Plan according to RFD 565 §9

Author: plotnick

common/src/api/external/mod.rs

@@ -748,6 +748,10 @@ impl Generation {
         );
         Generation(next_gen)
     }
+
+    pub const fn prev(&self) -> Option<Generation> {
+        if self.0 > 1 { Some(Generation(self.0 - 1)) } else { None }
+    }
 }
 
 impl<'de> Deserialize<'de> for Generation {

nexus-sled-agent-shared/src/inventory.rs

@@ -16,6 +16,7 @@ use omicron_common::{
         DatasetManagementStatus, DatasetsConfig, DiskManagementStatus,
         DiskVariant, OmicronPhysicalDisksConfig,
     },
+    update::ArtifactId,
     zpool_name::ZpoolName,
 };
 use omicron_uuid_kinds::{DatasetUuid, OmicronZoneUuid};
@@ -26,7 +27,7 @@ use serde::{Deserialize, Serialize};
 // depend on sled-hardware-types.
 pub use sled_hardware_types::Baseboard;
 use strum::EnumIter;
-use tufaceous_artifact::ArtifactHash;
+use tufaceous_artifact::{ArtifactHash, KnownArtifactKind};
 
 /// Identifies information about disks which may be attached to Sleds.
 #[derive(Clone, Debug, Deserialize, JsonSchema, Serialize)]
@@ -492,13 +493,14 @@ impl OmicronZoneType {
 ///
 /// # String representations of this type
 ///
-/// There are no fewer than four string representations for this type, all
+/// There are no fewer than five string representations for this type, all
 /// slightly different from each other.
 ///
 /// 1. [`Self::zone_prefix`]: Used to construct zone names.
 /// 2. [`Self::service_prefix`]: Used to construct SMF service names.
 /// 3. [`Self::name_prefix`]: Used to construct `Name` instances.
 /// 4. [`Self::report_str`]: Used for reporting and testing.
+/// 5. [`Self::artifact_name`]: Used to match TUF artifact names.
 ///
 /// There is no `Display` impl to ensure that users explicitly choose the
 /// representation they want. (Please play close attention to this! The
@@ -636,6 +638,20 @@ impl ZoneKind {
             ZoneKind::Oximeter => "oximeter",
         }
     }
+
+    /// Return true if an artifact represents a control plane zone image
+    /// of this kind.
+    pub fn is_control_plane_zone_artifact(
+        self,
+        artifact_id: &ArtifactId,
+    ) -> bool {
+        artifact_id
+            .kind
+            .to_known()
+            .map(|kind| matches!(kind, KnownArtifactKind::Zone))
+            .unwrap_or(false)
+            && artifact_id.name == self.artifact_name()
+    }
 }
 
 /// Where Sled Agent should get the image for a zone.

nexus/db-queries/src/db/datastore/target_release.rs

@@ -7,7 +7,9 @@
 use super::DataStore;
 use crate::authz;
 use crate::context::OpContext;
-use crate::db::model::{SemverVersion, TargetRelease, TargetReleaseSource};
+use crate::db::model::{
+    Generation, SemverVersion, TargetRelease, TargetReleaseSource,
+};
 use async_bb8_diesel::AsyncRunQueryDsl as _;
 use diesel::insert_into;
 use diesel::prelude::*;
@@ -44,6 +46,25 @@ impl DataStore {
         Ok(current)
     }
 
+    /// Fetch a target release by generation number.
+    pub async fn target_release_get_generation(
+        &self,
+        opctx: &OpContext,
+        generation: Generation,
+    ) -> LookupResult<Option<TargetRelease>> {
+        opctx
+            .authorize(authz::Action::Read, &authz::TARGET_RELEASE_CONFIG)
+            .await?;
+        let conn = self.pool_connection_authorized(opctx).await?;
+        dsl::target_release
+            .select(TargetRelease::as_select())
+            .filter(dsl::generation.eq(generation))
+            .first_async(&*conn)
+            .await
+            .optional()
+            .map_err(|e| public_error_from_diesel(e, ErrorHandler::Server))
+    }
+
     /// Insert a new target release row and return it. It will only become
     /// the current target release if its generation is larger than any
     /// existing row.

