add bfd to bootstore and early networking (#5313)

Author: rcgoodfellow

clients/sled-agent-client/src/lib.rs

@@ -11,7 +11,9 @@ use std::convert::TryFrom;
 use std::hash::Hash;
 use std::net::IpAddr;
 use std::net::SocketAddr;
-use types::{BgpConfig, BgpPeerConfig, PortConfigV1, RouteConfig};
+use types::{
+    BfdPeerConfig, BgpConfig, BgpPeerConfig, PortConfigV1, RouteConfig,
+};
 use uuid::Uuid;
 
 progenitor::generate_api!(
@@ -651,3 +653,16 @@ impl Hash for PortConfigV1 {
         self.uplink_port_speed.hash(state);
     }
 }
+
+impl Eq for BfdPeerConfig {}
+
+impl Hash for BfdPeerConfig {
+    fn hash<H: std::hash::Hasher>(&self, state: &mut H) {
+        self.local.hash(state);
+        self.remote.hash(state);
+        self.detection_threshold.hash(state);
+        self.required_rx.hash(state);
+        self.mode.hash(state);
+        self.switch.hash(state);
+    }
+}

common/src/api/external/mod.rs

@@ -2821,6 +2821,25 @@ pub struct BgpImportedRouteIpv4 {
     pub switch: SwitchLocation,
 }
 
+/// BFD connection mode.
+#[derive(
+    Clone,
+    Copy,
+    Debug,
+    Deserialize,
+    Serialize,
+    JsonSchema,
+    PartialEq,
+    Eq,
+    Ord,
+    PartialOrd,
+)]
+#[serde(rename_all = "snake_case")]
+pub enum BfdMode {
+    SingleHop,
+    MultiHop,
+}
+
 /// A description of an uploaded TUF repository.
 #[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize, JsonSchema)]
 pub struct TufRepoDescription {

common/src/api/internal/shared.rs

@@ -4,7 +4,7 @@
 
 //! Types shared between Nexus and Sled Agent.
 
-use crate::api::external::{self, Name};
+use crate::api::external::{self, BfdMode, Name};
 use ipnetwork::{IpNetwork, Ipv4Network, Ipv6Network};
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
@@ -87,6 +87,9 @@ pub struct RackNetworkConfigV1 {
     pub ports: Vec<PortConfigV1>,
     /// BGP configurations for connecting the rack to external networks
     pub bgp: Vec<BgpConfig>,
+    /// BFD configuration for connecting the rack to external networks
+    #[serde(default)]
+    pub bfd: Vec<BfdPeerConfig>,
 }
 
 #[derive(Clone, Debug, Deserialize, Serialize, PartialEq, JsonSchema)]
@@ -118,6 +121,16 @@ pub struct BgpPeerConfig {
     pub keepalive: Option<u64>,
 }
 
+#[derive(Clone, Debug, Deserialize, Serialize, PartialEq, JsonSchema)]
+pub struct BfdPeerConfig {
+    pub local: Option<IpAddr>,
+    pub remote: IpAddr,
+    pub detection_threshold: u8,
+    pub required_rx: u64,
+    pub mode: BfdMode,
+    pub switch: SwitchLocation,
+}
+
 #[derive(Clone, Debug, Deserialize, Serialize, PartialEq, JsonSchema)]
 pub struct RouteConfig {
     /// The destination of the route.

nexus/db-model/src/bfd.rs

@@ -45,13 +45,13 @@ pub struct BfdSession {
     pub time_deleted: Option<DateTime<Utc>>,
 }
 
-impl From<nexus_types::external_api::params::BfdMode> for BfdMode {
-    fn from(value: nexus_types::external_api::params::BfdMode) -> Self {
+impl From<omicron_common::api::external::BfdMode> for BfdMode {
+    fn from(value: omicron_common::api::external::BfdMode) -> Self {
         match value {
-            nexus_types::external_api::params::BfdMode::SingleHop => {
+            omicron_common::api::external::BfdMode::SingleHop => {
                 BfdMode::SingleHop
             }
-            nexus_types::external_api::params::BfdMode::MultiHop => {
+            omicron_common::api::external::BfdMode::MultiHop => {
                 BfdMode::MultiHop
             }
         }

nexus/src/app/background/sync_switch_configuration.rs

@@ -39,7 +39,10 @@ use nexus_types::{external_api::params, identity::Resource};
 use omicron_common::OMICRON_DPD_TAG;
 use omicron_common::{
     address::{get_sled_address, Ipv6Subnet},
-    api::external::{DataPageParams, SwitchLocation},
+    api::{
+        external::{DataPageParams, SwitchLocation},
+        internal::shared::ParseSwitchLocationError,
+    },
 };
 use serde_json::json;
 use sled_agent_client::types::{
@@ -210,6 +213,56 @@ impl SwitchPortSettingsManager {
 
