finish plumbing R8 BGP features

oxidecomputer · May 2, 2024 · 2c76fb0 · 2c76fb0
1 parent 949754e
commit 2c76fb0
Show file tree

Hide file tree

Showing 33 changed files with 1,121 additions and 66 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -269,8 +269,8 @@ macaddr = { version = "1.0.1", features = ["serde_std"] }
 maplit = "1.0.2"
 mockall = "0.12"
 newtype_derive = "0.1.6"
-mg-admin-client = { git = "https://github.com/oxidecomputer/maghemite", rev = "7e47592f1a52760947d8a2d07d0d1974441e7b85" }
-ddm-admin-client = { git = "https://github.com/oxidecomputer/maghemite", rev = "7e47592f1a52760947d8a2d07d0d1974441e7b85" }
+mg-admin-client = { git = "https://github.com/oxidecomputer/maghemite", rev = "964d17ab9239d82e92d5ad553dee94ac4a6e6e69" }
+ddm-admin-client = { git = "https://github.com/oxidecomputer/maghemite", rev = "964d17ab9239d82e92d5ad553dee94ac4a6e6e69" }
 multimap = "0.10.0"
 nexus-client = { path = "clients/nexus-client" }
 nexus-config = { path = "nexus-config" }

diff --git a/clients/nexus-client/src/lib.rs b/clients/nexus-client/src/lib.rs
@@ -5,7 +5,7 @@
 //! Interface for making API requests to the Oxide control plane at large
 //! from within the control plane
 
-use std::collections::HashMap;
+use std::{collections::HashMap, str::FromStr};
 
 progenitor::generate_api!(
     spec = "../../openapi/nexus-internal.json",
@@ -419,3 +419,26 @@ impl TryFrom<types::ProducerEndpoint>
         })
     }
 }
+
+impl From<omicron_common::api::internal::shared::ImportExportPolicy>
+    for types::ImportExportPolicy
+{
+    fn from(
+        value: omicron_common::api::internal::shared::ImportExportPolicy,
+    ) -> Self {
+        match value {
+            omicron_common::api::internal::shared::ImportExportPolicy::NoFiltering =>
+                types::ImportExportPolicy::NoFiltering,
+            omicron_common::api::internal::shared::ImportExportPolicy::Allow(list) => {
+                types::ImportExportPolicy::Allow(list.clone().into_iter().map(|x| match x {
+                    omicron_common::api::external::IpNet::V4(x) => types::IpNet::V4(
+                        types::Ipv4Net::from_str(x.to_string().as_str()).unwrap(),
+                    ),
+                    omicron_common::api::external::IpNet::V6(x) => types::IpNet::V6(
+                        types::Ipv6Net::from_str(x.to_string().as_str()).unwrap(),
+                    ),
+                }).collect())
+            }
+        }
+    }
+}
diff --git a/clients/sled-agent-client/src/lib.rs b/clients/sled-agent-client/src/lib.rs
@@ -34,6 +34,8 @@ progenitor::generate_api!(
         BgpPeerConfig = { derives = [PartialEq, Eq, Hash, Serialize, Deserialize] },
         PortConfigV1 = { derives = [PartialEq, Eq, Hash, Serialize, Deserialize] },
         RouteConfig = { derives = [PartialEq, Eq, Hash, Serialize, Deserialize] },
+        ImportExportPolicy = { derives = [PartialEq, Eq, Hash, Serialize, Deserialize] },
+        IpNet = { derives = [PartialEq, Eq, Hash, Serialize, Deserialize] },
     },
     //TODO trade the manual transformations later in this file for the
     //     replace directives below?

diff --git a/common/src/api/internal/shared.rs b/common/src/api/internal/shared.rs
@@ -6,7 +6,7 @@
 
 use crate::{
     address::NUM_SOURCE_NAT_PORTS,
-    api::external::{self, BfdMode, Name},
+    api::external::{self, BfdMode, IpNet, Name},
 };
 use ipnetwork::{IpNetwork, Ipv4Network, Ipv6Network};
 use schemars::JsonSchema;
@@ -190,6 +190,19 @@ pub struct BgpConfig {
     pub checker: Option<String>,
 }
 
+/// Define policy relating to the import and export of prefixes from a BGP
+/// peer.
+#[derive(
+    Default, Debug, Serialize, Deserialize, Clone, JsonSchema, Eq, PartialEq,
+)]
+#[serde(rename_all = "snake_case", tag = "type", content = "value")]
+pub enum ImportExportPolicy {
+    /// Do not perform any filtering.
+    #[default]
+    NoFiltering,
+    Allow(Vec<IpNet>),
+}
+
 #[derive(Clone, Debug, Deserialize, Serialize, PartialEq, Eq, JsonSchema)]
 pub struct BgpPeerConfig {
     /// The autonomous sysetm number of the router the peer belongs to.
@@ -230,6 +243,15 @@ pub struct BgpPeerConfig {
     /// Enforce that the first AS in paths received from this peer is the peer's AS.
     #[serde(default)]
     pub enforce_first_as: bool,
+    /// Define import policy for a peer.
+    #[serde(default)]
+    pub allowed_import: ImportExportPolicy,
+    /// Define export policy for a peer.
+    #[serde(default)]
+    pub allowed_export: ImportExportPolicy,
+    /// Associate a VLAN ID with a BGP peer session.
+    #[serde(default)]
+    pub vlan_id: Option<u16>,
 }
 
