| 1 | | [ May 25 00:59:31 Enabled. ] |
| 2 | | [ May 25 00:59:31 Rereading configuration. ] |
| 3 | | [ May 25 00:59:34 Rereading configuration. ] |
| 4 | | [ May 25 00:59:46 Executing start method ("ctrun -l child -o noorphan,regent /opt/oxide/omicron-nexus/bin/nexus /var/svc/manifest/site/nexus/config.toml &"). ] |
| 5 | | [ May 25 00:59:46 Method "start" exited with status 0. ] |
| 6 | | note: configured to log to "/dev/stdout" |
| 7 | 2024-05-25T00:59:46.628Z | DEBG | nexus: registered DTrace probes
|
| 8 | 2024-05-25T00:59:46.630Z | INFO | nexus: setting up nexus server
file = nexus/src/lib.rs:96
|
| 9 | 2024-05-25T00:59:46.640Z | INFO | nexus (ServerContext): registering Oso class
class = Action
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 10 | 2024-05-25T00:59:46.640Z | INFO | nexus (ServerContext): registering Oso class
class = AnyActor
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 11 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = AuthenticatedActor
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 12 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = BlueprintConfig
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 13 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = Database
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 14 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = DnsConfig
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 15 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = Fleet
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 16 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = Inventory
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 17 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = IpPoolList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 18 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = ConsoleSessionList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 19 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = DeviceAuthRequestList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 20 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = SiloCertificateList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 21 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = SiloIdentityProviderList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 22 | 2024-05-25T00:59:46.641Z | INFO | nexus (ServerContext): registering Oso class
class = SiloUserList
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 23 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Project
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 24 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Disk
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 25 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Snapshot
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 26 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = ProjectImage
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 27 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Instance
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 28 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = IpPool
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 29 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = InstanceNetworkInterface
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 30 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Vpc
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 31 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = VpcRouter
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 32 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = RouterRoute
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 33 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = VpcSubnet
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 34 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = FloatingIp
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 35 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Image
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 36 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = SiloImage
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 37 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = AddressLot
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 38 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Blueprint
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 39 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = LoopbackAddress
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 40 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Certificate
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 41 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = ConsoleSession
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 42 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = DeviceAuthRequest
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 43 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = DeviceAccessToken
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 44 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = PhysicalDisk
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 45 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Rack
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 46 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = RoleBuiltin
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 47 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = SshKey
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 48 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Silo
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 49 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = SiloUser
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 50 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = SiloGroup
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 51 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = IdentityProvider
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 52 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = SamlIdentityProvider
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 53 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Sled
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 54 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = TufRepo
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 55 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = TufArtifact
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 56 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Zpool
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 57 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = Service
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 58 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): registering Oso class
class = UserBuiltin
file = nexus/db-queries/src/authz/oso_generic.rs:68
|
| 59 | 2024-05-25T00:59:46.642Z | INFO | nexus (ServerContext): full Oso configuration
config = #\n# Oso configuration for Omicron\n# This file is augmented by generated snippets.\n#\n\n#\n# ACTOR TYPES AND BASIC RULES\n#\n\n# `AnyActor` includes both authenticated and unauthenticated users.\nactor AnyActor {}\n\n# An `AuthenticatedActor` has an identity in the system. All of our operations\n# today require that an actor be authenticated.\nactor AuthenticatedActor {}\n\n# For any resource, `actor` can perform action `action` on it if they're\n# authenticated and their role(s) give them the corresponding permission on that\n# resource.\nallow(actor: AnyActor, action: Action, resource) if\n actor.authenticated and\n has_permission(actor.authn_actor.unwrap(), action.to_perm(), resource);\n\n# Define role relationships\nhas_role(actor: AuthenticatedActor, role: String, resource: Resource)\n\tif resource.has_role(actor, role);\n\n#\n# ROLES AND PERMISSIONS IN THE FLEET/SILO/PROJECT HIERARCHY\n#\n# We define the following permissions for most resources in the system:\n#\n# - "create_child": required to create child resources (of any type)\n#\n# - "list_children": required to list child resources (of all types) of a\n# resource\n#\n# - "modify": required to modify or delete a resource\n#\n# - "read": required to read a resource\n#\n# We define the following predefined roles for only a few high-level resources:\n# the Fleet (see below), Silo, Organization, and Project. The specific roles\n# are oriented around intended use-cases:\n#\n# - "admin": has all permissions on the resource\n#\n# - "collaborator": has "read", "list_children", and "create_child", plus\n# the "admin" role for child resources. The idea is that if you're an\n# Organization Collaborator, you have full control over the Projects within\n# the Organization, but you cannot modify or delete the Organization itself.\n#\n# - "viewer": has "read" and "list_children" on a resource\n#\n# Below the Project level, permissions are granted via roles at the Project\n# level. For example, for someone to be able to create, modify, or delete any\n# Instances, they must be granted project.collaborator, which means they can\n# create, modify, or delete _all_ resources in the Project.\n#\n# The complete set of predefined roles:\n#\n# - fleet.admin (superuser for the whole system)\n# - fleet.collaborator (can manage Silos)\n# - fleet.viewer (can read most non-siloed resources in the system)\n# - silo.admin (superuser for the silo)\n# - silo.collaborator (can create and own Organizations)\n# - silo.viewer (can read most resources within the Silo)\n# - organization.admin (complete control over an organization)\n# - organization.collaborator (can manage Projects)\n# - organization.viewer (can read most resources within the Organization)\n# - project.admin (complete control over a Project)\n# - project.collaborator (can manage all resources within the Project)\n# - project.viewer (can read most resources within the Project)\n#\n# Outside the Silo/Organization/Project hierarchy, we (currently) treat most\n# resources as nested under Fleet or else a synthetic resource (see below). We\n# do not yet support role assignments on anything other than Fleet, Silo,\n# Organization, or Project.\n#\n\n# "Fleet" is a global singleton representing the whole system. The name comes\n# from the idea described in RFD 24, but it's not quite right. This probably\n# should be more like "Region" or "AvailabilityZone". The precise boundaries\n# have not yet been figured out.\nresource Fleet {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\troles = [\n\t # Roles that can be attached by users\n\t "admin",\n\t "collaborator",\n\t "viewer",\n\n\t # Internal-only roles\n\t "external-authenticator"\n\t];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n}\n\n# For fleets specifically, roles can be conferred by roles on the user's Silo.\nhas_role(actor: AuthenticatedActor, role: String, _: Fleet) if\n\tsilo_role in actor.confers_fleet_role(role) and\n\thas_role(actor, silo_role, actor.silo.unwrap());\n\nresource Silo {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\troles = [ "admin", "collaborator", "viewer" ];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n\n\t# Permissions implied by roles on this resource's parent (Fleet). Fleet\n\t# privileges allow a user to see and potentially administer the Silo,\n\t# but they do not give anyone permission to look at anything inside the\n\t# Silo. To achieve this, we use permission rules here. (If we granted\n\t# Fleet administrators _roles_ on the Silo, then those would cascade\n\t# into the Silo as well.)\n\trelations = { parent_fleet: Fleet };\n\t"read" if "viewer" on "parent_fleet";\n\t"modify" if "collaborator" on "parent_fleet";\n\n\t# external authenticator has to create silo users\n\t"list_children" if "external-authenticator" on "parent_fleet";\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\n\nhas_relation(fleet: Fleet, "parent_fleet", silo: Silo)\n\tif silo.fleet = fleet;\n\n# As a special case, all authenticated users can read their own Silo. That's\n# not quite the same as having the "viewer" role. For example, they cannot list\n# Organizations in the Silo.\n#\n# One reason this is necessary is because if an unprivileged user tries to\n# create an Organization using "POST /organizations", they should get back a 403\n# (which implies they're able to see /organizations, which is essentially seeing\n# the Silo itself) rather than a 404. This behavior isn't a hard constraint\n# (i.e., you could reasonably get a 404 for an API you're not allowed to call).\n# Nor is the implementation (i.e., we could special-case this endpoint somehow).\n# But granting this permission is the simplest way to keep this endpoint's\n# behavior consistent with the rest of the API.\n#\n# This rule is also used to determine if a user can list the identity providers\n# in the Silo (which they should be able to), since that's predicated on being\n# able to read the Silo.\n#\n# It's unclear what else would break if users couldn't see their own Silo.\nhas_permission(actor: AuthenticatedActor, "read", silo: Silo)\n\tif silo in actor.silo;\n\nresource Project {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\troles = [ "admin", "collaborator", "viewer" ];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n\n\t# Roles implied by roles on this resource's parent (Silo)\n\trelations = { parent_silo: Silo };\n\t"admin" if "collaborator" on "parent_silo";\n\t"viewer" if "viewer" on "parent_silo";\n}\nhas_relation(silo: Silo, "parent_silo", project: Project)\n\tif project.silo = silo;\n\n#\n# GENERAL RESOURCES OUTSIDE THE SILO/PROJECT HIERARCHY\n#\n# Many resources use snippets of Polar generated by the `authz_resource!` Rust\n# macro. Some resources require custom Polar code. Those appear here.\n#\n\nresource Certificate {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Fleet-level and silo-level roles both grant privileges on certificates.\n\t"read" if "admin" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"read" if "admin" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", certificate: Certificate)\n\tif certificate.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", certificate: Certificate)\n\tif certificate.silo.fleet = fleet;\n\nresource SiloUser {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\t# Fleet and Silo administrators can manage a Silo's users. This is one\n\t# of the only areas of Silo configuration that Fleet Administrators have\n\t# permissions on.\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\t"list_children" if "read" on "parent_silo";\n\t"read" if "read" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\t"list_children" if "read" on "parent_fleet";\n\t"read" if "read" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", user: SiloUser)\n\tif user.