Reclassify DBIS placeholder Hyperledger CTs
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
This commit is contained in:
defiQUG
@@ -63,7 +63,7 @@ def stier:
|
||||
([.services[] | select(.ipv4 != null) | .ipv4] | group_by(.) | map(select(length > 1) | .[0])) as $dup_ips
|
||||
| .services[]
|
||||
| (.ipv4) as $ip
|
||||
| [(.vmid // "—"), .hostname, ($ip // "—"), (if ($ip != null and ($dup_ips | index($ip))) then "shared / non-concurrent mapping — verify live owner" else "unique in template" end), ntype, "TBD", "TBD", (.preferred_node // "—"), vstatus, stier]
|
||||
| [(.vmid // "—"), .hostname, ($ip // "—"), (if ($ip != null and ($dup_ips | index($ip))) then "shared / non-concurrent mapping — verify live owner" else "unique in template" end), ntype, (.runtime_state // "unspecified"), "TBD", "TBD", (.preferred_node // "—"), vstatus, stier]
|
||||
| @tsv
|
||||
' "$JSON" | sort -t$'\t' -k1,1n > "$TMP"
|
||||
|
||||
@@ -93,6 +93,7 @@ When you change VMID, IP, hostname, or placement, update **ALL_VMIDS** and **ope
|
||||
| **Entity owner** | DBIS Core, Central Bank, IFI, Regional Operator, etc. — use **TBD** until governance assigns. |
|
||||
| **Region** | Geographic or site label — **TBD** until multi-site is formalized. |
|
||||
| **IP note** | Flags duplicate IPv4 entries in the planning template. A duplicate means **shared or historical mapping**, not concurrent ownership — verify live owner in ALL_VMIDS or on-cluster. |
|
||||
| **Runtime state** | Current disposition from the planning template, e.g. active, placeholder CT only, or retired standby. |
|
||||
| **Preferred host** | Preferred Proxmox node (\`r630-01\`, \`r630-02\`, \`ml110\`, \`any\`). This is a planning target, not an assertion of current placement. |
|
||||
| **Validator / signing** | For Chain 138 Besu: QBFT signer, sentry (no signer), RPC-only, or N/A. |
|
||||
| **Security tier** | High-level zone: validator-tier, DMZ/RPC, edge ingress, identity/DLT, application, etc. |
|
||||
@@ -110,12 +111,12 @@ EOF
|
||||
|
||||
Machine-derived rows below come from `services[]` in `config/proxmox-operational-template.json`. Duplicate IPv4 notes are warnings that the planning template still contains alternative or legacy ownership for the same address; they must not be read as concurrent live allocations.
|
||||
|
||||
| VMID | Hostname | IPv4 | IP note | Node type | Entity owner | Region | Preferred host | Validator / signing | Security tier |
|
||||
|------|----------|------|---------|-----------|--------------|--------|----------------|---------------------|---------------|
|
||||
| VMID | Hostname | IPv4 | IP note | Node type | Runtime state | Entity owner | Region | Preferred host | Validator / signing | Security tier |
|
||||
|------|----------|------|---------|-----------|---------------|--------------|--------|----------------|---------------------|---------------|
|
||||
MID
|
||||
|
||||
while IFS=$'\t' read -r vmid host ip ipnote ntype ent reg hw vst stier; do
|
||||
echo "| $vmid | $host | $ip | $ipnote | $ntype | $ent | $reg | $hw | $vst | $stier |"
|
||||
while IFS=$'\t' read -r vmid host ip ipnote ntype rstate ent reg hw vst stier; do
|
||||
echo "| $vmid | $host | $ip | $ipnote | $ntype | $rstate | $ent | $reg | $hw | $vst | $stier |"
|
||||
done < "$TMP"
|
||||
|
||||
cat <<'FOOT'
|
||||
@@ -124,11 +125,11 @@ MID
|
||||
|
||||
These appear in [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md) but are not modeled as `services[]` entries in `proxmox-operational-template.json`. They are **manual supplements**, not generator-backed source of truth.
|
||||
|
||||
| VMID | Hostname | IPv4 | IP note | Node type | Entity owner | Region | Preferred host | Validator / signing | Security tier |
|
||||
|------|----------|------|---------|-----------|--------------|--------|----------------|---------------------|---------------|
|
||||
| 106 | redis-rpc-translator | 192.168.11.110 | manual supplement | RPC translator (Redis) | TBD | TBD | r630-01 (per ALL_VMIDS) | N/A | DMZ / RPC exposure |
|
||||
| 107 | web3signer-rpc-translator | 192.168.11.111 | manual supplement | RPC translator (Web3Signer) | TBD | TBD | r630-01 | N/A | DMZ / RPC exposure |
|
||||
| 108 | vault-rpc-translator | 192.168.11.112 | manual supplement | RPC translator (Vault) | TBD | TBD | r630-01 | N/A | management / secrets |
|
||||
| VMID | Hostname | IPv4 | IP note | Node type | Runtime state | Entity owner | Region | Preferred host | Validator / signing | Security tier |
|
||||
|------|----------|------|---------|-----------|---------------|--------------|--------|----------------|---------------------|---------------|
|
||||
| 106 | redis-rpc-translator | 192.168.11.110 | manual supplement | RPC translator (Redis) | manual supplement | TBD | TBD | r630-01 (per ALL_VMIDS) | N/A | DMZ / RPC exposure |
|
||||
| 107 | web3signer-rpc-translator | 192.168.11.111 | manual supplement | RPC translator (Web3Signer) | manual supplement | TBD | TBD | r630-01 | N/A | DMZ / RPC exposure |
|
||||
| 108 | vault-rpc-translator | 192.168.11.112 | manual supplement | RPC translator (Vault) | manual supplement | TBD | TBD | r630-01 | N/A | management / secrets |
|
||||
|
||||
## Host-level services (no VMID)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user