 #[derive(Clone, Debug, Deserialize, Serialize, PartialEq, Eq, JsonSchema)]
@@ -249,6 +271,7 @@ pub struct RouteConfig {
     /// The nexthop/gateway address.
     pub nexthop: IpAddr,
     /// The VLAN id associated with this route.
+    #[serde(default)]
     pub vlan_id: Option<u16>,
 }
 

diff --git a/nexus/db-model/src/bgp.rs b/nexus/db-model/src/bgp.rs
@@ -141,4 +141,5 @@ pub struct BgpPeerView {
     pub multi_exit_discriminator: Option<SqlU32>,
     pub local_pref: Option<SqlU32>,
     pub enforce_first_as: bool,
+    pub vlan_id: Option<SqlU32>,
 }
diff --git a/nexus/db-model/src/schema.rs b/nexus/db-model/src/schema.rs
@@ -215,6 +215,9 @@ table! {
         multi_exit_discriminator -> Nullable<Int8>,
         local_pref -> Nullable<Int8>,
         enforce_first_as -> Bool,
+        allow_import_list_active -> Bool,
+        allow_export_list_active -> Bool,
+        vlan_id -> Nullable<Int8>
     }
 }
 
@@ -227,6 +230,24 @@ table! {
     }
 }
 
+table! {
+    switch_port_settings_bgp_peer_config_allow_export (port_settings_id, interface_name, addr, prefix) {
+        port_settings_id -> Uuid,
+        interface_name -> Text,
+        addr -> Inet,
+        prefix -> Inet,
+    }
+}
+
+table! {
+    switch_port_settings_bgp_peer_config_allow_import (port_settings_id, interface_name, addr, prefix) {
+        port_settings_id -> Uuid,
+        interface_name -> Text,
+        addr -> Inet,
+        prefix -> Inet,
+    }
+}
+
 table! {
     bgp_config (id) {
         id -> Uuid,
@@ -260,6 +281,7 @@ table! {
         multi_exit_discriminator -> Nullable<Int8>,
         local_pref -> Nullable<Int8>,
         enforce_first_as -> Bool,
+        vlan_id -> Nullable<Int8>,
     }
 }
 

diff --git a/nexus/db-model/src/switch_port.rs b/nexus/db-model/src/switch_port.rs
@@ -5,6 +5,8 @@
 use crate::schema::{
     lldp_config, lldp_service_config, switch_port, switch_port_settings,
     switch_port_settings_address_config, switch_port_settings_bgp_peer_config,
+    switch_port_settings_bgp_peer_config_allow_export,
+    switch_port_settings_bgp_peer_config_allow_import,
     switch_port_settings_bgp_peer_config_communities,
     switch_port_settings_group, switch_port_settings_groups,
     switch_port_settings_interface_config, switch_port_settings_link_config,
@@ -575,6 +577,9 @@ pub struct SwitchPortBgpPeerConfig {
     pub multi_exit_discriminator: Option<SqlU32>,
     pub local_pref: Option<SqlU32>,
     pub enforce_first_as: bool,
+    pub allow_import_list_active: bool,
+    pub allow_export_list_active: bool,
+    pub vlan_id: Option<SqlU32>,
 }
 
 #[derive(
@@ -595,6 +600,42 @@ pub struct SwitchPortBgpPeerConfigCommunity {
     pub community: SqlU32,
 }
 
+#[derive(
+    Queryable,
+    Insertable,
+    Selectable,
+    Clone,
+    Debug,
+    Serialize,
+    Deserialize,
+    AsChangeset,
+)]
+#[diesel(table_name = switch_port_settings_bgp_peer_config_allow_export)]
+pub struct SwitchPortBgpPeerConfigAllowExport {
+    pub port_settings_id: Uuid,
+    pub interface_name: String,
+    pub addr: IpNetwork,
+    pub prefix: IpNetwork,
+}
+
+#[derive(
+    Queryable,
+    Insertable,
+    Selectable,
+    Clone,
+    Debug,
+    Serialize,
+    Deserialize,
+    AsChangeset,
+)]
+#[diesel(table_name = switch_port_settings_bgp_peer_config_allow_import)]
+pub struct SwitchPortBgpPeerConfigAllowImport {
+    pub port_settings_id: Uuid,
+    pub interface_name: String,
+    pub addr: IpNetwork,
+    pub prefix: IpNetwork,
+}
+
 impl SwitchPortBgpPeerConfig {
     #[allow(clippy::too_many_arguments)]
     pub fn new(
@@ -613,6 +654,9 @@ impl SwitchPortBgpPeerConfig {
         multi_exit_discriminator: Option<SqlU32>,
         local_pref: Option<SqlU32>,
         enforce_first_as: bool,
+        allow_import_list_active: bool,
+        allow_export_list_active: bool,
+        vlan_id: Option<SqlU32>,
     ) -> Self {
         Self {
             port_settings_id,
@@ -630,6 +674,9 @@ impl SwitchPortBgpPeerConfig {
             multi_exit_discriminator,
             local_pref,
             enforce_first_as,
+            allow_import_list_active,
+            allow_export_list_active,
+            vlan_id,
         }
     }
 }