Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RPW for OPTE v2p Mappings #5568

Merged
merged 30 commits into from
May 22, 2024
Merged
Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
77421de
begin work on v2p mapping rpw
Apr 11, 2024
889d00f
more scaffolding
Apr 12, 2024
946a81f
basic rpw for opte v2p mappings
internet-diglett Apr 18, 2024
8a7ffd8
fix tests
internet-diglett Apr 19, 2024
ca42e1e
add noop for sim sled-agent
internet-diglett Apr 19, 2024
9daef1f
add probes to v2p mapping view
internet-diglett Apr 23, 2024
548bfce
adjust column type in schema
internet-diglett Apr 24, 2024
df9dea5
WIP: convert nexus v2p management to rpw activation
internet-diglett Apr 26, 2024
7a73bf8
fixup! WIP: convert nexus v2p management to rpw activation
internet-diglett Apr 29, 2024
4df4fce
rework schema for proper exclusion of deleted vnics
internet-diglett Apr 29, 2024
389b6bb
back out accidental dev-env changes
internet-diglett Apr 30, 2024
3a92191
use full namespace
internet-diglett Apr 30, 2024
a1ba8bb
pr review fixes
internet-diglett May 3, 2024
f12eff6
bump vdev size so we can not hit crucible errors when deploying to wo…
internet-diglett May 3, 2024
e9e5261
Merge branch 'main' into issue-5214-v2p-mapping-rpw
internet-diglett May 6, 2024
9e9ba7f
post-rebase updates
internet-diglett May 6, 2024
33ba7df
bump opte version in deploy task
internet-diglett May 6, 2024
d550326
feed clippy
internet-diglett May 6, 2024
d06ece9
pr fixes, bump opte again
internet-diglett May 10, 2024
01e84c0
pr comment fixes
internet-diglett May 13, 2024
0a27933
use watcher to trigger v2p rpw
internet-diglett May 15, 2024
89e1b48
WIP: merge main
internet-diglett May 15, 2024
0ed9fdc
fixup! WIP: merge main
internet-diglett May 16, 2024
eb3c3f8
add specific configuration for v2p mappings
internet-diglett May 16, 2024
314e0b3
Increase timeouts for asynchronous tasks
internet-diglett May 17, 2024
fae4140
Merge branch 'main' into issue-5214-v2p-mapping-rpw
internet-diglett May 18, 2024
f252bba
point mgd back to main
internet-diglett May 18, 2024
5e5168e
use the thing correctly please
internet-diglett May 21, 2024
228bd54
Merge branch 'main' into issue-5214-v2p-mapping-rpw
internet-diglett May 21, 2024
0bf66d7
rollback maghemite
internet-diglett May 22, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1,454 changes: 719 additions & 735 deletions Cargo.lock

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -305,14 +305,14 @@ omicron-sled-agent = { path = "sled-agent" }
omicron-test-utils = { path = "test-utils" }
omicron-zone-package = "0.11.0"
oxide-client = { path = "clients/oxide-client" }
oxide-vpc = { git = "https://github.com/oxidecomputer/opte", rev = "7ee353a470ea59529ee1b34729681da887aa88ce", features = [ "api", "std" ] }
oxide-vpc = { git = "https://github.com/oxidecomputer/opte", rev = "4cc823b50d3e4a629cdfaab2b3d3382514174ba9", features = [ "api", "std" ] }
once_cell = "1.19.0"
openapi-lint = { git = "https://github.com/oxidecomputer/openapi-lint", branch = "main" }
openapiv3 = "2.0.0"
# must match samael's crate!
openssl = "0.10"
openssl-sys = "0.9"
opte-ioctl = { git = "https://github.com/oxidecomputer/opte", rev = "7ee353a470ea59529ee1b34729681da887aa88ce" }
opte-ioctl = { git = "https://github.com/oxidecomputer/opte", rev = "4cc823b50d3e4a629cdfaab2b3d3382514174ba9" }
oso = "0.27"
owo-colors = "4.0.0"
oximeter = { path = "oximeter/oximeter" }
Expand Down
12 changes: 12 additions & 0 deletions clients/sled-agent-client/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ use std::net::IpAddr;
use std::net::SocketAddr;
use types::{
BfdPeerConfig, BgpConfig, BgpPeerConfig, PortConfigV1, RouteConfig,
VirtualNetworkInterfaceHost,
};
use uuid::Uuid;

