, PortOperatingMode, SecurityLevel, parse_brocade_mac_address,
+    shell::BrocadeShell,
 };
 
 use async_trait::async_trait;
@@ -209,4 +210,20 @@ impl BrocadeClient for FastIronClient {
         info!("[Brocade] Port-channel '{channel_name}' cleared.");
         Ok(())
     }
+
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+        let commands = vec![
+            "configure terminal".into(),
+            "snmp-server view ALL 1 included".into(),
+            "snmp-server group public v3 priv read ALL".into(),
+            format!(
+                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
+            ),
+            "exit".into(),
+        ];
+        self.shell
+            .run_commands(commands, ExecutionMode::Regular)
+            .await?;
+        Ok(())
+    }
 }

brocade/src/lib.rs

@@ -237,6 +237,15 @@ pub trait BrocadeClient: std::fmt::Debug {
         ports: &[PortLocation],
     ) -> Result<(), Error>;
 
+    /// Enables Simple Network Management Protocol (SNMP) server for switch
+    ///
+    /// # Parameters
+    ///
+    ///  * `user_name`: The user name for the snmp server
+    ///  * `auth`: The password for authentication process for verifying the identity of a device
+    ///  * `des`: The Data Encryption Standard algorithm key
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error>;
+
     /// Removes all configuration associated with the specified Port-Channel name.
     ///
     /// This operation should be idempotent; attempting to clear a non-existent
@@ -300,6 +309,11 @@ fn parse_brocade_mac_address(value: &str) -> Result<MacAddress, String> {
     Ok(MacAddress(bytes))
 }
 
+#[derive(Debug)]
+pub enum SecurityLevel {
+    AuthPriv(String),
+}
+
 #[derive(Debug)]
 pub enum Error {
     NetworkError(String),

brocade/src/network_operating_system.rs

@@ -8,7 +8,7 @@ use regex::Regex;
 use crate::{
     BrocadeClient, BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo,
     InterfaceStatus, InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode,
-    parse_brocade_mac_address, shell::BrocadeShell,
+    SecurityLevel, parse_brocade_mac_address, shell::BrocadeShell,
 };
 
 #[derive(Debug)]
@@ -330,4 +330,20 @@ impl BrocadeClient for NetworkOperatingSystemClient {
         info!("[Brocade] Port-channel '{channel_name}' cleared.");
         Ok(())
     }
+
+    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+        let commands = vec![
+            "configure terminal".into(),
+            "snmp-server view ALL 1 included".into(),
+            "snmp-server group public v3 priv read ALL".into(),
+            format!(
+                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
+            ),
+            "exit".into(),
+        ];
+        self.shell
+            .run_commands(commands, ExecutionMode::Regular)
+            .await?;
+        Ok(())
+    }
 }

examples/brocade_snmp_server/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "brocade-snmp-server"
+edition = "2024"
+version.workspace = true
+readme.workspace = true
+license.workspace = true
+
+[dependencies]
+harmony = { path = "../../harmony" }
+brocade = { path = "../../brocade" }
+harmony_secret = { path = "../../harmony_secret" }
+harmony_cli = { path = "../../harmony_cli" }
+harmony_types = { path = "../../harmony_types" }
+harmony_macros = { path = "../../harmony_macros" }
+tokio = { workspace = true }
+log = { workspace = true }
+env_logger = { workspace = true }
+url = { workspace = true }
+base64.workspace = true
+serde.workspace = true

examples/brocade_snmp_server/src/main.rs

@@ -0,0 +1,22 @@
+use std::net::{IpAddr, Ipv4Addr};
+
+use harmony::{
+    inventory::Inventory, modules::brocade::BrocadeEnableSnmpScore, topology::K8sAnywhereTopology,
+};
+
+#[tokio::main]
+async fn main() {
+    let brocade_snmp_server = BrocadeEnableSnmpScore {
+        server_ips: vec![IpAddr::V4(Ipv4Addr::new(192, 168, 1, 111))],
+        dry_run: true,
+    };
+
+    harmony_cli::run(
+        Inventory::autoload(),
+        K8sAnywhereTopology::from_env(),
+        vec![Box::new(brocade_snmp_server)],
+        None,
+    )
+    .await
+    .unwrap();
+}

examples/nanodc/src/main.rs

@@ -1,6 +1,6 @@
 use std::{
     net::{IpAddr, Ipv4Addr},
-    sync::Arc,
+    sync::{Arc, OnceLock},
 };
 
 use brocade::BrocadeOptions;
@@ -107,6 +107,7 @@ async fn main() {
             },
         ],
         switch_client: switch_client.clone(),
+        network_manager: OnceLock::new(),
     };
 
     let inventory = Inventory {

examples/okd_installation/src/topology.rs

@@ -9,7 +9,10 @@ use harmony::{
 use harmony_macros::{ip, ipv4};
 use harmony_secret::{Secret, SecretManager};
 use serde::{Deserialize, Serialize};
-use std::{net::IpAddr, sync::Arc};
+use std::{
+    net::IpAddr,
+    sync::{Arc, OnceLock},
+};
 
 #[derive(Secret, Serialize, Deserialize, Debug, PartialEq)]
 struct OPNSenseFirewallConfig {
@@ -81,6 +84,7 @@ pub async fn get_topology() -> HAClusterTopology {
         },
         workers: vec![],
         switch_client: switch_client.clone(),
+        network_manager: OnceLock::new(),
     }
 }
 

examples/okd_pxe/src/topology.rs

@@ -10,7 +10,10 @@ use harmony::{
 use harmony_macros::{ip, ipv4};
 use harmony_secret::{Secret, SecretManager};
 use serde::{Deserialize, Serialize};
-use std::{net::IpAddr, sync::Arc};
+use std::{
+    net::IpAddr,
+    sync::{Arc, OnceLock},
+};
 
 pub async fn get_topology() -> HAClusterTopology {
     let firewall = harmony::topology::LogicalHost {
@@ -76,6 +79,7 @@ pub async fn get_topology() -> HAClusterTopology {
         },
         workers: vec![],
         switch_client: switch_client.clone(),
+        network_manager: OnceLock::new(),
     }
 }
 

examples/opnsense/src/main.rs

@@ -1,6 +1,6 @@
 use std::{
     net::{IpAddr, Ipv4Addr},
-    sync::Arc,
+    sync::{Arc, OnceLock},
 };
 
 use brocade::BrocadeOptions;
@@ -79,6 +79,7 @@ async fn main() {
         },
         workers: vec![],
         switch_client: switch_client.clone(),
+        network_manager: OnceLock::new(),
     };
 
     let inventory = Inventory {

harmony/src/domain/topology/ha_cluster.rs

@@ -1,29 +1,25 @@
 use async_trait::async_trait;
 use harmony_macros::ip;
 use harmony_types::{
+    id::Id,
     net::{MacAddress, Url},
     switch::PortLocation,
 };
-use kube::api::ObjectMeta;
 use log::debug;
 use log::info;
 
-use crate::modules::okd::crd::nmstate::{self, NodeNetworkConfigurationPolicy};
+use crate::infra::network_manager::OpenShiftNmStateNetworkManager;
 use crate::topology::PxeOptions;
-use crate::{data::FileContent, modules::okd::crd::nmstate::NMState};
+use crate::{data::FileContent, executors::ExecutorError};
-use crate::{
-    executors::ExecutorError, modules::okd::crd::nmstate::NodeNetworkConfigurationPolicySpec,
-};
 
 use super::{
     DHCPStaticEntry, DhcpServer, DnsRecord, DnsRecordType, DnsServer, Firewall, HostNetworkConfig,
-    HttpServer, IpAddress, K8sclient, LoadBalancer, LoadBalancerService, LogicalHost,
+    HttpServer, IpAddress, K8sclient, LoadBalancer, LoadBalancerService, LogicalHost, NetworkError,
-    PreparationError, PreparationOutcome, Router, Switch, SwitchClient, SwitchError, TftpServer,
+    NetworkManager, PreparationError, PreparationOutcome, Router, Switch, SwitchClient,
-    Topology, k8s::K8sClient,
+    SwitchError, TftpServer, Topology, k8s::K8sClient,
 };
 
-use std::collections::BTreeMap;
+use std::sync::{Arc, OnceLock};
-use std::sync::Arc;
 
