Database support for delegating IP Pools for Oxide internal use (#9103)

- Add database queries for marking any number of IP Pools as delegated
for Oxide internal use, rather than assuming there's just one.
- Rework queries for linking / unlinking IP Pool and Silo, making them
concurrency-safe and preventing deletion when there are IPs or we're
trying to delete the last internal IP Pool.
- The public API does not change here. We're still assuming exactly one
IP Pool per IP version for internal usage, and not allowing the link or
pool to appear in the API. That'll be a follow-up commit.
- Fixes #8948

Author: bnaecker

nexus/db-model/src/ip_pool.rs

@@ -24,6 +24,37 @@ use omicron_common::api::external;
 use std::net::IpAddr;
 use uuid::Uuid;
 
+impl_enum_type!(
+    IpPoolReservationTypeEnum:
+
+    #[derive(
+        AsExpression,
+        Clone,
+        Copy,
+        Debug,
+        Eq,
+        FromSqlRow,
+        PartialEq,
+        schemars::JsonSchema,
+        serde::Deserialize,
+        serde::Serialize,
+    )]
+    pub enum IpPoolReservationType;
+
+    ExternalSilos => b"external_silos"
+    OxideInternal => b"oxide_internal"
+);
+
+impl ::std::fmt::Display for IpPoolReservationType {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let s = match self {
+            IpPoolReservationType::ExternalSilos => "external_silos",
+            IpPoolReservationType::OxideInternal => "oxide_internal",
+        };
+        f.write_str(s)
+    }
+}
+
 impl_enum_type!(
     IpVersionEnum:
 
@@ -77,7 +108,9 @@ impl From<IpVersion> for shared::IpVersion {
 /// IP pools can be external or internal. External IP pools can be associated
 /// with a silo or project so that instance IP allocation draws from that pool
 /// instead of a system pool.
-#[derive(Queryable, Insertable, Selectable, Clone, Debug, Resource)]
+#[derive(
+    Queryable, Insertable, Selectable, Clone, Debug, Resource, PartialEq,
+)]
 #[diesel(table_name = ip_pool)]
 pub struct IpPool {
     #[diesel(embed)]
@@ -89,12 +122,19 @@ pub struct IpPool {
     /// Child resource generation number, for optimistic concurrency control of
     /// the contained ranges.
     pub rcgen: i64,
+
+    /// Indicates what the pool is reserved for.
+    pub reservation_type: IpPoolReservationType,
 }
 
 impl IpPool {
+    /// Create a new IP Pool.
+    ///
+    /// The pool is reserved for external customer Silos.
     pub fn new(
         pool_identity: &external::IdentityMetadataCreateParams,
         ip_version: IpVersion,
+        reservation_type: IpPoolReservationType,
     ) -> Self {
         Self {
             identity: IpPoolIdentity::new(
@@ -103,19 +143,24 @@ impl IpPool {
             ),
             ip_version,
             rcgen: 0,
+            reservation_type,
         }
     }
 
+    /// Create a new IPv4 IP Pool.
     pub fn new_v4(
         pool_identity: &external::IdentityMetadataCreateParams,
+        reservation_type: IpPoolReservationType,
     ) -> Self {
-        Self::new(pool_identity, IpVersion::V4)
+        Self::new(pool_identity, IpVersion::V4, reservation_type)
     }
 
+    /// Create a new IPv6 IP Pool.
     pub fn new_v6(
         pool_identity: &external::IdentityMetadataCreateParams,
+        reservation_type: IpPoolReservationType,
     ) -> Self {
-        Self::new(pool_identity, IpVersion::V6)
+        Self::new(pool_identity, IpVersion::V6, reservation_type)
     }
 }
 

nexus/db-model/src/schema_versions.rs

@@ -16,7 +16,7 @@ use std::{collections::BTreeMap, sync::LazyLock};
 ///
 /// This must be updated when you change the database schema.  Refer to
 /// schema/crdb/README.adoc in the root of this repository for details.
-pub const SCHEMA_VERSION: Version = Version::new(197, 0, 0);
+pub const SCHEMA_VERSION: Version = Version::new(198, 0, 0);
 
 /// List of all past database schema versions, in *reverse* order
 ///
@@ -28,6 +28,7 @@ static KNOWN_VERSIONS: LazyLock<Vec<KnownVersion>> = LazyLock::new(|| {
         // |  leaving the first copy as an example for the next person.
         // v
         // KnownVersion::new(next_int, "unique-dirname-with-the-sql-files"),
+        KnownVersion::new(198, "add-ip-pool-reservation-type-column"),
         KnownVersion::new(197, "scim-users-and-groups"),
         KnownVersion::new(196, "user-provision-type-for-silo-user-and-group"),
         KnownVersion::new(195, "tuf-pruned-index"),