d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fa5de3ba0110f8f6c19d43df484a805dc1d857f0
proxmox/docs/04-configuration/UDM_PRO_VLAN_MIGRATION_PLAN.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

285 lines
7.0 KiB
Markdown
Raw Blame History

# UDM Pro VLAN Migration Plan
**Last Updated:** 2026-01-15
**Status:****READY FOR MIGRATION**
---
## Overview
This document provides a complete migration plan for moving existing services from the flat LAN (192.168.11.0/24) to the new VLAN-based architecture.
---
## Current State
### Existing Containers (from documentation)
**ml110 (192.168.11.10):**
| VMID | Hostname | Current IP | Current VLAN | Target VLAN | Target IP |
|------|----------|------------|--------------|-------------|-----------|
| 1000 | besu-validator-1 | 192.168.11.100 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.100 |
| 1001 | besu-validator-2 | 192.168.11.101 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.101 |
| 1002 | besu-validator-3 | 192.168.11.102 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.102 |
| 1003 | besu-validator-4 | 192.168.11.103 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.103 |
| 1004 | besu-validator-5 | 192.168.11.104 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.104 |
| 1500 | besu-sentry-1 | 192.168.11.150 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.150 |
| 1501 | besu-sentry-2 | 192.168.11.151 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.151 |
| 1502 | besu-sentry-3 | 192.168.11.152 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.152 |
| 1503 | besu-sentry-4 | 192.168.11.153 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.153 |
| 2500 | besu-rpc-1 | 192.168.11.250 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.250 |
| 2501 | besu-rpc-2 | 192.168.11.251 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.251 |
| 2502 | besu-rpc-3 | 192.168.11.252 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.252 |
**Total:** 12 containers to migrate
---
## Migration Strategy
### Phase 1: Besu Validators (VLAN 110)
**Containers:** 1000-1004
**Target VLAN:** 110 (BESU-VAL)
**Target Subnet:** 10.110.0.0/24
**Steps:**
1. Assign VLAN 110 to containers
2. Update IP addresses to 10.110.0.100-104
3. Update Besu configuration with new IPs
4. Restart containers
5. Verify connectivity
**Commands:**
```bash
# Assign VLAN 110
for CTID in 1000 1001 1002 1003 1004; do
./scripts/proxmox/assign-vlan-to-container.sh $CTID 110 ml110
done
# Update IP addresses (inside containers)
# Configure static IPs: 10.110.0.100-104
```
### Phase 2: Besu Sentries (VLAN 111)
**Containers:** 1500-1503
**Target VLAN:** 111 (BESU-SEN)
**Target Subnet:** 10.111.0.0/24
**Steps:**
1. Assign VLAN 111 to containers
2. Update IP addresses to 10.111.0.150-153
3. Update Besu configuration
4. Restart containers
5. Verify connectivity
**Commands:**
```bash
# Assign VLAN 111
for CTID in 1500 1501 1502 1503; do
./scripts/proxmox/assign-vlan-to-container.sh $CTID 111 ml110
done
```
### Phase 3: Besu RPC Nodes (VLAN 112)
**Containers:** 2500-2502
**Target VLAN:** 112 (BESU-RPC)
**Target Subnet:** 10.112.0.0/24
**Steps:**
1. Assign VLAN 112 to containers
2. Update IP addresses to 10.112.0.250-252
3. Update Besu configuration
4. Restart containers
5. Verify connectivity
**Commands:**
```bash
# Assign VLAN 112
for CTID in 2500 2501 2502; do
./scripts/proxmox/assign-vlan-to-container.sh $CTID 112 ml110
done
```
---
## Migration Checklist
### Pre-Migration
- [x] All VLANs configured on UDM Pro
- [x] Network Isolation disabled
- [x] Zone Matrix configured
- [x] Inter-VLAN routing verified
- [ ] Backup all container configurations
- [ ] Document current IP assignments
