[sled-agent] Add ability to allocate guest-visible NICs

[smklein]

[Nexus]

• Expands "InstanceRuntimeState" into "InstanceHardware", such that it also includes space for devices (to start with, NICs).

[Sled Agent]

• Adds a Vnic structure, which uses RAII semantics to deallocate the VNIC when it goes out of scope.
• Constructs VNICs as requested by Nexus, places them in Propolis' Zone, and requests them from Propolis' API.

At the moment, this PR does not actually request NICs from Nexus -> Sled Agent -> Propolis -- but the wiring is added such that this is now possible, if requested by Nexus

[jclulow]

I think we must have exercised this stuff during the demo? At least in some form.

omicron/omicron-nexus/src/sagas.rs

Lines 352 to 384 in 81fc3e7

	/*
	* XXX Demo hack NIC.
	*/
	let mac = macaddr::MacAddr6::new(
	0xaa,
	0x00,
	0x04,
	0x00,
	0xff,
	ip_reservation as u8,
	);
	let nic = omicron_common::api::external::NetworkInterface {
	mac: omicron_common::api::external::MacAddr(mac),
	ip: format!("172.20.14.{}", ip_reservation).parse().unwrap(),
	subnet_id: Uuid::new_v4(),
	vpc_id: Uuid::new_v4(),
	identity: omicron_common::api::external::IdentityMetadata {
	id: Uuid::new_v4(),
	name: omicron_common::api::external::Name::try_from(
	"bestvnic".to_string(),
	)
	.unwrap(),
	description: "".to_string(),
	time_created: Utc::now(),
	time_modified: Utc::now(),
	},
	};
	// TODO: Populate this with an appropriate NIC.
	// See also: instance_set_runtime in nexus.rs for a similar construction.
	Ok(InstanceHardware {
	runtime: instance.runtime().into(),
	nics: vec![nic],

This created the right NICs, at least!

I wonder if we could add, at least for now, the ability to have the guest NIC be on a VLAN (which could just come from the config file) for the lab environment:

omicron/omicron-sled-agent/src/illumos/dladm.rs

Lines 42 to 72 in 81fc3e7

	/// Creates a new VNIC atop a physical device.
	pub fn create_vnic(
	physical: &PhysicalLink,
	vnic_name: &str,
	mac: Option<MacAddr>,
	vlan: Option<u16>,
	) -> Result<(), Error> {
	let mut command = std::process::Command::new(PFEXEC);
	let mut args = vec![
	DLADM.to_string(),
	"create-vnic".to_string(),
	"-t".to_string(),
	"-l".to_string(),
	physical.0.to_string(),
	];
	if let Some(mac) = mac {
	args.push("-m".to_string());
	args.push(mac.0.to_string());
	}
	if let Some(vlan) = vlan {
	args.push("-v".to_string());
	args.push(vlan.to_string());
	}
	args.push(vnic_name.to_string());
	let cmd = command.args(&args);
	execute(cmd)?;
	Ok(())
	}

omicron/omicron-sled-agent/src/instance.rs

Lines 152 to 162 in 81fc3e7

	impl Vnic {
	// Creates a new NIC, intended for usage by the guest.
	fn new_guest(
	allocator: &IdAllocator,
	physical_dl: &PhysicalLink,
	mac: Option<MacAddr>,
	) -> Result<Self, Error> {
	let name = guest_vnic_name(allocator.next());
	Dladm::create_vnic(physical_dl, &name, mac, Some(2014))?; /* XXX */
	Ok(Vnic { name, deleted: false })
	}

[smklein]

I think we must have exercised this stuff during the demo? At least in some form.
This created the right NICs, at least!

Yeah! I pulled this branch into demo_m2, so it was definitely used there.

I wonder if we could add, at least for now, the ability to have the guest NIC be on a VLAN (which could just come from the config file) for the lab environment

Sure thing! I just added the "--vlan" argument which can be plumbed into the sled agent (admittedly, so far, no one is passing this argument). Perhaps we could add it as an SMF property? Or somehow in the invocation in the service_bundle.dtd file?

Regardless, this has been added.

[smklein]

This branch is ready to go, blocked on: oxidecomputer/propolis#43