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", user: SiloUser)\n\tif user.silo.fleet = fleet;\n\n# authenticated actors have all permissions on themselves\nhas_permission(actor: AuthenticatedActor, _perm: String, silo_user: SiloUser)\n if actor.equals_silo_user(silo_user);\n\nhas_permission(actor: AuthenticatedActor, "read", silo_user: SiloUser)\n if silo_user.silo in actor.silo;\n\nresource SiloGroup {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\trelations = { parent_silo: Silo };\n\t"list_children" if "read" on "parent_silo";\n\t"read" if "read" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n}\nhas_relation(silo: Silo, "parent_silo", group: SiloGroup)\n\tif group.silo = silo;\n\nresource SshKey {\n\tpermissions = [ "read", "modify" ];\n\trelations = { silo_user: SiloUser };\n\n\t"read" if "read" on "silo_user";\n\t"modify" if "modify" on "silo_user";\n}\nhas_relation(user: SiloUser, "silo_user", ssh_key: SshKey)\n\tif ssh_key.silo_user = user;\n\nresource IdentityProvider {\n\tpermissions = [\n\t "read",\n\t "modify",\n\t "create_child",\n\t "list_children",\n\t];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Silo-level roles grant privileges on identity providers.\n\t"read" if "viewer" on "parent_silo";\n\t"list_children" if "viewer" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\n\t# Fleet-level roles also grant privileges on identity providers.\n\t"read" if "viewer" on "parent_fleet";\n\t"list_children" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", identity_provider: IdentityProvider)\n\tif identity_provider.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: IdentityProvider)\n\tif collection.silo.fleet = fleet;\n\nresource SamlIdentityProvider {\n\tpermissions = [\n\t "read",\n\t "modify",\n\t "create_child",\n\t "list_children",\n\t];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Silo-level roles grant privileges on identity providers.\n\t"read" if "viewer" on "parent_silo";\n\t"list_children" if "viewer" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\n\t# Fleet-level roles also grant privileges on identity providers.\n\t"read" if "viewer" on "parent_fleet";\n\t"list_children" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", saml_identity_provider: SamlIdentityProvider)\n\tif saml_identity_provider.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SamlIdentityProvider)\n\tif collection.silo.fleet = fleet;\n\n#\n# SYNTHETIC RESOURCES OUTSIDE THE SILO HIERARCHY\n#\n# The resources here do not correspond to anything that appears explicitly in\n# the API or is stored in the database. These are used either at the top level\n# of the API path (e.g., "/v1/system/ip-pools") or as an implementation detail of the system\n# (in the case of console sessions and "Database"). The policies are\n# either statically-defined in this file or driven by role assignments on the\n# Fleet. None of these resources defines their own roles.\n#\n\n# Describes the policy for reading and modifying DNS configuration\n# (both internal and external)\nresource DnsConfig {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_fleet: Fleet };\n\t# "external-authenticator" requires these permissions because that's the\n\t# context that Nexus uses when creating and deleting Silos. These\n\t# operations necessarily need to read and modify DNS configuration.\n\t"read" if "external-authenticator" on "parent_fleet";\n\t"modify" if "external-authenticator" on "parent_fleet";\n\t# "admin" on the parent fleet also gets these permissions, primarily for\n\t# the test suite.\n\t"read" if "admin" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", dns_config: DnsConfig)\n\tif dns_config.fleet = fleet;\n\n# Describes the policy for accessing blueprints\nresource BlueprintConfig {\n\tpermissions = [\n\t "list_children", # list blueprints\n\t "create_child", # create blueprint\n\t "read", # read the current target\n\t "modify", # change the current target\n\t];\n\n\trelations = { parent_fleet: Fleet };\n\t"create_child" if "admin" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"list_children" if "viewer" on "parent_fleet";\n\t"read" if "viewer" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", list: BlueprintConfig)\n\tif list.fleet = fleet;\n\n# Describes the policy for reading and modifying low-level inventory\nresource Inventory {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_fleet: Fleet };\n\t"read" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", inventory: Inventory)\n\tif inventory.fleet = fleet;\n\n# Describes the policy for accessing "/v1/system/ip-pools" in the API\nresource IpPoolList {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "create_child",\n\t];\n\n\t# Fleet Administrators can create or modify the IP Pools list.\n\trelations = { parent_fleet: Fleet };\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n\n\t# Fleet Viewers can list IP Pools\n\t"list_children" if "viewer" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", ip_pool_list: IpPoolList)\n\tif ip_pool_list.fleet = fleet;\n\n# Any authenticated user can create a child of a provided IP Pool.\n# This is necessary to use the pools when provisioning instances.\nhas_permission(actor: AuthenticatedActor, "create_child", ip_pool: IpPool)\n\tif silo in actor.silo and silo.fleet = ip_pool.fleet;\n\n# Describes the policy for creating and managing web console sessions.\nresource ConsoleSessionList {\n\tpermissions = [ "create_child" ];\n\trelations = { parent_fleet: Fleet };\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", collection: ConsoleSessionList)\n\tif collection.fleet = fleet;\n\n# Describes the policy for creating and managing device authorization requests.\nresource DeviceAuthRequestList {\n\tpermissions = [ "create_child" ];\n\trelations = { parent_fleet: Fleet };\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", collection: DeviceAuthRequestList)\n\tif collection.fleet = fleet;\n\n# Describes the policy for creating and managing Silo certificates\nresource SiloCertificateList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Both Fleet and Silo administrators can see and modify the Silo's\n\t# certificates.\n\t"list_children" if "admin" on "parent_silo";\n\t"list_children" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloCertificateList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloCertificateList)\n\tif collection.silo.fleet = fleet;\n\n# Describes the policy for creating and managing Silo identity providers\nresource SiloIdentityProviderList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Everyone who can read the Silo (which includes all the users in the\n\t# Silo) can see the identity providers in it.\n\t"list_children" if "read" on "parent_silo";\n\n\t# Fleet and Silo administrators can manage the Silo's identity provider\n\t# configuration. This is one of the only areas of Silo configuration\n\t# that Fleet Administrators have permissions on. This is also one of\n\t# the only cases where we need to look two levels up the hierarchy to\n\t# see if somebody has the right permission. For most other things,\n\t# permissions cascade down the hierarchy so we only need to look at the\n\t# parent.\n\t"create_child" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloIdentityProviderList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloIdentityProviderList)\n\tif collection.silo.fleet = fleet;\n\n# Describes the policy for creating and managing Silo users (mostly intended for\n# API-managed users)\nresource SiloUserList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Everyone who can read the Silo (which includes all the users in the\n\t# Silo) can see the users in it.\n\t"list_children" if "read" on "parent_silo";\n\n\t# Fleet and Silo administrators can manage the Silo's users. This is\n\t# one of the only areas of Silo configuration that Fleet Administrators\n\t# have permissions on. This is also one of the few cases (so far) where\n\t# we need to look two levels up the hierarchy to see if somebody has the\n\t# right permission. For most other things, permissions cascade down the\n\t# hierarchy so we only need to look at the parent.\n\t"create_child" if "admin" on "parent_silo";\n\t"list_children" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloUserList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloUserList)\n\tif collection.silo.fleet = fleet;\n\n# These rules grants the external authenticator role the permissions it needs to\n# read silo users and modify their sessions. This is necessary for login to\n# work.\nhas_permission(actor: AuthenticatedActor, "read", silo: Silo)\n\tif has_role(actor, "external-authenticator", silo.fleet);\nhas_permission(actor: AuthenticatedActor, "read", user: SiloUser)\n\tif has_role(actor, "external-authenticator", user.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", user: SiloUser)\n\tif has_role(actor, "external-authenticator", user.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "read", group: SiloGroup)\n\tif has_role(actor, "external-authenticator", group.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", group: SiloGroup)\n\tif has_role(actor, "external-authenticator", group.silo.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", session: ConsoleSession)\n\tif has_role(actor, "external-authenticator", session.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", session: ConsoleSession)\n\tif has_role(actor, "external-authenticator", session.fleet);\n\n# All authenticated users can read and delete device authn requests because\n# by necessity these operations happen before we've figured out what user (or\n# even Silo) the device auth is associated with. Any user can claim a device\n# auth request with the right user code (that's how it works) -- it's the user\n# code and associated logic that prevents unauthorized access here.\nhas_permission(_actor: AuthenticatedActor, "read", _device_auth: DeviceAuthRequest);\nhas_permission(_actor: AuthenticatedActor, "modify", _device_auth: DeviceAuthRequest);\n\nhas_permission(actor: AuthenticatedActor, "read", device_token: DeviceAccessToken)\n\tif has_role(actor, "external-authenticator", device_token.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", identity_provider: IdentityProvider)\n\tif has_role(actor, "external-authenticator", identity_provider.silo.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", saml_identity_provider: SamlIdentityProvider)\n\tif has_role(actor, "external-authenticator", saml_identity_provider.silo.fleet);\n\n# Describes the policy for who can access the internal database.\nresource Database {\n\tpermissions = [\n\t # "query" is required to perform any query against the database,\n\t # whether a read or write query. This is checked when an operation\n\t # checks out a database connection from the connection pool.\n\t #\n\t # Any authenticated user gets this permission. There's generally\n\t # some other authz check involved in the database query. For\n\t # example, if you're querying the database to "read" a "Project", we\n\t # should also be checking that. So why do we do this at all? It's\n\t # a belt-and-suspenders measure so that if we somehow introduced an\n\t # unauthenticated code path that hits the database, it cannot be\n\t # used to DoS the database because we won't allow the operation to\n\t # make the query. (As long as the code path _is_ authenticated, we\n\t # can use throttling mechanisms to prevent DoS.)\n\t "query",\n\n\t # "modify" is required to populate database data that's delivered\n\t # with the system. It should also be required for schema changes,\n\t # when we support those. This is separate from "query" so that we\n\t # cannot accidentally invoke these code paths from API calls and\n\t # other general functions.\n\t "modify"\n\t];\n}\n\n# All authenticated users have the "query" permission on the database.\nhas_permission(_actor: AuthenticatedActor, "query", _resource: Database);\n\n# The "db-init" user is the only one with the "modify" permission.\nhas_permission(USER_DB_INIT: AuthenticatedActor, "modify", _resource: Database);\nhas_permission(USER_DB_INIT: AuthenticatedActor, "create_child", _resource: IpPoolList);\n# It also has "admin" on the internal silo to populate it with built-in resources.\n# TODO-completeness: actually limit to just internal silo and not all silos\nhas_role(USER_DB_INIT: AuthenticatedActor, "admin", _silo: Silo);\n\n# Allow the internal API admin permissions on all silos.\nhas_role(USER_INTERNAL_API: AuthenticatedActor, "admin", _silo: Silo);\n\n\n\n resource Disk {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Disk)\n if child.project = parent;\n \n\n resource Snapshot {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Snapshot)\n if child.project = parent;\n \n\n resource ProjectImage {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: ProjectImage)\n if child.project = parent;\n \n\n resource Instance {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Instance)\n if child.project = parent;\n \n\n resource IpPool {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: IpPool)\n if child.fleet = fleet;\n \n\n resource InstanceNetworkInterface {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Instance\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: InstanceNetworkInterface)\n if has_relation(project, "containing_project", child.instance);\n\n has_relation(parent: Instance, "parent", child: InstanceNetworkInterface)\n if child.instance = parent;\n \n\n resource Vpc {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Vpc)\n if child.project = parent;\n \n\n resource VpcRouter {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Vpc\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: VpcRouter)\n if has_relation(project, "containing_project", child.vpc);\n\n has_relation(parent: Vpc, "parent", child: VpcRouter)\n if child.vpc = parent;\n \n\n resource RouterRoute {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: VpcRouter\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: RouterRoute)\n if has_relation(project, "containing_project", child.vpc_router);\n\n has_relation(parent: VpcRouter, "parent", child: RouterRoute)\n if child.vpc_router = parent;\n \n\n resource VpcSubnet {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Vpc\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: VpcSubnet)\n if has_relation(project, "containing_project", child.vpc);\n\n has_relation(parent: Vpc, "parent", child: VpcSubnet)\n if child.vpc = parent;\n \n\n resource FloatingIp {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: FloatingIp)\n if child.project = parent;\n \n\n resource Image {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_silo: Silo };\n "list_children" if "viewer" on "containing_silo";\n "read" if "viewer" on "containing_silo";\n "modify" if "collaborator" on "containing_silo";\n "create_child" if "collaborator" on "containing_silo";\n }\n\n has_relation(parent: Silo, "containing_silo", child: Image)\n if child.silo = parent;\n \n\n resource SiloImage {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_silo: Silo };\n "list_children" if "viewer" on "containing_silo";\n "read" if "viewer" on "containing_silo";\n "modify" if "collaborator" on "containing_silo";\n "create_child" if "collaborator" on "containing_silo";\n }\n\n has_relation(parent: Silo, "containing_silo", child: SiloImage)\n if child.silo = parent;\n \n\n resource AddressLot {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: AddressLot)\n if child.fleet = fleet;\n \n\n resource Blueprint {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Blueprint)\n if child.fleet = fleet;\n \n\n resource LoopbackAddress {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: LoopbackAddress)\n if child.fleet = fleet;\n \n\n\n resource ConsoleSession {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: ConsoleSession)\n if child.fleet = fleet;\n \n\n resource DeviceAuthRequest {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: DeviceAuthRequest)\n if child.fleet = fleet;\n \n\n resource DeviceAccessToken {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: DeviceAccessToken)\n if child.fleet = fleet;\n \n\n resource PhysicalDisk {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: PhysicalDisk)\n if child.fleet = fleet;\n \n\n resource Rack {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Rack)\n if child.fleet = fleet;\n \n\n resource RoleBuiltin {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: RoleBuiltin)\n if child.fleet = fleet;\n \n\n\n\n\n\n\n\n resource Sled {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Sled)\n if child.fleet = fleet;\n \n\n resource TufRepo {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: TufRepo)\n if child.fleet = fleet;\n \n\n resource TufArtifact {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: TufArtifact)\n if child.fleet = fleet;\n \n\n resource Zpool {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Zpool)\n if child.fleet = fleet;\n \n\n resource Service {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Service)\n if child.fleet = fleet;\n \n\n resource UserBuiltin {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: UserBuiltin)\n if child.fleet = fleet;\n
file = nexus/db-queries/src/authz/oso_generic.rs:89
|
| 60 | 2024-05-25T00:59:46.656Z | INFO | nexus (ServerContext): Setting up resolver using DNS servers for subnet: Ipv6Subnet { net: Ipv6Net { addr: fd00:1122:3344::, width: 48 } }
file = nexus/src/context.rs:217
|
| 61 | 2024-05-25T00:59:46.660Z | INFO | nexus (DnsResolver): new DNS resolver
addresses = [[fd00:1122:3344:1::1]:53, [fd00:1122:3344:2::1]:53, [fd00:1122:3344:3::1]:53, [fd00:1122:3344:4::1]:53, [fd00:1122:3344:5::1]:53]
file = internal-dns/src/resolver.rs:60
|
| 62 | 2024-05-25T00:59:46.662Z | INFO | nexus (ServerContext): Accessing DB url from DNS
file = nexus/src/context.rs:246
|
| 63 | 2024-05-25T00:59:46.668Z | DEBG | nexus (DnsResolver): lookup_all_socket_v6 srv
dns_name = _cockroach._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_cockroach._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("4e3daccb-d6c4-4dfe-8405-1884b973557e.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("60fd33f2-e54d-4f53-8c68-c2ae023a3f6f.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("9cb5af16-58f2-4287-9912-8b309cae212d.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("d0b930ca-bc08-48fc-b8ac-e6f535e23db7.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("ddb9f969-e692-492a-b8f2-fc059d916367.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("ddb9f969-e692-492a-b8f2-fc059d916367.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::6)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 252336897 } })
|
| 64 | 2024-05-25T00:59:46.670Z | INFO | nexus (ServerContext): DB addresses: [fd00:1122:3344:101::7]:32221,[fd00:1122:3344:101::3]:32221,[fd00:1122:3344:101::4]:32221,[fd00:1122:3344:101::5]:32221,[fd00:1122:3344:101::6]:32221
file = nexus/src/context.rs:276
|
| 65 | 2024-05-25T00:59:46.671Z | INFO | nexus (db::Pool): database connection pool
database_url = postgresql://root@[fd00:1122:3344:101::7]:32221,[fd00:1122:3344:101::3]:32221,[fd00:1122:3344:101::4]:32221,[fd00:1122:3344:101::5]:32221,[fd00:1122:3344:101::6]:32221/omicron?sslmode=disable
file = nexus/db-queries/src/db/pool.rs:69
|
| 66 | 2024-05-25T00:59:46.689Z | INFO | nexus: Database schema version is up to date
desired_version = 66.0.0
file = nexus/db-queries/src/db/datastore/db_metadata.rs:145
found_version = 66.0.0
|
| 67 | 2024-05-25T00:59:46.691Z | DEBG | nexus (DnsResolver): lookup_all_ipv6 srv
dns_name = _dendrite._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 275821465 } })
|
| 68 | 2024-05-25T00:59:46.692Z | INFO | nexus (Nexus): Determining switch slots managed by switch zones
file = nexus/src/app/mod.rs:1029
|
| 69 | 2024-05-25T00:59:46.693Z | INFO | nexus (SEC): SEC running
file = /home/build/.cargo/registry/src/index.crates.io-6f17d22bba15001f/steno-0.4.0/src/sec.rs:811
sec_id = 929e98c8-2076-4d6e-b492-33a4c3ae7931
|
| 70 | 2024-05-25T00:59:46.741Z | INFO | nexus (Nexus): determining switch slot managed by dendrite zone
file = nexus/src/app/mod.rs:1037
zone_address = fd00:1122:3344:101::2
|
| 71 | 2024-05-25T00:59:46.742Z | DEBG | nexus (MgsClient): client request
body = None
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
|
| 72 | 2024-05-25T00:59:46.745Z | DEBG | nexus (MgsClient): client response
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "3d2546a2-1ed5-4483-89ad-44b667f132fb", "content-length": "26", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 73 | 2024-05-25T00:59:46.745Z | INFO | nexus (Nexus): identified switch slot for dendrite zone
file = nexus/src/app/mod.rs:1042
slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n}
zone_address = fd00:1122:3344:101::2
|
| 74 | 2024-05-25T00:59:46.745Z | INFO | nexus (Nexus): completed mapping dendrite zones to switch slots
file = nexus/src/app/mod.rs:1074
mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
|
| 75 | 2024-05-25T00:59:46.775Z | DEBG | nexus (DnsResolver): lookup_all_ipv6 srv
dns_name = _dendrite._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 359012679 } })
|
| 76 | 2024-05-25T00:59:46.776Z | INFO | nexus (Nexus): Determining switch slots managed by switch zones
file = nexus/src/app/mod.rs:1029
|
| 77 | 2024-05-25T00:59:46.808Z | INFO | nexus (Nexus): determining switch slot managed by dendrite zone
file = nexus/src/app/mod.rs:1037
zone_address = fd00:1122:3344:101::2
|
| 78 | 2024-05-25T00:59:46.808Z | DEBG | nexus (MgsClient): client request
body = None
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
|
| 79 | 2024-05-25T00:59:46.809Z | DEBG | nexus (MgsClient): client response
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "e1a60a66-3f82-46ed-86a5-57e603be9e60", "content-length": "26", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 80 | 2024-05-25T00:59:46.809Z | INFO | nexus (Nexus): identified switch slot for dendrite zone
file = nexus/src/app/mod.rs:1042
slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n}
zone_address = fd00:1122:3344:101::2
|
| 81 | 2024-05-25T00:59:46.809Z | INFO | nexus (Nexus): completed mapping dendrite zones to switch slots
file = nexus/src/app/mod.rs:1074
mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
|
| 82 | 2024-05-25T00:59:46.888Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 83 | 2024-05-25T00:59:46.889Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_config_internal
dns_group = internal
iteration = 1
reason = Timeout
|
| 84 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = phantom_disks
iteration = 1
reason = Timeout
|
| 85 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = nat_v4_garbage_collector
iteration = 1
reason = Timeout
|
| 86 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = region_replacement
iteration = 1
reason = Timeout
|
| 87 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = switch_port_config_manager
iteration = 1
reason = Timeout
|
| 88 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = blueprint_loader
iteration = 1
reason = Timeout
|
| 89 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = bfd_manager
iteration = 1
reason = Timeout
|
| 90 | 2024-05-25T00:59:46.890Z | DEBG | nexus (BackgroundTasks): activating
background_task = service_zone_nat_tracker
iteration = 1
reason = Timeout
|
| 91 | 2024-05-25T00:59:46.892Z | DEBG | nexus (BackgroundTasks): reading DNS version
background_task = dns_config_internal
dns_group = internal
|
| 92 | 2024-05-25T00:59:46.892Z | DEBG | nexus (BackgroundTasks): roles
background_task = nat_v4_garbage_collector
roles = RoleSet { roles: {} }
|
| 93 | 2024-05-25T00:59:46.892Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_servers_internal
dns_group = internal
iteration = 1
reason = Timeout
|
| 94 | 2024-05-25T00:59:46.892Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_internal
dns_group = internal
roles = RoleSet { roles: {} }
|
| 95 | 2024-05-25T00:59:46.893Z | WARN | nexus (BackgroundTasks): phantom disk task started
background_task = phantom_disks
file = nexus/src/app/background/phantom_disks.rs:46
|
| 96 | 2024-05-25T00:59:46.903Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = nat_v4_garbage_collector
resource = Database
result = Ok(())
|
| 97 | 2024-05-25T00:59:46.905Z | DEBG | nexus (DnsResolver): lookup_all_socket_v6 srv
dns_name = _nameservice._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_nameservice._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_nameservice._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 5353, target: Name("6e871ebc-2a78-4326-ab09-4c553c40b6ed.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_nameservice._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 5353, target: Name("90595ffb-aa60-4af7-af21-15862febde96.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_nameservice._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 5353, target: Name("d597f2c8-709a-497d-ba02-d34344702bf7.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("d597f2c8-709a-497d-ba02-d34344702bf7.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:2::1)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 487747333 } })
|
| 98 | 2024-05-25T00:59:46.905Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 99 | 2024-05-25T00:59:46.905Z | DEBG | nexus (DataLoader): attempting to create built-in users
|
| 100 | 2024-05-25T00:59:46.905Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 101 | 2024-05-25T00:59:46.905Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 102 | 2024-05-25T00:59:46.909Z | INFO | nexus (BackgroundTasks): found DNS servers (initial)
addresses = DnsServersList { addresses: [[fd00:1122:3344:1::1]:5353, [fd00:1122:3344:3::1]:5353, [fd00:1122:3344:2::1]:5353] }
background_task = dns_servers_internal
dns_group = internal
file = nexus/src/app/background/dns_servers.rs:113
|
| 103 | 2024-05-25T00:59:46.910Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_servers_internal
dns_group = internal
elapsed = 18.855468ms
iteration = 1
|
| 104 | 2024-05-25T00:59:46.910Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_internal
dns_group = internal
resource = Database
result = Ok(())
|
| 105 | 2024-05-25T00:59:46.911Z | WARN | nexus (BackgroundTasks): region replacement task started
background_task = region_replacement
file = nexus/src/app/background/region_replacement.rs:44
|
| 106 | 2024-05-25T00:59:46.911Z | WARN | nexus (BackgroundTasks): region replacement task done
background_task = region_replacement
file = nexus/src/app/background/region_replacement.rs:48
|
| 107 | 2024-05-25T00:59:46.911Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = region_replacement
elapsed = 21.234444ms
iteration = 1
|
| 108 | 2024-05-25T00:59:46.911Z | DEBG | nexus (BackgroundTasks): roles
background_task = bfd_manager
roles = RoleSet { roles: {} }
|
| 109 | 2024-05-25T00:59:46.912Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = bfd_manager
resource = Database
result = Ok(())
|
| 110 | 2024-05-25T00:59:46.912Z | DEBG | nexus (BackgroundTasks): activating
background_task = v2p_manager
iteration = 1
reason = Timeout
|
| 111 | 2024-05-25T00:59:46.912Z | DEBG | nexus (BackgroundTasks): roles
background_task = switch_port_config_manager
roles = RoleSet { roles: {} }
|
| 112 | 2024-05-25T00:59:46.912Z | DEBG | nexus (BackgroundTasks): roles
background_task = service_zone_nat_tracker
roles = RoleSet { roles: {} }
|
| 113 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = physical_disk_adoption
iteration = 1
reason = Timeout
|
| 114 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = physical_disk_adoption
roles = RoleSet { roles: {} }
|
| 115 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {} }
|
| 116 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_propagation_external
dns_group = external
iteration = 1
reason = Timeout
|
| 117 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = inventory_collection
iteration = 1
reason = Timeout
|
| 118 | 2024-05-25T00:59:46.914Z | WARN | nexus (BackgroundTasks): DNS propagation: skipped
background_task = dns_propagation_external
dns_group = external
file = nexus/src/app/background/dns_propagation.rs:61
reason = no config nor servers
|
| 119 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 120 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = blueprint_executor
iteration = 1
reason = Timeout
|
| 121 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_servers_external
dns_group = external
iteration = 1
reason = Timeout
|
| 122 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_propagation_internal
dns_group = internal
iteration = 1
reason = Timeout
|
| 123 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = metrics_producer_gc
iteration = 1
reason = Timeout
|
| 124 | 2024-05-25T00:59:46.914Z | WARN | nexus (BackgroundTasks): DNS propagation: skipped
background_task = dns_propagation_internal
dns_group = internal
file = nexus/src/app/background/dns_propagation.rs:69
reason = no config
|
| 125 | 2024-05-25T00:59:46.914Z | WARN | nexus (BackgroundTasks): Blueprint execution: skipped
background_task = blueprint_executor
file = nexus/src/app/background/blueprint_execution.rs:57
reason = no blueprint
|
| 126 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = external_endpoints
iteration = 1
reason = Timeout
|
| 127 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_config_external
dns_group = external
iteration = 1
reason = Timeout
|