Expand Down Expand Up @@ -716,3 +717,14 @@ impl Hash for BfdPeerConfig {
self.switch.hash(state);
}
}

impl Eq for VirtualNetworkInterfaceHost {}

impl Hash for VirtualNetworkInterfaceHost {
fn hash<H: std::hash::Hasher>(&self, state: &mut H) {
self.physical_host_ip.hash(state);
self.virtual_ip.hash(state);
self.virtual_mac.hash(state);
self.vni.hash(state);
}
}
12 changes: 12 additions & 0 deletions dev-tools/omdb/tests/env.out
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,10 @@ task: "switch_port_config_manager"
manages switch port settings for rack switches


task: "v2p_manager"
manages opte v2p mappings for vpc networking


---------------------------------------------
stderr:
note: using Nexus URL http://127.0.0.1:REDACTED_PORT
Expand Down Expand Up @@ -198,6 +202,10 @@ task: "switch_port_config_manager"
manages switch port settings for rack switches


task: "v2p_manager"
manages opte v2p mappings for vpc networking


---------------------------------------------
stderr:
note: Nexus URL not specified. Will pick one from DNS.
Expand Down Expand Up @@ -283,6 +291,10 @@ task: "switch_port_config_manager"
manages switch port settings for rack switches


task: "v2p_manager"
manages opte v2p mappings for vpc networking


---------------------------------------------
stderr:
note: Nexus URL not specified. Will pick one from DNS.
Expand Down
11 changes: 11 additions & 0 deletions dev-tools/omdb/tests/successes.out
Original file line number Diff line number Diff line change
Expand Up @@ -305,6 +305,10 @@ task: "switch_port_config_manager"
manages switch port settings for rack switches


task: "v2p_manager"
manages opte v2p mappings for vpc networking


---------------------------------------------
stderr:
note: using Nexus URL http://127.0.0.1:REDACTED_PORT/
Expand Down Expand Up @@ -460,6 +464,13 @@ task: "switch_port_config_manager"
started at <REDACTED TIMESTAMP> (<REDACTED DURATION>s ago) and ran for <REDACTED DURATION>ms
warning: unknown background task: "switch_port_config_manager" (don't know how to interpret details: Object {})

task: "v2p_manager"
configured period: every 30s
currently executing: no
last completed activation: iter 2, triggered by an explicit signal
started at <REDACTED TIMESTAMP> (<REDACTED DURATION>s ago) and ran for <REDACTED DURATION>ms
warning: unknown background task: "v2p_manager" (don't know how to interpret details: Object {})

---------------------------------------------
stderr:
note: using Nexus URL http://127.0.0.1:REDACTED_PORT/
Expand Down
18 changes: 4 additions & 14 deletions illumos-utils/src/opte/params.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,26 +31,16 @@ pub struct VpcFirewallRule {
}

/// A mapping from a virtual NIC to a physical host
#[derive(Clone, Debug, Serialize, Deserialize, JsonSchema, PartialEq)]
pub struct SetVirtualNetworkInterfaceHost {
#[derive(
Clone, Debug, Serialize, Deserialize, JsonSchema, PartialEq, Eq, Hash,
)]
pub struct VirtualNetworkInterfaceHost {
pub virtual_ip: IpAddr,
pub virtual_mac: external::MacAddr,
pub physical_host_ip: Ipv6Addr,
pub vni: external::Vni,
}

/// The data needed to identify a virtual IP for which a sled maintains an OPTE
/// virtual-to-physical mapping such that that mapping can be deleted.
#[derive(Clone, Debug, Serialize, Deserialize, JsonSchema, PartialEq)]
pub struct DeleteVirtualNetworkInterfaceHost {
/// The virtual IP whose mapping should be deleted.
pub virtual_ip: IpAddr,

/// The VNI for the network containing the virtual IP whose mapping should
/// be deleted.
pub vni: external::Vni,
}

/// DHCP configuration for a port
///
/// Not present here: Hostname (DHCPv4 option 12; used in DHCPv6 option 39); we
Expand Down
86 changes: 78 additions & 8 deletions illumos-utils/src/opte/port_manager.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,7 @@
//! Manager for all OPTE ports on a Helios system

use crate::opte::opte_firewall_rules;
use crate::opte::params::DeleteVirtualNetworkInterfaceHost;
use crate::opte::params::SetVirtualNetworkInterfaceHost;
use crate::opte::params::VirtualNetworkInterfaceHost;
use crate::opte::params::VpcFirewallRule;
use crate::opte::Error;
use crate::opte::Gateway;
Expand Down Expand Up @@ -570,10 +569,64 @@ impl PortManager {
Ok(())
}