         Ok(set)
     }
+
+    async fn bfd_peer_configs_from_db<'a>(
+        &'a mut self,
+        opctx: &OpContext,
+    ) -> Result<
+        Vec<sled_agent_client::types::BfdPeerConfig>,
+        omicron_common::api::external::Error,
+    > {
+        let db_data = self
+            .datastore
+            .bfd_session_list(opctx, &DataPageParams::max_page())
+            .await?;
+
+        let mut result = Vec::new();
+        for spec in db_data.into_iter() {
+            let config = sled_agent_client::types::BfdPeerConfig {
+                local: spec.local.map(|x| x.ip()),
+                remote: spec.remote.ip(),
+                detection_threshold: spec.detection_threshold.0.try_into().map_err(|_| {
+                    omicron_common::api::external::Error::InternalError {
+                        internal_message: format!(
+                            "db_bfd_peer_configs: detection threshold overflow: {}",
+                            spec.detection_threshold.0,
+                        ),
+                    }
+                })?,
+                required_rx: spec.required_rx.0.into(),
+                mode: match spec.mode {
+                    nexus_db_model::BfdMode::SingleHop => {
+                        sled_agent_client::types::BfdMode::SingleHop
+                    }
+                    nexus_db_model::BfdMode::MultiHop => {
+                        sled_agent_client::types::BfdMode::MultiHop
+                    }
+                },
+                switch: spec.switch.parse().map_err(|e: ParseSwitchLocationError| {
+                    omicron_common::api::external::Error::InternalError {
+                        internal_message: format!(
+                            "db_bfd_peer_configs: failed to parse switch name: {}: {:?}",
+                            spec.switch,
+                            e,
+                        ),
+                    }
+                })?,
+            };
+            result.push(config);
+        }
+
+        Ok(result)
+    }
 }
 
 #[derive(Debug)]
@@ -799,6 +852,14 @@ impl BackgroundTask for SwitchPortSettingsManager {
                 ;
 
 
+                let bfd = match self.bfd_peer_configs_from_db(opctx).await {
+                    Ok(bfd) => bfd,
+                    Err(e) => {
+                        error!(log, "error fetching bfd config from db"; "error" => %e);
+                        continue;
+                    }
+                };
+
                 let mut desired_config = EarlyNetworkConfig {
                     generation: 0,
                     schema_version: 1,
@@ -810,6 +871,7 @@ impl BackgroundTask for SwitchPortSettingsManager {
                             infra_ip_last,
                             ports,
                             bgp,
+                            bfd,
                         }),
                     },
                 };
@@ -838,6 +900,7 @@ impl BackgroundTask for SwitchPortSettingsManager {
                                 let rnc_differs = match (config.body.rack_network_config.clone(), desired_config.body.rack_network_config.clone()) {
                                     (Some(current_rnc), Some(desired_rnc)) => {
                                         !hashset_eq(current_rnc.bgp.clone(), desired_rnc.bgp.clone()) ||
+                                        !hashset_eq(current_rnc.bfd.clone(), desired_rnc.bfd.clone()) ||
                                         !hashset_eq(current_rnc.ports.clone(), desired_rnc.ports.clone()) ||
                                         current_rnc.rack_subnet != desired_rnc.rack_subnet ||
                                         current_rnc.infra_ip_first != desired_rnc.infra_ip_first ||

nexus/src/app/bfd.rs

@@ -42,6 +42,10 @@ impl super::Nexus {
         self.background_tasks
             .driver
             .activate(&self.background_tasks.bfd_manager);
+        // for timely propagation to bootstore
+        self.background_tasks
+            .driver
+            .activate(&self.background_tasks.task_switch_port_settings_manager);
         Ok(())
     }
 
@@ -56,6 +60,10 @@ impl super::Nexus {
         self.background_tasks
             .driver
             .activate(&self.background_tasks.bfd_manager);
+        // for timely propagation to bootstore
+        self.background_tasks
+            .driver
+            .activate(&self.background_tasks.task_switch_port_settings_manager);
         Ok(())
     }
 
