Add queries to allocate external IPv6 addresses

- Rewrite the `NextExternalIp` query to allow IPv6 address allocations.
  This uses queries more like the existing "next-item" queries based on
  a self-join, where we're joining the existing address with those
  addresses plus-one, and taking the first free one.
- Handle a few more failure-cases from the new query to ensure we detect
  address exhaustion, reallocation, and so on. All the existing tests
  continue to pass.
- Add expectorate / explain "tests" for the new queries
- Add a few new tests, some specifically for IPv6 address allocations
  and the details / corner cases of the new query structure
- Closes #9245

Author: bnaecker

nexus/db-model/src/external_ip.rs

@@ -256,6 +256,7 @@ pub struct IncompleteExternalIp {
     project_id: Option<Uuid>,
     state: IpAttachState,
     // Optional address requesting that a specific IP address be allocated.
+    // TODO(ben) Make this an `IpAssignment`
     explicit_ip: Option<IpNetwork>,
     // Optional range when requesting a specific SNAT range be allocated.
     explicit_port_range: Option<(i32, i32)>,
@@ -373,7 +374,7 @@ impl IncompleteExternalIp {
             pool_id,
             project_id: Some(project_id),
             explicit_ip: Some(explicit_ip.into()),
-            explicit_port_range: None,
+            explicit_port_range: Some((0, u16::MAX.into())),
             state: kind.initial_state(),
         }
     }
@@ -398,7 +399,7 @@ impl IncompleteExternalIp {
 
                 (
                     IpKind::Floating,
-                    None,
+                    Some((0, u16::MAX.into())),
                     Some(name),
                     Some(zone_kind.report_str().to_string()),
                     state,

nexus/db-model/src/schema_versions.rs

@@ -16,7 +16,7 @@ use std::{collections::BTreeMap, sync::LazyLock};
 ///
 /// This must be updated when you change the database schema.  Refer to
 /// schema/crdb/README.adoc in the root of this repository for details.
-pub const SCHEMA_VERSION: Version = Version::new(201, 0, 0);
+pub const SCHEMA_VERSION: Version = Version::new(202, 0, 0);
 
 /// List of all past database schema versions, in *reverse* order
 ///
@@ -28,6 +28,7 @@ static KNOWN_VERSIONS: LazyLock<Vec<KnownVersion>> = LazyLock::new(|| {
         // |  leaving the first copy as an example for the next person.
         // v
         // KnownVersion::new(next_int, "unique-dirname-with-the-sql-files"),
+        KnownVersion::new(202, "add-ip-to-external-ip-index"),
         KnownVersion::new(201, "scim-client-bearer-token"),
         KnownVersion::new(200, "dual-stack-network-interfaces"),
         KnownVersion::new(199, "multicast-pool-support"),

nexus/db-queries/src/db/datastore/external_ip.rs

@@ -243,15 +243,32 @@ impl DataStore {
         conn: &async_bb8_diesel::Connection<DbConnection>,
         data: IncompleteExternalIp,
     ) -> Result<ExternalIp, TransactionError<Error>> {
-        use diesel::result::DatabaseErrorKind::UniqueViolation;
         // Name needs to be cloned out here (if present) to give users a
         // sensible error message on name collision.
         let name = data.name().clone();
         let explicit_ip = data.explicit_ip().is_some();
         NextExternalIp::new(data).get_result_async(conn).await.map_err(|e| {
+            use diesel::result::DatabaseErrorKind::NotNullViolation;
+            use diesel::result::DatabaseErrorKind::UniqueViolation;
             use diesel::result::Error::DatabaseError;
             use diesel::result::Error::NotFound;
             match e {
+                DatabaseError(NotNullViolation, ref info)
+                    if info.message().contains("in column \"ip\"") =>
+                {
+                    if explicit_ip {
+                        TransactionError::CustomError(Error::invalid_request(
+                            "Requested external IP address not available",
+                        ))
+                    } else {
+                        TransactionError::CustomError(
+                            Error::insufficient_capacity(
+                                "No external IP addresses available",
+                                "NextExternalIp::new tried to insert NULL ip",
+                            ),
+                        )
+                    }
+                }
                 NotFound => {
                     if explicit_ip {
                         TransactionError::CustomError(Error::invalid_request(
@@ -266,17 +283,32 @@ impl DataStore {
                         )
                     }
                 }
-                // Floating IP: name conflict
-                DatabaseError(UniqueViolation, ..) if name.is_some() => {
-                    TransactionError::CustomError(public_error_from_diesel(
-                        e,
-                        ErrorHandler::Conflict(
-                            ResourceType::FloatingIp,
-                            name.as_ref()
-                                .map(|m| m.as_str())
-                                .unwrap_or_default(),
-                        ),
-                    ))
+                DatabaseError(UniqueViolation, ref info) => {
+                    // Attempt to re-use same IP address.
+                    if info.constraint_name() == Some("external_ip_unique") {
+                        TransactionError::CustomError(Error::invalid_request(
+                            "Requested external IP address not available",
+                        ))
+                    // Floating IP: name conflict
+                    } else if info
+                        .constraint_name()
+                        .map(|name| name.starts_with("lookup_floating_"))
+                        .unwrap_or(false)
+                    {
+                        TransactionError::CustomError(public_error_from_diesel(
+                            e,
+                            ErrorHandler::Conflict(
+                                ResourceType::FloatingIp,
+                                name.as_ref()
+                                    .map(|m| m.as_str())
+                                    .unwrap_or_default(),
+                            ),
+                        ))
+                    } else {
+                        TransactionError::CustomError(
+                            crate::db::queries::external_ip::from_diesel(e),
+                        )
+                    }
                 }
                 _ => {
                     if retryable(&e) {