9daf1fd378
- Add comprehensive database migrations (001-024) for schema evolution - Enhance API schema with expanded type definitions and resolvers - Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth - Implement new services: AI optimization, billing, blockchain, compliance, marketplace - Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage) - Update Crossplane provider with enhanced VM management capabilities - Add comprehensive test suite for API endpoints and services - Update frontend components with improved GraphQL subscriptions and real-time updates - Enhance security configurations and headers (CSP, CORS, etc.) - Update documentation and configuration files - Add new CI/CD workflows and validation scripts - Implement design system improvements and UI enhancements
3.4 KiB
3.4 KiB
Proxmox Site Mapping
This document maps physical Proxmox instances to logical sites and documents the configuration.
Physical Instances
Instance 1
- IP Address: 192.168.11.10
- Port: 8006
- Endpoint: https://192.168.11.10:8006
- Status: ✅ Verified (HTTP 401 - authentication required)
- Mapped Sites: us-sfvalley (Instance 1)
Instance 2
- IP Address: 192.168.11.11
- Port: 8006
- Endpoint: https://192.168.11.11:8006
- Status: ✅ Verified (HTTP 401 - authentication required)
- Mapped Sites: us-sfvalley-2 (Instance 2)
Site Configuration
us-sfvalley (US San Francisco Valley) - Instance 1
- Physical Instance: Instance 1 (192.168.11.10)
- FQDN: ml110-01.sankofa.nexus
- Endpoint: https://ml110-01.sankofa.nexus:8006
- Primary Node: ML110-01
- Cloudflare Tunnel: proxmox-site-1-tunnel
- DNS Records Required:
ml110-01.sankofa.nexus→ 192.168.11.10ml110-01-api.sankofa.nexus→ 192.168.11.10ml110-01-metrics.sankofa.nexus→ 192.168.11.10
us-sfvalley-2 (US San Francisco Valley) - Instance 2
- Physical Instance: Instance 2 (192.168.11.11)
- FQDN: r630-01.sankofa.nexus
- Endpoint: https://r630-01.sankofa.nexus:8006
- Primary Node: R630-01
- Cloudflare Tunnel: proxmox-site-2-tunnel (or proxmox-site-3-tunnel)
- DNS Records Required:
r630-01.sankofa.nexus→ 192.168.11.11r630-01-api.sankofa.nexus→ 192.168.11.11r630-01-metrics.sankofa.nexus→ 192.168.11.11
Configuration Files
Provider Config
- File:
crossplane-provider-proxmox/examples/provider-config.yaml - Status: ✅ Updated with token authentication format
- Sites Configured: us-sfvalley (Instance 1), us-sfvalley-2 (Instance 2)
Cloudflare Tunnel Configs
- Site 1:
cloudflare/tunnel-configs/proxmox-site-1.yaml✅ Updated - Site 2:
cloudflare/tunnel-configs/proxmox-site-2.yaml✅ Updated - Site 3:
cloudflare/tunnel-configs/proxmox-site-3.yaml✅ Updated
Verification Status
Connectivity
- ✅ Instance 1: Reachable (HTTP 401)
- ✅ Instance 2: Reachable (HTTP 401)
Authentication
- ⏳ Instance 1: Pending (requires credentials)
- ⏳ Instance 2: Pending (requires credentials)
DNS
- ⏳ All hostnames: Pending configuration
Cloudflare Tunnels
- ⏳ Tunnel credentials: Pending generation
- ⏳ Tunnel deployment: Pending
Notes
-
Instance Sharing: Instance 2 hosts both eu-west-1 and apac-1 sites
- This is acceptable for development/testing
- Production should have separate instances per site
-
Node Names:
- Instance 1 (192.168.11.10): ML110-01
- Instance 2 (192.168.11.11): R630-01
- Both sites on Instance 2 use the same node (R630-01)
-
DNS Configuration: All DNS records should point to the physical IP addresses
- Cloudflare tunnels will handle the routing
- DNS is required for tunnel hostname validation
-
Tunnel Credentials: Each site needs separate tunnel credentials
- Generate via Cloudflare dashboard or API
- Deploy to respective Proxmox nodes
Next Steps
- Verify Node Names: After authentication, verify actual node names
- Configure DNS: Create all required DNS records
- Generate Tunnels: Create Cloudflare tunnels for each site
- Deploy Tunnels: Install and configure cloudflared on nodes
- Test Connectivity: Verify access via Cloudflare hostnames