Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-37922

Provide validation of OVN Bridge Mapping before applying

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • nmstate-2.2.48-1.el10
    • Moderate
    • 1
    • rhel-net-mgmt
    • ssg_networking
    • 3
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • NMT SST - Future releases
    • Hide

      Definition of Done:

      Please mark each item below with ( / ) if completed or ( x ) if incomplete:

      The acceptance criteria defined below are met.

      Given a system administrator applies an Nmstate configuration that includes an OVN bridge mapping,

      When the configuration specifies an OVS bridge that does not exist,

      Then, Nmstate must reject the configuration and return a clear error message without applying any changes.

      Integration test case is available upstream

      Code is reviewed and merged

      ( ) Preliminary Testing is done

      ( ) A demo is recorded

      Show
      Definition of Done: Please mark each item below with ( / ) if completed or ( x ) if incomplete: The acceptance criteria defined below are met. Given a system administrator applies an Nmstate configuration that includes an OVN bridge mapping, When the configuration specifies an OVS bridge that does not exist, Then, Nmstate must reject the configuration and return a clear error message without applying any changes. Integration test case is available upstream Code is reviewed and merged ( ) Preliminary Testing is done ( ) A demo is recorded
    • Requested
    • Automated
    • None

      Goal

      • As a user, I would like to prevent myself from making simple, but breaking mistakes, by having OVN validate that my bridge mapping is valid before applying it.

      Acceptance Criteria

      If try to apply an nmsate config that tries to map a localnet to a bridge that doesn't exist, nmstate should fail the config and not apply it.

       

      For example this should apply successfully, because the localnet, vlan-99 is mapped to a bridge that exists, ovs-br0 (OCP NNCP example):

      spec:   
  nodeSelector:     
    node-role.kubernetes.io/worker: ''  
  desiredState: 
    interfaces: 
    - name: ovs-br0
      type: ovs-bridge
      state: up
      bridge: 
        options: 
          stp: true
        port: 
        - name: eno4  
    ovn: 
      bridge-mappings: 
      - localnet: vlan-99
        bridge: ovs-br0
        state: present

       

       

      This example should fail, because ovs-br12345 does not exist (OCP NNCP example):

      spec: 
  nodeSelector: 
    node-role.kubernetes.io/worker: ''  
  desiredState: 
     interfaces: 
     - name: ovs-br0
       type: ovs-bridge
       state: up
       bridge: 
         options: 
           stp: true
         port: 
         - name: eno4  
    ovn: 
      bridge-mappings: 
      - localnet: vlan-99
        bridge: ovs-br12345
        state: present
 

       

       

       

              fge@redhat.com Gris Ge
              bmarlow@redhat.com Brandon Marlow
              Network Management Team Network Management Team
              Mingyu Shi Mingyu Shi
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated:
                Resolved: