Skip to content

Implement ephemeral IPs#1458

Merged
bnaecker merged 3 commits into
mainfrom
more-external-ips
Jul 20, 2022
Merged

Implement ephemeral IPs#1458
bnaecker merged 3 commits into
mainfrom
more-external-ips

Conversation

@bnaecker

@bnaecker bnaecker commented Jul 18, 2022

Copy link
Copy Markdown
Collaborator
  • Updates the current external IP allocation query to handle both
    floating and ephemeral IPs, by assuming that the whole port range is
    already reserved for any existing IP address.
  • Add public datastore methods for creating SNAT and Ephemeral IPs,
    delegating to private method for the actual query running/handling
  • Updates sagas to include UUID generation for external IPs as separate
    steps, for idempotency, and to create Ephemeral IPs if they're
    requested. Also rework instance creation/migration sagas to select the
    Ephemeral IP address, if one was requested, or the SNAT if not.
  • Adds optional restriction of IP Pools to a project. This adds the
    project ID or name in a bunch of places, and updates the external IP
    allocation query to only consider pools which are unrestricted, or
    whose project ID matches the one of the instance we're allocating an
    IP for. This relies on a new index on the instance_external_ip
    table, which induces an undesirable sorting (by project, not IP), so
    we add a new sorting criterion to the query.
  • Adds tests, especially for the external IP table's check constraints
    which verify integrity of the name / description / instance ID for
    different kinds of addresses, and for restriction of an IP pool to a
    project.
  • Plumb the external IPs up to Nexus's public API, including instance
    creation and an endpoint for listing external IPs for an instance.
  • Adds integration tests for assignment of Ephemeral IPs and authz tests
    for the endpoint(s)

@bnaecker
Implement ephemeral IPs
3e3640b 
- Updates the current external IP allocation query to handle both
  floating and ephemeral IPs, by assuming that the whole port range is
  already reserved for any existing IP address.
- Add public datastore methods for creating SNAT and Ephemeral IPs,
  delegating to private method for the actual query running/handling
- Updates sagas to include UUID generation for external IPs as separate
  steps, for idempotency, and to create Ephemeral IPs if they're
  requested. Also rework instance creation/migration sagas to select the
  Ephemeral IP address, if one was requested, or the SNAT if not.
- Adds optional restriction of IP Pools to a project. This adds the
  project ID or name in a bunch of places, and updates the external IP
  allocation query to only consider pools which are unrestricted, or
  whose project ID matches the one of the instance we're allocating an
  IP for. This relies on a new index on the `instance_external_ip`
  table, which induces an undesirable sorting (by project, not IP), so
  we add a new sorting criterion to the query.
- Adds tests, especially for the external IP table's check constraints
  which verify integrity of the name / description / instance ID for
  different kinds of addresses, and for restriction of an IP pool to a
  project.
- Plumb the external IPs up to Nexus's public API, including instance
  creation and an endpoint for listing external IPs for an instance.
- Adds integration tests for assignment of Ephemeral IPs and authz tests
  for the endpoint(s)
@bnaecker bnaecker requested review from davepacheco and smklein July 18, 2022 20:57
@bnaecker

bnaecker commented Jul 18, 2022

Copy link
Copy Markdown
Collaborator Author

Should resolve #1458. There are still some TODOs, which I'll be moving into issues.

@bnaecker bnaecker mentioned this pull request Jul 18, 2022
Closed
just-be-dev
just-be-dev reviewed Jul 18, 2022
View reviewed changes
Comment thread common/src/sql/dbinit.sql
smklein
smklein reviewed Jul 19, 2022
View reviewed changes

@smklein smklein left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall, looks good. Biggest questions relate to undo actions within the sagas.

Comment thread common/src/sql/dbinit.sql Outdated
Comment thread nexus/src/app/instance.rs Outdated
Comment thread nexus/src/app/instance.rs Outdated
Comment thread nexus/src/app/instance.rs Outdated
Comment thread nexus/src/app/sagas/instance_create.rs
Comment thread nexus/src/db/datastore/instance_external_ip.rs Outdated
Comment thread nexus/src/app/sagas/instance_migrate.rs Outdated
Comment thread nexus/src/db/queries/external_ip.rs Outdated
Comment thread nexus/src/external_api/params.rs
Comment thread smf/sled-agent/config.toml Outdated
This was referenced Jul 19, 2022
Closed
Closed
Closed
@bnaecker
Review feedback
ed99541 
- More comments and links to issues
- Better handling of external IP vs SNAT IPs during instance
  provision/migrate
- Revert bad MAC address
@rzezeski rzezeski mentioned this pull request Jul 20, 2022
Closed
@bnaecker bnaecker mentioned this pull request Jul 20, 2022
Closed
@bnaecker bnaecker merged commit d023a6d into main Jul 20, 2022
@bnaecker bnaecker deleted the more-external-ips branch July 20, 2022 21:04
@bnaecker bnaecker mentioned this pull request Jul 20, 2022
Closed
This was referenced Jul 28, 2022
Closed
Closed
@smklein smklein mentioned this pull request Aug 4, 2022
Closed
@bnaecker bnaecker mentioned this pull request Aug 4, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smklein smklein smklein approved these changes

@davepacheco davepacheco Awaiting requested review from davepacheco

+1 more reviewer

@just-be-dev just-be-dev just-be-dev left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bnaecker @just-be-dev @smklein