Refactor Network Operator APIs #6016
Conversation
There was a problem hiding this comment.
You might think about generating the SDK and CLI as you evolve this API. In particular, I'd love to see this list of CLI commands that require the --json-body parameter to shrink: https://github.com/oxidecomputer/oxide.rs/blob/main/cli/tests/data/json-body-required.txt (note about half of them are networking-related)
openapi/nexus.json
Outdated
| @@ -9727,7 +9816,7 @@ | |||
| "last_address" | |||
| ] | |||
| }, | |||
| "AddressLotBlockCreate": { | |||
| "AddressLotBlock2": { | |||
There was a problem hiding this comment.
just looking through this quickly, but I think we should avoid adding more of these name conflicting types that result in the 2 suffix.
@ahl do we have a preferred pattern that we want to use to avoid this? |
There are some structures that are challenging to generate, in particular deeply nested structs. Perhaps put another way: you might keep in mind how you'd like the CLI to work for a particular API concept and then organize the API in a way where you can imagine the direct translation e.g. to CLI arguments. There's more that progenitor could and can do, but some structures--such as |
|
@ahl I generated a local CLI with this PR's openapi spec and it seems to avoid the need for |
|
well that's good news! |
|
Local testing against a running control plane: $ ./target/debug/oxide system networking address-lot list
[
{
"description": "initial infrastructure ip address lot",
"id": "4d2fc8ca-8759-46e4-9c36-7e9bbd14ecc1",
"kind": "infra",
"name": "initial-infra",
"time_created": "2024-07-17T21:39:29.384680Z",
"time_modified": "2024-07-17T21:39:29.384680Z"
}
]
$ ./target/debug/oxide system networking address-lot block list --address-lot initial-infra
[
{
"first_address": "10.85.0.30",
"id": "60efc85a-34d0-4e07-b3e2-c11f203e054d",
"last_address": "10.85.0.30"
}
]
$ ./target/debug/oxide system networking address-lot block add \
--address-lot initial-infra \
--first-address 10.100.0.0 \
--last-address 10.100.0.255
{
"first_address": "10.100.0.0",
"id": "5eff580c-9e96-4c01-a580-b9c782bc4196",
"last_address": "10.100.0.255"
}
$ ./target/debug/oxide system networking address-lot block list --address-lot initial-infra
[
{
"first_address": "10.100.0.0",
"id": "5eff580c-9e96-4c01-a580-b9c782bc4196",
"last_address": "10.100.0.255"
}, {
"first_address": "10.85.0.30",
"id": "60efc85a-34d0-4e07-b3e2-c11f203e054d",
"last_address": "10.85.0.30"
}
]
$ ./target/debug/oxide system networking address-lot block remove \
--address-lot initial-infra \
--first-address 10.100.0.0 \
--last-address 10.100.0.255
$ ./target/debug/oxide system networking address-lot block list --address-lot initial-infra
[
{
"first_address": "10.85.0.30",
"id": "60efc85a-34d0-4e07-b3e2-c11f203e054d",
"last_address": "10.85.0.30"
}
] |
internet-diglett
changed the title
* migrate settings apply / clear to configuration set / clear * add endpoint for viewing which configuration is active
|
@taspelund do you mind kicking the tires on this and oxidecomputer/oxide.rs#817? |
| pub remote_asn: Option<u32>, | ||
|
|
||
| /// Require messages from a peer have a minimum IP time to live field. | ||
| /// Require messages from this peer have a minimum IP time to live field. |
There was a problem hiding this comment.
Suggestion: "Require that messages...", to be consistent with line 2675.
| @@ -129,6 +129,9 @@ snapshot_view GET /v1/snapshots/{snapshot} | |||
|
|
|||
| API operations found with tag "system/hardware" | |||
| OPERATION ID METHOD URL PATH | |||
| networking_switch_port_active_configuration_clear DELETE /v1/system/hardware/racks/{rack_id}/switch/{switch}/switch-port/{port}/configuration | |||
There was a problem hiding this comment.
Weird column alignment compared to rest of file, but ok.
| @@ -129,6 +129,9 @@ snapshot_view GET /v1/snapshots/{snapshot} | |||
|
|
|||
| API operations found with tag "system/hardware" | |||
| OPERATION ID METHOD URL PATH | |||
| networking_switch_port_active_configuration_clear DELETE /v1/system/hardware/racks/{rack_id}/switch/{switch}/switch-port/{port}/configuration | |||
| networking_switch_port_active_configuration_set PUT /v1/system/hardware/racks/{rack_id}/switch/{switch}/switch-port/{port}/configuration | |||
| networking_switch_port_active_configuration_view GET /v1/system/hardware/racks/{rack_id}/switch/{switch}/switch-port/{port}/configuration | |||
| networking_switch_port_apply_settings POST /v1/system/hardware/switch-port/{port}/settings | |||
There was a problem hiding this comment.
