plumb transit_ips through instance NIC create

david-crespo · david-crespo · commit 3784aea098bf · 2024-10-14T16:20:50.000-05:00
diff --git a/nexus/db-model/src/network_interface.rs b/nexus/db-model/src/network_interface.rs
@@ -319,6 +319,7 @@ pub struct IncompleteNetworkInterface {
     pub kind: NetworkInterfaceKind,
     pub parent_id: Uuid,
     pub subnet: VpcSubnet,
+    pub transit_ips: Vec<IpNetwork>,
     pub ip: Option<std::net::IpAddr>,
     pub mac: Option<external::MacAddr>,
     pub slot: Option<u8>,
@@ -332,6 +333,7 @@ impl IncompleteNetworkInterface {
         parent_id: Uuid,
         subnet: VpcSubnet,
         identity: external::IdentityMetadataCreateParams,
+        transit_ips: Vec<oxnet::IpNet>,
         ip: Option<std::net::IpAddr>,
         mac: Option<external::MacAddr>,
         slot: Option<u8>,
@@ -378,6 +380,7 @@ impl IncompleteNetworkInterface {
             kind,
             parent_id,
             subnet,
+            transit_ips: transit_ips.into_iter().map(Into::into).collect(),
             ip,
             mac,
             slot,
@@ -389,6 +392,7 @@ impl IncompleteNetworkInterface {
         instance_id: InstanceUuid,
         subnet: VpcSubnet,
         identity: external::IdentityMetadataCreateParams,
+        transit_ips: Vec<oxnet::IpNet>,
         ip: Option<std::net::IpAddr>,
     ) -> Result<Self, external::Error> {
         Self::new(
@@ -397,6 +401,7 @@ impl IncompleteNetworkInterface {
             instance_id.into_untyped_uuid(),
             subnet,
             identity,
+            transit_ips,
             ip,
             None,
             None,
@@ -418,6 +423,7 @@ impl IncompleteNetworkInterface {
             service_id,
             subnet,
             identity,
+            vec![],
             Some(ip),
             Some(mac),
             Some(slot),
@@ -438,6 +444,7 @@ impl IncompleteNetworkInterface {
             probe_id,
             subnet,
             identity,
+            vec![],
             ip,
             mac,
             None,
diff --git a/nexus/db-queries/src/db/datastore/vpc.rs b/nexus/db-queries/src/db/datastore/vpc.rs
@@ -3752,6 +3752,7 @@ mod tests {
                         name: "nic".parse().unwrap(),
                         description: "A NIC...".into(),
                     },
+                    vec![],
                     None,
                 )
                 .unwrap(),
diff --git a/nexus/db-queries/src/db/queries/network_interface.rs b/nexus/db-queries/src/db/queries/network_interface.rs
@@ -1138,6 +1138,13 @@ impl QueryFragment<Pg> for InsertQuery {
         out.push_identifier(dsl::parent_id::NAME)?;
         out.push_sql(", ");
 
+        out.push_bind_param::<sql_types::Array<sql_types::Inet>, Vec<IpNetwork>>(
+            &self.interface.transit_ips,
+        )?;
+        out.push_sql(" AS ");
+        out.push_identifier(dsl::transit_ips::NAME)?;
+        out.push_sql(", ");
+
         // Helper function to push a subquery selecting something from the CTE.
         fn select_from_cte(
             mut out: AstPass<Pg>,
@@ -1231,6 +1238,8 @@ impl QueryFragment<Pg> for InsertQueryValues {
         out.push_sql(", ");
         out.push_identifier(dsl::parent_id::NAME)?;
         out.push_sql(", ");
+        out.push_identifier(dsl::transit_ips::NAME)?;
+        out.push_sql(", ");
         out.push_identifier(dsl::vpc_id::NAME)?;
         out.push_sql(", ");
         out.push_identifier(dsl::subnet_id::NAME)?;
@@ -2144,6 +2153,7 @@ mod tests {
                 name: "interface-a".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             Some(requested_ip),
         )
         .unwrap();
@@ -2173,6 +2183,7 @@ mod tests {
                 name: "interface-a".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             Some(requested_ip),
         )
         .unwrap();
@@ -2186,10 +2197,10 @@ mod tests {
             .expect("Failed to insert interface with known-good IP address");
         assert_interfaces_eq(&interface, &inserted_interface.clone().into());
         assert_eq!(
-            inserted_interface.ip.ip(),
-            requested_ip,
-            "The requested IP address should be available when no interfaces exist in the table"
-        );
+                inserted_interface.ip.ip(),
+                requested_ip,
+                "The requested IP address should be available when no interfaces exist in the table"
+            );
         context.success().await;
     }
 
@@ -2205,6 +2216,7 @@ mod tests {
                 name: "interface-b".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2243,6 +2255,7 @@ mod tests {
                     name: format!("interface-{}", i).parse().unwrap(),
                     description: String::from("description"),
                 },
+                vec![],
                 None,
             )
             .unwrap();
@@ -2287,6 +2300,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2306,6 +2320,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             Some(inserted_interface.ip.ip()),
         )
         .unwrap();
@@ -2545,6 +2560,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2564,6 +2580,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2595,6 +2612,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2611,6 +2629,7 @@ mod tests {
                 name: "interface-d".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2639,6 +2658,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2681,6 +2701,7 @@ mod tests {
                 name: "interface-c".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2699,6 +2720,7 @@ mod tests {
                     name: "interface-a".parse().unwrap(),
                     description: String::from("description"),
                 },
+                vec![],
                 addr,
             )
             .unwrap();
@@ -2735,6 +2757,7 @@ mod tests {
                     name: "interface-c".parse().unwrap(),
                     description: String::from("description"),
                 },
+                vec![],
                 None,
             )
             .unwrap();
@@ -2764,6 +2787,7 @@ mod tests {
                 name: "interface-d".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
@@ -2797,6 +2821,7 @@ mod tests {
                     name: format!("if{}", i).parse().unwrap(),
                     description: String::from("description"),
                 },
+                vec![],
                 None,
             )
             .unwrap();
@@ -2865,6 +2890,7 @@ mod tests {
                     name: format!("interface-{}", slot).parse().unwrap(),
                     description: String::from("description"),
                 },
+                vec![],
                 None,
             )
             .unwrap();
@@ -2900,6 +2926,7 @@ mod tests {
                 name: "interface-8".parse().unwrap(),
                 description: String::from("description"),
             },
+            vec![],
             None,
         )
         .unwrap();
diff --git a/nexus/src/app/network_interface.rs b/nexus/src/app/network_interface.rs
@@ -92,6 +92,7 @@ impl super::Nexus {
             InstanceUuid::from_untyped_uuid(authz_instance.id()),
             db_subnet,
             params.identity.clone(),
+            params.transit_ips.clone(),
             params.ip,
         )?;
         self.db_datastore
diff --git a/nexus/src/app/sagas/instance_create.rs b/nexus/src/app/sagas/instance_create.rs
@@ -526,6 +526,7 @@ async fn create_custom_network_interface(
         instance_id,
         db_subnet.clone(),
         interface_params.identity.clone(),
+        interface_params.transit_ips.clone(),
         interface_params.ip,
     )
     .map_err(ActionError::action_failed)?;
@@ -621,6 +622,7 @@ async fn create_default_primary_network_interface(
         instance_id,
         db_subnet.clone(),
         interface_params.identity.clone(),
+        interface_params.transit_ips.clone(),
         interface_params.ip,
     )
     .map_err(ActionError::action_failed)?;
diff --git a/nexus/tests/integration_tests/instances.rs b/nexus/tests/integration_tests/instances.rs
@@ -2609,7 +2609,7 @@ async fn test_instance_create_delete_network_interface(
             vpc_name: "default".parse().unwrap(),
             subnet_name: secondary_subnet.identity.name.clone(),
             ip: Some("172.31.0.11".parse().unwrap()),
-            transit_ips: vec![],
+            transit_ips: vec!["10.0.0.0/24".parse().unwrap()],
         },
     ];
 
@@ -2663,6 +2663,15 @@ async fn test_instance_create_delete_network_interface(
             i == 0,
             "Only the first interface should be primary"
         );
+        if i == 1 {
+            assert!(
+                iface.transit_ips.len() == 1
+                    && iface.transit_ips[0].to_string() == "10.0.0.0/24",
+                "Only the second interface has a transit IP"
+            );
+        } else {
+            assert!(iface.transit_ips.is_empty())
+        }
         interfaces.push(iface);
     }
 
@@ -2683,6 +2692,7 @@ async fn test_instance_create_delete_network_interface(
         assert_eq!(iface0.subnet_id, iface1.subnet_id);
         assert_eq!(iface0.ip, iface1.ip);
         assert_eq!(iface0.primary, iface1.primary);
+        assert_eq!(iface0.transit_ips, iface1.transit_ips);
     }
 
     // Verify we cannot delete either interface while the instance is running

Original file line number	Diff line number	Diff line change
`@@ -3752,6 +3752,7 @@ mod tests {`
`3752`	`3752`	`name: "nic".parse().unwrap(),`
`3753`	`3753`	`description: "A NIC...".into(),`
`3754`	`3754`	`},`
	`3755`	`+ vec![],`
`3755`	`3756`	`None,`
`3756`	`3757`	`)`
`3757`	`3758`	`.unwrap(),`