| 128 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_propagation_external
dns_group = external
elapsed = 23.59856ms
iteration = 1
|
| 129 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): reading DNS version
background_task = dns_config_external
dns_group = external
|
| 130 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_propagation_internal
dns_group = internal
elapsed = 23.667572ms
iteration = 1
|
| 131 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_propagation_internal
dns_group = internal
iteration = 2
reason = Dependency
|
| 132 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = blueprint_executor
elapsed = 23.701792ms
iteration = 1
|
| 133 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_external
dns_group = external
roles = RoleSet { roles: {} }
|
| 134 | 2024-05-25T00:59:46.914Z | INFO | nexus (BackgroundTasks): Metric producer GC running
background_task = metrics_producer_gc
expiration = 2024-05-25 00:49:46.914716153 UTC
file = nexus/src/app/background/metrics_producer_gc.rs:48
|
| 135 | 2024-05-25T00:59:46.914Z | WARN | nexus (BackgroundTasks): DNS propagation: skipped
background_task = dns_propagation_internal
dns_group = internal
file = nexus/src/app/background/dns_propagation.rs:69
reason = no config
|
| 136 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_propagation_internal
dns_group = internal
elapsed = 66.892\u{b5}s
iteration = 2
|
| 137 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 138 | 2024-05-25T00:59:46.914Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {} }
|
| 139 | 2024-05-25T00:59:46.915Z | DEBG | nexus (BackgroundTasks): activating
background_task = abandoned_vmm_reaper
iteration = 1
reason = Timeout
|
| 140 | 2024-05-25T00:59:46.917Z | DEBG | nexus (BackgroundTasks): roles
background_task = metrics_producer_gc
roles = RoleSet { roles: {} }
|
| 141 | 2024-05-25T00:59:46.917Z | DEBG | nexus (BackgroundTasks): activating
background_task = service_firewall_rule_propagation
iteration = 1
reason = Timeout
|
| 142 | 2024-05-25T00:59:46.917Z | DEBG | nexus (BackgroundTasks): activating
background_task = instance_watcher
iteration = 1
reason = Timeout
|
| 143 | 2024-05-25T00:59:46.917Z | DEBG | nexus (service-firewall-rule-progator): starting background task for service firewall rule propagation
background_task = service_firewall_rule_propagation
|
| 144 | 2024-05-25T00:59:46.917Z | DEBG | nexus (BackgroundTasks): roles
background_task = instance_watcher
roles = RoleSet { roles: {} }
|
| 145 | 2024-05-25T00:59:46.917Z | DEBG | nexus (BackgroundTasks): roles
background_task = service_firewall_rule_propagation
roles = RoleSet { roles: {} }
|
| 146 | 2024-05-25T00:59:46.918Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = service_zone_nat_tracker
resource = Database
result = Ok(())
|
| 147 | 2024-05-25T00:59:46.918Z | INFO | nexus (BackgroundTasks): Abandoned VMM reaper running
background_task = abandoned_vmm_reaper
file = nexus/src/app/background/abandoned_vmm_reaper.rs:75
|
| 148 | 2024-05-25T00:59:46.919Z | DEBG | nexus (BackgroundTasks): roles
background_task = abandoned_vmm_reaper
roles = RoleSet { roles: {} }
|
| 149 | 2024-05-25T00:59:46.919Z | DEBG | nexus (DnsResolver): lookup_all_socket_v6 srv
dns_name = _external-dns._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_external-dns._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_external-dns._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 5353, target: Name("9157cf47-9b95-474f-add0-296d1e099b57.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_external-dns._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 5353, target: Name("b3482ae4-8433-40e6-b7db-c70f5c32a866.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("b3482ae4-8433-40e6-b7db-c70f5c32a866.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::9)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 503047956 } })
|
| 150 | 2024-05-25T00:59:46.919Z | INFO | nexus (SagaRecoverer): start saga recovery
file = nexus/db-queries/src/db/saga_recovery.rs:77
|
| 151 | 2024-05-25T00:59:46.919Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = physical_disk_adoption
resource = Database
result = Ok(())
|
| 152 | 2024-05-25T00:59:46.919Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = Database
result = Ok(())
|
| 153 | 2024-05-25T00:59:46.919Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Database
result = Ok(())
|
| 154 | 2024-05-25T00:59:46.919Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 155 | 2024-05-25T00:59:46.920Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = metrics_producer_gc
resource = Database
result = Ok(())
|
| 156 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 157 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = switch_port_config_manager
resource = Database
result = Ok(())
|
| 158 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = instance_watcher
resource = Database
result = Ok(())
|
| 159 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = service_firewall_rule_propagation
resource = Database
result = Ok(())
|
| 160 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = abandoned_vmm_reaper
resource = Database
result = Ok(())
|
| 161 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_external
dns_group = external
resource = Database
result = Ok(())
|
| 162 | 2024-05-25T00:59:46.921Z | WARN | nexus (BackgroundTasks): phantom disk task done
background_task = phantom_disks
file = nexus/src/app/background/phantom_disks.rs:92
|
| 163 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = phantom_disks
elapsed = 31.277431ms
iteration = 1
|
| 164 | 2024-05-25T00:59:46.921Z | INFO | nexus (BackgroundTasks): found DNS servers (initial)
addresses = DnsServersList { addresses: [[fd00:1122:3344:101::8]:5353, [fd00:1122:3344:101::9]:5353] }
background_task = dns_servers_external
dns_group = external
file = nexus/src/app/background/dns_servers.rs:113
|
| 165 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_servers_external
dns_group = external
elapsed = 31.241982ms
iteration = 1
|
| 166 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): activating
background_task = dns_propagation_external
dns_group = external
iteration = 2
reason = Dependency
|
| 167 | 2024-05-25T00:59:46.921Z | WARN | nexus (BackgroundTasks): DNS propagation: skipped
background_task = dns_propagation_external
dns_group = external
file = nexus/src/app/background/dns_propagation.rs:69
reason = no config
|
| 168 | 2024-05-25T00:59:46.921Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_propagation_external
dns_group = external
elapsed = 3.81\u{b5}s
iteration = 2
|
| 169 | 2024-05-25T00:59:46.923Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_internal
dns_group = internal
roles = RoleSet { roles: {} }
|
| 170 | 2024-05-25T00:59:46.923Z | DEBG | nexus (DnsResolver): lookup_all_ipv6 srv
dns_name = _dendrite._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 507091332 } })
|
| 171 | 2024-05-25T00:59:46.926Z | INFO | nexus (BackgroundTasks): Determining switch slots managed by switch zones
background_task = nat_v4_garbage_collector
file = nexus/src/app/mod.rs:1029
|
| 172 | 2024-05-25T00:59:46.928Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_internal
dns_group = internal
resource = Database
result = Ok(())
|
| 173 | 2024-05-25T00:59:46.929Z | DEBG | nexus (DnsResolver): lookup_all_ipv6 srv
dns_name = _dendrite._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 513571376 } })
|
| 174 | 2024-05-25T00:59:46.930Z | INFO | nexus (BackgroundTasks): Determining switch slots managed by switch zones
background_task = bfd_manager
file = nexus/src/app/mod.rs:1029
|
| 175 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /artifacts/{kind}/{name}/{version}
|
| 176 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /bgtasks
|
| 177 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /bgtasks/activate
|
| 178 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /bgtasks/view/{bgtask_name}
|
| 179 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /crucible/0/upstairs/{upstairs_id}/downstairs/{downstairs_id}/stop-request
|
| 180 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /crucible/0/upstairs/{upstairs_id}/downstairs/{downstairs_id}/stopped
|
| 181 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /crucible/0/upstairs/{upstairs_id}/repair/{repair_id}/progress
|
| 182 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /crucible/0/upstairs/{upstairs_id}/repair-finish
|
| 183 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /crucible/0/upstairs/{upstairs_id}/repair-start
|
| 184 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /deployment/blueprints/all
|
| 185 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = DELETE
path = /deployment/blueprints/all/{blueprint_id}
|
| 186 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /deployment/blueprints/all/{blueprint_id}
|
| 187 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /deployment/blueprints/import
|
| 188 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /deployment/blueprints/regenerate
|
| 189 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /deployment/blueprints/target
|
| 190 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /deployment/blueprints/target
|
| 191 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = PUT
path = /deployment/blueprints/target/enabled
|
| 192 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /disk/{disk_id}/remove-read-only-parent
|
| 193 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = PUT
path = /disks/{disk_id}
|
| 194 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = PUT
path = /instances/{instance_id}
|
| 195 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /metrics/collectors
|
| 196 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /metrics/collectors/{collector_id}/producers
|
| 197 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /metrics/producers
|
| 198 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /nat/ipv4/changeset/{from_gen}
|
| 199 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /probes/{sled}
|
| 200 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = PUT
path = /racks/{rack_id}/initialization-complete
|
| 201 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /sagas
|
| 202 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /sagas/{saga_id}
|
| 203 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /sled-agents/{sled_id}
|
| 204 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /sled-agents/{sled_id}
|
| 205 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /sled-agents/{sled_id}/firewall-rules-update
|
| 206 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /sleds/add
|
| 207 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /sleds/expunge
|
| 208 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = GET
path = /sleds/uninitialized
|
| 209 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = PUT
path = /switch/{switch_id}
|
| 210 | 2024-05-25T00:59:46.935Z | DEBG | nexus (dropshot_internal): registered endpoint
local_addr = [fd00:1122:3344:101::c]:12221
method = POST
path = /volume/{volume_id}/remove-read-only-parent
|
| 211 | 2024-05-25T00:59:46.935Z | INFO | nexus (dropshot_internal): listening
file = /home/build/.cargo/git/checkouts/dropshot-a4a923d29dccc492/0cd0e82/dropshot/src/server.rs:196
local_addr = [fd00:1122:3344:101::c]:12221
|
| 212 | 2024-05-25T00:59:46.936Z | DEBG | nexus (dropshot_internal): successfully registered DTrace USDT probes
local_addr = [fd00:1122:3344:101::c]:12221
|
| 213 | 2024-05-25T00:59:46.936Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 214 | 2024-05-25T00:59:46.948Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 215 | 2024-05-25T00:59:46.976Z | INFO | nexus (DataLoader): created 0 built-in users
file = nexus/db-queries/src/db/datastore/silo_user.rs:394
|
| 216 | 2024-05-25T00:59:46.976Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 217 | 2024-05-25T00:59:46.977Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 218 | 2024-05-25T00:59:46.977Z | DEBG | nexus (DataLoader): attempting to create built-in roles
|
| 219 | 2024-05-25T00:59:46.977Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 220 | 2024-05-25T00:59:46.977Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 221 | 2024-05-25T00:59:47.002Z | INFO | nexus (BackgroundTasks): Metric producer GC complete (no errors)
background_task = metrics_producer_gc
expiration = 2024-05-25 00:49:46.914716153 UTC
file = nexus/src/app/background/metrics_producer_gc.rs:69
pruned = {}
|
| 222 | 2024-05-25T00:59:47.002Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = metrics_producer_gc
elapsed = 111.977897ms
iteration = 1
|
| 223 | 2024-05-25T00:59:47.003Z | INFO | nexus (BackgroundTasks): determining switch slot managed by dendrite zone
background_task = nat_v4_garbage_collector
file = nexus/src/app/mod.rs:1037
zone_address = fd00:1122:3344:101::2
|
| 224 | 2024-05-25T00:59:47.003Z | DEBG | nexus (MgsClient): client request
background_task = nat_v4_garbage_collector
body = None
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
|
| 225 | 2024-05-25T00:59:47.003Z | DEBG | nexus (MgsClient): client response
background_task = nat_v4_garbage_collector
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "98efa2f8-0753-4c83-9c10-e3471fd02ce1", "content-length": "26", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 226 | 2024-05-25T00:59:47.006Z | INFO | nexus (BackgroundTasks): identified switch slot for dendrite zone
background_task = nat_v4_garbage_collector
file = nexus/src/app/mod.rs:1042
slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n}
zone_address = fd00:1122:3344:101::2
|
| 227 | 2024-05-25T00:59:47.007Z | INFO | nexus (DataLoader): created 0 built-in roles
file = nexus/db-queries/src/db/datastore/role.rs:87
|
| 228 | 2024-05-25T00:59:47.007Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 229 | 2024-05-25T00:59:47.008Z | INFO | nexus (BackgroundTasks): completed mapping dendrite zones to switch slots
background_task = nat_v4_garbage_collector
file = nexus/src/app/mod.rs:1074
mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
|
| 230 | 2024-05-25T00:59:47.009Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 231 | 2024-05-25T00:59:47.009Z | DEBG | nexus (DataLoader): attempting to create built-in role assignments
|
| 232 | 2024-05-25T00:59:47.009Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 233 | 2024-05-25T00:59:47.009Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 234 | 2024-05-25T00:59:47.009Z | INFO | nexus (BackgroundTasks): determining switch slot managed by dendrite zone
background_task = bfd_manager
file = nexus/src/app/mod.rs:1037
zone_address = fd00:1122:3344:101::2
|
| 235 | 2024-05-25T00:59:47.009Z | DEBG | nexus (MgsClient): client request