@@ -93,10 +101,10 @@ impl super::Nexus {
                     required_rx: info.config.required_rx,
                     mode: match info.config.mode {
                         mg_admin_client::types::SessionMode::SingleHop => {
-                            params::BfdMode::SingleHop
+                            omicron_common::api::external::BfdMode::SingleHop
                         }
                         mg_admin_client::types::SessionMode::MultiHop => {
-                            params::BfdMode::MultiHop
+                            omicron_common::api::external::BfdMode::MultiHop
                         }
                     },
                 })

nexus/src/lib.rs

@@ -302,6 +302,7 @@ impl nexus_test_interface::NexusServer for Server {
                         infra_ip_last: Ipv4Addr::UNSPECIFIED,
                         ports: Vec::new(),
                         bgp: Vec::new(),
+                        bfd: Vec::new(),
                     },
                 },
             )

nexus/tests/integration_tests/endpoints.rs

@@ -595,7 +595,7 @@ pub static DEMO_BFD_ENABLE: Lazy<params::BfdSessionEnable> =
         detection_threshold: 3,
         required_rx: 1000000,
         switch: "switch0".parse().unwrap(),
-        mode: params::BfdMode::MultiHop,
+        mode: omicron_common::api::external::BfdMode::MultiHop,
     });
 
 pub static DEMO_BFD_DISABLE: Lazy<params::BfdSessionDisable> =

nexus/types/src/external_api/params.rs

@@ -9,7 +9,7 @@ use crate::external_api::shared;
 use base64::Engine;
 use chrono::{DateTime, Utc};
 use omicron_common::api::external::{
-    AddressLotKind, ByteCount, Hostname, IdentityMetadataCreateParams,
+    AddressLotKind, BfdMode, ByteCount, Hostname, IdentityMetadataCreateParams,
     IdentityMetadataUpdateParams, InstanceCpuCount, IpNet, Ipv4Net, Ipv6Net,
     Name, NameOrId, PaginationOrder, RouteDestination, RouteTarget,
     SemverVersion,
@@ -1814,24 +1814,6 @@ pub struct BgpStatusSelector {
     pub name_or_id: NameOrId,
 }
 
-#[derive(
-    Clone,
-    Copy,
-    Debug,
-    Deserialize,
-    Serialize,
-    JsonSchema,
-    PartialEq,
-    Eq,
-    Ord,
-    PartialOrd,
-)]
-#[serde(rename_all = "snake_case")]
-pub enum BfdMode {
-    SingleHop,
-    MultiHop,
-}
-
 /// Information about a bidirectional forwarding detection (BFD) session.
 #[derive(Clone, Debug, Deserialize, Serialize, JsonSchema, PartialEq)]
 pub struct BfdSessionEnable {

nexus/types/src/external_api/shared.rs

@@ -17,8 +17,7 @@ use strum::EnumIter;
 use uuid::Uuid;
 
 pub use omicron_common::address::{IpRange, Ipv4Range, Ipv6Range};
-
-use super::params::BfdMode;
+pub use omicron_common::api::external::BfdMode;
 
 /// Maximum number of role assignments allowed on any one resource
 // Today's implementation assumes a relatively small number of role assignments

openapi/bootstrap-agent.json

@@ -229,6 +229,51 @@
           }
         ]
       },
+      "BfdMode": {
+        "description": "BFD connection mode.",
+        "type": "string",
+        "enum": [
+          "single_hop",
+          "multi_hop"
+        ]
+      },
+      "BfdPeerConfig": {
+        "type": "object",
+        "properties": {
+          "detection_threshold": {
+            "type": "integer",
+            "format": "uint8",
+            "minimum": 0
+          },
+          "local": {
+            "nullable": true,
+            "type": "string",
+            "format": "ip"
+          },
+          "mode": {
+            "$ref": "#/components/schemas/BfdMode"
+          },
+          "remote": {
+            "type": "string",
+            "format": "ip"
+          },
+          "required_rx": {
+            "type": "integer",
+            "format": "uint64",
+            "minimum": 0
+          },
+          "switch": {
+            "$ref": "#/components/schemas/SwitchLocation"
+          }
+        },
+        "required": [
+          "detection_threshold",
+          "mode",
+          "remote",
+          "required_rx",
+          "switch"
+        ]
+      },
       "BgpConfig": {
         "type": "object",
         "properties": {
@@ -691,6 +736,14 @@
         "description": "Initial network configuration",
         "type": "object",
         "properties": {
+          "bfd": {
+            "description": "BFD configuration for connecting the rack to external networks",
+            "default": [],
+            "type": "array",
+            "items": {
+              "$ref": "#/components/schemas/BfdPeerConfig"
+            }
+          },
           "bgp": {
             "description": "BGP configurations for connecting the rack to external networks",
             "type": "array",