d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dc8abb06e2bbd33e30803ca59d284ead8ea970c6
proxmox/docs/00-meta/FULL_PARALLEL_EXECUTION_ORDER.md
defiQUG 563729aa19
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs(00-meta): refresh task lists, gaps, and operator indexes 
Made-with: Cursor
2026-03-27 18:47:08 -07:00

188 lines
10 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Full Maximum Parallel Execution Order
**Last Updated:** 2026-02-05
**Purpose:** Order all remaining tasks into waves so that **within each wave, every item can run in parallel**. Run in full maximum parallel mode: execute all items in Wave 0 concurrently (where different owners), then all in Wave 1, then Wave 2, then Wave 3. No artificial sequencing within a wave.
**Sources:** [TODO_TASK_LIST_MASTER.md](TODO_TASK_LIST_MASTER.md), [REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md](REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md), [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md), [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md). **Single plan (required/optional/recommended):** [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md).
**Run record (2026-02-05):** [REMAINING_ITEMS_FULL_PARALLEL_LIST.md](REMAINING_ITEMS_FULL_PARALLEL_LIST.md) (batch 11 summary); **current validation:** `./scripts/validation/validate-config-files.sh`, `./scripts/verify/run-all-validation.sh`.
**Wave 1 status:** [WAVE1_COMPLETION_SUMMARY.md](WAVE1_COMPLETION_SUMMARY.md). **Wave 2/3 checklist:** [WAVE2_WAVE3_OPERATOR_CHECKLIST.md](WAVE2_WAVE3_OPERATOR_CHECKLIST.md).
**Full remaining list (all items by wave):** [REMAINING_ITEMS_FULL_PARALLEL_LIST.md](REMAINING_ITEMS_FULL_PARALLEL_LIST.md).
---
## Execution model
1. **Wave 0** — Gate/creds: do once or when creds available; can run in parallel with each other if different owners.
2. **Wave 1** — No shared state: security, monitoring config, backup, docs, codebase, quick wins, implementation checklist items that need no running infra. **Run all in parallel.**
3. **Wave 2** — Infra/deploy that can parallelize by host or by component: monitoring stack deploy, VLAN work, Phase 3/4 script expansion, optional deploy tasks. **Run all in parallel** (by host or by task).
4. **Wave 3** — Depends on Wave 2 outputs: CCIP Fleet deploy (after Ops/Admin and NAT), Phase 4 tenant isolation (after VLANs). **Run all in parallel** where no internal deps.
5. **Ongoing** — Daily/weekly maintenance; not sequenced.
**Real dependencies (must respect):**
- CCIP commit/execute/RMN nodes require CCIP Ops/Admin and NAT pools (Wave 3 after Wave 2).
- NPMplus backup requires NPM_PASSWORD (Wave 0 or Wave 1).
- sendCrossChain (real) requires PRIVATE_KEY and LINK approved (Wave 0).
- Firewall/SSH changes: coordinate to avoid lockout (Wave 1, but test before disabling password).
