Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements
- Add comprehensive database migrations (001-024) for schema evolution - Enhance API schema with expanded type definitions and resolvers - Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth - Implement new services: AI optimization, billing, blockchain, compliance, marketplace - Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage) - Update Crossplane provider with enhanced VM management capabilities - Add comprehensive test suite for API endpoints and services - Update frontend components with improved GraphQL subscriptions and real-time updates - Enhance security configurations and headers (CSP, CORS, etc.) - Update documentation and configuration files - Add new CI/CD workflows and validation scripts - Implement design system improvements and UI enhancements
This commit is contained in:
defiQUG
100
docs/proxmox/SITE_MAPPING.md
Normal file
100
docs/proxmox/SITE_MAPPING.md
Normal file
@@ -0,0 +1,100 @@
|
||||
# Proxmox Site Mapping
|
||||
|
||||
This document maps physical Proxmox instances to logical sites and documents the configuration.
|
||||
|
||||
## Physical Instances
|
||||
|
||||
### Instance 1
|
||||
- **IP Address**: 192.168.11.10
|
||||
- **Port**: 8006
|
||||
- **Endpoint**: https://192.168.11.10:8006
|
||||
- **Status**: ✅ Verified (HTTP 401 - authentication required)
|
||||
- **Mapped Sites**: us-sfvalley (Instance 1)
|
||||
|
||||
### Instance 2
|
||||
- **IP Address**: 192.168.11.11
|
||||
- **Port**: 8006
|
||||
- **Endpoint**: https://192.168.11.11:8006
|
||||
- **Status**: ✅ Verified (HTTP 401 - authentication required)
|
||||
- **Mapped Sites**: us-sfvalley-2 (Instance 2)
|
||||
|
||||
## Site Configuration
|
||||
|
||||
### us-sfvalley (US San Francisco Valley) - Instance 1
|
||||
- **Physical Instance**: Instance 1 (192.168.11.10)
|
||||
- **FQDN**: ml110-01.sankofa.nexus
|
||||
- **Endpoint**: https://ml110-01.sankofa.nexus:8006
|
||||
- **Primary Node**: ML110-01
|
||||
- **Cloudflare Tunnel**: proxmox-site-1-tunnel
|
||||
- **DNS Records Required**:
|
||||
- `ml110-01.sankofa.nexus` → 192.168.11.10
|
||||
- `ml110-01-api.sankofa.nexus` → 192.168.11.10
|
||||
- `ml110-01-metrics.sankofa.nexus` → 192.168.11.10
|
||||
|
||||
### us-sfvalley-2 (US San Francisco Valley) - Instance 2
|
||||
- **Physical Instance**: Instance 2 (192.168.11.11)
|
||||
- **FQDN**: r630-01.sankofa.nexus
|
||||
- **Endpoint**: https://r630-01.sankofa.nexus:8006
|
||||
- **Primary Node**: R630-01
|
||||
- **Cloudflare Tunnel**: proxmox-site-2-tunnel (or proxmox-site-3-tunnel)
|
||||
- **DNS Records Required**:
|
||||
- `r630-01.sankofa.nexus` → 192.168.11.11
|
||||
- `r630-01-api.sankofa.nexus` → 192.168.11.11
|
||||
- `r630-01-metrics.sankofa.nexus` → 192.168.11.11
|
||||
|
||||
## Configuration Files
|
||||
|
||||
### Provider Config
|
||||
- **File**: `crossplane-provider-proxmox/examples/provider-config.yaml`
|
||||
- **Status**: ✅ Updated with token authentication format
|
||||
- **Sites Configured**: us-sfvalley (Instance 1), us-sfvalley-2 (Instance 2)
|
||||
|
||||
### Cloudflare Tunnel Configs
|
||||
- **Site 1**: `cloudflare/tunnel-configs/proxmox-site-1.yaml` ✅ Updated
|
||||
- **Site 2**: `cloudflare/tunnel-configs/proxmox-site-2.yaml` ✅ Updated
|
||||
- **Site 3**: `cloudflare/tunnel-configs/proxmox-site-3.yaml` ✅ Updated
|
||||
|
||||
## Verification Status
|
||||
|
||||
### Connectivity
|
||||
- ✅ Instance 1: Reachable (HTTP 401)
|
||||
- ✅ Instance 2: Reachable (HTTP 401)
|
||||
|
||||
### Authentication
|
||||
- ⏳ Instance 1: Pending (requires credentials)
|
||||
- ⏳ Instance 2: Pending (requires credentials)
|
||||
|
||||
### DNS
|
||||
- ⏳ All hostnames: Pending configuration
|
||||
|
||||
### Cloudflare Tunnels
|
||||
- ⏳ Tunnel credentials: Pending generation
|
||||
- ⏳ Tunnel deployment: Pending
|
||||
|
||||
## Notes
|
||||
|
||||
1. **Instance Sharing**: Instance 2 hosts both eu-west-1 and apac-1 sites
|
||||
- This is acceptable for development/testing
|
||||
- Production should have separate instances per site
|
||||
|
||||
2. **Node Names**:
|
||||
- Instance 1 (192.168.11.10): ML110-01
|
||||
- Instance 2 (192.168.11.11): R630-01
|
||||
- Both sites on Instance 2 use the same node (R630-01)
|
||||
|
||||
3. **DNS Configuration**: All DNS records should point to the physical IP addresses
|
||||
- Cloudflare tunnels will handle the routing
|
||||
- DNS is required for tunnel hostname validation
|
||||
|
||||
4. **Tunnel Credentials**: Each site needs separate tunnel credentials
|
||||
- Generate via Cloudflare dashboard or API
|
||||
- Deploy to respective Proxmox nodes
|
||||
|
||||
## Next Steps
|
||||
|
||||
1. **Verify Node Names**: After authentication, verify actual node names
|
||||
2. **Configure DNS**: Create all required DNS records
|
||||
3. **Generate Tunnels**: Create Cloudflare tunnels for each site
|
||||
4. **Deploy Tunnels**: Install and configure cloudflared on nodes
|
||||
5. **Test Connectivity**: Verify access via Cloudflare hostnames
|
||||
|
||||
Reference in New Issue
Block a user