Created attachment 1847818 [details] deploy Description of problem: When using NMPolicy's capture feature, modifying values using a previous capture results in a bug. I.e when updating routing tables in the capture section, using ' XXX := capture.YYY' results in a bug. A more relevant example in the attached file. This is bad because when deploying an nncp to teardown a bridge, only way to get previous default interface, is using capture. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Deploy bridge behind default interface (nmpolicy_bug.yaml deploy section) 2. Destroy bridge (nmpolicy_bug.yaml destroy section) 3. Actual results: status: conditions: - lastHearbeatTime: "2021-12-26T13:11:28Z" lastTransitionTime: "2021-12-26T13:11:28Z" message: | failure generating desiredState and capturedStates failed to generate state, err failed to resolve capture expression, err invalid replace right hand argument is not a string Expected results: Bridge successfully destroyed, config applied to default interface. Additional info:
I think the problem with the teardown was - `deafult-interface: "ens3"`. We don't support this kind of capture. Anyway, `capture` field on nncp cannot be updated, so to teardown, the old policy has first be removed.
@
(In reply to Alona Kaplan from comment #1) > I think the problem with the teardown was - `deafult-interface: "ens3"`. We > don't support this kind of capture. > > Anyway, `capture` field on nncp cannot be updated, so to teardown, the old > policy has first be removed. Sorry, I may have not been clear enough. 1. I didn't update the nncp, I removed the old policy and created a new one. 2. I didn't actually use this capture, I added it to demonstrate, and forgot to add the actual capture. Actual capture - capture.br1.interfaces.0.bridge.port.0.name, which suits the desiredState when manipulating the port's config.
Can you please attach the full policies you used to add and teardown the bridge.
Thanks! Now I can understand the issue. We will add support to have a capture ref as a replace value and not just a string, so capture like the following `routes.running.next-hop-interface := capture.br1.interfaces.0.bridge.port.0.name` will be supported.
Verified on latest CNV 4.10 Applied capture - br1-routes-takeover: capture.br1-routes | routes.running.next-hop-interface := capture.br1.interfaces.0.bridge.port.0.name Captured State - br1-routes: ... - destination: 192.168.0.0/18 metric: 425 next-hop-address: 0.0.0.0 next-hop-interface: br1 table-id: 254 br1-routes-takeover: ... - destination: 192.168.0.0/18 metric: 425 next-hop-address: 0.0.0.0 next-hop-interface: ens3 table-id: 254
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Virtualization 4.10.0 Images security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0947