diff --git a/inventory/host_vars/openqa-p09-worker01.iad2.fedoraproject.org b/inventory/host_vars/openqa-p09-worker01.iad2.fedoraproject.org
index db1bab445e..545161380b 100644
--- a/inventory/host_vars/openqa-p09-worker01.iad2.fedoraproject.org
+++ b/inventory/host_vars/openqa-p09-worker01.iad2.fedoraproject.org
@@ -57,5 +57,3 @@ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 # this box is encrypted
 openqa_nbde: true
-# testing nm deployment
-openqa_tap_nm: true
diff --git a/roles/openqa/worker/defaults/main.yml b/roles/openqa/worker/defaults/main.yml
index 73e7813d46..848e7df8ae 100644
--- a/roles/openqa/worker/defaults/main.yml
+++ b/roles/openqa/worker/defaults/main.yml
@@ -3,5 +3,4 @@ openqa_repo: updates
 openqa_createhdds_branch: main
 openqa_nfs_worker: false
 openqa_tap: ""
-openqa_tap_nm: false
 openqa_hdds_worker: false
diff --git a/roles/openqa/worker/tasks/main.yml b/roles/openqa/worker/tasks/main.yml
index 3ab734cddd..a4b45cb61c 100644
--- a/roles/openqa/worker/tasks/main.yml
+++ b/roles/openqa/worker/tasks/main.yml
@@ -167,10 +167,7 @@
   when: openqa_nfs_worker|bool
 
 - include_tasks: tap-setup.yml
-  when: "openqa_tap and not openqa_tap_nm|bool"
-
-- include_tasks: tap-setup-nm.yml
-  when: "openqa_tap and openqa_tap_nm|bool"
+  when: openqa_tap
 
 - name: Tell git it's OK for _openqa-worker to run 'git' on the test dir
   copy: src=gitconfig dest=/etc/gitconfig owner=root group=root mode=0644
diff --git a/roles/openqa/worker/tasks/tap-setup-nm.yml b/roles/openqa/worker/tasks/tap-setup-nm.yml
deleted file mode 100644
index 0a40829d2b..0000000000
--- a/roles/openqa/worker/tasks/tap-setup-nm.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-- name: Install packages
-  package:
-    name: ['os-autoinst-openvswitch', 'NetworkManager-ovs']
-    state: latest
-    enablerepo: "{{ openqa_repo }}"
-  tags:
-  - packages
-  register: packages
-
-- name: Ensure NetworkManager service is enabled and started
-  service: name=NetworkManager enabled=yes state=started
-
-- name: Restart NetworkManager service if we just installed or updated packages
-  service: name=NetworkManager state=restarted
-  when: "(packages is defined) and (packages is changed)"
-
-- name: Enable ipv4_forward in sysctl
-  sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
-
-- name: Start openvswitch service
-  service: name=openvswitch enabled=yes state=started
-
-- name: Create openvswitch bridge
-  community.general.nmcli:
-    conn_name: ovs-br
-    ifname: br0
-    type: ovs-bridge
-    state: present
-
-- name: Create openvswitch port for openvswitch bridge
-  community.general.nmcli:
-    conn_name: ovs-br-port
-    ifname: br0
-    master: br0
-    type: ovs-port
-    state: present
-
-- name: Create openvswitch interface for openvswitch bridge
-  community.general.nmcli:
-    conn_name: ovs-br-if
-    ifname: br0
-    master: br0
-    ip4: '172.16.2.2/15'
-    type: ovs-interface
-    state: present
-
-- name: Create openvswitch ports for tap devices
-  community.general.nmcli:
-    conn_name: ovs-tap{{ item }}-port
-    ifname: tap{{ item }}
-    master: br0
-    type: ovs-port
-    state: present
-  with_sequence: start=0 end={{ openqa_workers | int }}
-
-# nmcli collection does not support tun type
-- name: Check whether tap device interface connection profiles exist
-  shell: "(for i in {0..{{ openqa_workers | int }}}; do ip addr show tap$i || exit 1; done)"
-  register: tapsexist
-  changed_when: "1 != 1"
-  failed_when: "1 != 1"
-
-- name: Create openvswitch interfaces for tap devices
-  shell: "nmcli con add type tun mode tap owner $(id -u _openqa-worker) group $(getent group nogroup | cut -f3 -d:) con.int tap{{ item }} master tap{{ item }}"
-  with_sequence: start=0 end={{ openqa_workers | int }}
-  when: tapsexist.rc > 0
-
-- name: Install openvswitch sysconfig file
-  copy: src=os-autoinst-openvswitch.sysconfig dest=/etc/sysconfig/os-autoinst-openvswitch owner=root group=root mode=0644
-
-- name: Enable and start os-autoinst openvswitch service
-  service: name=os-autoinst-openvswitch enabled=yes state=started
diff --git a/roles/openqa/worker/tasks/tap-setup.yml b/roles/openqa/worker/tasks/tap-setup.yml
index f557200812..0a40829d2b 100644
--- a/roles/openqa/worker/tasks/tap-setup.yml
+++ b/roles/openqa/worker/tasks/tap-setup.yml
@@ -1,39 +1,69 @@
 - name: Install packages
   package:
-    name: ['os-autoinst-openvswitch', 'tunctl', 'network-scripts']
+    name: ['os-autoinst-openvswitch', 'NetworkManager-ovs']
     state: latest
     enablerepo: "{{ openqa_repo }}"
   tags:
   - packages
+  register: packages
+
+- name: Ensure NetworkManager service is enabled and started
+  service: name=NetworkManager enabled=yes state=started
+
+- name: Restart NetworkManager service if we just installed or updated packages
+  service: name=NetworkManager state=restarted
+  when: "(packages is defined) and (packages is changed)"
 
