Skip to content

Initial schema updates disallowing default IP Pool for the internal silo #8964

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 3, 2025
Merged

Initial schema updates disallowing default IP Pool for the internal silo #8964

merged 5 commits into from
Sep 3, 2025

Conversation

bnaecker
Copy link
Collaborator

@bnaecker bnaecker marked this pull request as draft August 30, 2025 02:16
@bnaecker bnaecker force-pushed the schema-updates-for-new-ip-pool-linkage branch from ce147e2 to afb56f3 Compare September 1, 2025 19:25
@bnaecker
Initial schema updates disallowing default IP Pool for the internal silo
9f49f97 
- Add database constraints that ensure that we can't set a default pool
  for the Oxide internal silo. Add tests for this specifically.
- This is part of #8948, but does not resolve it.
@bnaecker bnaecker force-pushed the schema-updates-for-new-ip-pool-linkage branch from afb56f3 to 9f49f97 Compare September 2, 2025 17:45
@bnaecker bnaecker marked this pull request as ready for review September 2, 2025 18:09
@bnaecker
Copy link
Collaborator Author

bnaecker commented Sep 2, 2025

This is a small step towards #8945. To date, we've assumed that our internal silo has exactly 1 IP Pool. That's special, created at rack initialization, linked to the silo, and not operator-modifiable. We can't do that in the long run. For one thing, we need IPv6 IP Pools, but we also want to allow operators to delegate pretty much any IP Pool to the internal silo. That will eventually be used to determine which networks our services need addresses on.

The first step, implemented here, is just disallowing a default IP Pool for the internal silo, enforced as a check constraint in the database.

smklein
smklein reviewed Sep 2, 2025
View reviewed changes
david-crespo
david-crespo reviewed Sep 2, 2025
View reviewed changes
@bnaecker
Simplify schema changes and new check constraint
ca66077
@bnaecker
Review feedback
8d3ea33 
Keep endpoint non-idempotent, and catch check violations explicitly
smklein
smklein reviewed Sep 2, 2025
View reviewed changes
smklein
smklein reviewed Sep 2, 2025
View reviewed changes
@bnaecker
Copy link
Collaborator Author

bnaecker commented Sep 2, 2025 via email

@bnaecker bnaecker enabled auto-merge (squash) September 3, 2025 18:42
@bnaecker bnaecker mentioned this pull request Sep 3, 2025
Open
@bnaecker bnaecker merged commit c797644 into main Sep 3, 2025
16 checks passed
@bnaecker bnaecker deleted the schema-updates-for-new-ip-pool-linkage branch September 3, 2025 22:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smklein smklein smklein approved these changes

@david-crespo david-crespo Awaiting requested review from david-crespo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bnaecker @smklein @david-crespo