Bug 2035658
| Summary: | NMPolicy can't replace strings using captures, making teardown not possible | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Container Native Virtualization (CNV) | Reporter: | Adi Zavalkovsky <azavalko> | ||||
| Component: | Networking | Assignee: | Alona Kaplan <alkaplan> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Adi Zavalkovsky <azavalko> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.10.0 | CC: | alkaplan, cnv-qe-bugs | ||||
| Target Milestone: | --- | ||||||
| Target Release: | 4.10.0 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2022-03-16 16:05:38 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
I think the problem with the teardown was - `deafult-interface: "ens3"`. We don't support this kind of capture. Anyway, `capture` field on nncp cannot be updated, so to teardown, the old policy has first be removed. @ (In reply to Alona Kaplan from comment #1) > I think the problem with the teardown was - `deafult-interface: "ens3"`. We > don't support this kind of capture. > > Anyway, `capture` field on nncp cannot be updated, so to teardown, the old > policy has first be removed. Sorry, I may have not been clear enough. 1. I didn't update the nncp, I removed the old policy and created a new one. 2. I didn't actually use this capture, I added it to demonstrate, and forgot to add the actual capture. Actual capture - capture.br1.interfaces.0.bridge.port.0.name, which suits the desiredState when manipulating the port's config. Can you please attach the full policies you used to add and teardown the bridge. Thanks! Now I can understand the issue. We will add support to have a capture ref as a replace value and not just a string, so capture like the following `routes.running.next-hop-interface := capture.br1.interfaces.0.bridge.port.0.name` will be supported. Verified on latest CNV 4.10
Applied capture - br1-routes-takeover: capture.br1-routes | routes.running.next-hop-interface := capture.br1.interfaces.0.bridge.port.0.name
Captured State -
br1-routes:
...
- destination: 192.168.0.0/18
metric: 425
next-hop-address: 0.0.0.0
next-hop-interface: br1
table-id: 254
br1-routes-takeover:
...
- destination: 192.168.0.0/18
metric: 425
next-hop-address: 0.0.0.0
next-hop-interface: ens3
table-id: 254
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Virtualization 4.10.0 Images security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0947 |
Created attachment 1847818 [details] deploy Description of problem: When using NMPolicy's capture feature, modifying values using a previous capture results in a bug. I.e when updating routing tables in the capture section, using ' XXX := capture.YYY' results in a bug. A more relevant example in the attached file. This is bad because when deploying an nncp to teardown a bridge, only way to get previous default interface, is using capture. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Deploy bridge behind default interface (nmpolicy_bug.yaml deploy section) 2. Destroy bridge (nmpolicy_bug.yaml destroy section) 3. Actual results: status: conditions: - lastHearbeatTime: "2021-12-26T13:11:28Z" lastTransitionTime: "2021-12-26T13:11:28Z" message: | failure generating desiredState and capturedStates failed to generate state, err failed to resolve capture expression, err invalid replace right hand argument is not a string Expected results: Bridge successfully destroyed, config applied to default interface. Additional info: