[nexus] Add service to DB, add rack initialization API (#1169)

This PR implements the "internal API" from RFD 278 which will be invoked by RSS to initialize the rack. Currently, this API has no callers, and nothing is blocked on the value of rack.initialized being set.

Fixes #1149

Author: smklein

common/src/address.rs

@@ -46,6 +46,9 @@ const _ANYCAST_ADDRESS_INDEX: usize = 0;
 const DNS_ADDRESS_INDEX: usize = 1;
 const GZ_ADDRESS_INDEX: usize = 2;
 
+/// The maximum number of addresses per sled reserved for RSS.
+pub const RSS_RESERVED_ADDRESSES: u16 = 10;
+
 /// Wraps an [`Ipv6Network`] with a compile-time prefix length.
 #[derive(Debug, Clone, Copy, JsonSchema, Serialize, Deserialize, PartialEq)]
 pub struct Ipv6Subnet<const N: u8> {

common/src/api/external/mod.rs

@@ -527,6 +527,7 @@ pub enum ResourceType {
     Instance,
     NetworkInterface,
     Rack,
+    Service,
     Sled,
     SagaDbg,
     Snapshot,

common/src/sql/dbinit.sql

@@ -48,6 +48,17 @@ CREATE TABLE omicron.public.rack (
     time_created TIMESTAMPTZ NOT NULL,
     time_modified TIMESTAMPTZ NOT NULL,
 
+    /*
+     * Identifies if rack management has been transferred from RSS -> Nexus.
+     * If "false", RSS is still managing sleds, services, and DNS records.
+     *
+     * This value is set to "true" when RSS calls the
+     * "rack_initialization_complete" endpoint on Nexus' internal interface.
+     *
+     * See RFD 278 for more detail.
+     */
+    initialized BOOL NOT NULL,
+
     /* Used to configure the updates service URL */
     tuf_base_url STRING(512)
 );
@@ -72,6 +83,35 @@ CREATE TABLE omicron.public.sled (
     last_used_address INET NOT NULL
 );
 
+/*
+ * Services
+ */
+
+CREATE TYPE omicron.public.service_kind AS ENUM (
+  'internal_dns',
+  'nexus',
+  'oximeter'
+);
+
+CREATE TABLE omicron.public.service (
+    /* Identity metadata (asset) */
+    id UUID PRIMARY KEY,
+    time_created TIMESTAMPTZ NOT NULL,
+    time_modified TIMESTAMPTZ NOT NULL,
+
+    /* FK into the Sled table */
+    sled_id UUID NOT NULL,
+    /* The IP address of the service. */
+    ip INET NOT NULL,
+    /* Indicates the type of service. */
+    kind omicron.public.service_kind NOT NULL
+);
+
+/* Add an index which lets us look up the services on a sled */
+CREATE INDEX ON omicron.public.service (
+    sled_id
+);
+
 /*
  * ZPools of Storage, attached to Sleds.
  * Typically these are backed by a single physical disk.

nexus/src/app/rack.rs

@@ -7,6 +7,7 @@
 use crate::authz;
 use crate::context::OpContext;
 use crate::db;
+use crate::internal_api::params::ServicePutRequest;
 use futures::future::ready;
 use futures::StreamExt;
 use omicron_common::api::external::DataPageParams;
@@ -21,6 +22,7 @@ impl super::Nexus {
     pub(crate) fn as_rack(&self) -> db::model::Rack {
         db::model::Rack {
             identity: self.api_rack_identity.clone(),
+            initialized: true,
             tuf_base_url: None,
         }
     }
@@ -59,4 +61,35 @@ impl super::Nexus {
             Err(Error::not_found_by_id(ResourceType::Rack, rack_id))
         }
     }
+
+    /// Marks the rack as initialized with a set of services.
+    ///
+    /// This function is a no-op if the rack has already been initialized.
+    pub async fn rack_initialize(
+        &self,
+        opctx: &OpContext,
+        rack_id: Uuid,
+        services: Vec<ServicePutRequest>,
+    ) -> Result<(), Error> {
+        opctx.authorize(authz::Action::Modify, &authz::FLEET).await?;
+
+        // Convert from parameter -> DB type.
+        let services: Vec<_> = services
+            .into_iter()
+            .map(|svc| {
+                db::model::Service::new(
+                    svc.service_id,
+                    svc.sled_id,
+                    svc.address,
+                    svc.kind.into(),
+                )
+            })
+            .collect();
+
+        self.db_datastore
+            .rack_set_initialized(opctx, rack_id, services)
+            .await?;
+
+        Ok(())
+    }
 }

nexus/src/app/sled.rs

@@ -9,13 +9,14 @@ use crate::db;
 use crate::db::identity::Asset;
 use crate::db::lookup::LookupPath;
 use crate::db::model::DatasetKind;
+use crate::db::model::ServiceKind;
 use crate::internal_api::params::ZpoolPutRequest;
 use omicron_common::api::external::DataPageParams;
 use omicron_common::api::external::Error;
 use omicron_common::api::external::ListResultVec;
 use omicron_common::api::external::LookupResult;
 use sled_agent_client::Client as SledAgentClient;
-use std::net::{SocketAddr, SocketAddrV6};
+use std::net::{Ipv6Addr, SocketAddr, SocketAddrV6};
 use std::sync::Arc;
 use uuid::Uuid;
 
@@ -142,4 +143,27 @@ impl super::Nexus {
         self.db_datastore.dataset_upsert(dataset).await?;
         Ok(())
     }
+
+    // Services
+
+    /// Upserts a Service into the database, updating it if it already exists.
+    pub async fn upsert_service(
+        &self,
+        opctx: &OpContext,
+        id: Uuid,
+        sled_id: Uuid,
+        address: Ipv6Addr,
+        kind: ServiceKind,
+    ) -> Result<(), Error> {
+        info!(
+            self.log,
+            "upserting service";
+            "sled_id" => sled_id.to_string(),
+            "service_id" => id.to_string(),
+            "address" => address.to_string(),
+        );
+        let service = db::model::Service::new(id, sled_id, address, kind);
+        self.db_datastore.service_upsert(opctx, service).await?;
+        Ok(())
+    }
 }