 #[derive(Debug, Clone)]
 pub struct HAClusterTopology {
@@ -40,6 +36,7 @@ pub struct HAClusterTopology {
     pub control_plane: Vec<LogicalHost>,
     pub workers: Vec<LogicalHost>,
     pub kubeconfig: Option<String>,
+    pub network_manager: OnceLock<Arc<dyn NetworkManager>>,
 }
 
 #[async_trait]
@@ -63,7 +60,7 @@ impl K8sclient for HAClusterTopology {
                 K8sClient::try_default().await.map_err(|e| e.to_string())?,
             )),
             Some(kubeconfig) => {
-                let Some(client) = K8sClient::from_kubeconfig(&kubeconfig).await else {
+                let Some(client) = K8sClient::from_kubeconfig(kubeconfig).await else {
                     return Err("Failed to create k8s client".to_string());
                 };
                 Ok(Arc::new(client))
@@ -93,191 +90,12 @@ impl HAClusterTopology {
             .to_string()
     }
 
-    async fn ensure_nmstate_operator_installed(&self) -> Result<(), String> {
+    pub async fn network_manager(&self) -> &dyn NetworkManager {
-        let k8s_client = self.k8s_client().await?;
+        let k8s_client = self.k8s_client().await.unwrap();
 
-        debug!("Installing NMState controller...");
+        self.network_manager
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/nmstate.io_nmstates.yaml
+            .get_or_init(|| Arc::new(OpenShiftNmStateNetworkManager::new(k8s_client.clone())))
-").unwrap(), Some("nmstate"))
+            .as_ref()
-            .await
-            .map_err(|e| e.to_string())?;
-
-        debug!("Creating NMState namespace...");
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/namespace.yaml
-").unwrap(), Some("nmstate"))
-            .await
-            .map_err(|e| e.to_string())?;
-
-        debug!("Creating NMState service account...");
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/service_account.yaml
-").unwrap(), Some("nmstate"))
-            .await
-            .map_err(|e| e.to_string())?;
-
-        debug!("Creating NMState role...");
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/role.yaml
-").unwrap(), Some("nmstate"))
-            .await
-            .map_err(|e| e.to_string())?;
-
-        debug!("Creating NMState role binding...");
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/role_binding.yaml
-").unwrap(), Some("nmstate"))
-            .await
-            .map_err(|e| e.to_string())?;
-
-        debug!("Creating NMState operator...");
-        k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/operator.yaml
-").unwrap(), Some("nmstate"))
-            .await
-            .map_err(|e| e.to_string())?;
-
-        k8s_client
-            .wait_until_deployment_ready("nmstate-operator", Some("nmstate"), None)
-            .await?;
-
-        let nmstate = NMState {
-            metadata: ObjectMeta {
-                name: Some("nmstate".to_string()),
-                ..Default::default()
-            },
-            ..Default::default()
-        };
-        debug!("Creating NMState: {nmstate:#?}");
-        k8s_client
-            .apply(&nmstate, None)
-            .await
-            .map_err(|e| e.to_string())?;
-
-        Ok(())
-    }
-
-    fn get_next_bond_id(&self) -> u8 {
-        42 // FIXME: Find a better way to declare the bond id
-    }
-
-    async fn configure_bond(&self, config: &HostNetworkConfig) -> Result<(), SwitchError> {
-        self.ensure_nmstate_operator_installed()
-            .await
-            .map_err(|e| {
-                SwitchError::new(format!(
-                    "Can't configure bond, NMState operator not available: {e}"
-                ))
-            })?;
-
-        let bond_config = self.create_bond_configuration(config);
-        debug!(
-            "Applying NMState bond config for host {}: {bond_config:#?}",
-            config.host_id
-        );
-        self.k8s_client()
-            .await
-            .unwrap()
-            .apply(&bond_config, None)
-            .await
-            .map_err(|e| SwitchError::new(format!("Failed to configure bond: {e}")))?;
-
-        Ok(())
-    }
-
-    fn create_bond_configuration(
-        &self,
-        config: &HostNetworkConfig,
-    ) -> NodeNetworkConfigurationPolicy {
-        let host_name = &config.host_id;
-        let bond_id = self.get_next_bond_id();
-        let bond_name = format!("bond{bond_id}");
-
-        info!("Configuring bond '{bond_name}' for host '{host_name}'...");
-
-        let mut bond_mtu: Option<u32> = None;
-        let mut copy_mac_from: Option<String> = None;
-        let mut bond_ports = Vec::new();
-        let mut interfaces: Vec<nmstate::InterfaceSpec> = Vec::new();
-
-        for switch_port in &config.switch_ports {
-            let interface_name = switch_port.interface.name.clone();
-
-            interfaces.push(nmstate::InterfaceSpec {
-                name: interface_name.clone(),
-                description: Some(format!("Member of bond {bond_name}")),
-                r#type: "ethernet".to_string(),
-                state: "up".to_string(),
-                mtu: Some(switch_port.interface.mtu),
-                mac_address: Some(switch_port.interface.mac_address.to_string()),
-                ipv4: Some(nmstate::IpStackSpec {
-                    enabled: Some(false),
-                    ..Default::default()
-                }),
-                ipv6: Some(nmstate::IpStackSpec {
-                    enabled: Some(false),
-                    ..Default::default()
-                }),
-                link_aggregation: None,
-                ..Default::default()
-            });
-
-            bond_ports.push(interface_name.clone());
-
-            // Use the first port's details for the bond mtu and mac address
-            if bond_mtu.is_none() {
-                bond_mtu = Some(switch_port.interface.mtu);
-            }
-            if copy_mac_from.is_none() {
-                copy_mac_from = Some(interface_name);
-            }
-        }
-
-        interfaces.push(nmstate::InterfaceSpec {
-            name: bond_name.clone(),
-            description: Some(format!("Network bond for host {host_name}")),
-            r#type: "bond".to_string(),
-            state: "up".to_string(),
-            copy_mac_from,
-            ipv4: Some(nmstate::IpStackSpec {
-                dhcp: Some(true),
-                enabled: Some(true),
-                ..Default::default()
-            }),
-            ipv6: Some(nmstate::IpStackSpec {
-                dhcp: Some(true),
-                autoconf: Some(true),
-                enabled: Some(true),
-                ..Default::default()
-            }),
-            link_aggregation: Some(nmstate::BondSpec {
-                mode: "802.3ad".to_string(),
-                ports: bond_ports,
-                ..Default::default()
-            }),
-            ..Default::default()
-        });
-
-        NodeNetworkConfigurationPolicy {
-            metadata: ObjectMeta {
-                name: Some(format!("{host_name}-bond-config")),
-                ..Default::default()
-            },
-            spec: NodeNetworkConfigurationPolicySpec {
-                node_selector: Some(BTreeMap::from([(
-                    "kubernetes.io/hostname".to_string(),
-                    host_name.to_string(),
-                )])),
-                desired_state: nmstate::DesiredStateSpec { interfaces },
-            },
-        }
-    }
-
-    async fn configure_port_channel(&self, config: &HostNetworkConfig) -> Result<(), SwitchError> {
-        debug!("Configuring port channel: {config:#?}");
-        let switch_ports = config.switch_ports.iter().map(|s| s.port.clone()).collect();
-
-        self.switch_client
-            .configure_port_channel(&format!("Harmony_{}", config.host_id), switch_ports)
-            .await
-            .map_err(|e| SwitchError::new(format!("Failed to configure switch: {e}")))?;
-
-        Ok(())
     }
 
     pub fn autoload() -> Self {
@@ -301,6 +119,7 @@ impl HAClusterTopology {
             bootstrap_host: dummy_host,
             control_plane: vec![],
             workers: vec![],
+            network_manager: OnceLock::new(),
         }
     }
 }
@@ -458,21 +277,40 @@ impl HttpServer for HAClusterTopology {
 #[async_trait]
 impl Switch for HAClusterTopology {
     async fn setup_switch(&self) -> Result<(), SwitchError> {
-        self.switch_client.setup().await?;
+        self.switch_client.setup().await.map(|_| ())
-        Ok(())
     }
 
     async fn get_port_for_mac_address(
         &self,
         mac_address: &MacAddress,
     ) -> Result<Option<PortLocation>, SwitchError> {
-        let port = self.switch_client.find_port(mac_address).await?;
+        self.switch_client.find_port(mac_address).await
-        Ok(port)
     }
 