nexus/reconfigurator/execution/src/dns.rs

@@ -1425,6 +1425,7 @@ mod test {
                 clickhouse_policy: None,
                 oximeter_read_policy: OximeterReadPolicy::new(1),
                 tuf_repo: None,
+                old_repo: None,
                 log,
             }
             .build()

nexus/reconfigurator/planning/src/blueprint_builder/builder.rs

@@ -14,6 +14,7 @@ use crate::blueprint_editor::ExternalSnatNetworkingChoice;
 use crate::blueprint_editor::NoAvailableDnsSubnets;
 use crate::blueprint_editor::SledEditError;
 use crate::blueprint_editor::SledEditor;
+use crate::planner::OrderedComponent;
 use crate::planner::ZoneExpungeReason;
 use crate::planner::rng::PlannerRng;
 use anyhow::Context as _;
@@ -33,7 +34,6 @@ use nexus_types::deployment::BlueprintSledConfig;
 use nexus_types::deployment::BlueprintZoneConfig;
 use nexus_types::deployment::BlueprintZoneDisposition;
 use nexus_types::deployment::BlueprintZoneImageSource;
-use nexus_types::deployment::BlueprintZoneImageVersion;
 use nexus_types::deployment::BlueprintZoneType;
 use nexus_types::deployment::ClickhouseClusterConfig;
 use nexus_types::deployment::CockroachDbPreserveDowngrade;
@@ -57,6 +57,7 @@ use omicron_common::address::DNS_PORT;
 use omicron_common::address::NTP_PORT;
 use omicron_common::address::ReservedRackSubnet;
 use omicron_common::api::external::Generation;
+use omicron_common::api::external::TufRepoDescription;
 use omicron_common::api::external::Vni;
 use omicron_common::api::internal::shared::NetworkInterface;
 use omicron_common::api::internal::shared::NetworkInterfaceKind;
@@ -83,7 +84,6 @@ use std::net::Ipv6Addr;
 use std::net::SocketAddr;
 use std::net::SocketAddrV6;
 use thiserror::Error;
-use tufaceous_artifact::KnownArtifactKind;
 
 use super::ClickhouseZonesThatShouldBeRunning;
 use super::clickhouse::ClickhouseAllocator;
@@ -1903,34 +1903,55 @@ impl<'a> BlueprintBuilder<'a> {
         self.pending_mgs_updates.remove(baseboard_id);
     }
 
-    /// Try to find an artifact in the release repo that contains an image
-    /// for a zone of the given kind. Defaults to the install dataset.
+    fn zone_image_artifact(
+        repo: Option<&TufRepoDescription>,
+        zone_kind: ZoneKind,
+    ) -> BlueprintZoneImageSource {
+        repo.and_then(|repo| {
+            repo.artifacts
+                .iter()
+                .find(|artifact| {
+                    zone_kind.is_control_plane_zone_artifact(&artifact.id)
+                })
+                .map(BlueprintZoneImageSource::from_available_artifact)
+        })
+        .unwrap_or(BlueprintZoneImageSource::InstallDataset)
+    }
+
+    /// Try to find an artifact in either the current or previous release repo
+    /// that contains an image for a zone of the given kind; see RFD 565 §9.
+    /// Defaults to the install dataset.
     pub(crate) fn zone_image_source(
         &self,
         zone_kind: ZoneKind,
     ) -> BlueprintZoneImageSource {
-        self.input
-            .tuf_repo()
-            .and_then(|repo| {
-                repo.artifacts
-                    .iter()
-                    .find(|artifact| {
-                        artifact
-                            .id
-                            .kind
-                            .to_known()
-                            .map(|kind| matches!(kind, KnownArtifactKind::Zone))
-                            .unwrap_or(false)
-                            && artifact.id.name == zone_kind.artifact_name()
-                    })
-                    .map(|artifact| BlueprintZoneImageSource::Artifact {
-                        version: BlueprintZoneImageVersion::Available {
-                            version: artifact.id.version.clone(),
-                        },
-                        hash: artifact.hash,
+        let new_repo = self.input.tuf_repo();
+        let old_repo = self.input.old_repo();
+        let new_artifact = Self::zone_image_artifact(new_repo, zone_kind);
+        let old_artifact = Self::zone_image_artifact(old_repo, zone_kind);
+        if let Some(prev) = OrderedComponent::from(zone_kind).prev() {
+            if prev >= OrderedComponent::ControlPlaneZone
+                && self.sled_ids_with_zones().any(|sled_id| {
+                    self.current_sled_zones(
+                        sled_id,
+                        BlueprintZoneDisposition::is_in_service,
+                    )
+                    .any(|z| {
+                        let kind = z.zone_type.kind();
+                        let old_artifact =
+                            Self::zone_image_artifact(old_repo, kind);
+                        OrderedComponent::from(kind) == prev
+                            && z.image_source == old_artifact
                     })
-            })
-            .unwrap_or(BlueprintZoneImageSource::InstallDataset)
+                })
+            {
+                old_artifact
+            } else {
+                new_artifact
+            }
+        } else {
+            new_artifact
+        }
     }
 }