---
## Wave 0 — Gates / credentials (run in parallel where different owners)
| ID | Task | Blocker / note |
|----|------|-----------------|
| W0-1 | Apply NPMplus RPC fix (405) | Run from host on LAN: `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` |
| W0-2 | Execute sendCrossChain (real) | PRIVATE_KEY, LINK approved for fee token; remove `--dry-run` from run-send-cross-chain.sh |
| W0-3 | NPMplus backup (export/config) | NPM_PASSWORD in .env; run existing backup script |
---
## Wave 1 — Full parallel (no shared state)
**Security**
| ID | Task |
|----|------|
| W1-1 | SSH key-based auth; disable password auth (coordinate to avoid lockout) |
| W1-2 | Firewall: restrict Proxmox API 8006 to specific IPs |
| W1-3 | smom: Security audits VLT-024, ISO-024 |
| W1-4 | smom: Bridge integrations BRG-VLT, BRG-ISO |
**Monitoring (config / design)**
| ID | Task |
|----|------|
| W1-5 | Prometheus scrape config (Besu 9545, targets); alert rules |
| W1-6 | Grafana dashboards (JSON); Alertmanager config |
| W1-7 | Loki/Alertmanager config files (no deploy yet) |
**Backup**
| ID | Task |
|----|------|
| W1-8 | Automated backup script (validator keys, configs); NPMplus backup cron (already exists — verify/schedule) |
**Phase 1 (optional)**
| ID | Task |
|----|------|
| W1-9 | VLAN enablement: UDM Pro VLAN config docs; Proxmox VLAN-aware bridge design |
| W1-10 | VLAN migration plan (per-service table) |
**Documentation**
| ID | Task |
|----|------|
| W1-11 | Documentation consolidation (by folder: 01-, 02-, 03-, …); archive old status |
| W1-12 | Quick reference cards; decision trees; config templates (ALL_IMPROVEMENTS 6874) |
| W1-13 | Final IP assignments; service connectivity matrix; operational runbooks |
**Codebase**
| ID | Task |
|----|------|
| W1-14 | dbis_core: TypeScript/Prisma fixes (by module/file — parallelize by file) |
| W1-15 | smom: EnhancedSwapRouter quoter; AlltraAdapter fee TODO |
| W1-16 | smom: IRU remaining tasks |
| W1-17 | Placeholders: canonical addresses env-only; AlltraAdapter fee; smart accounts kit; quote service Fabric chainId 999; .bak deprecation (ALL_IMPROVEMENTS 8791) |
**Quick wins & implementation checklist (high priority, no infra)**
| ID | Task |
|----|------|
| W1-18 | Add progress indicators to scripts; config validation in CI/pre-deploy |
| W1-19 | Secure validator key permissions (chmod 600, chown besu) |
| W1-20 | Secret management audit; input validation in scripts; security scanning automation (ALL_IMPROVEMENTS 4851) |
| W1-21 | Configuration validation (JSON/YAML schema); config templates; env standardization (5254) |
**MetaMask / explorer (optional, parallel)**
| ID | Task |
|----|------|
| W1-22 | Token-aggregation hardening; CoinGecko submission |
| W1-23 | Chain 138 Snap: market data UI; swap quotes; bridge routes; testing & distribution |
| W1-24 | Explorer: dark mode, network selector, sync indicator |
| W1-25 | Paymaster deploy (optional); Consensys outreach |
| W1-26 | API keys: Li.Fi, Jumper, 1inch (when keys available — per integration in parallel) |
**Improvements index 135 (Proxmox high/med/low, quick wins)**
| ID | Task |
|----|------|
| W1-27 | ALL_IMPROVEMENTS 111 (Proxmox high: .env, validator keys, SSH, firewall, VLANs, metrics, health, backup, runbooks) — each item parallel |
| W1-28 | ALL_IMPROVEMENTS 1220 (Proxmox medium: error handling, logging, Loki, resource/network/DB optimization, CI/CD) |
| W1-29 | ALL_IMPROVEMENTS 2130 (Proxmox low: auto-scale, load balancing, multi-region, HSM, audit) |
| W1-30 | ALL_IMPROVEMENTS 3135 (Quick wins: progress indicators, --dry-run, config validation, FAQ, inline comments) |
**Improvements index 3667 (code quality, docs, security, config, monitoring DX)**
| ID | Task |
|----|------|
| W1-31 | ALL_IMPROVEMENTS 3643 (script shebang, set -euo, header template, shellcheck, consolidation, lib, perf, doc gen) |
| W1-32 | ALL_IMPROVEMENTS 4447 (doc consolidation, accuracy, inline doc, API doc) |