-    async fn configure_host_network(&self, config: &HostNetworkConfig) -> Result<(), SwitchError> {
+    async fn configure_port_channel(&self, config: &HostNetworkConfig) -> Result<(), SwitchError> {
-        self.configure_bond(config).await?;
+        debug!("Configuring port channel: {config:#?}");
-        self.configure_port_channel(config).await
+        let switch_ports = config.switch_ports.iter().map(|s| s.port.clone()).collect();
+
+        self.switch_client
+            .configure_port_channel(&format!("Harmony_{}", config.host_id), switch_ports)
+            .await
+            .map_err(|e| SwitchError::new(format!("Failed to configure port-channel: {e}")))?;
+
+        Ok(())
+    }
+}
+
+#[async_trait]
+impl NetworkManager for HAClusterTopology {
+    async fn ensure_network_manager_installed(&self) -> Result<(), NetworkError> {
+        self.network_manager()
+            .await
+            .ensure_network_manager_installed()
+            .await
+    }
+
+    async fn configure_bond(&self, config: &HostNetworkConfig) -> Result<(), NetworkError> {
+        self.network_manager().await.configure_bond(config).await
     }
 }
 

harmony/src/domain/topology/k8s.rs

@@ -5,13 +5,15 @@ use k8s_openapi::{
     ClusterResourceScope, NamespaceResourceScope,
     api::{
         apps::v1::Deployment,
-        core::v1::{Pod, ServiceAccount},
+        core::v1::{Node, Pod, ServiceAccount},
     },
     apimachinery::pkg::version::Info,
 };
 use kube::{
     Client, Config, Discovery, Error, Resource,
-    api::{Api, AttachParams, DeleteParams, ListParams, Patch, PatchParams, ResourceExt},
+    api::{
+        Api, AttachParams, DeleteParams, ListParams, ObjectList, Patch, PatchParams, ResourceExt,
+    },
     config::{KubeConfigOptions, Kubeconfig},
     core::ErrorResponse,
     discovery::{ApiCapabilities, Scope},
@@ -23,7 +25,7 @@ use kube::{
     api::{ApiResource, GroupVersionKind},
     runtime::wait::await_condition,
 };
-use log::{debug, error, info, trace, warn};
+use log::{debug, error, trace, warn};
 use serde::{Serialize, de::DeserializeOwned};
 use serde_json::json;
 use similar::TextDiff;
@@ -564,7 +566,58 @@ impl K8sClient {
         Ok(())
     }
 
-    pub(crate) async fn from_kubeconfig(path: &str) -> Option<K8sClient> {
+    /// Gets a single named resource of a specific type `K`.
+    ///
+    /// This function uses the `ApplyStrategy` trait to correctly determine
+    /// whether to look in a specific namespace or in the entire cluster.
+    ///
+    /// Returns `Ok(None)` if the resource is not found (404).
+    pub async fn get_resource<K>(
+        &self,
+        name: &str,
+        namespace: Option<&str>,
+    ) -> Result<Option<K>, Error>
+    where
+        K: Resource + Clone + std::fmt::Debug + DeserializeOwned,
+        <K as Resource>::Scope: ApplyStrategy<K>,
+        <K as kube::Resource>::DynamicType: Default,
+    {
+        let api: Api<K> =
+            <<K as Resource>::Scope as ApplyStrategy<K>>::get_api(&self.client, namespace);
+
+        api.get_opt(name).await
+    }
+
+    /// Lists all resources of a specific type `K`.
+    ///
+    /// This function uses the `ApplyStrategy` trait to correctly determine
+    /// whether to list from a specific namespace or from the entire cluster.
+    pub async fn list_resources<K>(
+        &self,
+        namespace: Option<&str>,
+        list_params: Option<ListParams>,
+    ) -> Result<ObjectList<K>, Error>
+    where
+        K: Resource + Clone + std::fmt::Debug + DeserializeOwned,
+        <K as Resource>::Scope: ApplyStrategy<K>,
+        <K as kube::Resource>::DynamicType: Default,
+    {
+        let api: Api<K> =
+            <<K as Resource>::Scope as ApplyStrategy<K>>::get_api(&self.client, namespace);
+
+        let list_params = list_params.unwrap_or_default();
+        api.list(&list_params).await
+    }
+
+    /// Fetches a list of all Nodes in the cluster.
+    pub async fn get_nodes(
+        &self,
+        list_params: Option<ListParams>,
+    ) -> Result<ObjectList<Node>, Error> {
+        self.list_resources(None, list_params).await
+    }
+
+    pub async fn from_kubeconfig(path: &str) -> Option<K8sClient> {
         let k = match Kubeconfig::read_from(path) {
             Ok(k) => k,
             Err(e) => {

harmony/src/domain/topology/network.rs

@@ -15,7 +15,7 @@ use harmony_types::{
 };
 use serde::Serialize;
 
-use crate::{executors::ExecutorError, hardware::PhysicalHost};
+use crate::executors::ExecutorError;
 
 use super::{LogicalHost, k8s::K8sClient};
 
@@ -183,6 +183,37 @@ impl FromStr for DnsRecordType {
     }
 }
 
+#[async_trait]
+pub trait NetworkManager: Debug + Send + Sync {
+    async fn ensure_network_manager_installed(&self) -> Result<(), NetworkError>;
+    async fn configure_bond(&self, config: &HostNetworkConfig) -> Result<(), NetworkError>;
+}
+
+#[derive(Debug, Clone, new)]
+pub struct NetworkError {
+    msg: String,
+}
+
+impl fmt::Display for NetworkError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str(&self.msg)
+    }
+}
+
+impl Error for NetworkError {}
+
+impl From<kube::Error> for NetworkError {
+    fn from(value: kube::Error) -> Self {
+        NetworkError::new(value.to_string())
+    }
+}
+
+impl From<String> for NetworkError {
+    fn from(value: String) -> Self {
+        NetworkError::new(value)
+    }
+}
+
 #[async_trait]
 pub trait Switch: Send + Sync {
     async fn setup_switch(&self) -> Result<(), SwitchError>;
@@ -192,7 +223,7 @@ pub trait Switch: Send + Sync {
         mac_address: &MacAddress,
     ) -> Result<Option<PortLocation>, SwitchError>;
 
-    async fn configure_host_network(&self, config: &HostNetworkConfig) -> Result<(), SwitchError>;
+    async fn configure_port_channel(&self, config: &HostNetworkConfig) -> Result<(), SwitchError>;
 }
 
 #[derive(Clone, Debug, PartialEq)]

harmony/src/infra/brocade.rs

@@ -121,7 +121,7 @@ mod tests {
     use async_trait::async_trait;
     use brocade::{
         BrocadeClient, BrocadeInfo, Error, InterSwitchLink, InterfaceInfo, InterfaceStatus,
-        InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode,
+        InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode, SecurityLevel,
     };
     use harmony_types::switch::PortLocation;
 
@@ -279,6 +279,10 @@ mod tests {
         async fn clear_port_channel(&self, _channel_name: &str) -> Result<(), Error> {
             todo!()
         }
+
+        async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
+            todo!()
+        }
     }
 
     impl FakeBrocadeClient {

harmony/src/infra/mod.rs

@@ -4,5 +4,6 @@ pub mod hp_ilo;
 pub mod intel_amt;
 pub mod inventory;
 pub mod kube;
+pub mod network_manager;
 pub mod opnsense;
 mod sqlx;