 - name: Enable ipv4_forward in sysctl
   sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
 
 - name: Start openvswitch service
   service: name=openvswitch enabled=yes state=started
-  with_sequence: "count={{ openqa_workers }}"
 
-- name: Enable network service (needed for openvswitch devices)
-  service: name=network enabled=yes state=started
-  ignore_errors: yes
+- name: Create openvswitch bridge
+  community.general.nmcli:
+    conn_name: ovs-br
+    ifname: br0
+    type: ovs-bridge
+    state: present
 
-- name: openvswitch bridge device config
-  copy: src=ifcfg-br0 dest=/etc/sysconfig/network-scripts/ifcfg-br0 owner=root group=root mode=0644
-  notify:
-  - restart network
-  tags:
-  - config
+- name: Create openvswitch port for openvswitch bridge
+  community.general.nmcli:
+    conn_name: ovs-br-port
+    ifname: br0
+    master: br0
+    type: ovs-port
+    state: present
 
-- name: Install ifup-pre-local script to create tap devices
-  copy: src=ifup-pre-local dest=/sbin/ifup-pre-local owner=root group=root mode=0755
+- name: Create openvswitch interface for openvswitch bridge
+  community.general.nmcli:
+    conn_name: ovs-br-if
+    ifname: br0
+    master: br0
+    ip4: '172.16.2.2/15'
+    type: ovs-interface
+    state: present
 
-- name: openvswitch tap devices config
-  template: src=ifcfg-tap.j2 dest=/etc/sysconfig/network-scripts/ifcfg-tap{{ item }} owner=root group=root mode=0644
+- name: Create openvswitch ports for tap devices
+  community.general.nmcli:
+    conn_name: ovs-tap{{ item }}-port
+    ifname: tap{{ item }}
+    master: br0
+    type: ovs-port
+    state: present
   with_sequence: start=0 end={{ openqa_workers | int }}
-  notify:
-  - restart network
-  tags:
-  - config
+
+# nmcli collection does not support tun type
+- name: Check whether tap device interface connection profiles exist
+  shell: "(for i in {0..{{ openqa_workers | int }}}; do ip addr show tap$i || exit 1; done)"
+  register: tapsexist
+  changed_when: "1 != 1"
+  failed_when: "1 != 1"
+
+- name: Create openvswitch interfaces for tap devices
+  shell: "nmcli con add type tun mode tap owner $(id -u _openqa-worker) group $(getent group nogroup | cut -f3 -d:) con.int tap{{ item }} master tap{{ item }}"
+  with_sequence: start=0 end={{ openqa_workers | int }}
+  when: tapsexist.rc > 0
 
 - name: Install openvswitch sysconfig file
   copy: src=os-autoinst-openvswitch.sysconfig dest=/etc/sysconfig/os-autoinst-openvswitch owner=root group=root mode=0644