Encode resource limits into schema

common/src/api/external/mod.rs

@@ -40,6 +40,8 @@ use std::num::{NonZeroU16, NonZeroU32};
 use std::str::FromStr;
 use uuid::Uuid;
 
+use crate::limits::MAX_VCPU_PER_INSTANCE;
+
 // The type aliases below exist primarily to ensure consistency among return
 // types for functions in the `nexus::Nexus` and `nexus::DataStore`.  The
 // type argument `T` generally implements `Object`.
@@ -881,9 +883,39 @@ impl InstanceState {
 }
 
 /// The number of CPUs in an Instance
-#[derive(Copy, Clone, Debug, Deserialize, Serialize, JsonSchema)]
+#[derive(Copy, Clone, Debug, Deserialize, Serialize)]
 pub struct InstanceCpuCount(pub u16);
 
+impl JsonSchema for InstanceCpuCount {
+    fn schema_name() -> String {
+        "InstanceCpuCount".to_string()
+    }
+
+    fn json_schema(
+        _: &mut schemars::gen::SchemaGenerator,
+    ) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some(
+                    "The number of CPUs in an Instance".to_string(),
+                ),
+                ..Default::default()
+            })),
+            format: Some("uint16".to_string()),
+            instance_type: Some(schemars::schema::InstanceType::Integer.into()),
+            number: Some(Box::new(schemars::schema::NumberValidation {
+                multiple_of: None,
+                maximum: Some(MAX_VCPU_PER_INSTANCE.into()),
+                exclusive_maximum: None,
+                minimum: Some(1.0),
+                exclusive_minimum: None,
+            })),
+            ..Default::default()
+        }
+        .into()
+    }
+}
+
 impl TryFrom<i64> for InstanceCpuCount {
     type Error = anyhow::Error;
 

common/src/lib.rs

@@ -26,6 +26,7 @@ pub mod backoff;
 pub mod cmd;
 pub mod disk;
 pub mod ledger;
+pub mod limits;
 pub mod nexus_config;
 pub mod postgres_config;
 pub mod update;

common/src/limits.rs

@@ -0,0 +1,19 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+// Contains constants that define the hard limits of Nexus
+
+pub const MAX_VCPU_PER_INSTANCE: u16 = 64;
+
+pub const MIN_MEMORY_BYTES_PER_INSTANCE: u32 = 1 << 30; // 1 GiB
+pub const MAX_MEMORY_BYTES_PER_INSTANCE: u64 = 256 * (1 << 30); // 256 GiB
+
+pub const MAX_DISKS_PER_INSTANCE: u32 = 8;
+pub const MIN_DISK_SIZE_BYTES: u32 = 1 << 30; // 1 GiB
+pub const MAX_DISK_SIZE_BYTES: u64 = 1023 * (1 << 30); // 1023 GiB
+
+pub const MAX_NICS_PER_INSTANCE: usize = 8;
+
+// TODO-completeness: Support multiple external IPs
+pub const MAX_EXTERNAL_IPS_PER_INSTANCE: usize = 1;

nexus-client/src/lib.rs

@@ -128,7 +128,7 @@ impl From<omicron_common::api::external::InstanceCpuCount>
     for types::InstanceCpuCount
 {
     fn from(s: omicron_common::api::external::InstanceCpuCount) -> Self {
-        Self(s.0)
+        Self(s.0.into())
     }
 }
 

nexus/db-queries/src/db/queries/disk.rs

@@ -11,15 +11,9 @@ use diesel::{
     query_builder::{AstPass, QueryFragment, QueryId},
     sql_types, Column, QueryResult,
 };
+use omicron_common::limits::MAX_DISKS_PER_INSTANCE;
 use uuid::Uuid;
 
-/// The maximum number of disks that can be attached to an instance.
-//
-// This is defined here for layering reasons: the main Nexus crate depends on
-// the db-queries crate, so the disk-per-instance limit lives here and Nexus
-// proper re-exports it.
-pub const MAX_DISKS_PER_INSTANCE: u32 = 8;
-
 /// A wrapper for the query that selects a PCI slot for a newly-attached disk.
 ///
 /// The general idea is to produce a query that left joins a single-column table

nexus/src/app/disk.rs

@@ -24,13 +24,12 @@ use omicron_common::api::external::LookupResult;
 use omicron_common::api::external::NameOrId;
 use omicron_common::api::external::UpdateResult;
 use omicron_common::api::internal::nexus::DiskRuntimeState;
+use omicron_common::limits::MAX_DISK_SIZE_BYTES;
+use omicron_common::limits::MIN_DISK_SIZE_BYTES;
 use sled_agent_client::Client as SledAgentClient;
 use std::sync::Arc;
 use uuid::Uuid;
 