harmony/src/infra/network_manager.rs

@@ -0,0 +1,259 @@
+use std::{
+    collections::{BTreeMap, HashSet},
+    sync::Arc,
+};
+
+use async_trait::async_trait;
+use harmony_types::id::Id;
+use k8s_openapi::api::core::v1::Node;
+use kube::{
+    ResourceExt,
+    api::{ObjectList, ObjectMeta},
+};
+use log::{debug, info};
+
+use crate::{
+    modules::okd::crd::nmstate,
+    topology::{HostNetworkConfig, NetworkError, NetworkManager, k8s::K8sClient},
+};
+
+pub struct OpenShiftNmStateNetworkManager {
+    k8s_client: Arc<K8sClient>,
+}
+
+impl std::fmt::Debug for OpenShiftNmStateNetworkManager {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.debug_struct("OpenShiftNmStateNetworkManager").finish()
+    }
+}
+
+#[async_trait]
+impl NetworkManager for OpenShiftNmStateNetworkManager {
+    async fn ensure_network_manager_installed(&self) -> Result<(), NetworkError> {
+        debug!("Installing NMState controller...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/nmstate.io_nmstates.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        debug!("Creating NMState namespace...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/namespace.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        debug!("Creating NMState service account...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/service_account.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        debug!("Creating NMState role...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/role.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        debug!("Creating NMState role binding...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/role_binding.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        debug!("Creating NMState operator...");
+        self.k8s_client.apply_url(url::Url::parse("https://github.com/nmstate/kubernetes-nmstate/releases/download/v0.84.0/operator.yaml
+").unwrap(), Some("nmstate"))
+            .await?;
+
+        self.k8s_client
+            .wait_until_deployment_ready("nmstate-operator", Some("nmstate"), None)
+            .await?;
+
+        let nmstate = nmstate::NMState {
+            metadata: ObjectMeta {
+                name: Some("nmstate".to_string()),
+                ..Default::default()
+            },
+            ..Default::default()
+        };
+        debug!(
+            "Creating NMState:\n{}",
+            serde_yaml::to_string(&nmstate).unwrap()
+        );
+        self.k8s_client.apply(&nmstate, None).await?;
+
+        Ok(())
+    }
+
+    async fn configure_bond(&self, config: &HostNetworkConfig) -> Result<(), NetworkError> {
+        let hostname = self.get_hostname(&config.host_id).await.map_err(|e| {
+            NetworkError::new(format!(
+                "Can't configure bond, can't get hostname for host '{}': {e}",
+                config.host_id
+            ))
+        })?;
+        let bond_id = self.get_next_bond_id(&hostname).await.map_err(|e| {
+            NetworkError::new(format!(
+                "Can't configure bond, can't get an available bond id for host '{}': {e}",
+                config.host_id
+            ))
+        })?;
+        let bond_config = self.create_bond_configuration(&hostname, &bond_id, config);
+
+        debug!(
+            "Applying NMState bond config for host {}:\n{}",
+            config.host_id,
+            serde_yaml::to_string(&bond_config).unwrap(),
+        );
+        self.k8s_client
+            .apply(&bond_config, None)
+            .await
+            .map_err(|e| NetworkError::new(format!("Failed to configure bond: {e}")))?;
+
+        Ok(())
+    }
+}
+
+impl OpenShiftNmStateNetworkManager {
+    pub fn new(k8s_client: Arc<K8sClient>) -> Self {
+        Self { k8s_client }
+    }
+
+    fn create_bond_configuration(
+        &self,
+        host: &str,
+        bond_name: &str,
+        config: &HostNetworkConfig,
+    ) -> nmstate::NodeNetworkConfigurationPolicy {
+        info!("Configuring bond '{bond_name}' for host '{host}'...");
+
+        let mut bond_mtu: Option<u32> = None;
+        let mut copy_mac_from: Option<String> = None;
+        let mut bond_ports = Vec::new();
+        let mut interfaces: Vec<nmstate::Interface> = Vec::new();
+
+        for switch_port in &config.switch_ports {
+            let interface_name = switch_port.interface.name.clone();
+
+            interfaces.push(nmstate::Interface {
+                name: interface_name.clone(),
+                description: Some(format!("Member of bond {bond_name}")),
+                r#type: nmstate::InterfaceType::Ethernet,
+                state: "up".to_string(),
+                mtu: Some(switch_port.interface.mtu),
+                mac_address: Some(switch_port.interface.mac_address.to_string()),
+                ipv4: Some(nmstate::IpStackSpec {
+                    enabled: Some(false),
+                    ..Default::default()
+                }),
+                ipv6: Some(nmstate::IpStackSpec {
+                    enabled: Some(false),
+                    ..Default::default()
+                }),
+                link_aggregation: None,
+                ..Default::default()
+            });
+
+            bond_ports.push(interface_name.clone());
+
+            // Use the first port's details for the bond mtu and mac address
+            if bond_mtu.is_none() {
+                bond_mtu = Some(switch_port.interface.mtu);
+            }
+            if copy_mac_from.is_none() {
+                copy_mac_from = Some(interface_name);
+            }
+        }
+
+        interfaces.push(nmstate::Interface {
+            name: bond_name.to_string(),
+            description: Some(format!("Network bond for host {host}")),
+            r#type: nmstate::InterfaceType::Bond,
+            state: "up".to_string(),
+            copy_mac_from,
+            ipv4: Some(nmstate::IpStackSpec {
+                dhcp: Some(true),
+                enabled: Some(true),
+                ..Default::default()
+            }),
+            ipv6: Some(nmstate::IpStackSpec {
+                dhcp: Some(true),
+                autoconf: Some(true),
+                enabled: Some(true),
+                ..Default::default()
+            }),
+            link_aggregation: Some(nmstate::BondSpec {
+                mode: "802.3ad".to_string(),
+                ports: bond_ports,
+                ..Default::default()
+            }),
+            ..Default::default()
+        });
+
+        nmstate::NodeNetworkConfigurationPolicy {
+            metadata: ObjectMeta {
+                name: Some(format!("{host}-bond-config")),
+                ..Default::default()
+            },
+            spec: nmstate::NodeNetworkConfigurationPolicySpec {
+                node_selector: Some(BTreeMap::from([(
+                    "kubernetes.io/hostname".to_string(),
+                    host.to_string(),
+                )])),
+                desired_state: nmstate::NetworkState {
+                    interfaces,
+                    ..Default::default()
+                },
+            },
+        }
+    }
+
+    async fn get_hostname(&self, host_id: &Id) -> Result<String, String> {
+        let nodes: ObjectList<Node> = self
+            .k8s_client
+            .list_resources(None, None)
+            .await
+            .map_err(|e| format!("Failed to list nodes: {e}"))?;
+
+        let Some(node) = nodes.iter().find(|n| {
+            n.status
+                .as_ref()
+                .and_then(|s| s.node_info.as_ref())
+                .map(|i| i.system_uuid == host_id.to_string())
+                .unwrap_or(false)
+        }) else {
+            return Err(format!("No node found for host '{host_id}'"));
+        };
+
+        node.labels()
+            .get("kubernetes.io/hostname")
+            .ok_or(format!(
+                "Node '{host_id}' has no kubernetes.io/hostname label"
+            ))
+            .cloned()
+    }
+
+    async fn get_next_bond_id(&self, hostname: &str) -> Result<String, String> {
+        let network_state: Option<nmstate::NodeNetworkState> = self
+            .k8s_client
+            .get_resource(hostname, None)
+            .await
+            .map_err(|e| format!("Failed to list nodes: {e}"))?;
+
+        let interfaces = vec![];
+        let existing_bonds: Vec<&nmstate::Interface> = network_state
+            .as_ref()
+            .and_then(|network_state| network_state.status.current_state.as_ref())
+            .map_or(&interfaces, |current_state| &current_state.interfaces)
+            .iter()
+            .filter(|i| i.r#type == nmstate::InterfaceType::Bond)
+            .collect();
+
+        let used_ids: HashSet<u32> = existing_bonds
+            .iter()
+            .filter_map(|i| {
+                i.name
+                    .strip_prefix("bond")
+                    .and_then(|id| id.parse::<u32>().ok())
+            })
+            .collect();
+
+        let next_id = (0..).find(|id| !used_ids.contains(id)).unwrap();
+        Ok(format!("bond{next_id}"))
+    }
+}

