Description of problem: To reset vlan-filtering from a linux bridge it was possible to specify "vlan: {}" at the bridge port, this is no longer the case and it get merged with previous vlan config so it isn't reset. Version-Release number of selected component (if applicable): kubernetes-nmstate-handler-container-v4.10.0-49 How reproducible: Always Steps to Reproduce: 1. Create a linux-bridge with vlan-filtering cat <<EOF | kubectl apply -f - apiVersion: nmstate.io/v1 kind: NodeNetworkConfigurationPolicy meta: name: linux-bridge-vlan-filtering spec: desiredState interfaces: - name: dummy1 type: dummy state: up - name: linux-br0 type: linux-bridge state: up bridge: port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: mode: trunk trunk-tags: - id: 101 - id-range: min: 500 max: 599 tag: 100 enable-native: true EOF 2. Reset the vlan-filtering at the bridge cat <<EOF | kubectl apply -f - apiVersion: nmstate.io/v1 kind: NodeNetworkConfigurationPolicy meta: name: linux-bridge-vlan-filtering spec: desiredState interfaces: - name: dummy1 type: dummy state: up - name: linux-br0 type: linux-bridge state: up bridge: port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: {} EOF Actual results: Vlan configuration is still there The vlan configuration is still there kubectl get nns -o yaml |grep vlan -A 8 vlan: enable-native: true mode: trunk tag: 100 trunk-tags: - id: 101 - id-range: max: 599 min: 500 Expected results: The vlan configuration should be gone Additional info: It was discover as part of https://github.com/nmstate/nmstate/pull/1830, it also found that there is a false possitive at the test_disable_vlan_filtering_on_bridge integration test
*** Bug 2069086 has been marked as a duplicate of this bug. ***
Verified on Cluster version is 4.10.23 kubernetes-nmstate-operator.4.10.0-202207140916 Steps to reproduce: $ cat <<EOF | kubectl apply -f - apiVersion: nmstate.io/v1 kind: NodeNetworkConfigurationPolicy metadata: name: linux-bridge-vlan-filtering spec: desiredState: interfaces: - name: dummy1 type: dummy state: up - name: linux-br0 type: linux-bridge state: up bridge: port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: mode: trunk trunk-tags: - id: 101 - id-range: min: 500 max: 599 tag: 100 enable-native: true EOF nodenetworkconfigurationpolicy.nmstate.io/linux-bridge-vlan-filtering created $ oc get nnce NAME STATUS master-0-0.linux-bridge-vlan-filtering Available master-0-1.linux-bridge-vlan-filtering Available master-0-2.linux-bridge-vlan-filtering Available worker-0-0.linux-bridge-vlan-filtering Available worker-0-1.linux-bridge-vlan-filtering Available $ oc get nns ci-ln-fs3cvbk-72292-fkm59-master-0 -o yaml apiVersion: nmstate.io/v1beta1 kind: NodeNetworkState metadata: name: ci-ln-fs3cvbk-72292-fkm59-master-0 ... status: currentState: ... interfaces: ... - bridge: ... port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: enable-native: true mode: trunk tag: 100 trunk-tags: - id: 101 - id-range: max: 599 min: 500 ipv4: address: [] dhcp: false enabled: false $ $ cat <<EOF | kubectl apply -f - apiVersion: nmstate.io/v1 kind: NodeNetworkConfigurationPolicy metadata: name: linux-bridge-vlan-filtering spec: desiredState: interfaces: - name: dummy1 type: dummy state: up - name: linux-br0 type: linux-bridge state: up bridge: port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: {} EOF nodenetworkconfigurationpolicy.nmstate.io/linux-bridge-vlan-filtering configured [kni@provisionhost-0-0 ~]$ oc get nnce NAME STATUS master-0-0.linux-bridge-vlan-filtering Available master-0-1.linux-bridge-vlan-filtering Available master-0-2.linux-bridge-vlan-filtering Available worker-0-0.linux-bridge-vlan-filtering Available worker-0-1.linux-bridge-vlan-filtering Available $ oc get nns ci-ln-fs3cvbk-72292-fkm59-master-0 -o yaml apiVersion: nmstate.io/v1beta1 kind: NodeNetworkState metadata: ... name: ci-ln-fs3cvbk-72292-fkm59-master-0 status: currentState: ... interfaces: ... - bridge: ... port: - name: dummy1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 ipv4: address: [] dhcp: false enabled: false ...
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.10.23 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:5568