- [ ] Plan IP address assignments for new VLANs
### Migration Execution
- [ ] Phase 1: Migrate Besu Validators (VLAN 110)
- [ ] Phase 2: Migrate Besu Sentries (VLAN 111)
- [ ] Phase 3: Migrate Besu RPC Nodes (VLAN 112)
- [ ] Verify all services operational
- [ ] Test inter-VLAN communication
### Post-Migration
- [ ] Update DNS records (if applicable)
- [ ] Update firewall rules
- [ ] Update monitoring configurations
- [ ] Update documentation
- [ ] Remove old IP assignments
---
## IP Address Assignment
### VLAN 110 (BESU-VAL) - 10.110.0.0/24
| VMID | Hostname | IP Address |
|------|----------|------------|
| 1000 | besu-validator-1 | 10.110.0.100 |
| 1001 | besu-validator-2 | 10.110.0.101 |
| 1002 | besu-validator-3 | 10.110.0.102 |
| 1003 | besu-validator-4 | 10.110.0.103 |
| 1004 | besu-validator-5 | 10.110.0.104 |
### VLAN 111 (BESU-SEN) - 10.111.0.0/24
| VMID | Hostname | IP Address |
|------|----------|------------|
| 1500 | besu-sentry-1 | 10.111.0.150 |
| 1501 | besu-sentry-2 | 10.111.0.151 |
| 1502 | besu-sentry-3 | 10.111.0.152 |
| 1503 | besu-sentry-4 | 10.111.0.153 |
### VLAN 112 (BESU-RPC) - 10.112.0.0/24
| VMID | Hostname | IP Address |
|------|----------|------------|
| 2500 | besu-rpc-1 | 10.112.0.250 |
| 2501 | besu-rpc-2 | 10.112.0.251 |
| 2502 | besu-rpc-3 | 10.112.0.252 |
---
## Migration Scripts
### Batch Migration Script
```bash
#!/bin/bash
# Migrate all Besu containers to appropriate VLANs
HOST="ml110"
echo "🚀 Starting VLAN Migration"
echo ""
# Validators → VLAN 110
echo "Phase 1: Migrating Validators to VLAN 110..."
for CTID in 1000 1001 1002 1003 1004; do
echo " Migrating container $CTID..."
./scripts/proxmox/assign-vlan-to-container.sh $CTID 110 $HOST
done
# Sentries → VLAN 111
echo "Phase 2: Migrating Sentries to VLAN 111..."
for CTID in 1500 1501 1502 1503; do
echo " Migrating container $CTID..."
./scripts/proxmox/assign-vlan-to-container.sh $CTID 111 $HOST
done
# RPC → VLAN 112
echo "Phase 3: Migrating RPC Nodes to VLAN 112..."
for CTID in 2500 2501 2502; do
echo " Migrating container $CTID..."
./scripts/proxmox/assign-vlan-to-container.sh $CTID 112 $HOST
done
echo ""
echo "✅ Migration complete!"
echo ""
echo "📋 Next Steps:"
echo " 1. Update IP addresses inside containers"
echo " 2. Update Besu configuration"
echo " 3. Restart containers"
echo " 4. Verify connectivity"
```
---
## Testing After Migration
### Connectivity Tests
```bash
# Test gateway connectivity from each VLAN
ping 10.110.0.1 # BESU-VAL gateway
ping 10.111.0.1 # BESU-SEN gateway
ping 10.112.0.1 # BESU-RPC gateway
# Test inter-VLAN communication
ping 10.110.0.100 # From VLAN 111
ping 10.111.0.150 # From VLAN 110
```
### Service Tests
```bash
# Test Besu RPC endpoints
curl -X POST http://10.112.0.250:8545 -H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
# Test validator connectivity
# (Besu-specific tests)
```
---
## Rollback Plan
If migration fails:
1. **Revert VLAN assignments:**
```bash
# Reassign to VLAN 11
for CTID in 1000 1001 1002 1003 1004 1500 1501 1502 1503 2500 2501 2502; do
./scripts/proxmox/assign-vlan-to-container.sh $CTID 11 ml110
done
```
2. **Restore IP addresses:**
- Revert to original 192.168.11.x addresses
- Update container network configuration
3. **Restart services:**
- Restart all containers
- Verify services operational
---
## Summary
**Status:****READY FOR MIGRATION**
**Migration Plan:**
- ✅ All VLANs configured
- ✅ Migration scripts ready
- ✅ IP assignments planned
- ✅ Testing procedures defined
**Next Steps:**
1. Review migration plan
2. Execute migration in phases
3. Test after each phase
4. Complete migration
---
**Last Updated:** 2026-01-15
Reference in New Issue View Git Blame Copy Permalink