diff --git a/docs/decisions/001-architecture.md b/docs/decisions/001-architecture.md index 6763a14..cac5be9 100644 --- a/docs/decisions/001-architecture.md +++ b/docs/decisions/001-architecture.md @@ -10,15 +10,16 @@ and the boundaries of what this Ansible monorepo manages. - **Hypervisor**: Proxmox cluster (2+ nodes) - **Guest OS**: Debian 13 (all managed hosts) - **Scale**: 2–5 VMs, small fleet — treated as individuals, not cattle -- **Control node**: A dedicated Debian 13 VM on the cluster. Ansible runs from here. - The control node is the one host that cannot fully bootstrap itself from scratch - and requires manual initial setup (see `docs/runbooks/new-host.md`). +- **Control node**: `ubongo` — a dedicated always-on **physical** x86-64 machine + **outside** the cluster. Ansible runs from here. It cannot be created by the + Terraform it hosts, so it is provisioned manually (see ADR-015 and + `docs/runbooks/new-host.md`). ## What this repo manages | Layer | Managed by | Notes | |--------------------|--------------------|--------------------------------------------| -| VM existence | Terraform (`terraform/`) | Clones the cloud-init template; control node is the one manual exception (see ADR-009) | +| VM existence | Terraform (`terraform/`) | Clones the cloud-init template; `ubongo` (control node) is a physical box outside the cluster, the one manual exception (see ADR-009/ADR-015) | | Internal DNS records | Ansible `dns` role | Internal zone rendered from inventory (see ADR-007/009) | | OS baseline | Ansible `base` role | Users, SSH, firewall, updates, audit | | Docker runtime | Ansible `docker_host` role | Engine, daemon config, log driver | @@ -32,7 +33,7 @@ describes the *intended* design — see STATUS.md for what is actually built. ``` all -├── control # the control node itself — baseline config only, runs no services +├── control # ubongo — physical control node outside the cluster; baseline config only, runs no services ├── docker_hosts # VMs running Docker services (most hosts) └── proxmox_hosts # Proxmox nodes themselves (limited management scope) ```