#[cfg(target_os = "illumos")]
pub fn list_virtual_nics(
&self,
) -> Result<Vec<VirtualNetworkInterfaceHost>, Error> {
use macaddr::MacAddr6;
use opte_ioctl::OpteHdl;

let hdl = OpteHdl::open(OpteHdl::XDE_CTL)?;
let v2p =
hdl.dump_v2p(&oxide_vpc::api::DumpVirt2PhysReq { unused: 99 })?;
let mut mappings: Vec<_> = vec![];

for mapping in v2p.mappings {
for entry in mapping.ip4 {
mappings.push(VirtualNetworkInterfaceHost {
virtual_ip: IpAddr::V4(entry.0.into()),
virtual_mac: MacAddr6::from(entry.1.ether.bytes()).into(),
physical_host_ip: entry.1.ip.into(),
vni: mapping
jmpesp marked this conversation as resolved.
Show resolved Hide resolved
.vni
.as_u32()
.try_into()
.expect("opte VNI should be 24 bits"),
});
}

for entry in mapping.ip6 {
mappings.push(VirtualNetworkInterfaceHost {
virtual_ip: IpAddr::V6(entry.0.into()),
virtual_mac: MacAddr6::from(entry.1.ether.bytes()).into(),
physical_host_ip: entry.1.ip.into(),
vni: mapping
.vni
.as_u32()
.try_into()
.expect("opte VNI should be 24 bits"),
});
}
}

Ok(mappings)
}

#[cfg(not(target_os = "illumos"))]
pub fn list_virtual_nics(
&self,
) -> Result<Vec<VirtualNetworkInterfaceHost>, Error> {
info!(
self.inner.log,
"Listing virtual nics (ignored)";
);
Ok(vec![])
}

#[cfg(target_os = "illumos")]
pub fn set_virtual_nic_host(
&self,
mapping: &SetVirtualNetworkInterfaceHost,
mapping: &VirtualNetworkInterfaceHost,
) -> Result<(), Error> {
use opte_ioctl::OpteHdl;

Expand All @@ -600,7 +653,7 @@ impl PortManager {
#[cfg(not(target_os = "illumos"))]
pub fn set_virtual_nic_host(
&self,
mapping: &SetVirtualNetworkInterfaceHost,
mapping: &VirtualNetworkInterfaceHost,
) -> Result<(), Error> {
info!(
self.inner.log,
Expand All @@ -613,18 +666,35 @@ impl PortManager {
#[cfg(target_os = "illumos")]
pub fn unset_virtual_nic_host(
&self,
_mapping: &DeleteVirtualNetworkInterfaceHost,
mapping: &VirtualNetworkInterfaceHost,
) -> Result<(), Error> {
// TODO requires https://github.com/oxidecomputer/opte/issues/332
use opte_ioctl::OpteHdl;

info!(
self.inner.log,
"Clearing mapping of virtual NIC to physical host";
"mapping" => ?&mapping,
);

let hdl = OpteHdl::open(OpteHdl::XDE_CTL)?;
hdl.clear_v2p(&oxide_vpc::api::ClearVirt2PhysReq {
vip: mapping.virtual_ip.into(),
phys: oxide_vpc::api::PhysNet {
ether: oxide_vpc::api::MacAddr::from(
(*mapping.virtual_mac).into_array(),
),
ip: mapping.physical_host_ip.into(),
vni: Vni::new(mapping.vni).unwrap(),
},
})?;

slog::warn!(self.inner.log, "unset_virtual_nic_host unimplmented");
Ok(())
}

#[cfg(not(target_os = "illumos"))]
pub fn unset_virtual_nic_host(
&self,
_mapping: &DeleteVirtualNetworkInterfaceHost,
_mapping: &VirtualNetworkInterfaceHost,
) -> Result<(), Error> {
info!(self.inner.log, "Ignoring unset of virtual NIC mapping");
jmpesp marked this conversation as resolved.
Show resolved Hide resolved
Ok(())
Expand Down
2 changes: 2 additions & 0 deletions nexus/db-model/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ mod project;
mod semver_version;
mod switch_interface;
mod switch_port;
mod v2p_mapping;
// These actually represent subqueries, not real table.
// However, they must be defined in the same crate as our tables
// for join-based marker trait generation.
Expand Down Expand Up @@ -188,6 +189,7 @@ pub use typed_uuid::to_db_typed_uuid;
pub use upstairs_repair::*;
pub use user_builtin::*;
pub use utilization::*;
pub use v2p_mapping::*;
pub use virtual_provisioning_collection::*;
pub use virtual_provisioning_resource::*;
pub use vmm::*;
Expand Down
11 changes: 11 additions & 0 deletions nexus/db-model/src/schema.rs
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,17 @@ table! {
}
}

table! {
v2p_mapping_view (nic_id) {
nic_id -> Uuid,
sled_id -> Uuid,
sled_ip -> Inet,
vni -> Int4,
mac -> Int8,
ip -> Inet,
}
}

table! {
bgp_announce_set (id) {
id -> Uuid,
Expand Down
3 changes: 2 additions & 1 deletion nexus/db-model/src/schema_versions.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ use std::collections::BTreeMap;
///
/// This must be updated when you change the database schema. Refer to
/// schema/crdb/README.adoc in the root of this repository for details.
pub const SCHEMA_VERSION: SemverVersion = SemverVersion::new(51, 0, 0);
pub const SCHEMA_VERSION: SemverVersion = SemverVersion::new(52, 0, 0);

/// List of all past database schema versions, in *reverse* order
///
Expand All @@ -29,6 +29,7 @@ static KNOWN_VERSIONS: Lazy<Vec<KnownVersion>> = Lazy::new(|| {
// | leaving the first copy as an example for the next person.
// v
// KnownVersion::new(next_int, "unique-dirname-with-the-sql-files"),
KnownVersion::new(52, "add-view-for-v2p-mappings"),
KnownVersion::new(51, "blueprint-disposition-column"),
KnownVersion::new(50, "add-lookup-disk-by-volume-id-index"),
KnownVersion::new(49, "physical-disk-state-and-policy"),
Expand Down
16 changes: 16 additions & 0 deletions nexus/db-model/src/v2p_mapping.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
use crate::schema::v2p_mapping_view;
use crate::{MacAddr, Vni};
use ipnetwork::IpNetwork;
use serde::{Deserialize, Serialize};
use uuid::Uuid;

#[derive(Queryable, Selectable, Clone, Debug, Serialize, Deserialize)]
#[diesel(table_name = v2p_mapping_view)]
pub struct V2PMappingView {
pub nic_id: Uuid,
pub sled_id: Uuid,
pub sled_ip: IpNetwork,
pub vni: Vni,
pub mac: MacAddr,
pub ip: IpNetwork,
}
1 change: 1 addition & 0 deletions nexus/db-queries/src/db/datastore/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ mod switch_port;
pub(crate) mod test_utils;
mod update;
mod utilization;
mod v2p_mapping;
mod virtual_provisioning_collection;
mod vmm;
mod volume;
Expand Down
56 changes: 56 additions & 0 deletions nexus/db-queries/src/db/datastore/network_interface.rs
Original file line number Diff line number Diff line change
Expand Up @@ -784,6 +784,62 @@ impl DataStore {
public_error_from_diesel(e, ErrorHandler::Server)
})
}

/// List all network interfaces associated with all instances, making as
/// many queries as needed to get them all
///
/// This should generally not be used in API handlers or other
/// latency-sensitive contexts, but it can make sense in saga actions or
/// background tasks.
///
/// This particular method was add for propagating v2p mappings via RPWs
jmpesp marked this conversation as resolved.
Show resolved Hide resolved
pub async fn instance_network_interfaces_all_list_batched(
&self,
opctx: &OpContext,
) -> ListResultVec<InstanceNetworkInterface> {
opctx.check_complex_operations_allowed()?;

let mut all_interfaces = Vec::new();
let mut paginator = Paginator::new(SQL_BATCH_SIZE);
while let Some(p) = paginator.next() {
let batch = self
.instance_network_interfaces_all_list(
opctx,
&p.current_pagparams(),
)
.await?;
paginator = p
.found_batch(&batch, &|nic: &InstanceNetworkInterface| {
nic.id()
});
all_interfaces.extend(batch);
}
Ok(all_interfaces)
}

/// List one page of all network interfaces associated with instances
pub async fn instance_network_interfaces_all_list(
&self,
opctx: &OpContext,
pagparams: &DataPageParams<'_, Uuid>,
) -> ListResultVec<InstanceNetworkInterface> {
use db::schema::instance_network_interface::dsl;

// See the comment in `service_create_network_interface`. There's no
// obvious parent for a service network interface (as opposed to
// instance network interfaces, which require ListChildren on the
// instance to list). As a logical proxy, we check for listing children
// of the service IP pool.
let (authz_pool, _pool) = self.ip_pools_service_lookup(opctx).await?;
opctx.authorize(authz::Action::ListChildren, &authz_pool).await?;

paginated(dsl::instance_network_interface, dsl::id, pagparams)
.filter(dsl::time_deleted.is_null())
.select(InstanceNetworkInterface::as_select())
.get_results_async(&*self.pool_connection_authorized(opctx).await?)
.await
.map_err(|e| public_error_from_diesel(e, ErrorHandler::Server))
}
}

#[cfg(test)]
Expand Down
Loading