[ip-pools] Allow multiple default IP pools per silo #9452
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 tasks
Previously, each silo could only have one default IP pool. This change
allows one default pool per (pool_type, ip_version) combination, enabling
silos to have separate defaults for:
- Unicast IPv4
- Unicast IPv6
- Multicast IPv4
- Multicast IPv6
Now, each default can be set or unset and demoted independently.
Unsetting the unicast IPv4 default does not affect the multicast IPv4
default, for example.
Key changes:
- Add `pool_type` and `ip_version` columns to `ip_pool_resource`
(denormalized from parent `ip_pool` for unique index)
- Replace unique index with partial index on (resource_id, pool_type,
ip_version) WHERE is_default = true
- Rename `IpPoolResourceLink` to `IncompleteIpPoolResource` to reflect
that pool_type/ip_version are populated by the linking query
zeeshanlakhani
force-pushed
the
zl/default-pools
branch
from
c940eec to
2987a6e
Compare
zeeshanlakhani
requested review from
askfongjojo,
bnaecker,
internet-diglett and
rcgoodfellow
bnaecker
reviewed
Dec 10, 2025
The `ip_version` field allows callers to specify V4 or V6 preference when
allocating from default IP pools. This is required when multiple default
pools of different IP versions exist. Without it, the system cannot
determine which pool to use, and calls fail.
This involves an API version change. Old API versions predate
`ip_version` support and only had V4 pools, so conversions from old
types default to V4 to maintain backward compatibility. `ip_version` is
only necessary when using default pools.
Ephemeral and floating IPs always allocate from unicast pools, so they
don't need `pool_type` — only `ip_version` for V4/V6 disambiguation.
Multicast groups handle pool type selection separately (ASM vs SSM)
with members.
Now, the API versions are broken up into:
- v2025112000: Disk types (Crucible -> Distributed rename)
- v2025120300: Multicast types (before implicit lifecycle, pub for
http_entrypoints.rs access)
- v2025120500: FloatingIpCreate/EphemeralIpCreate without `ip_version`
bnaecker
reviewed
Dec 11, 2025
Collaborator
bnaecker
left a comment
bnaecker
left a comment
There was a problem hiding this comment.
I'm not able to comment on a lot of the multicast-specific stuff, but the API changes around IP versions and default pools looks good to me. Just have a few small suggestions!
| // If `ip_version` was not specified and we have multiple pools of | ||
| // different IP versions, return an error asking the caller to specify | ||
| // which version. | ||
| if ip_version.is_none() && pools.len() > 1 { |
Collaborator
There was a problem hiding this comment.
Might be worth factoring this out to a function, since it's used several places. Not critical though.
| // different IP versions, return an error asking the caller to specify | ||
| // which version. | ||
| if ip_version.is_none() && pools.len() > 1 { | ||
| let has_v4 = pools.iter().any(|p| p.ip_version == IpVersion::V4); |
Collaborator
There was a problem hiding this comment.
Could be simpler to iterate once, extract the version, and pull into a set. Then check if the set's length is > 1. Something like:
if pools.iter().map(|ip| ip.ip_version).collect::<HashSet<_>>().len() > 1 {
return Err(...);
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously, each silo could only have one default IP pool. This change allows one default pool per (pool_type, ip_version) combination, enabling silos to have separate defaults for:
Now, each default can be set or unset and demoted independently. Unsetting the unicast IPv4 default does not affect the multicast IPv4 default, for example.
Key changes:
pool_typeandip_versioncolumns toip_pool_resource(denormalized from parentip_poolfor unique index)IpPoolResourceLinktoIncompleteIpPoolResourceto reflect that pool_type/ip_version are populated by the linking queryUpdates 12/11/2025:
We add an
ip_versionfield that allows callers to specify V4 or V6 preference whenallocating from default IP pools. This is required when multiple default pools of different IP versions exist. Without it, the system cannot determine which pool to use, and calls fail.
This involves an API version change. Old API versions predate
ip_versionsupport and only had V4 pools, so conversions from old types default to V4 to maintain backward compatibility.ip_versionis only necessary when using default pools.Ephemeral and floating IPs always allocate from unicast pools, so they don't need
pool_type— onlyip_versionfor V4/V6 disambiguation. Multicast groups handle pool type selection separately (ASM vs SSM) with members.Now, the API versions are broken up into:
http_entrypoints.rs access)
ip_version