I'm looking at the diffs since my last review, and looking at this file as a whole, and looking in particular for consistency for the DELETE method (due to diff for line 195).
Are lines 50-51 similar to lines 135-136, in that a specific element is not specified at the end of the URL?
instance_ephemeral_ip_attach POST /v1/instances/{instance}/external-ips/ephemeral
instance_ephemeral_ip_detach DELETE /v1/instances/{instance}/external-ips/ephemeral
There was a problem hiding this comment.
There can only be one active configuration per switch port, so specifying which configuration to delete is unnecessary here.
| ) -> Result<HttpResponseDeleted, HttpError>; | ||
|
|
||
| /// List switch port settings | ||
| #[endpoint { | ||
| method = GET, | ||
| path = "/v1/system/networking/switch-port-settings", | ||
| path = "/v1/system/networking/switch-port-configuration", |
There was a problem hiding this comment.
The ordering in nexus/external-api/output/nexus_tags.txt made this GET hard to find there, as it doesn't come right after the POST and DELETE in that file, although it seems to be sorted in alphabetical order by OPERATION ID there. Ok if no changes.
There was a problem hiding this comment.
I believe that file is auto-generated
| async fn networking_bgp_config_delete( | ||
| rqctx: RequestContext<Self::Context>, | ||
| sel: Path<params::BgpConfigSelector>, | ||
| ) -> Result<HttpResponseUpdatedNoContent, HttpError>; |
There was a problem hiding this comment.
Is HttpResponse type ok? Can check other places with this type.
There was a problem hiding this comment.
This should be Deleted, will update
| &opctx, &port, rack_id, switch, &settings, | ||
| ) | ||
| .await?; | ||
| Ok(HttpResponseUpdatedNoContent {}) |
There was a problem hiding this comment.
The syntax looks different here compared to other places (part of my consistency check). Could check other places too, as this appears in multiple places.
| @@ -4813,15 +3988,15 @@ async fn networking_switch_port_status( | |||
| async fn networking_bgp_announce_set_update( | |||
| rqctx: RequestContext<ApiContext>, | |||
| config: TypedBody<params::BgpAnnounceSetCreate>, | |||
| ) -> Result<HttpResponseCreated<BgpAnnounceSet>, HttpError> { | |||
| ) -> Result<HttpResponseOk<BgpAnnounceSet>, HttpError> { | |||
There was a problem hiding this comment.
Is this HttpResponse type ok? In the rest of the code, it is mostly only used for list/view. Double check other places.
| @@ -2119,6 +2078,19 @@ pub struct SwitchPortApplySettings { | |||
| pub port_settings: NameOrId, | |||
| } | |||
|
|
|||
| /// Select a switch port by name | |||
There was a problem hiding this comment.
Check if this doc string needs to be updated, as there are other fields that are not just name.
| "tags": [ | ||
| "system/networking" | ||
| ], | ||
| "summary": "Get information about a named set of switch-port-settings", | ||
| "operationId": "networking_switch_port_configuration_view", | ||
| "summary": "Delete switch port settings", |
There was a problem hiding this comment.
settings or configuration? (Fix in original code with docstring, check other places for consistency with new terminology)
| @@ -19975,7 +20143,7 @@ | |||
| ] | |||
| }, | |||
| "RouteAddRemove": { | |||
| "description": "A route to a destination network through a gateway address to add or remove to an interface.", | |||
| "description": "A network route to to add to or remove from an interface.", | |||
There was a problem hiding this comment.
"to to" (Fix in original code with docstring).
Summary
Our currently deployed APIs for operator networking aren't as user friendly as we'd like them to be. After landing these changes we hope to be able to start breaking ground on Terraform provider updates for rack / operator networking, which should increase user friendliness as well as make testing more streamlined in some scenarios. This will also allow us to migrate from using
--json-objectwith Oxide cli commands, for example:Changes
The following changes should mostly preserve backwards compatibility with the existing API, so we should be able to continue to use all of our existing automation / tooling / scripts for the time being.
Change namespace for api endpoints / commands to
switch-port-configuration(switch-port-settings is not plural-friendly)Break AddressLot and AddressLotBlock into separate APIs
Add endpoint for viewing which configuration has been applied to a switch port (i.e.
configuration_view)Rename
settings_applyandsettings_cleartoconfiguration_applyandconfiguration_clearCreate separate API endpoints for each child object under
SwitchPortSettingsCreate integration tests for new endpoints
update CLI client library: Refactor network operator APIs oxide.rs#817
Additional Acceptance Criteria
- [ ] resolves need to validate bgp config UUID when adding/setting bgp peer #6462 ~~- [ ] partially satisfies Audit network configuration error squashing. #6398name_or_idpath param #6497