harmony/src/modules/brocade.rs

@@ -0,0 +1,117 @@
+use std::net::{IpAddr, Ipv4Addr};
+
+use async_trait::async_trait;
+use brocade::BrocadeOptions;
+use harmony_secret::{Secret, SecretManager};
+use harmony_types::id::Id;
+use serde::{Deserialize, Serialize};
+
+use crate::{
+    data::Version,
+    interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
+    inventory::Inventory,
+    score::Score,
+    topology::Topology,
+};
+
+#[derive(Debug, Clone, Serialize)]
+pub struct BrocadeEnableSnmpScore {
+    pub server_ips: Vec<IpAddr>,
+    pub dry_run: bool,
+}
+
+impl<T: Topology> Score<T> for BrocadeEnableSnmpScore {
+    fn name(&self) -> String {
+        "BrocadeEnableSnmpScore".to_string()
+    }
+
+    fn create_interpret(&self) -> Box<dyn Interpret<T>> {
+        Box::new(BrocadeEnableSnmpInterpret {
+            score: self.clone(),
+        })
+    }
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct BrocadeEnableSnmpInterpret {
+    score: BrocadeEnableSnmpScore,
+}
+
+#[derive(Secret, Clone, Debug, Serialize, Deserialize)]
+struct BrocadeSwitchAuth {
+    username: String,
+    password: String,
+}
+
+#[derive(Secret, Clone, Debug, Serialize, Deserialize)]
+struct BrocadeSnmpAuth {
+    username: String,
+    auth_password: String,
+    des_password: String,
+}
+
+#[async_trait]
+impl<T: Topology> Interpret<T> for BrocadeEnableSnmpInterpret {
+    async fn execute(
+        &self,
+        _inventory: &Inventory,
+        _topology: &T,
+    ) -> Result<Outcome, InterpretError> {
+        let switch_addresses = &self.score.server_ips;
+
+        let snmp_auth = SecretManager::get_or_prompt::<BrocadeSnmpAuth>()
+            .await
+            .unwrap();
+
+        let config = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
+            .await
+            .unwrap();
+
+        let brocade = brocade::init(
+            &switch_addresses,
+            22,
+            &config.username,
+            &config.password,
+            Some(BrocadeOptions {
+                dry_run: self.score.dry_run,
+                ..Default::default()
+            }),
+        )
+        .await
+        .expect("Brocade client failed to connect");
+
+        brocade
+            .enable_snmp(
+                &snmp_auth.username,
+                &snmp_auth.auth_password,
+                &snmp_auth.des_password,
+            )
+            .await
+            .map_err(|e| InterpretError::new(e.to_string()))?;
+
+        Ok(Outcome::success(format!(
+            "Activated snmp server for Brocade at {}",
+            switch_addresses
+                .iter()
+                .map(|s| s.to_string())
+                .collect::<Vec<_>>()
+                .join(", ")
+        )))
+    }
+
+    fn get_name(&self) -> InterpretName {
+        InterpretName::Custom("BrocadeEnableSnmpInterpret")
+    }
+
+    fn get_version(&self) -> Version {
+        todo!()
+    }
+
+    fn get_status(&self) -> InterpretStatus {
+        todo!()
+    }
+
+    fn get_children(&self) -> Vec<Id> {
+        todo!()
+    }
+}

harmony/src/modules/inventory/discovery.rs

@@ -74,7 +74,11 @@ impl<T: Topology> Interpret<T> for DiscoverHostForRoleInterpret {
 
             match ans {
                 Ok(choice) => {
-                    info!("Selected {} as the bootstrap node.", choice.summary());
+                    info!(
+                        "Selected {} as the {:?} node.",
+                        choice.summary(),
+                        self.score.role
+                    );
                     host_repo
                         .save_role_mapping(&self.score.role, &choice)
                         .await?;
@@ -90,10 +94,7 @@ impl<T: Topology> Interpret<T> for DiscoverHostForRoleInterpret {
                         "Failed to select node for role {:?} : {}",
                         self.score.role, e
                     );
-                    return Err(InterpretError::new(format!(
+                    return Err(InterpretError::new(format!("Could not select host : {e}")));
-                        "Could not select host : {}",
-                        e.to_string()
-                    )));
                 }
             }
         }

harmony/src/modules/mod.rs

@@ -1,4 +1,5 @@
 pub mod application;
+pub mod brocade;
 pub mod cert_manager;
 pub mod dhcp;
 pub mod dns;

harmony/src/modules/okd/crd/nmstate.rs

@@ -1,6 +1,7 @@
 use std::collections::BTreeMap;
 
-use kube::CustomResource;
+use k8s_openapi::{ClusterResourceScope, Resource};
+use kube::{CustomResource, api::ObjectMeta};
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
@@ -47,28 +48,223 @@ pub struct ProbeDns {
     group = "nmstate.io",
     version = "v1",
     kind = "NodeNetworkConfigurationPolicy",
-    namespaced
+    namespaced = false
 )]
 #[serde(rename_all = "camelCase")]
 pub struct NodeNetworkConfigurationPolicySpec {
     #[serde(skip_serializing_if = "Option::is_none")]
     pub node_selector: Option<BTreeMap<String, String>>,
-    pub desired_state: DesiredStateSpec,
+    pub desired_state: NetworkState,
+}
+
+// Currently, kube-rs derive doesn't support resources without a `spec` field, so we have
+// to implement it ourselves.
+//
+// Ref:
+// - https://github.com/kube-rs/kube/issues/1763
+// - https://github.com/kube-rs/kube/discussions/1762
+#[derive(Deserialize, Serialize, Clone, Debug)]
+#[serde(rename_all = "camelCase")]
+pub struct NodeNetworkState {
+    metadata: ObjectMeta,
+    pub status: NodeNetworkStateStatus,
+}
+
+impl Resource for NodeNetworkState {
+    const API_VERSION: &'static str = "nmstate.io/v1beta1";
+    const GROUP: &'static str = "nmstate.io";
+    const VERSION: &'static str = "v1beta1";
+    const KIND: &'static str = "NodeNetworkState";
+    const URL_PATH_SEGMENT: &'static str = "nodenetworkstates";
+    type Scope = ClusterResourceScope;
+}
+
+impl k8s_openapi::Metadata for NodeNetworkState {
+    type Ty = ObjectMeta;
+
+    fn metadata(&self) -> &Self::Ty {
+        &self.metadata
+    }
+
+    fn metadata_mut(&mut self) -> &mut Self::Ty {
+        &mut self.metadata
+    }
 }
 
 #[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct NodeNetworkStateStatus {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub current_state: Option<NetworkState>,
+
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub handler_nmstate_version: Option<String>,
+
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub host_network_manager_version: Option<String>,
+
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub last_successful_update_time: Option<String>,
+}
+
+/// The NetworkState is the top-level struct, representing the entire
+/// desired or current network state.
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
 #[serde(rename_all = "kebab-case")]
-pub struct DesiredStateSpec {
+#[serde(deny_unknown_fields)]
-    pub interfaces: Vec<InterfaceSpec>,
+pub struct NetworkState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub hostname: Option<HostNameState>,
+    #[serde(rename = "dns-resolver", skip_serializing_if = "Option::is_none")]
+    pub dns: Option<DnsState>,
+    #[serde(rename = "route-rules", skip_serializing_if = "Option::is_none")]
+    pub rules: Option<RouteRuleState>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub routes: Option<RouteState>,
+    #[serde(default, skip_serializing_if = "Vec::is_empty")]
+    pub interfaces: Vec<Interface>,
+    #[serde(rename = "ovs-db", skip_serializing_if = "Option::is_none")]
+    pub ovsdb: Option<OvsDbGlobalConfig>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub ovn: Option<OvnConfiguration>,
 }
 
