ADR-001: control node is physical ubongo outside cluster
This commit is contained in:
parent
5aca796fa0
commit
15779be086
1 changed files with 6 additions and 5 deletions
|
|
@ -10,15 +10,16 @@ and the boundaries of what this Ansible monorepo manages.
|
||||||
- **Hypervisor**: Proxmox cluster (2+ nodes)
|
- **Hypervisor**: Proxmox cluster (2+ nodes)
|
||||||
- **Guest OS**: Debian 13 (all managed hosts)
|
- **Guest OS**: Debian 13 (all managed hosts)
|
||||||
- **Scale**: 2–5 VMs, small fleet — treated as individuals, not cattle
|
- **Scale**: 2–5 VMs, small fleet — treated as individuals, not cattle
|
||||||
- **Control node**: A dedicated Debian 13 VM on the cluster. Ansible runs from here.
|
- **Control node**: `ubongo` — a dedicated always-on **physical** x86-64 machine
|
||||||
The control node is the one host that cannot fully bootstrap itself from scratch
|
**outside** the cluster. Ansible runs from here. It cannot be created by the
|
||||||
and requires manual initial setup (see `docs/runbooks/new-host.md`).
|
Terraform it hosts, so it is provisioned manually (see ADR-015 and
|
||||||
|
`docs/runbooks/new-host.md`).
|
||||||
|
|
||||||
## What this repo manages
|
## What this repo manages
|
||||||
|
|
||||||
| Layer | Managed by | Notes |
|
| Layer | Managed by | Notes |
|
||||||
|--------------------|--------------------|--------------------------------------------|
|
|--------------------|--------------------|--------------------------------------------|
|
||||||
| VM existence | Terraform (`terraform/`) | Clones the cloud-init template; control node is the one manual exception (see ADR-009) |
|
| VM existence | Terraform (`terraform/`) | Clones the cloud-init template; `ubongo` (control node) is a physical box outside the cluster, the one manual exception (see ADR-009/ADR-015) |
|
||||||
| Internal DNS records | Ansible `dns` role | Internal zone rendered from inventory (see ADR-007/009) |
|
| Internal DNS records | Ansible `dns` role | Internal zone rendered from inventory (see ADR-007/009) |
|
||||||
| OS baseline | Ansible `base` role | Users, SSH, firewall, updates, audit |
|
| OS baseline | Ansible `base` role | Users, SSH, firewall, updates, audit |
|
||||||
| Docker runtime | Ansible `docker_host` role | Engine, daemon config, log driver |
|
| Docker runtime | Ansible `docker_host` role | Engine, daemon config, log driver |
|
||||||
|
|
@ -32,7 +33,7 @@ describes the *intended* design — see STATUS.md for what is actually built.
|
||||||
|
|
||||||
```
|
```
|
||||||
all
|
all
|
||||||
├── control # the control node itself — baseline config only, runs no services
|
├── control # ubongo — physical control node outside the cluster; baseline config only, runs no services
|
||||||
├── docker_hosts # VMs running Docker services (most hosts)
|
├── docker_hosts # VMs running Docker services (most hosts)
|
||||||
└── proxmox_hosts # Proxmox nodes themselves (limited management scope)
|
└── proxmox_hosts # Proxmox nodes themselves (limited management scope)
|
||||||
```
|
```
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue