Bootstrap new installation with boot and main networks

[akremenetsky]

Adaptation for the bootstrap command to run a new installation with two network.

• Boot network. It's required to perform provisioning process of new node. Also it's a private isolate network allows to transfer a private keys for agents.
• Main network. It's a base network for communication.

[gemini-code-assist]

Summary of Changes

Hello @akremenetsky, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly upgrades the bootstrap command by implementing a dual-network architecture for new installations. This separation provides a secure, isolated 'boot network' for initial provisioning and sensitive operations like private key transfer, while a 'main network' is established for all subsequent general communication. This enhancement improves the security posture and operational flexibility of the bootstrapping process by clearly segregating network traffic based on its purpose.

Highlights

• Dual Network Support: Introduced support for two distinct networks during the bootstrap process: a 'boot network' for provisioning and private key transfer, and a 'main network' for general communication.
• CLI Enhancements: Added new command-line options --boot-cidr and --boot-bridge to the bootstrap command, allowing users to configure the dedicated boot network.
• Infrastructure Updates: Modified the libvirt driver to handle the creation and management of both main and boot networks, and enabled virtual machines to attach to multiple networks simultaneously.
• Stand Model Extension: Extended the Stand data model to explicitly include a boot_network attribute, formalizing the dual-network configuration.

Changelog

• genesis_devtools/cmd/cli.py
  • Added a new constant GC_BOOT_CIDR for the default boot network CIDR.
  • Introduced --boot-cidr and --boot-bridge options to the bootstrap_cmd for configuring the boot network.
  • Updated bootstrap_cmd and _bootstrap_core function signatures to accept and pass the new boot network parameters.
  • Modified _bootstrap_core to create and utilize a default_stand_boot_network instance.
  • Implemented error handling around infra.create_stand in _bootstrap_core to ensure proper cleanup on failure.
• genesis_devtools/infra/driver/libvirt.py
  • Updated create_stand to include checks for existing boot networks before creation.
  • Added logic within create_stand to create an isolated boot network if specified.
  • Modified create_stand to pass both main and boot networks to the libvirt.create_domain function.
  • Updated delete_stand to ensure both the main and boot networks are destroyed during stand cleanup.
• genesis_devtools/infra/libvirt/libvirt.py
  • Imported the models module from genesis_devtools.stand.
  • Changed the net_iface placeholder to net_ifaces in the vm_template to accommodate multiple network interfaces.
  • Added a new XML template isolated_network_no_dhcp_template for creating isolated networks.
  • Introduced a define_network helper function to centralize network definition and startup logic.
  • Added a create_isolated_network function for creating isolated Libvirt networks.
  • Refactored create_nat_network to utilize the new define_network helper.
  • Modified create_domain to accept a collection of networks instead of a single network name and type.
  • Updated create_domain to dynamically generate XML for multiple network interfaces based on the provided networks.
  • Added stdout=subprocess.DEVNULL to subprocess.run calls for cp and virsh commands to suppress output.
  • Replaced subprocess.run with subprocess.check_call for virsh commands to ensure command success.
  • Added subprocess.check_call for rm -f in exception handling to ensure disk cleanup.
• genesis_devtools/stand/models.py
  • Added a boot_network attribute to the Stand dataclass, along with descriptive comments.
  • Updated the single_bootstrap_stand class method to accept and assign a boot_network.
  • Modified the empty_stand class method to initialize boot_network as a dummy network if not explicitly provided.
  • Updated the from_spec class method to correctly parse the boot_network from a stand specification.
• genesis_devtools/utils.py
  • Added a new utility function installation_boot_net_name for generating consistent boot network names.

Activity

• No specific activity has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces support for a separate boot network during installation, which is a solid architectural improvement for isolating provisioning traffic. However, it introduces several security vulnerabilities, including command injection in the libvirt driver due to shell=True usage with user-supplied names, as well as potential path traversal and XML injection. Despite some efforts to move to safer subprocess calls, the new logic still relies on vulnerable functions and lacks proper input validation. Furthermore, a high-severity issue in the cleanup logic could lead to the unintended deletion of user-managed networks.