 #[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
 #[serde(rename_all = "kebab-case")]
-pub struct InterfaceSpec {
+pub struct HostNameState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub running: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub config: Option<String>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct DnsState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub running: Option<DnsResolverConfig>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub config: Option<DnsResolverConfig>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct DnsResolverConfig {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub search: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub server: Option<Vec<String>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct RouteRuleState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub config: Option<Vec<RouteRule>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub running: Option<Vec<RouteRule>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct RouteState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub config: Option<Vec<Route>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub running: Option<Vec<Route>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct RouteRule {
+    #[serde(rename = "ip-from", skip_serializing_if = "Option::is_none")]
+    pub ip_from: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub priority: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub route_table: Option<u32>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct Route {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub destination: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub metric: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub next_hop_address: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub next_hop_interface: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub table_id: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub mtu: Option<u32>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct OvsDbGlobalConfig {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub external_ids: Option<BTreeMap<String, String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub other_config: Option<BTreeMap<String, String>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct OvnConfiguration {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub bridge_mappings: Option<Vec<OvnBridgeMapping>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct OvnBridgeMapping {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub localnet: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub bridge: Option<String>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(untagged)]
+#[serde(rename_all = "kebab-case")]
+pub enum StpSpec {
+    Bool(bool),
+    Options(StpOptions),
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct LldpState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub enabled: Option<bool>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct OvsDb {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub external_ids: Option<BTreeMap<String, String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub other_config: Option<BTreeMap<String, String>>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct PatchState {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub peer: Option<String>,
+}
+
+#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub struct Interface {
     pub name: String,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub description: Option<String>,
-    pub r#type: String,
+    pub r#type: InterfaceType,
     pub state: String,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub mac_address: Option<String>,
@@ -99,9 +295,81 @@ pub struct InterfaceSpec {
     #[serde(skip_serializing_if = "Option::is_none")]
     pub linux_bridge: Option<LinuxBridgeSpec>,
     #[serde(skip_serializing_if = "Option::is_none")]
+    #[serde(alias = "bridge")]
     pub ovs_bridge: Option<OvsBridgeSpec>,
     #[serde(skip_serializing_if = "Option::is_none")]
-    pub ethtool: Option<EthtoolSpec>,
+    pub ethtool: Option<Value>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub accept_all_mac_addresses: Option<bool>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub identifier: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub lldp: Option<LldpState>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub permanent_mac_address: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub max_mtu: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub min_mtu: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub mptcp: Option<Value>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub profile_name: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub wait_ip: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub ovs_db: Option<OvsDb>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub driver: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub patch: Option<PatchState>,
+}
+
+#[derive(Deserialize, Serialize, Clone, PartialEq, Eq, PartialOrd, Ord, Debug, JsonSchema)]
+#[serde(rename_all = "kebab-case")]
+pub enum InterfaceType {
+    #[serde(rename = "unknown")]
+    Unknown,
+    #[serde(rename = "dummy")]
+    Dummy,
+    #[serde(rename = "loopback")]
+    Loopback,
+    #[serde(rename = "linux-bridge")]
+    LinuxBridge,
+    #[serde(rename = "ovs-bridge")]
+    OvsBridge,
+    #[serde(rename = "ovs-interface")]
+    OvsInterface,
+    #[serde(rename = "bond")]
+    Bond,
+    #[serde(rename = "ipvlan")]
+    IpVlan,
+    #[serde(rename = "vlan")]
+    Vlan,
+    #[serde(rename = "vxlan")]
+    Vxlan,
+    #[serde(rename = "mac-vlan")]
+    Macvlan,
+    #[serde(rename = "mac-vtap")]
+    Macvtap,
+    #[serde(rename = "ethernet")]
+    Ethernet,
+    #[serde(rename = "infiniband")]
+    Infiniband,
+    #[serde(rename = "vrf")]
+    Vrf,
+    #[serde(rename = "veth")]
+    Veth,
+    #[serde(rename = "ipsec")]
+    Ipsec,
+    #[serde(rename = "hsr")]
+    Hrs,
+}
+
+impl Default for InterfaceType {
+    fn default() -> Self {
+        Self::Loopback
+    }
 }
 
 #[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
@@ -287,11 +555,15 @@ pub struct OvsBridgeSpec {
 #[serde(rename_all = "kebab-case")]
 pub struct OvsBridgeOptions {
     #[serde(skip_serializing_if = "Option::is_none")]
-    pub stp: Option<bool>,
+    pub stp: Option<StpSpec>,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub rstp: Option<bool>,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub mcast_snooping_enable: Option<bool>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub datapath: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub fail_mode: Option<String>,
 }
 
 #[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
@@ -305,18 +577,3 @@ pub struct OvsPortSpec {
     #[serde(skip_serializing_if = "Option::is_none")]
     pub r#type: Option<String>,
 }
-
-#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
-#[serde(rename_all = "kebab-case")]
-pub struct EthtoolSpec {
-    // TODO: Properly describe this spec (https://nmstate.io/devel/yaml_api.html#ethtool)
-}
-
-#[derive(Deserialize, Serialize, Clone, Debug, Default, JsonSchema)]
-#[serde(rename_all = "kebab-case")]
-pub struct EthtoolFecSpec {
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub auto: Option<bool>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub mode: Option<String>,
-}

harmony/src/modules/okd/host_network.rs

@@ -1,6 +1,6 @@
 use async_trait::async_trait;
 use harmony_types::id::Id;
-use log::{debug, info};
+use log::{info, warn};
 use serde::Serialize;
 
 use crate::{
@@ -9,7 +9,7 @@ use crate::{
     interpret::{Interpret, InterpretError, InterpretName, InterpretStatus, Outcome},
     inventory::Inventory,
     score::Score,
-    topology::{HostNetworkConfig, NetworkInterface, Switch, SwitchPort, Topology},
+    topology::{HostNetworkConfig, NetworkInterface, NetworkManager, Switch, SwitchPort, Topology},
 };
 
 #[derive(Debug, Clone, Serialize)]
@@ -17,7 +17,7 @@ pub struct HostNetworkConfigurationScore {
     pub hosts: Vec<PhysicalHost>,
 }
 
-impl<T: Topology + Switch> Score<T> for HostNetworkConfigurationScore {
+impl<T: Topology + NetworkManager + Switch> Score<T> for HostNetworkConfigurationScore {
     fn name(&self) -> String {
         "HostNetworkConfigurationScore".into()
     }
@@ -35,7 +35,7 @@ pub struct HostNetworkConfigurationInterpret {
 }
 
 impl HostNetworkConfigurationInterpret {
-    async fn configure_network_for_host<T: Topology + Switch>(
+    async fn configure_network_for_host<T: Topology + NetworkManager + Switch>(
         &self,
         topology: &T,
         host: &PhysicalHost,
@@ -49,6 +49,13 @@ impl HostNetworkConfigurationInterpret {
                 switch_ports: vec![],
             });
         }
+        if host.network.len() == 1 {
+            info!("[Host {current_host}/{total_hosts}] Only one interface to configure, skipping");
+            return Ok(HostNetworkConfig {
+                host_id: host.id.clone(),
+                switch_ports: vec![],
+            });
+        }
 
         let switch_ports = self
             .collect_switch_ports_for_host(topology, host, current_host, total_hosts)
@@ -59,7 +66,7 @@ impl HostNetworkConfigurationInterpret {
             switch_ports,
         };
 
-        if !config.switch_ports.is_empty() {
+        if config.switch_ports.len() > 1 {
             info!(
                 "[Host {current_host}/{total_hosts}] Found {} ports for {} interfaces",
                 config.switch_ports.len(),
@@ -67,15 +74,25 @@ impl HostNetworkConfigurationInterpret {
             );
 
             info!("[Host {current_host}/{total_hosts}] Configuring host network...");
+            topology.configure_bond(&config).await.map_err(|e| {
+                InterpretError::new(format!("Failed to configure host network: {e}"))
+            })?;
             topology
-                .configure_host_network(&config)
+                .configure_port_channel(&config)
                 .await
-                .map_err(|e| InterpretError::new(format!("Failed to configure host: {e}")))?;
+                .map_err(|e| {
-        } else {
+                    InterpretError::new(format!("Failed to configure host network: {e}"))
+                })?;
+        } else if config.switch_ports.is_empty() {
             info!(
                 "[Host {current_host}/{total_hosts}] No ports found for {} interfaces, skipping",
                 host.network.len()
             );
+        } else {
+            warn!(
+                "[Host {current_host}/{total_hosts}] Found a single port for {} interfaces, skipping",
+                host.network.len()
+            );
         }
 
         Ok(config)
@@ -113,7 +130,7 @@ impl HostNetworkConfigurationInterpret {
                         port,
                     });
                 }
-                Ok(None) => debug!("No port found for '{mac_address}', skipping"),
+                Ok(None) => {}
                 Err(e) => {
                     return Err(InterpretError::new(format!(
                         "Failed to get port for host '{}': {}",
@@ -133,15 +150,6 @@ impl HostNetworkConfigurationInterpret {
         ];
 
         for config in configs {
-            let host = self
-                .score
-                .hosts
-                .iter()
-                .find(|h| h.id == config.host_id)
-                .unwrap();
-
-            println!("[Host] {host}");
-
             if config.switch_ports.is_empty() {
                 report.push(format!(
                     "⏭️ Host {}: SKIPPED (No matching switch ports found)",
@@ -169,7 +177,7 @@ impl HostNetworkConfigurationInterpret {
 }
 
