Skip to content

Commit

Permalink
Delete nat entries during instance_delete saga
Browse files Browse the repository at this point in the history 
This is to prevent a corner case where instances are deleted without
being stopped due to entering a "failed" state first.
  • Loading branch information
@internet-diglett
internet-diglett committed Dec 5, 2023
1 parent 03e10bf commit 538a309
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions nexus/src/app/sagas/instance_delete.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ use super::ActionRegistry;
use super::NexusActionContext;
use super::NexusSaga;
use crate::app::sagas::declare_saga_actions;
use nexus_db_queries::db::lookup::LookupPath;
use nexus_db_queries::{authn, authz, db};
use omicron_common::api::external::{Error, ResourceType};
use omicron_common::api::internal::shared::SwitchLocation;
Expand Down Expand Up @@ -39,6 +40,9 @@ declare_saga_actions! {
DEALLOCATE_EXTERNAL_IP -> "no_result3" {
+ sid_deallocate_external_ip
}
INSTANCE_DELETE_NAT -> "no_result4" {
+ sid_delete_nat
}
}

// instance delete saga: definition
Expand All @@ -57,6 +61,7 @@ impl NexusSaga for SagaInstanceDelete {
_params: &Self::Params,
mut builder: steno::DagBuilder,
) -> Result<steno::Dag, super::SagaInitError> {
builder.append(instance_delete_nat_action());
builder.append(instance_delete_record_action());
builder.append(delete_network_interfaces_action());
builder.append(deallocate_external_ip_action());
Expand Down Expand Up @@ -110,6 +115,32 @@ async fn sid_delete_network_interfaces(
Ok(())
}

async fn sid_delete_nat(
sagactx: NexusActionContext,
) -> Result<(), ActionError> {
let params = sagactx.saga_params::<Params>()?;
let instance_id = params.authz_instance.id();
let osagactx = sagactx.user_data();
let opctx = crate::context::op_context_for_saga_action(
&sagactx,
&params.serialized_authn,
);

let (.., authz_instance) = LookupPath::new(&opctx, &osagactx.datastore())
.instance_id(instance_id)
.lookup_for(authz::Action::Modify)
.await
.map_err(ActionError::action_failed)?;

osagactx
.nexus()
.instance_delete_dpd_config(&opctx, &authz_instance)
.await
.map_err(ActionError::action_failed)?;

Ok(())
}

async fn sid_deallocate_external_ip(
sagactx: NexusActionContext,
) -> Result<(), ActionError> {
Expand Down

0 comments on commit 538a309

Please sign in to comment.