| W1-33 | ALL_IMPROVEMENTS 4857 (security audit, validation, scanning, RBAC, config validation, templates, tests, CI) |
| W1-34 | ALL_IMPROVEMENTS 5867 (logging, metrics, health, DevContainer, IDE, backup review) |
**Improvements index 6891 (docs, infra design, codebase, placeholders)**
| ID | Task |
|----|------|
| W1-35 | ALL_IMPROVEMENTS 6874 (docs: quick ref, decision trees, config templates, examples, glossary) |
| W1-36 | ALL_IMPROVEMENTS 7581 (Phase 14 design, missing containers list — design only in Wave 1) |
| W1-37 | ALL_IMPROVEMENTS 8286 (smom audits, BRG, CCIP AMB, dbis_core, IRU — same as W1-14 to W1-17) |
| W1-38 | ALL_IMPROVEMENTS 8791 (placeholders — same as W1-17) |
**Improvements index 92139 (MetaMask, Tezos/CCIP, Besu, RPC, orchestration, maintenance)**
| ID | Task |
|----|------|
| W1-39 | ALL_IMPROVEMENTS 92105 (MetaMask/explorer — parallel by task) |
| W1-40 | ALL_IMPROVEMENTS 106121 (Tezos/Etherlink/CCIP — config and scripts in parallel) |
| W1-41 | ALL_IMPROVEMENTS 122126 (Besu/blockchain) |
| W1-42 | ALL_IMPROVEMENTS 127130 (RPC translator) |
| W1-43 | ALL_IMPROVEMENTS 131134 (Orchestration portal) |
| W1-44 | ALL_IMPROVEMENTS 135139 (Maintenance procedures — document/automate) |
---
## Wave 2 — Infra / deploy (parallel by host or component)
| ID | Task | Parallelize by |
|----|------|----------------|
| W2-1 | Deploy monitoring stack (Prometheus, Grafana, Loki, Alertmanager) | By component or single deployer |
| W2-2 | Grafana published via Cloudflare Access; alerts configured | After stack up |
| W2-3 | VLAN enablement: apply UDM Pro VLAN config; Proxmox bridge; migrate services to VLANs | By VLAN or by host |
| W2-4 | Phase 3 CCIP: Ops/Admin (5400-5401); NAT pools; commit/execute/RMN script expansion | Ops first, then NAT, then scripts |
| W2-5 | Phase 4: Sovereign tenant VLANs; isolation; access control | By tenant or by VLAN |
| W2-6 | 25062508 destroyed 2026-02-08; RPC 25002505 only. See MISSING_CONTAINERS_LIST.md | Done (doc) |
| W2-7 | DBIS services start (1010010151, etc.); additional Hyperledger | By host |
| W2-8 | NPMplus HA (Keepalived, secondary 10234) | Optional; single change |
---
## Wave 3 — After Wave 2 (CCIP Fleet, tenant isolation)
| ID | Task | Depends on |
|----|------|------------|
| W3-1 | CCIP Fleet full deploy: 16 commit (5410-5425), 16 execute (5440-5455), 7 RMN (5470-5476) | W2-4 (Ops/Admin, NAT) |
| W3-2 | Phase 4 tenant isolation enforcement; access control | W2-3 / W2-5 (VLANs) |
---
## Ongoing (no wave)
| ID | Task | Frequency |
|----|------|-----------|
| O-1 | Monitor explorer sync | Daily |
| O-2 | Monitor RPC 2201 | Daily |
| O-3 | Config API uptime | Weekly |
---
## How to run in full maximum parallel mode
1. **Gate:** Complete Wave 0 (W0-1, W0-2, W0-3) as soon as creds/access allow; these can run in parallel with each other.
2. **Parallel Wave 1:** Assign each W1-* item to an owner or automation; run all W1-* concurrently. Use [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) cohorts A/B where they overlap.
3. **Parallel Wave 2:** Run W2-1 through W2-8 in parallel (by host for D1D3 style tasks, by component for stack deploy).
4. **Parallel Wave 3:** After Wave 2 outputs exist, run W3-1 and W3-2 in parallel.
5. **Ongoing:** Schedule O-1, O-2, O-3 (cron or runbooks).
**Automation:** A runner can parse this file, group by wave, and execute each wave in parallel (e.g. one job per W1-* and W2-* item).
---
## Cross-references
- [TODO_TASK_LIST_MASTER.md](TODO_TASK_LIST_MASTER.md) — Consolidated checklist
- [REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md](REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md) — Full review
- [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) — Cohorts A/B/C/D (legacy; still valid for the-order, smom, dbis, OMNIS)
- [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md) — Items 1139 detail
Reference in New Issue View Git Blame Copy Permalink