 #[async_trait]
-impl<T: Topology + Switch> Interpret<T> for HostNetworkConfigurationInterpret {
+impl<T: Topology + NetworkManager + Switch> Interpret<T> for HostNetworkConfigurationInterpret {
     fn get_name(&self) -> InterpretName {
         InterpretName::Custom("HostNetworkConfigurationInterpret")
     }
@@ -198,6 +206,12 @@ impl<T: Topology + Switch> Interpret<T> for HostNetworkConfigurationInterpret {
         let host_count = self.score.hosts.len();
         info!("Started network configuration for {host_count} host(s)...",);
 
+        info!("Setting up NetworkManager...",);
+        topology
+            .ensure_network_manager_installed()
+            .await
+            .map_err(|e| InterpretError::new(format!("NetworkManager setup failed: {e}")))?;
+
         info!("Setting up switch with sane defaults...");
         topology
             .setup_switch()
@@ -216,6 +230,7 @@ impl<T: Topology + Switch> Interpret<T> for HostNetworkConfigurationInterpret {
             host_configurations.push(host_configuration);
             current_host += 1;
         }
+
         if current_host > 1 {
             let details = self.format_host_configuration(host_configurations);
 
@@ -242,7 +257,8 @@ mod tests {
     use crate::{
         hardware::HostCategory,
         topology::{
-            HostNetworkConfig, PreparationError, PreparationOutcome, SwitchError, SwitchPort,
+            HostNetworkConfig, NetworkError, PreparationError, PreparationOutcome, SwitchError,
+            SwitchPort,
         },
     };
     use std::{
@@ -267,6 +283,18 @@ mod tests {
             speed_mbps: None,
             mtu: 1,
         };
+        pub static ref YET_ANOTHER_EXISTING_INTERFACE: NetworkInterface = NetworkInterface {
+            mac_address: MacAddress::try_from("AA:BB:CC:DD:EE:F3".to_string()).unwrap(),
+            name: "interface-3".into(),
+            speed_mbps: None,
+            mtu: 1,
+        };
+        pub static ref LAST_EXISTING_INTERFACE: NetworkInterface = NetworkInterface {
+            mac_address: MacAddress::try_from("AA:BB:CC:DD:EE:F4".to_string()).unwrap(),
+            name: "interface-4".into(),
+            speed_mbps: None,
+            mtu: 1,
+        };
         pub static ref UNKNOWN_INTERFACE: NetworkInterface = NetworkInterface {
             mac_address: MacAddress::try_from("11:22:33:44:55:61".to_string()).unwrap(),
             name: "unknown-interface".into(),
@@ -275,6 +303,8 @@ mod tests {
         };
         pub static ref PORT: PortLocation = PortLocation(1, 0, 42);
         pub static ref ANOTHER_PORT: PortLocation = PortLocation(2, 0, 42);
+        pub static ref YET_ANOTHER_PORT: PortLocation = PortLocation(1, 0, 45);
+        pub static ref LAST_PORT: PortLocation = PortLocation(2, 0, 45);
     }
 
     #[tokio::test]
@@ -290,28 +320,33 @@ mod tests {
     }
 
     #[tokio::test]
-    async fn host_with_one_mac_address_should_create_bond_with_one_interface() {
+    async fn should_setup_network_manager() {
         let host = given_host(&HOST_ID, vec![EXISTING_INTERFACE.clone()]);
         let score = given_score(vec![host]);
         let topology = TopologyWithSwitch::new();
 
         let _ = score.interpret(&Inventory::empty(), &topology).await;
 
-        let configured_host_networks = topology.configured_host_networks.lock().unwrap();
+        let network_manager_setup = topology.network_manager_setup.lock().unwrap();
-        assert_that!(*configured_host_networks).contains_exactly(vec![(
+        assert_that!(*network_manager_setup).is_true();
-            HOST_ID.clone(),
-            HostNetworkConfig {
-                host_id: HOST_ID.clone(),
-                switch_ports: vec![SwitchPort {
-                    interface: EXISTING_INTERFACE.clone(),
-                    port: PORT.clone(),
-                }],
-            },
-        )]);
     }
 
     #[tokio::test]
-    async fn host_with_multiple_mac_addresses_should_create_one_bond_with_all_interfaces() {
+    async fn host_with_one_mac_address_should_skip_host_configuration() {
+        let host = given_host(&HOST_ID, vec![EXISTING_INTERFACE.clone()]);
+        let score = given_score(vec![host]);
+        let topology = TopologyWithSwitch::new();
+
+        let _ = score.interpret(&Inventory::empty(), &topology).await;
+
+        let config = topology.configured_bonds.lock().unwrap();
+        assert_that!(*config).is_empty();
+        let config = topology.configured_port_channels.lock().unwrap();
+        assert_that!(*config).is_empty();
+    }
+
+    #[tokio::test]
+    async fn host_with_multiple_mac_addresses_should_configure_one_bond_with_all_interfaces() {
         let score = given_score(vec![given_host(
             &HOST_ID,
             vec![
@@ -323,8 +358,8 @@ mod tests {
 
         let _ = score.interpret(&Inventory::empty(), &topology).await;
 
-        let configured_host_networks = topology.configured_host_networks.lock().unwrap();
+        let config = topology.configured_bonds.lock().unwrap();
-        assert_that!(*configured_host_networks).contains_exactly(vec![(
+        assert_that!(*config).contains_exactly(vec![(
             HOST_ID.clone(),
             HostNetworkConfig {
                 host_id: HOST_ID.clone(),
@@ -343,49 +378,183 @@ mod tests {
     }
 
     #[tokio::test]
-    async fn multiple_hosts_should_create_one_bond_per_host() {
+    async fn host_with_multiple_mac_addresses_should_configure_one_port_channel_with_all_interfaces()
+     {
+        let score = given_score(vec![given_host(
+            &HOST_ID,
+            vec![
+                EXISTING_INTERFACE.clone(),
+                ANOTHER_EXISTING_INTERFACE.clone(),
+            ],
+        )]);
+        let topology = TopologyWithSwitch::new();
+
+        let _ = score.interpret(&Inventory::empty(), &topology).await;
+
+        let config = topology.configured_port_channels.lock().unwrap();
+        assert_that!(*config).contains_exactly(vec![(
+            HOST_ID.clone(),
+            HostNetworkConfig {
+                host_id: HOST_ID.clone(),
+                switch_ports: vec![
+                    SwitchPort {
+                        interface: EXISTING_INTERFACE.clone(),
+                        port: PORT.clone(),
+                    },
+                    SwitchPort {
+                        interface: ANOTHER_EXISTING_INTERFACE.clone(),
+                        port: ANOTHER_PORT.clone(),
+                    },
+                ],
+            },
+        )]);
+    }
+
+    #[tokio::test]
+    async fn multiple_hosts_should_configure_one_bond_per_host() {
         let score = given_score(vec![
-            given_host(&HOST_ID, vec![EXISTING_INTERFACE.clone()]),
+            given_host(
-            given_host(&ANOTHER_HOST_ID, vec![ANOTHER_EXISTING_INTERFACE.clone()]),
+                &HOST_ID,
+                vec![
+                    EXISTING_INTERFACE.clone(),
+                    ANOTHER_EXISTING_INTERFACE.clone(),
+                ],
+            ),
+            given_host(
+                &ANOTHER_HOST_ID,
+                vec![
+                    YET_ANOTHER_EXISTING_INTERFACE.clone(),
+                    LAST_EXISTING_INTERFACE.clone(),
+                ],
+            ),
         ]);
         let topology = TopologyWithSwitch::new();
 
         let _ = score.interpret(&Inventory::empty(), &topology).await;
 
-        let configured_host_networks = topology.configured_host_networks.lock().unwrap();
+        let config = topology.configured_bonds.lock().unwrap();
-        assert_that!(*configured_host_networks).contains_exactly(vec![
+        assert_that!(*config).contains_exactly(vec![
             (
                 HOST_ID.clone(),
                 HostNetworkConfig {
                     host_id: HOST_ID.clone(),
-                    switch_ports: vec![SwitchPort {
+                    switch_ports: vec![
-                        interface: EXISTING_INTERFACE.clone(),
+                        SwitchPort {
-                        port: PORT.clone(),
+                            interface: EXISTING_INTERFACE.clone(),
-                    }],
+                            port: PORT.clone(),
+                        },
+                        SwitchPort {
+                            interface: ANOTHER_EXISTING_INTERFACE.clone(),
+                            port: ANOTHER_PORT.clone(),
+                        },
+                    ],
                 },
             ),
             (
                 ANOTHER_HOST_ID.clone(),
                 HostNetworkConfig {
                     host_id: ANOTHER_HOST_ID.clone(),
-                    switch_ports: vec![SwitchPort {
+                    switch_ports: vec![
-                        interface: ANOTHER_EXISTING_INTERFACE.clone(),
+                        SwitchPort {
-                        port: ANOTHER_PORT.clone(),
+                            interface: YET_ANOTHER_EXISTING_INTERFACE.clone(),
-                    }],
+                            port: YET_ANOTHER_PORT.clone(),
+                        },
+                        SwitchPort {
+                            interface: LAST_EXISTING_INTERFACE.clone(),
+                            port: LAST_PORT.clone(),
+                        },
+                    ],
                 },
             ),
         ]);
     }
 
     #[tokio::test]
-    async fn port_not_found_for_mac_address_should_not_configure_interface() {
+    async fn multiple_hosts_should_configure_one_port_channel_per_host() {
+        let score = given_score(vec![
+            given_host(
+                &HOST_ID,
+                vec![
+                    EXISTING_INTERFACE.clone(),
+                    ANOTHER_EXISTING_INTERFACE.clone(),
+                ],
+            ),
+            given_host(
+                &ANOTHER_HOST_ID,
+                vec![
+                    YET_ANOTHER_EXISTING_INTERFACE.clone(),
+                    LAST_EXISTING_INTERFACE.clone(),
+                ],
+            ),
+        ]);
+        let topology = TopologyWithSwitch::new();
+
+        let _ = score.interpret(&Inventory::empty(), &topology).await;
+
+        let config = topology.configured_port_channels.lock().unwrap();
+        assert_that!(*config).contains_exactly(vec![
+            (
+                HOST_ID.clone(),
+                HostNetworkConfig {
+                    host_id: HOST_ID.clone(),
+                    switch_ports: vec![
+                        SwitchPort {
+                            interface: EXISTING_INTERFACE.clone(),
+                            port: PORT.clone(),
+                        },
+                        SwitchPort {
+                            interface: ANOTHER_EXISTING_INTERFACE.clone(),
+                            port: ANOTHER_PORT.clone(),
+                        },
+                    ],
+                },
+            ),
+            (
+                ANOTHER_HOST_ID.clone(),
+                HostNetworkConfig {
+                    host_id: ANOTHER_HOST_ID.clone(),
+                    switch_ports: vec![
+                        SwitchPort {
+                            interface: YET_ANOTHER_EXISTING_INTERFACE.clone(),
+                            port: YET_ANOTHER_PORT.clone(),
+                        },
+                        SwitchPort {
+                            interface: LAST_EXISTING_INTERFACE.clone(),
+                            port: LAST_PORT.clone(),
+                        },
+                    ],
+                },
+            ),
+        ]);
+    }
+
+    #[tokio::test]
+    async fn port_not_found_for_mac_address_should_not_configure_host() {
         let score = given_score(vec![given_host(&HOST_ID, vec![UNKNOWN_INTERFACE.clone()])]);
         let topology = TopologyWithSwitch::new_port_not_found();
 
         let _ = score.interpret(&Inventory::empty(), &topology).await;
 
-        let configured_host_networks = topology.configured_host_networks.lock().unwrap();
+        let config = topology.configured_port_channels.lock().unwrap();
-        assert_that!(*configured_host_networks).is_empty();
+        assert_that!(*config).is_empty();
+        let config = topology.configured_bonds.lock().unwrap();
+        assert_that!(*config).is_empty();
+    }
+
+    #[tokio::test]
+    async fn only_one_port_found_for_multiple_mac_addresses_should_not_configure_host() {
+        let score = given_score(vec![given_host(
+            &HOST_ID,
+            vec![EXISTING_INTERFACE.clone(), UNKNOWN_INTERFACE.clone()],
+        )]);
+        let topology = TopologyWithSwitch::new_single_port_found();
+
+        let _ = score.interpret(&Inventory::empty(), &topology).await;
+
+        let config = topology.configured_port_channels.lock().unwrap();
+        assert_that!(*config).is_empty();
+        let config = topology.configured_bonds.lock().unwrap();
+        assert_that!(*config).is_empty();
     }
 
     fn given_score(hosts: Vec<PhysicalHost>) -> HostNetworkConfigurationScore {
@@ -422,26 +591,48 @@ mod tests {
         }
     }
 
+    #[derive(Debug)]
     struct TopologyWithSwitch {
         available_ports: Arc<Mutex<Vec<PortLocation>>>,
-        configured_host_networks: Arc<Mutex<Vec<(Id, HostNetworkConfig)>>>,
+        configured_port_channels: Arc<Mutex<Vec<(Id, HostNetworkConfig)>>>,
         switch_setup: Arc<Mutex<bool>>,
+        network_manager_setup: Arc<Mutex<bool>>,
+        configured_bonds: Arc<Mutex<Vec<(Id, HostNetworkConfig)>>>,
     }
 
     impl TopologyWithSwitch {
         fn new() -> Self {
             Self {
-                available_ports: Arc::new(Mutex::new(vec![PORT.clone(), ANOTHER_PORT.clone()])),
+                available_ports: Arc::new(Mutex::new(vec![
-                configured_host_networks: Arc::new(Mutex::new(vec![])),
+                    PORT.clone(),
+                    ANOTHER_PORT.clone(),
+                    YET_ANOTHER_PORT.clone(),
+                    LAST_PORT.clone(),
+                ])),
+                configured_port_channels: Arc::new(Mutex::new(vec![])),
                 switch_setup: Arc::new(Mutex::new(false)),
+                network_manager_setup: Arc::new(Mutex::new(false)),
+                configured_bonds: Arc::new(Mutex::new(vec![])),
             }
         }
 
         fn new_port_not_found() -> Self {
             Self {
                 available_ports: Arc::new(Mutex::new(vec![])),
-                configured_host_networks: Arc::new(Mutex::new(vec![])),
+                configured_port_channels: Arc::new(Mutex::new(vec![])),
                 switch_setup: Arc::new(Mutex::new(false)),
+                network_manager_setup: Arc::new(Mutex::new(false)),
+                configured_bonds: Arc::new(Mutex::new(vec![])),
+            }
+        }
+
+        fn new_single_port_found() -> Self {
+            Self {
+                available_ports: Arc::new(Mutex::new(vec![PORT.clone()])),
+                configured_port_channels: Arc::new(Mutex::new(vec![])),
+                switch_setup: Arc::new(Mutex::new(false)),
+                network_manager_setup: Arc::new(Mutex::new(false)),
+                configured_bonds: Arc::new(Mutex::new(vec![])),
             }
         }
     }
@@ -457,6 +648,22 @@ mod tests {
         }
     }
 
+    #[async_trait]
+    impl NetworkManager for TopologyWithSwitch {
+        async fn ensure_network_manager_installed(&self) -> Result<(), NetworkError> {
+            let mut network_manager_installed = self.network_manager_setup.lock().unwrap();
+            *network_manager_installed = true;
+            Ok(())
+        }
+
+        async fn configure_bond(&self, config: &HostNetworkConfig) -> Result<(), NetworkError> {
+            let mut configured_bonds = self.configured_bonds.lock().unwrap();
+            configured_bonds.push((config.host_id.clone(), config.clone()));
+
+            Ok(())
+        }
+    }
+
     #[async_trait]
     impl Switch for TopologyWithSwitch {
         async fn setup_switch(&self) -> Result<(), SwitchError> {
@@ -476,12 +683,12 @@ mod tests {
             Ok(Some(ports.remove(0)))
         }
 
-        async fn configure_host_network(
+        async fn configure_port_channel(
             &self,
             config: &HostNetworkConfig,
         ) -> Result<(), SwitchError> {
-            let mut configured_host_networks = self.configured_host_networks.lock().unwrap();
+            let mut configured_port_channels = self.configured_port_channels.lock().unwrap();
-            configured_host_networks.push((config.host_id.clone(), config.clone()));
+            configured_port_channels.push((config.host_id.clone(), config.clone()));
 
             Ok(())
         }