2111945 – allow extra IP address found in verification stage

Bug 2111945 - allow extra IP address found in verification stage

Summary: allow extra IP address found in verification stage

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	nmstate
Sub Component:
Version:	8.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Gris Ge
QA Contact:	Mingyu Shi
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2128555 2128556
TreeView+	depends on / blocked

Reported:	2022-07-28 13:45 UTC by Christoph Stäbler
Modified:	2023-05-16 09:26 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Clones:	2128555 2128556 2130083 (view as bug list)
Environment:
Last Closed:	2023-05-16 08:26:38 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	nmstate nmstate pull 2038	None	open	[nmstate-1.3] ip: allow extra IP address found in verification stage	2022-09-27 05:12:23 UTC
Red Hat Issue Tracker	NMT-547	None	None	None	2023-05-16 09:26:30 UTC
Red Hat Issue Tracker	RHELPLAN-129452	None	None	None	2022-07-28 14:01:51 UTC
Red Hat Product Errata	RHBA-2023:2772	None	None	None	2023-05-16 08:27:16 UTC

Comment 6 Gris Ge 2022-09-13 09:36:25 UTC

To solve this problem, we agree to introduce support of `type: ignore` for ip address like:


```yaml
---
interfaces:
  - name: eth1
    type: ethernet
    state: up
    ipv4:
      address:
      - ip: 192.0.2.251
        prefix-length: 24
      - ip: 192.168.111.4
        prefix-length: 24
        ignore: true
      dhcp: false
      enabled: true
```

With this, nmstate will ignore the existence(or not) of 192.168.111.4 IP address.

Let me do a demo to confirm this actually solve the problem.

Comment 7 Gris Ge 2022-09-13 14:53:40 UTC

Considering the VIP might change or expand in the future, asking user to set it ignore explicitly add extra maintenance efforts.

Change the approach to use `allow-extra-address: true` for ignoring extra IP address found after apply in verification stage. By default, nmstate will not allow extra IP address in verification stage.

I have created test rpm with `allow-extra-address` set to `true` by default so no changes required for kubernetes-nmstate required:

https://people.redhat.com/fge/bz_2111945/

Comment 12 Gris Ge 2022-09-20 13:46:56 UTC

Patch sent to upstream: https://github.com/nmstate/nmstate/pull/2038

With this patch, nmstate will not fail the verification when found extra ip adress than desired.
To force strict IP address verification, please use `allow-extra-address: false`.

RHEL 8.6 backport patch been tested.

Comment 18 Mingyu Shi 2022-10-24 10:16:08 UTC

Verified with:
nmstate-1.4.0-0.alpha.20221017.el8.x86_64
nispor-1.2.7-1.el8.x86_64
NetworkManager-1.40.2-1.el8.x86_64

Comment 20 errata-xmlrpc 2023-05-16 08:26:38 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (nmstate bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:2772

Note You need to log in before you can comment on or make changes to this bug.