background_task = bfd_manager
body = None
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
|
| 236 | 2024-05-25T00:59:47.009Z | DEBG | nexus (MgsClient): client response
background_task = bfd_manager
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "2bdb8d44-5885-4994-be98-00ec5411515d", "content-length": "26", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 237 | 2024-05-25T00:59:47.009Z | INFO | nexus (BackgroundTasks): identified switch slot for dendrite zone
background_task = bfd_manager
file = nexus/src/app/mod.rs:1042
slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n}
zone_address = fd00:1122:3344:101::2
|
| 238 | 2024-05-25T00:59:47.010Z | INFO | nexus (BackgroundTasks): completed mapping dendrite zones to switch slots
background_task = bfd_manager
file = nexus/src/app/mod.rs:1074
mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
|
| 239 | 2024-05-25T00:59:47.070Z | DEBG | nexus (BackgroundTasks): roles
background_task = physical_disk_adoption
roles = RoleSet { roles: {} }
|
| 240 | 2024-05-25T00:59:47.073Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = physical_disk_adoption
resource = Fleet
result = Err(Forbidden)
|
| 241 | 2024-05-25T00:59:47.073Z | WARN | nexus (BackgroundTasks): Physical Disk Adoption: failed to query for initialized racks
background_task = physical_disk_adoption
err = Forbidden
file = nexus/src/app/background/physical_disk_adoption.rs:89
|
| 242 | 2024-05-25T00:59:47.073Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = physical_disk_adoption
elapsed = 182.202803ms
iteration = 1
|
| 243 | 2024-05-25T00:59:47.073Z | DEBG | nexus (DpdClient): client request
background_task = nat_v4_garbage_collector
body = None
method = GET
uri = http://[fd00:1122:3344:101::2]:12224/rpw/nat/ipv4/gen
|
| 244 | 2024-05-25T00:59:47.073Z | DEBG | nexus (DpdClient): client response
background_task = nat_v4_garbage_collector
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12224), path: "/rpw/nat/ipv4/gen", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "e1acd4f2-afec-42cf-a27f-eb112a599b9d", "content-length": "1", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 245 | 2024-05-25T00:59:47.076Z | DEBG | nexus (BackgroundTasks): roles
background_task = nat_v4_garbage_collector
roles = RoleSet { roles: {} }
|
| 246 | 2024-05-25T00:59:47.076Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = nat_v4_garbage_collector
resource = Database
result = Ok(())
|
| 247 | 2024-05-25T00:59:47.079Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = bfd_manager
elapsed = 189.328322ms
iteration = 1
|
| 248 | 2024-05-25T00:59:47.086Z | DEBG | nexus (BackgroundTasks): roles
background_task = service_zone_nat_tracker
roles = RoleSet { roles: {} }
|
| 249 | 2024-05-25T00:59:47.091Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = service_zone_nat_tracker
resource = Inventory
result = Err(Forbidden)
|
| 250 | 2024-05-25T00:59:47.091Z | ERRO | nexus (BackgroundTasks): failed to collect inventory
background_task = service_zone_nat_tracker
error = Forbidden
file = nexus/src/app/background/sync_service_zone_nat.rs:71
|
| 251 | 2024-05-25T00:59:47.091Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = service_zone_nat_tracker
elapsed = 200.434616ms
iteration = 1
|
| 252 | 2024-05-25T00:59:47.091Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_external
dns_group = external
roles = RoleSet { roles: {} }
|
| 253 | 2024-05-25T00:59:47.091Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_external
dns_group = external
resource = Database
result = Ok(())
|
| 254 | 2024-05-25T00:59:47.093Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 255 | 2024-05-25T00:59:47.093Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_internal
dns_group = internal
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 256 | 2024-05-25T00:59:47.094Z | WARN | nexus: Cannot look up rack: Object (of type ById(82ca74f9-e6a6-45f3-a555-70a89d5b2efa)) not found: rack
file = nexus/src/app/rack.rs:728
|
| 257 | 2024-05-25T00:59:47.096Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 258 | 2024-05-25T00:59:47.097Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_internal
dns_group = internal
resource = DnsConfig
result = Ok(())
|
| 259 | 2024-05-25T00:59:47.098Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = BlueprintConfig
result = Ok(())
|
| 260 | 2024-05-25T00:59:47.098Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 261 | 2024-05-25T00:59:47.098Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 262 | 2024-05-25T00:59:47.099Z | DEBG | nexus (BackgroundTasks): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = Fleet
result = Ok(())
|
| 263 | 2024-05-25T00:59:47.099Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {} }
|
| 264 | 2024-05-25T00:59:47.099Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = Database
result = Ok(())
|
| 265 | 2024-05-25T00:59:47.104Z | DEBG | nexus (BackgroundTasks): roles
background_task = switch_port_config_manager
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 266 | 2024-05-25T00:59:47.106Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = switch_port_config_manager
resource = Fleet
result = Ok(())
|
| 267 | 2024-05-25T00:59:47.106Z | DEBG | nexus (BackgroundTasks): roles
background_task = switch_port_config_manager
roles = RoleSet { roles: {} }
|
| 268 | 2024-05-25T00:59:47.106Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = switch_port_config_manager
resource = Database
result = Ok(())
|
| 269 | 2024-05-25T00:59:47.117Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = switch_port_config_manager
elapsed = 226.942855ms
iteration = 1
|
| 270 | 2024-05-25T00:59:47.122Z | DEBG | nexus (BackgroundTasks): roles
background_task = dns_config_external
dns_group = external
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 271 | 2024-05-25T00:59:47.123Z | DEBG | nexus (BackgroundTasks): roles
background_task = instance_watcher
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 272 | 2024-05-25T00:59:47.125Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = dns_config_external
dns_group = external
resource = DnsConfig
result = Ok(())
|
| 273 | 2024-05-25T00:59:47.126Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = instance_watcher
resource = Fleet
result = Ok(())
|
| 274 | 2024-05-25T00:59:47.126Z | DEBG | nexus (BackgroundTasks): roles
background_task = instance_watcher
roles = RoleSet { roles: {} }
|
| 275 | 2024-05-25T00:59:47.126Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = instance_watcher
resource = Database
result = Ok(())
|
| 276 | 2024-05-25T00:59:47.130Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 277 | 2024-05-25T00:59:47.131Z | INFO | nexus (DataLoader): created 0 built-in role assignments
file = nexus/db-queries/src/db/datastore/role.rs:116
|
| 278 | 2024-05-25T00:59:47.131Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 279 | 2024-05-25T00:59:47.132Z | DEBG | nexus (BackgroundTasks): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Inventory
result = Ok(())
|
| 280 | 2024-05-25T00:59:47.132Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 281 | 2024-05-25T00:59:47.132Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 282 | 2024-05-25T00:59:47.132Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 283 | 2024-05-25T00:59:47.132Z | DEBG | nexus (DataLoader): attempting to create built-in silos
|
| 284 | 2024-05-25T00:59:47.132Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 285 | 2024-05-25T00:59:47.132Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 286 | 2024-05-25T00:59:47.139Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = nat_v4_garbage_collector
elapsed = 249.044429ms
iteration = 1
|
| 287 | 2024-05-25T00:59:47.144Z | WARN | nexus (BackgroundTasks): failed to read target blueprint
background_task = blueprint_loader
error = Internal Error: no target blueprint set
file = nexus/src/app/background/blueprint_load.rs:69
|
| 288 | 2024-05-25T00:59:47.144Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = blueprint_loader
elapsed = 254.255682ms
iteration = 1
|
| 289 | 2024-05-25T00:59:47.156Z | ERRO | nexus (service-firewall-rule-progator): failed to propagate service firewall rules
background_task = service_firewall_rule_propagation
error = ObjectNotFound { type_name: Vpc, lookup_type: ById(001de000-074c-4000-8000-000000000000) }
file = nexus/src/app/background/service_firewall_rules.rs:54
|
| 290 | 2024-05-25T00:59:47.156Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = service_firewall_rule_propagation
elapsed = 240.890986ms
iteration = 1
|
| 291 | 2024-05-25T00:59:47.158Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {} }
|
| 292 | 2024-05-25T00:59:47.158Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Database
result = Ok(())
|
| 293 | 2024-05-25T00:59:47.159Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 294 | 2024-05-25T00:59:47.161Z | DEBG | nexus (BackgroundTasks): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Fleet
result = Ok(())
|
| 295 | 2024-05-25T00:59:47.161Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {} }
|
| 296 | 2024-05-25T00:59:47.161Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Database
result = Ok(())
|
| 297 | 2024-05-25T00:59:47.162Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 298 | 2024-05-25T00:59:47.165Z | DEBG | nexus (BackgroundTasks): Found abandoned VMMs
background_task = abandoned_vmm_reaper
count = 0
|
| 299 | 2024-05-25T00:59:47.165Z | INFO | nexus (BackgroundTasks): Abandoned VMMs reaped
background_task = abandoned_vmm_reaper
file = nexus/src/app/background/abandoned_vmm_reaper.rs:183
found = 0
sled_reservations_deleted = 0
vmms_already_deleted = 0
vmms_deleted = 0
|
| 300 | 2024-05-25T00:59:47.165Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = abandoned_vmm_reaper
elapsed = 249.177413ms
iteration = 1
|
| 301 | 2024-05-25T00:59:47.165Z | DEBG | nexus (BackgroundTasks): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Fleet
result = Ok(())
|
| 302 | 2024-05-25T00:59:47.165Z | DEBG | nexus (BackgroundTasks): roles
background_task = v2p_manager
roles = RoleSet { roles: {} }
|
| 303 | 2024-05-25T00:59:47.165Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = v2p_manager
resource = Database
result = Ok(())
|
| 304 | 2024-05-25T00:59:47.173Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {} }
|
| 305 | 2024-05-25T00:59:47.173Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = Database
result = Ok(())
|
| 306 | 2024-05-25T00:59:47.175Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 307 | 2024-05-25T00:59:47.179Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = DnsConfig
result = Ok(())
|
| 308 | 2024-05-25T00:59:47.179Z | DEBG | nexus (BackgroundTasks): roles
background_task = external_endpoints
roles = RoleSet { roles: {} }
|
| 309 | 2024-05-25T00:59:47.179Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = external_endpoints
resource = Database
result = Ok(())
|
| 310 | 2024-05-25T00:59:47.182Z | WARN | nexus (BackgroundTasks): failed to read DNS config
background_task = dns_config_internal
dns_group = internal
error = Internal Error: expected exactly one latest version for DNS group Internal, found 0
file = nexus/src/app/background/dns_config.rs:72
|
| 311 | 2024-05-25T00:59:47.182Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_config_internal
dns_group = internal
elapsed = 293.096904ms
iteration = 1
|
| 312 | 2024-05-25T00:59:47.185Z | INFO | nexus (SagaRecoverer): listed sagas (0 total)
file = nexus/db-queries/src/db/saga_recovery.rs:113
|
| 313 | 2024-05-25T00:59:47.197Z | WARN | nexus (BackgroundTasks): failed to read DNS config
background_task = dns_config_external
dns_group = external
error = Internal Error: expected exactly one latest version for DNS group External, found 0
file = nexus/src/app/background/dns_config.rs:72
|
| 314 | 2024-05-25T00:59:47.197Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = dns_config_external
dns_group = external
elapsed = 306.793959ms
iteration = 1
|
| 315 | 2024-05-25T00:59:47.204Z | DEBG | nexus (BackgroundTasks): inventory_prune_one: nothing eligible for removal (too few)
background_task = inventory_collection
candidates = []
|
| 316 | 2024-05-25T00:59:47.204Z | DEBG | nexus (DnsResolver): lookup_all_socket_v6 srv
dns_name = _mgs._tcp.control-plane.oxide.internal
response = SrvLookup(Lookup { query: Query { name: Name("_mgs._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_mgs._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12225, target: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-c6dccf8e-4c06-496c-b94a-5401df7a33fd.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 1515, tv_nsec: 788530570 } })
|
| 317 | 2024-05-25T00:59:47.237Z | DEBG | nexus (BackgroundTasks): begin collection
background_task = inventory_collection
|
| 318 | 2024-05-25T00:59:47.237Z | DEBG | nexus (BackgroundTasks): begin collection from MGS
background_task = inventory_collection
mgs_url = http://[fd00:1122:3344:101::2]:12225
|
| 319 | 2024-05-25T00:59:47.237Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/ignition
|
| 320 | 2024-05-25T00:59:47.241Z | WARN | nexus (BackgroundTasks): failed to read Silo/DNS/TLS configuration
background_task = external_endpoints
error = Internal Error: expected at least one external DNS zone
file = nexus/src/app/background/external_endpoints.rs:55
|
| 321 | 2024-05-25T00:59:47.241Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = external_endpoints
elapsed = 350.526597ms
iteration = 1
|
| 322 | 2024-05-25T00:59:47.243Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/ignition", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "25548348-1bcb-4e59-b315-691d98d1e1e1", "content-length": "476", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 323 | 2024-05-25T00:59:47.248Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0
|
| 324 | 2024-05-25T00:59:47.248Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "9ae11775-5c5f-48c7-a88d-904a3754b6d5", "content-length": "387", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 325 | 2024-05-25T00:59:47.248Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/sp/caboose?firmware_slot=0
|
| 326 | 2024-05-25T00:59:47.248Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/sp/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "26181280-9fbf-479c-994d-a99788af99ea", "content-length": "86", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 327 | 2024-05-25T00:59:47.249Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/sp/caboose?firmware_slot=1
|
| 328 | 2024-05-25T00:59:47.249Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/sp/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "8d9946aa-6210-426f-be91-8ddb956632b0", "content-length": "86", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 329 | 2024-05-25T00:59:47.249Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/caboose?firmware_slot=0
|
| 330 | 2024-05-25T00:59:47.249Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "0b8f96ec-0846-450b-ae7c-c19ede3ab48f", "content-length": "80", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 331 | 2024-05-25T00:59:47.250Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/caboose?firmware_slot=1
|
| 332 | 2024-05-25T00:59:47.250Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "1c66a488-f8e5-4c24-99ff-3a149da656df", "content-length": "80", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 333 | 2024-05-25T00:59:47.250Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/cmpa
|
| 334 | 2024-05-25T00:59:47.252Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/cmpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "6ecb3918-9c21-44e2-9ce8-939ec6c3122d", "content-length": "702", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 335 | 2024-05-25T00:59:47.252Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/cfpa
|
| 336 | 2024-05-25T00:59:47.253Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = v2p_manager
elapsed = 362.552932ms
iteration = 1
|
| 337 | 2024-05-25T00:59:47.263Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "3ba494d4-78c9-4728-aae0-ae9210d1f20a", "content-length": "727", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 338 | 2024-05-25T00:59:47.264Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/cfpa
|
| 339 | 2024-05-25T00:59:47.264Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "97af3a74-0047-4fc3-b2af-18273eabd2d7", "content-length": "729", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 340 | 2024-05-25T00:59:47.264Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/cfpa
|
| 341 | 2024-05-25T00:59:47.265Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "22c9fd1d-82a7-429f-a2b8-a80f9f37264d", "content-length": "728", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 342 | 2024-05-25T00:59:47.265Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0
|
| 343 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "c3d48666-ea87-4f88-aa2a-10fdf4b9845b", "content-length": "375", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 344 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/sp/caboose?firmware_slot=0
|
| 345 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/sp/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "d8da33d4-2c8e-4918-a2a6-78a309b256e3", "content-length": "84", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 346 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/sp/caboose?firmware_slot=1
|
| 347 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/sp/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "ab4af9ca-e62a-489c-bd7b-f8d9ac634308", "content-length": "84", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 348 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/caboose?firmware_slot=0
|
| 349 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "9f9e7241-fc10-474d-a2ff-54702a2ab690", "content-length": "79", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 350 | 2024-05-25T00:59:47.266Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/caboose?firmware_slot=1
|
| 351 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "e87ed9c3-b3b3-4246-8c45-15dfdfa7c249", "content-length": "79", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 352 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = None
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/cmpa
|
| 353 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/cmpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "72a785cd-75dc-47b6-912d-c38679da1fc2", "content-length": "702", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 354 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/cfpa
|
| 355 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "5d455b20-cd21-47c8-8ebb-b02667727fe4", "content-length": "727", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 356 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/cfpa
|
| 357 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "3352b28d-4249-4cbc-9cb5-ccaed052a69d", "content-length": "729", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 358 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client request
background_task = inventory_collection
body = Some(Body)
gateway_url = http://[fd00:1122:3344:101::2]:12225
method = GET
uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/cfpa
|
| 359 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): client response
background_task = inventory_collection
gateway_url = http://[fd00:1122:3344:101::2]:12225
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/cfpa", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "5e4c1183-5032-4373-a53c-dc3dc474c013", "content-length": "728", "date": "Sat, 25 May 2024 00:59:46 GMT"} })
|
| 360 | 2024-05-25T00:59:47.267Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 361 | 2024-05-25T00:59:47.268Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 362 | 2024-05-25T00:59:47.268Z | INFO | nexus (BackgroundTasks): all instance checks complete
background_task = instance_watcher
file = nexus/src/app/background/instance_watcher.rs:473
pruned_instances = 0
total_completed = 0
total_failed = 0
total_incomplete = 0
total_instances = 0
|
| 363 | 2024-05-25T00:59:47.269Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 364 | 2024-05-25T00:59:47.270Z | DEBG | nexus (BackgroundTasks): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Fleet
result = Ok(())
|
| 365 | 2024-05-25T00:59:47.270Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 366 | 2024-05-25T00:59:47.270Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 367 | 2024-05-25T00:59:47.271Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = instance_watcher
elapsed = 354.962932ms
iteration = 1
|
| 368 | 2024-05-25T00:59:47.271Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 369 | 2024-05-25T00:59:47.273Z | DEBG | nexus (BackgroundTasks): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Fleet
result = Ok(())
|
| 370 | 2024-05-25T00:59:47.273Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 371 | 2024-05-25T00:59:47.273Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 372 | 2024-05-25T00:59:47.311Z | INFO | nexus (DataLoader): created 0 built-in silos
file = nexus/db-queries/src/db/datastore/silo.rs:95
|
| 373 | 2024-05-25T00:59:47.311Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 374 | 2024-05-25T00:59:47.311Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 375 | 2024-05-25T00:59:47.312Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 376 | 2024-05-25T00:59:47.313Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 377 | 2024-05-25T00:59:47.313Z | DEBG | nexus (DataLoader): attempting to create built-in projects
|
| 378 | 2024-05-25T00:59:47.313Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 379 | 2024-05-25T00:59:47.313Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 380 | 2024-05-25T00:59:47.322Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 381 | 2024-05-25T00:59:47.322Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 382 | 2024-05-25T00:59:47.323Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 383 | 2024-05-25T00:59:47.323Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 384 | 2024-05-25T00:59:47.324Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 385 | 2024-05-25T00:59:47.325Z | DEBG | nexus (DataLoader): authorize result
action = CreateChild
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }
result = Ok(())
|
| 386 | 2024-05-25T00:59:47.325Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 387 | 2024-05-25T00:59:47.325Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 388 | 2024-05-25T00:59:47.326Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 389 | 2024-05-25T00:59:47.326Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 390 | 2024-05-25T00:59:47.327Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 391 | 2024-05-25T00:59:47.328Z | DEBG | nexus (DataLoader): authorize result
action = CreateChild
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }
result = Ok(())
|
| 392 | 2024-05-25T00:59:47.328Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 393 | 2024-05-25T00:59:47.329Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 394 | 2024-05-25T00:59:47.331Z | DEBG | nexus (BackgroundTasks): finished collection
background_task = inventory_collection
|
| 395 | 2024-05-25T00:59:47.331Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 396 | 2024-05-25T00:59:47.331Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 397 | 2024-05-25T00:59:47.332Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 398 | 2024-05-25T00:59:47.333Z | DEBG | nexus (BackgroundTasks): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Inventory
result = Ok(())
|
| 399 | 2024-05-25T00:59:47.335Z | DEBG | nexus (BackgroundTasks): roles
background_task = inventory_collection
roles = RoleSet { roles: {} }
|
| 400 | 2024-05-25T00:59:47.335Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = inventory_collection
resource = Database
result = Ok(())
|
| 401 | 2024-05-25T00:59:47.351Z | INFO | nexus (DataLoader): created built-in services project
file = nexus/db-queries/src/db/datastore/project.rs:122
|
| 402 | 2024-05-25T00:59:47.351Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 403 | 2024-05-25T00:59:47.351Z | DEBG | nexus (DataLoader): authorize result
action = Modify
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 404 | 2024-05-25T00:59:47.351Z | DEBG | nexus (DataLoader): attempting to create built-in VPCs
|
| 405 | 2024-05-25T00:59:47.351Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 406 | 2024-05-25T00:59:47.352Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 407 | 2024-05-25T00:59:47.361Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 408 | 2024-05-25T00:59:47.361Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 409 | 2024-05-25T00:59:47.369Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 410 | 2024-05-25T00:59:47.369Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 411 | 2024-05-25T00:59:47.369Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 412 | 2024-05-25T00:59:47.370Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 413 | 2024-05-25T00:59:47.370Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 414 | 2024-05-25T00:59:47.370Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 415 | 2024-05-25T00:59:47.371Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 416 | 2024-05-25T00:59:47.374Z | DEBG | nexus (DataLoader): authorize result
action = CreateChild
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }
result = Ok(())
|
| 417 | 2024-05-25T00:59:47.374Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 418 | 2024-05-25T00:59:47.374Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 419 | 2024-05-25T00:59:47.375Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 420 | 2024-05-25T00:59:47.375Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 421 | 2024-05-25T00:59:47.406Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 422 | 2024-05-25T00:59:47.407Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 423 | 2024-05-25T00:59:47.407Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 424 | 2024-05-25T00:59:47.410Z | DEBG | nexus (DataLoader): authorize result
action = CreateChild
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }
result = Ok(())
|
| 425 | 2024-05-25T00:59:47.410Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 426 | 2024-05-25T00:59:47.410Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 427 | 2024-05-25T00:59:47.416Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 428 | 2024-05-25T00:59:47.416Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 429 | 2024-05-25T00:59:47.417Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 430 | 2024-05-25T00:59:47.417Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 431 | 2024-05-25T00:59:47.418Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 432 | 2024-05-25T00:59:47.418Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 433 | 2024-05-25T00:59:47.419Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 434 | 2024-05-25T00:59:47.419Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 435 | 2024-05-25T00:59:47.420Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 436 | 2024-05-25T00:59:47.422Z | DEBG | nexus (DataLoader): authorize result
action = CreateChild
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }
result = Ok(())
|
| 437 | 2024-05-25T00:59:47.423Z | DEBG | nexus (DataLoader): roles
roles = RoleSet { roles: {} }
|
| 438 | 2024-05-25T00:59:47.423Z | DEBG | nexus (DataLoader): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. })
resource = Database
result = Ok(())
|
| 439 | 2024-05-25T00:59:47.465Z | ERRO | nexus (DataLoader): gave up trying to populate built-in PopulateBuiltinVpcs
error_message = InternalError { internal_message: "Unknown diesel error creating VpcRouter called \\"system\\": Record not found" }
file = nexus/src/populate.rs:126
|
| 440 | 2024-05-25T00:59:47.465Z | ERRO | nexus: populate failed
file = nexus/src/app/mod.rs:508
|
| 441 | 2024-05-25T00:59:47.583Z | INFO | nexus (BackgroundTasks): inserted inventory collection
background_task = inventory_collection
collection_id = cdba5374-fdec-49c2-bcb6-49556865dc4e
file = nexus/db-queries/src/db/datastore/inventory.rs:859
|
| 442 | 2024-05-25T00:59:47.584Z | DEBG | nexus (BackgroundTasks): inventory collection complete
background_task = inventory_collection
collection_id = cdba5374-fdec-49c2-bcb6-49556865dc4e
time_started = 2024-05-25 00:59:47.236715 UTC
|
| 443 | 2024-05-25T00:59:47.584Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = inventory_collection
elapsed = 693.714739ms
iteration = 1
|
| 444 | 2024-05-25T00:59:47.584Z | DEBG | nexus (BackgroundTasks): activating
background_task = physical_disk_adoption
iteration = 2
reason = Dependency
|
| 445 | 2024-05-25T00:59:47.584Z | DEBG | nexus (BackgroundTasks): roles
background_task = physical_disk_adoption
roles = RoleSet { roles: {} }
|
| 446 | 2024-05-25T00:59:47.585Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = physical_disk_adoption
resource = Database
result = Ok(())
|
| 447 | 2024-05-25T00:59:47.586Z | DEBG | nexus (BackgroundTasks): roles
background_task = physical_disk_adoption
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 448 | 2024-05-25T00:59:47.587Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = physical_disk_adoption
resource = Fleet
result = Ok(())
|
| 449 | 2024-05-25T00:59:47.587Z | DEBG | nexus (BackgroundTasks): roles
background_task = physical_disk_adoption
roles = RoleSet { roles: {} }
|
| 450 | 2024-05-25T00:59:47.587Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = physical_disk_adoption
resource = Database
result = Ok(())
|
| 451 | 2024-05-25T00:59:47.589Z | INFO | nexus (BackgroundTasks): Physical Disk Adoption: Rack not yet initialized
background_task = physical_disk_adoption
file = nexus/src/app/background/physical_disk_adoption.rs:79
rack_id = 82ca74f9-e6a6-45f3-a555-70a89d5b2efa
|
| 452 | 2024-05-25T00:59:47.589Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = physical_disk_adoption
elapsed = 4.274911ms
iteration = 2
|
| 453 | 2024-05-25T00:59:49.096Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 454 | 2024-05-25T00:59:49.096Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 455 | 2024-05-25T00:59:49.097Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 456 | 2024-05-25T00:59:49.097Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 457 | 2024-05-25T00:59:49.098Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 458 | 2024-05-25T00:59:49.100Z | DEBG | nexus (ServiceBalancer): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Rack { parent: Fleet, key: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, lookup_type: ById(82ca74f9-e6a6-45f3-a555-70a89d5b2efa) }
result = Ok(())
|
| 459 | 2024-05-25T00:59:49.100Z | INFO | nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, time_created: 2024-05-25T00:59:47.734016Z, time_modified: 2024-05-25T00:59:47.734016Z }, initialized: false, tuf_base_url: None, rack_subnet: Some(V6(Ipv6Network { addr: fd00:1122:3344:100::, prefix: 56 })) }
file = nexus/src/app/rack.rs:722
|
| 460 | 2024-05-25T00:59:51.102Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 461 | 2024-05-25T00:59:51.102Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 462 | 2024-05-25T00:59:51.103Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 463 | 2024-05-25T00:59:51.103Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 464 | 2024-05-25T00:59:51.104Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 465 | 2024-05-25T00:59:51.107Z | DEBG | nexus (ServiceBalancer): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Rack { parent: Fleet, key: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, lookup_type: ById(82ca74f9-e6a6-45f3-a555-70a89d5b2efa) }
result = Ok(())
|
| 466 | 2024-05-25T00:59:51.107Z | INFO | nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, time_created: 2024-05-25T00:59:47.734016Z, time_modified: 2024-05-25T00:59:47.734016Z }, initialized: false, tuf_base_url: None, rack_subnet: Some(V6(Ipv6Network { addr: fd00:1122:3344:100::, prefix: 56 })) }
file = nexus/src/app/rack.rs:722
|
| 467 | 2024-05-25T00:59:53.108Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 468 | 2024-05-25T00:59:53.108Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 469 | 2024-05-25T00:59:53.109Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {} }
|
| 470 | 2024-05-25T00:59:53.109Z | DEBG | nexus (ServiceBalancer): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Database
result = Ok(())
|
| 471 | 2024-05-25T00:59:53.110Z | DEBG | nexus (ServiceBalancer): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 472 | 2024-05-25T00:59:53.113Z | DEBG | nexus (ServiceBalancer): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. })
resource = Rack { parent: Fleet, key: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, lookup_type: ById(82ca74f9-e6a6-45f3-a555-70a89d5b2efa) }
result = Ok(())
|
| 473 | 2024-05-25T00:59:53.113Z | INFO | nexus: Rack initialized
file = nexus/src/app/rack.rs:719
|
| 474 | 2024-05-25T00:59:53.113Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 475 | 2024-05-25T00:59:53.113Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 476 | 2024-05-25T00:59:53.114Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 477 | 2024-05-25T00:59:53.114Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 478 | 2024-05-25T00:59:53.116Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 479 | 2024-05-25T00:59:53.116Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 480 | 2024-05-25T00:59:53.117Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 481 | 2024-05-25T00:59:53.117Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 482 | 2024-05-25T00:59:53.118Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 483 | 2024-05-25T00:59:53.118Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 484 | 2024-05-25T00:59:53.119Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 485 | 2024-05-25T00:59:53.119Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 486 | 2024-05-25T00:59:53.120Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 487 | 2024-05-25T00:59:53.123Z | DEBG | nexus (InternalApi): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) }
result = Ok(())
|
| 488 | 2024-05-25T00:59:53.123Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 489 | 2024-05-25T00:59:53.123Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 490 | 2024-05-25T00:59:53.123Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 491 | 2024-05-25T00:59:53.124Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 492 | 2024-05-25T00:59:53.124Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 493 | 2024-05-25T00:59:53.125Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 494 | 2024-05-25T00:59:53.125Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 495 | 2024-05-25T00:59:53.128Z | DEBG | nexus (InternalApi): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) }
result = Ok(())
|
| 496 | 2024-05-25T00:59:53.128Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 497 | 2024-05-25T00:59:53.128Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 498 | 2024-05-25T00:59:53.130Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 499 | 2024-05-25T00:59:53.131Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 500 | 2024-05-25T00:59:53.131Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 501 | 2024-05-25T00:59:53.131Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 502 | 2024-05-25T00:59:53.132Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 503 | 2024-05-25T00:59:53.132Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 504 | 2024-05-25T00:59:53.133Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 505 | 2024-05-25T00:59:53.133Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 506 | 2024-05-25T00:59:53.134Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 507 | 2024-05-25T00:59:53.134Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 508 | 2024-05-25T00:59:53.134Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 509 | 2024-05-25T00:59:53.134Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 510 | 2024-05-25T00:59:53.135Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 511 | 2024-05-25T00:59:53.138Z | DEBG | nexus (InternalApi): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) }
result = Ok(())
|
| 512 | 2024-05-25T00:59:53.138Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 513 | 2024-05-25T00:59:53.139Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 514 | 2024-05-25T00:59:53.139Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 515 | 2024-05-25T00:59:53.139Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 516 | 2024-05-25T00:59:53.140Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 517 | 2024-05-25T00:59:53.140Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 518 | 2024-05-25T00:59:53.141Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 519 | 2024-05-25T00:59:53.142Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 520 | 2024-05-25T00:59:53.143Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 521 | 2024-05-25T00:59:53.143Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 522 | 2024-05-25T00:59:53.144Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 523 | 2024-05-25T00:59:53.144Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 524 | 2024-05-25T00:59:53.145Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 525 | 2024-05-25T00:59:53.145Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 526 | 2024-05-25T00:59:53.145Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 527 | 2024-05-25T00:59:53.149Z | DEBG | nexus (InternalApi): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = VpcSubnet { parent: Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }, key: 001de000-c470-4000-8000-000000000002, lookup_type: ByName("nexus") }
result = Ok(())
|
| 528 | 2024-05-25T00:59:53.149Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 529 | 2024-05-25T00:59:53.149Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 530 | 2024-05-25T00:59:53.149Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 531 | 2024-05-25T00:59:53.150Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 532 | 2024-05-25T00:59:53.150Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 533 | 2024-05-25T00:59:53.150Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 534 | 2024-05-25T00:59:53.151Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 535 | 2024-05-25T00:59:53.154Z | DEBG | nexus (InternalApi): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = VpcSubnet { parent: Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }, key: 001de000-c470-4000-8000-000000000002, lookup_type: ByName("nexus") }
result = Ok(())
|
| 536 | 2024-05-25T00:59:53.154Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 537 | 2024-05-25T00:59:53.154Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 538 | 2024-05-25T00:59:53.157Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 539 | 2024-05-25T00:59:53.157Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 540 | 2024-05-25T00:59:53.158Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 541 | 2024-05-25T00:59:53.158Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 542 | 2024-05-25T00:59:53.159Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 543 | 2024-05-25T00:59:53.159Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 544 | 2024-05-25T00:59:53.160Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 545 | 2024-05-25T00:59:53.160Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 546 | 2024-05-25T00:59:53.161Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 547 | 2024-05-25T00:59:53.162Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 548 | 2024-05-25T00:59:53.162Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 549 | 2024-05-25T00:59:53.162Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 550 | 2024-05-25T00:59:53.163Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 551 | 2024-05-25T00:59:53.163Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 552 | 2024-05-25T00:59:53.164Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 553 | 2024-05-25T00:59:53.167Z | DEBG | nexus (InternalApi): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = VpcSubnet { parent: Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }, key: 001de000-c470-4000-8000-000000000001, lookup_type: ByName("external-dns") }
result = Ok(())
|
| 554 | 2024-05-25T00:59:53.167Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 555 | 2024-05-25T00:59:53.167Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 556 | 2024-05-25T00:59:53.168Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 557 | 2024-05-25T00:59:53.168Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 558 | 2024-05-25T00:59:53.169Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 559 | 2024-05-25T00:59:53.169Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 560 | 2024-05-25T00:59:53.169Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 561 | 2024-05-25T00:59:53.172Z | DEBG | nexus (InternalApi): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = VpcSubnet { parent: Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }, key: 001de000-c470-4000-8000-000000000001, lookup_type: ByName("external-dns") }
result = Ok(())
|
| 562 | 2024-05-25T00:59:53.172Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 563 | 2024-05-25T00:59:53.173Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 564 | 2024-05-25T00:59:53.176Z | DEBG | nexus (InternalApi): resolved names for firewall rules
instance_interfaces = {}
subnet_interfaces = {Name("external-dns"): [NetworkInterface { id: 1830f993-01d0-42b9-8583-9748ac841175, kind: Service { id: 9157cf47-9b95-474f-add0-296d1e099b57 }, name: Name("external-dns-9157cf47-9b95-474f-add0-296d1e099b57"), ip: 172.30.1.5, mac: MacAddr(MacAddr6([168, 64, 37, 255, 169, 202])), subnet: V4(Ipv4Net { addr: 172.30.1.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: a566487f-e5e2-4782-80d4-2b0269a0df84, kind: Service { id: b3482ae4-8433-40e6-b7db-c70f5c32a866 }, name: Name("external-dns-b3482ae4-8433-40e6-b7db-c70f5c32a866"), ip: 172.30.1.6, mac: MacAddr(MacAddr6([168, 64, 37, 255, 193, 28])), subnet: V4(Ipv4Net { addr: 172.30.1.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }], Name("nexus"): [NetworkInterface { id: 19d9ff26-9897-4942-a161-8934fb2c35e9, kind: Service { id: 32e718aa-9054-482b-bff8-247b312e7e45 }, name: Name("nexus-32e718aa-9054-482b-bff8-247b312e7e45"), ip: 172.30.2.6, mac: MacAddr(MacAddr6([168, 64, 37, 255, 214, 4])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: 7c4d4f89-cf65-40ef-9911-3a8ce2aad788, kind: Service { id: 9f36a8ce-9735-4ac9-b3bd-3705efe1a7a9 }, name: Name("nexus-9f36a8ce-9735-4ac9-b3bd-3705efe1a7a9"), ip: 172.30.2.5, mac: MacAddr(MacAddr6([168, 64, 37, 255, 243, 255])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: f085750e-d462-451f-8837-9e2f8cadc4d7, kind: Service { id: 929e98c8-2076-4d6e-b492-33a4c3ae7931 }, name: Name("nexus-929e98c8-2076-4d6e-b492-33a4c3ae7931"), ip: 172.30.2.7, mac: MacAddr(MacAddr6([168, 64, 37, 255, 137, 173])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }]}
subnet_networks = {Name("external-dns"): [V4(Ipv4Network { addr: 172.30.1.0, prefix: 24 }), V6(Ipv6Network { addr: fd77:e9d2:9cd9:1::, prefix: 64 })], Name("nexus"): [V4(Ipv4Network { addr: 172.30.2.0, prefix: 24 }), V6(Ipv6Network { addr: fd77:e9d2:9cd9:2::, prefix: 64 })]}
vpc_interfaces = {}
|
| 565 | 2024-05-25T00:59:53.177Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 566 | 2024-05-25T00:59:53.177Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 567 | 2024-05-25T00:59:53.178Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 568 | 2024-05-25T00:59:53.179Z | DEBG | nexus (InternalApi): authorize result
action = ListChildren
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Fleet
result = Ok(())
|
| 569 | 2024-05-25T00:59:53.179Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 570 | 2024-05-25T00:59:53.180Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 571 | 2024-05-25T00:59:53.180Z | DEBG | nexus (InternalApi): Allowlist for user-facing services is set to allow any inbound traffic. Existing VPC firewall rules will not be modified.
|
| 572 | 2024-05-25T00:59:53.183Z | DEBG | nexus (InternalApi): resolved firewall rules for sled agents
sled_agent_rules = [VpcFirewallRule { action: Allow, direction: Inbound, filter_hosts: None, filter_ports: Some([L4PortRange("53")]), filter_protocols: Some([Udp]), priority: 65534, status: Enabled, targets: [NetworkInterface { id: 1830f993-01d0-42b9-8583-9748ac841175, kind: Service { id: 9157cf47-9b95-474f-add0-296d1e099b57 }, name: Name("external-dns-9157cf47-9b95-474f-add0-296d1e099b57"), ip: 172.30.1.5, mac: MacAddr(MacAddr6([168, 64, 37, 255, 169, 202])), subnet: V4(Ipv4Net { addr: 172.30.1.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: a566487f-e5e2-4782-80d4-2b0269a0df84, kind: Service { id: b3482ae4-8433-40e6-b7db-c70f5c32a866 }, name: Name("external-dns-b3482ae4-8433-40e6-b7db-c70f5c32a866"), ip: 172.30.1.6, mac: MacAddr(MacAddr6([168, 64, 37, 255, 193, 28])), subnet: V4(Ipv4Net { addr: 172.30.1.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }] }, VpcFirewallRule { action: Allow, direction: Inbound, filter_hosts: None, filter_ports: Some([L4PortRange("80"), L4PortRange("443")]), filter_protocols: Some([Tcp]), priority: 65534, status: Enabled, targets: [NetworkInterface { id: 19d9ff26-9897-4942-a161-8934fb2c35e9, kind: Service { id: 32e718aa-9054-482b-bff8-247b312e7e45 }, name: Name("nexus-32e718aa-9054-482b-bff8-247b312e7e45"), ip: 172.30.2.6, mac: MacAddr(MacAddr6([168, 64, 37, 255, 214, 4])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: 7c4d4f89-cf65-40ef-9911-3a8ce2aad788, kind: Service { id: 9f36a8ce-9735-4ac9-b3bd-3705efe1a7a9 }, name: Name("nexus-9f36a8ce-9735-4ac9-b3bd-3705efe1a7a9"), ip: 172.30.2.5, mac: MacAddr(MacAddr6([168, 64, 37, 255, 243, 255])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }, NetworkInterface { id: f085750e-d462-451f-8837-9e2f8cadc4d7, kind: Service { id: 929e98c8-2076-4d6e-b492-33a4c3ae7931 }, name: Name("nexus-929e98c8-2076-4d6e-b492-33a4c3ae7931"), ip: 172.30.2.7, mac: MacAddr(MacAddr6([168, 64, 37, 255, 137, 173])), subnet: V4(Ipv4Net { addr: 172.30.2.0, width: 24 }), vni: Vni(100), primary: true, slot: 0 }] }]
|
| 573 | 2024-05-25T00:59:53.183Z | DEBG | nexus (InternalApi): resolved 2 rules for sleds
|
| 574 | 2024-05-25T00:59:53.280Z | DEBG | nexus (InternalApi): resolved sleds for vpc oxide-services
vpc_to_sled = [Sled { identity: SledIdentity { id: c6dccf8e-4c06-496c-b94a-5401df7a33fd, time_created: 2024-05-25T00:59:49.605747Z, time_modified: 2024-05-25T00:59:49.605747Z }, time_deleted: None, rcgen: Generation(Generation(19)), rack_id: 82ca74f9-e6a6-45f3-a555-70a89d5b2efa, is_scrimlet: true, serial_number: "sock", part_number: "i86pc", revision: 0, usable_hardware_threads: SqlU32(48), usable_physical_ram: ByteCount(ByteCount(102952026112)), reservoir_size: ByteCount(ByteCount(51474595840)), ip: fd00:1122:3344:101::1, port: SqlU16(12345), last_used_address: fd00:1122:3344:101::ffff, policy: InService, state: Active, sled_agent_gen: Generation(Generation(1)) }]
|
| 575 | 2024-05-25T00:59:53.281Z | DEBG | nexus (InternalApi): sending firewall rules to sled agents
|
| 576 | 2024-05-25T00:59:53.281Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 577 | 2024-05-25T00:59:53.281Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 578 | 2024-05-25T00:59:53.282Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {} }
|
| 579 | 2024-05-25T00:59:53.282Z | DEBG | nexus (InternalApi): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Database
result = Ok(())
|
| 580 | 2024-05-25T00:59:53.283Z | DEBG | nexus (InternalApi): roles
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 581 | 2024-05-25T00:59:53.286Z | DEBG | nexus (InternalApi): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
resource = Sled { parent: Fleet, key: c6dccf8e-4c06-496c-b94a-5401df7a33fd, lookup_type: ById(c6dccf8e-4c06-496c-b94a-5401df7a33fd) }
result = Ok(())
|
| 582 | 2024-05-25T00:59:53.315Z | DEBG | nexus (InternalApi): client request
SledAgent = c6dccf8e-4c06-496c-b94a-5401df7a33fd
body = Some(Body)
method = PUT
uri = http://[fd00:1122:3344:101::1]:12345/vpc/001de000-074c-4000-8000-000000000000/firewall/rules
|
| 583 | 2024-05-25T00:59:53.316Z | DEBG | nexus (InternalApi): client response
SledAgent = c6dccf8e-4c06-496c-b94a-5401df7a33fd
result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::1)), port: Some(12345), path: "/vpc/001de000-074c-4000-8000-000000000000/firewall/rules", query: None, fragment: None }, status: 204, headers: {"x-request-id": "bf82d88a-f732-40b5-8351-e4d965574842", "date": "Sat, 25 May 2024 00:59:53 GMT"} })
|
| 584 | 2024-05-25T00:59:53.316Z | INFO | nexus (InternalApi): updated firewall rules on 1 sleds
file = nexus/networking/src/firewall_rules.rs:487
|
| 585 | 2024-05-25T00:59:53.316Z | INFO | nexus: plumbed initial IP allowlist
file = nexus/src/app/allow_list.rs:161
|
| 586 | 2024-05-25T00:59:56.891Z | DEBG | nexus (BackgroundTasks): activating
background_task = blueprint_loader
iteration = 2
reason = Timeout
|
| 587 | 2024-05-25T00:59:56.891Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 588 | 2024-05-25T00:59:56.891Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 589 | 2024-05-25T00:59:56.892Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 590 | 2024-05-25T00:59:56.895Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = BlueprintConfig
result = Ok(())
|
| 591 | 2024-05-25T00:59:56.895Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 592 | 2024-05-25T00:59:56.895Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 593 | 2024-05-25T00:59:56.896Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 594 | 2024-05-25T00:59:56.896Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 595 | 2024-05-25T00:59:56.897Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
|
| 596 | 2024-05-25T00:59:56.899Z | DEBG | nexus (BackgroundTasks): authorize result
action = Read
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Blueprint { parent: Fleet, key: 3a98734c-1733-41c5-b1a9-281416c0987b, lookup_type: ById(3a98734c-1733-41c5-b1a9-281416c0987b) }
result = Ok(())
|
| 597 | 2024-05-25T00:59:56.899Z | DEBG | nexus (BackgroundTasks): roles
background_task = blueprint_loader
roles = RoleSet { roles: {} }
|
| 598 | 2024-05-25T00:59:56.900Z | DEBG | nexus (BackgroundTasks): authorize result
action = Query
actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. })
background_task = blueprint_loader
resource = Database
result = Ok(())
|
| 599 | 2024-05-25T00:59:56.907Z | INFO | nexus (BackgroundTasks): found new target blueprint (first find)
background_task = blueprint_loader
file = nexus/src/app/background/blueprint_load.rs:87
target_id = 3a98734c-1733-41c5-b1a9-281416c0987b
time_created = 2024-05-25 00:59:35.800917 UTC
|
| 600 | 2024-05-25T00:59:56.907Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = blueprint_loader
elapsed = 16.364948ms
iteration = 2
|
| 601 | 2024-05-25T00:59:56.907Z | DEBG | nexus (BackgroundTasks): activating
background_task = blueprint_executor
iteration = 2
reason = Dependency
|
| 602 | 2024-05-25T00:59:56.907Z | WARN | nexus (BackgroundTasks): Blueprint execution: skipped
background_task = blueprint_executor
file = nexus/src/app/background/blueprint_execution.rs:65
reason = blueprint disabled
target_id = 3a98734c-1733-41c5-b1a9-281416c0987b
|
| 603 | 2024-05-25T00:59:56.907Z | DEBG | nexus (BackgroundTasks): activation complete
background_task = blueprint_executor
elapsed = 4.231\u{b5}s
iteration = 2
|