-use super::MAX_DISK_SIZE_BYTES;
-use super::MIN_DISK_SIZE_BYTES;
-
 impl super::Nexus {
     // Disks
     pub fn disk_lookup<'a>(

nexus/src/app/instance.rs

@@ -4,12 +4,6 @@
 
 //! Virtual Machine Instances
 
-use super::MAX_DISKS_PER_INSTANCE;
-use super::MAX_EXTERNAL_IPS_PER_INSTANCE;
-use super::MAX_MEMORY_BYTES_PER_INSTANCE;
-use super::MAX_NICS_PER_INSTANCE;
-use super::MAX_VCPU_PER_INSTANCE;
-use super::MIN_MEMORY_BYTES_PER_INSTANCE;
 use crate::app::sagas;
 use crate::app::sagas::retry_until_known_result;
 use crate::authn;
@@ -42,6 +36,12 @@ use omicron_common::api::external::UpdateResult;
 use omicron_common::api::external::Vni;
 use omicron_common::api::internal::nexus;
 use omicron_common::api::internal::shared::SwitchLocation;
+use omicron_common::limits::MAX_DISKS_PER_INSTANCE;
+use omicron_common::limits::MAX_EXTERNAL_IPS_PER_INSTANCE;
+use omicron_common::limits::MAX_MEMORY_BYTES_PER_INSTANCE;
+use omicron_common::limits::MAX_NICS_PER_INSTANCE;
+use omicron_common::limits::MAX_VCPU_PER_INSTANCE;
+use omicron_common::limits::MIN_MEMORY_BYTES_PER_INSTANCE;
 use propolis_client::support::tungstenite::protocol::frame::coding::CloseCode;
 use propolis_client::support::tungstenite::protocol::CloseFrame;
 use propolis_client::support::tungstenite::Message as WebSocketMessage;

nexus/src/app/mod.rs

@@ -68,24 +68,6 @@ mod vpc_subnet;
 // application logic.
 pub mod sagas;
 
-// TODO: When referring to API types, we should try to include
-// the prefix unless it is unambiguous.
-
-pub(crate) use nexus_db_queries::db::queries::disk::MAX_DISKS_PER_INSTANCE;
-
-pub(crate) const MAX_NICS_PER_INSTANCE: usize = 8;
-
-// TODO-completeness: Support multiple external IPs
-pub(crate) const MAX_EXTERNAL_IPS_PER_INSTANCE: usize = 1;
-
-pub const MAX_VCPU_PER_INSTANCE: u16 = 64;
-
-pub const MIN_MEMORY_BYTES_PER_INSTANCE: u32 = 1 << 30; // 1 GiB
-pub const MAX_MEMORY_BYTES_PER_INSTANCE: u64 = 256 * (1 << 30); // 256 GiB
-
-pub const MIN_DISK_SIZE_BYTES: u32 = 1 << 30; // 1 GiB
-pub const MAX_DISK_SIZE_BYTES: u64 = 1023 * (1 << 30); // 1023 GiB
-
 /// Manages an Oxide fleet -- the heart of the control plane
 pub struct Nexus {
     /// uuid for this nexus instance.

nexus/src/app/sagas/instance_create.rs

@@ -7,10 +7,6 @@ use crate::app::instance::WriteBackUpdatedInstance;
 use crate::app::sagas::declare_saga_actions;
 use crate::app::sagas::disk_create::{self, SagaDiskCreate};
 use crate::app::sagas::retry_until_known_result;
-use crate::app::{
-    MAX_DISKS_PER_INSTANCE, MAX_EXTERNAL_IPS_PER_INSTANCE,
-    MAX_NICS_PER_INSTANCE,
-};
 use crate::db::identity::Resource;
 use crate::db::lookup::LookupPath;
 use crate::db::model::ByteCount as DbByteCount;
@@ -29,6 +25,10 @@ use omicron_common::api::external::InstanceState;
 use omicron_common::api::external::Name;
 use omicron_common::api::internal::nexus::InstanceRuntimeState;
 use omicron_common::api::internal::shared::SwitchLocation;
+use omicron_common::limits::{
+    MAX_DISKS_PER_INSTANCE, MAX_EXTERNAL_IPS_PER_INSTANCE,
+    MAX_NICS_PER_INSTANCE,
+};
 use serde::Deserialize;
 use serde::Serialize;
 use sled_agent_client::types::InstanceStateRequested;

