d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d5540bf1d7ffbe8f48ded1aa38cc18713f65fbe
proxmox/docs/03-deployment/DEPLOYMENT_MASTER_PROCEDURE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

287 lines
6.6 KiB
Markdown
Raw Blame History

# Deployment Master Procedure
**Date:** 2026-01-22
**Status:** 🟢 Active Reference
**Last Updated:** 2026-02-05
**Purpose:** Comprehensive deployment procedure master document
---
## Overview
This document consolidates all deployment procedures into a single master reference, providing a complete deployment guide for all services.
---
## Deployment Prerequisites
### System Requirements
- **Proxmox VE:** 3 hosts — 192.168.11.10 (ml110), 192.168.11.11 (r630-01), 192.168.11.12 (r630-02)
- **Edge:** UDM Pro (76.53.10.34, replaced ER605). Port forward 76.53.10.36:80/443 → 192.168.11.167:80/443 (NPMplus). NPMplus LXC has 192.168.11.166 and 192.168.11.167; only **192.168.11.167** is used in UDM Pro.
- **Network:** VLAN 11 configured, gateway accessible
- **Storage:** LVM-thin storage pools available
- **Templates:** Ubuntu/Debian container templates
### Access Requirements
- SSH access to all Proxmox hosts
- Root access to containers
- Network access to services
---
## Deployment Phases
### Phase 1: Infrastructure Setup
#### 1.1 Proxmox Host Configuration
```bash
# Verify host connectivity
./scripts/check-vmid-conflicts.sh
./scripts/check-ip-conflicts.sh
# Configure network
# See: docs/04-configuration/NETWORK_CONFIGURATION_MASTER.md
```
#### 1.2 Network Configuration
- Configure VLAN 11
- Set up gateway routing
- Configure DNS
- Set up firewall rules
**Reference:** `docs/11-references/NETWORK_CONFIGURATION_MASTER.md`
---
### Phase 2: Database Services
#### 2.1 PostgreSQL Deployment
```bash
# Order PostgreSQL
./scripts/configure-service-dependencies.sh
# DBIS PostgreSQL
./scripts/run-dbis-database-migrations.sh
# Sankofa PostgreSQL
./scripts/run-migrations-r630-01.sh
```
#### 2.2 Redis Deployment
```bash
# Order Redis
# DBIS Redis
# See: scripts/configure-service-dependencies.sh
```
**VMIDs:**
- Order PostgreSQL: 10000 (primary), 10001 (replica)
- DBIS PostgreSQL: 10100 (primary), 10101 (replica)
- Order Redis: 10020
- DBIS Redis: 10120
- Sankofa PostgreSQL: 7803
---
### Phase 3: Authentication Services
#### 3.1 Keycloak Deployment
```bash
./scripts/setup-keycloak-r630-01.sh
```
**VMID:** 7802
**Reference:** `docs/04-configuration/KEYCLOAK_SETUP.md`
#### 3.2 Vault Deployment
```bash
./scripts/deploy-phoenix-vault-cluster.sh
```
**VMIDs:** 8640, 8641, 8642
**Reference:** `docs/04-configuration/PHOENIX_VAULT_CLUSTER_DEPLOYMENT.md`
---
### Phase 4: Application Services
#### 4.1 DBIS Services
```bash
# Deploy DBIS services
./scripts/deploy-api-r630-01.sh
# Run migrations
./scripts/run-dbis-database-migrations.sh
```
**VMIDs:** 10130 (frontend), 10150 (API primary), 10151 (API secondary)
#### 4.2 Order Services
```bash
# Deploy Order services
./scripts/deploy-portal-r630-01.sh
```
**VMIDs:** 10090 (portal), 10030-10092 (various services), 10202 (opensearch), 10210 (haproxy)
#### 4.3 Sankofa Services
```bash
# Deploy Sankofa services
./scripts/deploy-sankofa-r630-01.sh
```
**VMIDs:** 7800 (API), 7801 (Portal), 7802 (Keycloak), 7803 (PostgreSQL)
---
### Phase 5: Blockchain Services
#### 5.1 Besu Validators
```bash
# Deploy validators
# See: smom-dbis-138-proxmox/scripts/
# Update validator configs
./scripts/fix-validator-txpool.sh
```
**VMIDs:** 1000-1004
**Reference:** `docs/06-besu/VALIDATOR_TXPOOL_CONFIGURATION_FIX.md`
#### 5.2 Besu Sentries
```bash
# Deploy sentries
# See: smom-dbis-138-proxmox/scripts/
```
**VMIDs:** 1500-1504
#### 5.3 RPC Nodes
```bash
# Deploy RPC nodes
./scripts/setup-thirdweb-rpc-nodes.sh
```
**VMIDs:** 2101 (core), 2201 (public), 2301 (private), 2400-2403 (thirdweb)
#### 5.4 Blockscout
```bash
# Deploy Blockscout
./scripts/start-blockscout-service.sh
```
**VMID:** 5000
**Reference:** `docs/04-configuration/BLOCKSCOUT_ROUTING_CORRECT.md`
---
### Phase 6: Reverse Proxy & Networking
#### 6.1 NPMplus Deployment
```bash
# Deploy NPMplus
# See: docs/04-configuration/NPMPLUS_COMPLETE_SETUP_SUMMARY.md
```
**VMIDs:** 10233 (primary), 10234 (secondary)
#### 6.2 Cloudflare Tunnel
```bash
./scripts/install-shared-tunnel-token.sh
./scripts/update-cloudflare-tunnel-to-nginx.sh
```
**VMID:** 102
---
## Deployment Checklist
### Pre-Deployment
- [ ] Verify Proxmox host connectivity
- [ ] Check VMID conflicts
- [ ] Check IP conflicts
- [ ] Verify network configuration
- [ ] Verify storage availability
### Deployment
- [ ] Deploy infrastructure services
- [ ] Deploy database services
- [ ] Deploy authentication services
- [ ] Deploy application services
- [ ] Deploy blockchain services
- [ ] Deploy reverse proxy
### Post-Deployment
- [ ] Verify all services running
- [ ] Test service connectivity
- [ ] Verify database connections
- [ ] Test API endpoints
- [ ] Verify reverse proxy routing
- [ ] Run configuration validation
---
## Deployment Scripts Reference
### Infrastructure
- `scripts/setup-central-nginx-routing.sh` - Central nginx routing
- `scripts/configure-persistent-networks-v3.sh` - Network configuration
### Database
- `scripts/configure-service-dependencies.sh` - Service dependencies
- `scripts/run-dbis-database-migrations.sh` - DBIS migrations
- `scripts/run-migrations-r630-01.sh` - Sankofa migrations
### Application
- `scripts/deploy-api-r630-01.sh` - DBIS API
- `scripts/deploy-portal-r630-01.sh` - Order Portal
- `scripts/deploy-sankofa-r630-01.sh` - Sankofa services
### Blockchain
- `scripts/setup-thirdweb-rpc-nodes.sh` - ThirdWeb RPC
- `scripts/fix-validator-txpool.sh` - Validator configuration
- `scripts/start-blockscout-service.sh` - Blockscout
### Verification
- `scripts/check-vmid-conflicts.sh` - VMID conflict check
- `scripts/check-ip-conflicts.sh` - IP conflict check
- `scripts/validate-configuration.sh` - Configuration validation
---
## Rollback Procedures
### Service Rollback
1. Stop service container
2. Restore from backup if available
3. Revert configuration changes
4. Restart service
### Database Rollback
1. Stop database service
2. Restore database from backup
3. Restart database service
4. Verify data integrity
### Network Rollback
1. Revert network configuration
2. Restore firewall rules
3. Restore routing rules
4. Verify connectivity
---
## Related Documents
- **[PHOENIX_DEPLOYMENT_RUNBOOK.md](PHOENIX_DEPLOYMENT_RUNBOOK.md)** - Phoenix-specific deployment
- **[VMID_ALLOCATION_FINAL.md](../02-architecture/VMID_ALLOCATION_FINAL.md)** - VMID reference
- **[NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md)** - IP and network reference
- **[NETWORK_ARCHITECTURE.md](../02-architecture/NETWORK_ARCHITECTURE.md)** - Service and network layout
---
**Last Updated:** 2026-01-22
**Maintainer:** System Administrator
**Update Frequency:** On deployment procedure changes
Reference in New Issue View Git Blame Copy Permalink