nexus/tests/integration_tests/disks.rs

@@ -32,7 +32,8 @@ use omicron_common::api::external::IdentityMetadataCreateParams;
 use omicron_common::api::external::Instance;
 use omicron_common::api::external::Name;
 use omicron_common::api::external::NameOrId;
-use omicron_nexus::app::{MAX_DISK_SIZE_BYTES, MIN_DISK_SIZE_BYTES};
+use omicron_common::limits::MAX_DISK_SIZE_BYTES;
+use omicron_common::limits::MIN_DISK_SIZE_BYTES;
 use omicron_nexus::db::fixed_data::{silo::SILO_ID, FLEET_ID};
 use omicron_nexus::db::lookup::LookupPath;
 use omicron_nexus::TestInterfaces as _;

nexus/tests/integration_tests/instances.rs

@@ -36,9 +36,9 @@ use omicron_common::api::external::InstanceState;
 use omicron_common::api::external::Ipv4Net;
 use omicron_common::api::external::Name;
 use omicron_common::api::external::Vni;
-use omicron_nexus::app::MAX_MEMORY_BYTES_PER_INSTANCE;
-use omicron_nexus::app::MAX_VCPU_PER_INSTANCE;
-use omicron_nexus::app::MIN_MEMORY_BYTES_PER_INSTANCE;
+use omicron_common::limits::MAX_MEMORY_BYTES_PER_INSTANCE;
+use omicron_common::limits::MAX_VCPU_PER_INSTANCE;
+use omicron_common::limits::MIN_MEMORY_BYTES_PER_INSTANCE;
 use omicron_nexus::db::fixed_data::silo::SILO_ID;
 use omicron_nexus::db::lookup::LookupPath;
 use omicron_nexus::external_api::shared::IpKind;

nexus/tests/integration_tests/snapshots.rs

@@ -26,7 +26,7 @@ use omicron_common::api::external::IdentityMetadataCreateParams;
 use omicron_common::api::external::Instance;
 use omicron_common::api::external::InstanceCpuCount;
 use omicron_common::api::external::Name;
-use omicron_nexus::app::MIN_DISK_SIZE_BYTES;
+use omicron_common::limits::MIN_DISK_SIZE_BYTES;
 use omicron_nexus::authz;
 use omicron_nexus::db;
 use omicron_nexus::db::identity::Resource;

nexus/types/src/external_api/params.rs

@@ -8,11 +8,17 @@
 use crate::external_api::shared;
 use base64::Engine;
 use chrono::{DateTime, Utc};
-use omicron_common::api::external::{
-    AddressLotKind, ByteCount, IdentityMetadataCreateParams,
-    IdentityMetadataUpdateParams, InstanceCpuCount, IpNet, Ipv4Net, Ipv6Net,
-    Name, NameOrId, PaginationOrder, RouteDestination, RouteTarget,
-    SemverVersion,
+use omicron_common::{
+    api::external::{
+        AddressLotKind, ByteCount, IdentityMetadataCreateParams,
+        IdentityMetadataUpdateParams, InstanceCpuCount, IpNet, Ipv4Net,
+        Ipv6Net, Name, NameOrId, PaginationOrder, RouteDestination,
+        RouteTarget, SemverVersion,
+    },
+    limits::{
+        MAX_DISK_SIZE_BYTES, MAX_MEMORY_BYTES_PER_INSTANCE,
+        MIN_DISK_SIZE_BYTES, MIN_MEMORY_BYTES_PER_INSTANCE,
+    },
 };
 use schemars::JsonSchema;
 use serde::{
@@ -816,6 +822,7 @@ pub struct InstanceCreate {
     #[serde(flatten)]
     pub identity: IdentityMetadataCreateParams,
     pub ncpus: InstanceCpuCount,
+    #[schemars(schema_with = "memory_limits")]
     pub memory: ByteCount,
     pub hostname: String, // TODO-cleanup different type?
 
@@ -859,6 +866,21 @@ fn bool_true() -> bool {
     true
 }
 
+fn memory_limits(
+    gen: &mut schemars::gen::SchemaGenerator,
+) -> schemars::schema::Schema {
+    let mut schema: schemars::schema::SchemaObject =
+        <ByteCount>::json_schema(gen).into();
+    let min_mem = MIN_MEMORY_BYTES_PER_INSTANCE / (1 << 30);
+    let max_mem = MAX_MEMORY_BYTES_PER_INSTANCE / (1 << 30);
+    schema.metadata().description = Some(
+        format!("the amount of memory to allocate to the instance, in bytes.\n\nMust be between {min_mem} and {max_mem} GiB.")
+    );
+    schema.number().minimum = Some(MIN_MEMORY_BYTES_PER_INSTANCE as f64);
+    schema.number().maximum = Some(MAX_MEMORY_BYTES_PER_INSTANCE as f64);
+    schema.into()
+}
+
 // If you change this, also update the error message in
 // `UserData::deserialize()` below.
 pub const MAX_USER_DATA_BYTES: usize = 32 * 1024; // 32 KiB
@@ -1151,9 +1173,25 @@ pub struct DiskCreate {
     /// initial source for this disk
     pub disk_source: DiskSource,
     /// total size of the Disk in bytes
+    #[schemars(schema_with = "disk_size_limits")]
     pub size: ByteCount,
 }
 
+fn disk_size_limits(
+    gen: &mut schemars::gen::SchemaGenerator,
+) -> schemars::schema::Schema {
+    let mut schema: schemars::schema::SchemaObject =
+        ByteCount::json_schema(gen).into();
+    let min_disk = MIN_DISK_SIZE_BYTES / (1 << 30);
+    let max_disk = MAX_DISK_SIZE_BYTES / (1 << 30);
+    schema.metadata().description = Some(
+        format!("total size of the disk in bytes.\n\nMust be between {min_disk} and {max_disk} GiB.")
+    );
+    schema.number().minimum = Some(MIN_DISK_SIZE_BYTES as f64);
+    schema.number().maximum = Some(MAX_DISK_SIZE_BYTES as f64);
+    schema.into()
+}
+
 // equivalent to crucible_pantry_client::types::ExpectedDigest
 #[derive(Clone, Debug, Deserialize, Serialize, JsonSchema)]
 #[serde(rename_all = "snake_case")]

openapi/nexus-internal.json

@@ -1850,7 +1850,8 @@
         "description": "The number of CPUs in an Instance",
         "type": "integer",
         "format": "uint16",
-        "minimum": 0
+        "minimum": 1,
+        "maximum": 64
       },
       "InstanceRuntimeState": {
         "description": "Runtime state of the Instance, including the actual running state and minimal metadata\n\nThis state is owned by the sled agent running that Instance.",

openapi/nexus.json

@@ -8544,11 +8544,10 @@
           },
           "size": {
             "description": "total size of the Disk in bytes",
-            "allOf": [
-              {
-                "$ref": "#/components/schemas/ByteCount"
-              }
-            ]
+            "type": "integer",
+            "format": "uint64",
+            "minimum": 1073741824,
+            "maximum": 1098437885952
           }
         },
         "required": [
@@ -9601,7 +9600,8 @@
         "description": "The number of CPUs in an Instance",
         "type": "integer",
         "format": "uint16",
-        "minimum": 0
+        "minimum": 1,
+        "maximum": 64
       },
       "InstanceCreate": {
         "description": "Create-time parameters for an `Instance`",
@@ -9630,7 +9630,11 @@
             "type": "string"
           },
           "memory": {
-            "$ref": "#/components/schemas/ByteCount"
+            "description": "the amount of memory to allocate to the instance, in bytes.\n\nMust be between 1 and 256 GiB.",
+            "type": "integer",
+            "format": "uint64",
+            "minimum": 1073741824,
+            "maximum": 274877906944
           },
           "name": {
             "$ref": "#/components/schemas/Name"
@@ -9692,11 +9696,10 @@
               },
               "size": {
                 "description": "total size of the Disk in bytes",
-                "allOf": [
-                  {
-                    "$ref": "#/components/schemas/ByteCount"
-                  }
-                ]
+                "type": "integer",
+                "format": "uint64",
+                "minimum": 1073741824,
+                "maximum": 1098437885952
               },
               "type": {
                 "type": "string",

openapi/sled-agent.json

@@ -1344,7 +1344,8 @@
         "description": "The number of CPUs in an Instance",
         "type": "integer",
         "format": "uint16",
-        "minimum": 0
+        "minimum": 1,
+        "maximum": 64
       },
       "InstanceEnsureBody": {
         "description": "The body of a request to ensure that an instance is known to a sled agent.",