Vijfpas implementation documentation index¶
This document tracks implementation-level documentation.
Use this track for concrete deployment and operations details, not for architectural intent.
Examples of implementation details:
- VLAN IDs, subnet ranges, IP assignments
- firewall rules, NAT/port-forward specifics
- service interface/port matrices
- hostnames, node sizing, storage class mappings
- environment-specific deployment values
- actual deployment and bootstrap state
The public docs portal presents this track as Infrastructure.
Runbooks remain authoritative in the monorepo, but they are intentionally not published on the public docs site.
1. Current implementation docs¶
- Vijfpas Inventory
- Vijfpas Network Implementation
- Vijfpas Service Interfaces
- Vijfpas Deployment Implementation
- Vijfpas Bootstrap Implementation
2. Architecture/policy boundary¶
Keep these in architecture/policy docs (concepts.md, architecture.md, services.md, products.md, security.md, tenant-exposure-matrix.md, operations.md):
- environment and trust-zone boundaries
- component and product roles
- team ownership and SoD controls
- dependency relationships
- HA patterns and lifecycle policy baselines
Keep concrete values and procedures in implementation docs:
- exact addresses, ports, credentials paths
- provisioning and rollout instructions
- service-specific failover/restore command steps
3. 10.x network catalog (current implementation)¶
This is the quick reference for the network objects that currently exist in UniFi and Terraform. Authoritative details remain in Vijfpas Network Implementation.
| Controller name | VLAN | Subnet | Gateway | DHCP | Status |
|---|---|---|---|---|---|
nfr-ilom |
10 |
10.0.10.0/24 |
10.0.10.1 |
off | live |
nfr-mgmt |
20 |
10.0.20.0/24 |
10.0.20.1 |
on | live |
nfr-corosync |
21 |
10.0.21.0/24 |
10.0.21.1 |
off | live |
prd-admin |
22 |
10.0.22.0/24 |
10.0.22.1 |
on | live |
dev-admin |
23 |
10.0.23.0/24 |
10.0.23.1 |
on | live |
acc-admin |
24 |
10.0.24.0/24 |
10.0.24.1 |
on | live |
acc-dmz |
25 |
10.0.25.0/24 |
10.0.25.1 |
on | live |
acc-svc |
26 |
10.0.26.0/24 |
10.0.26.1 |
on | live |
acc-core |
27 |
10.0.27.0/24 |
10.0.27.1 |
on | live |
acc-egress |
28 |
10.0.28.0/24 |
10.0.28.1 |
on | live |
prd-dmz |
30 |
10.0.30.0/24 |
10.0.30.1 |
on | live |
prd-svc |
31 |
10.0.31.0/24 |
10.0.31.1 |
on | live |
dev-core |
32 |
10.0.32.0/24 |
10.0.32.1 |
on | live |
dev-egress |
33 |
10.0.33.0/24 |
10.0.33.1 |
on | live |
prd-egress |
34 |
10.0.34.0/24 |
10.0.34.1 |
on | live, currently unused by VMs |
prd-core |
35 |
10.0.35.0/24 |
10.0.35.1 |
on | live |
dev-dmz |
36 |
10.0.36.0/24 |
10.0.36.1 |
on | live |
dev-svc |
37 |
10.0.37.0/24 |
10.0.37.1 |
on | live |
nfr-cephpub |
40 |
10.0.40.0/24 |
10.0.40.1 |
off | live |
nfr-cephclu |
41 |
10.0.41.0/24 |
10.0.41.1 |
off | live |
infra-admin |
42 |
10.0.42.0/24 |
10.0.42.1 |
on | live |
pfm-svc |
43 |
10.0.43.0/24 |
10.0.43.1 |
off | live; shared-platform control/API tier |
pfm-core |
44 |
10.0.44.0/24 |
10.0.44.1 |
off | live; shared-platform backend/data tier |
pfm-egress |
45 |
10.0.45.0/24 |
10.0.45.1 |
off | live; shared-platform outbound-exception tier |
pfm-bck |
46 |
10.0.46.0/24 |
10.0.46.1 |
off | live; shared-platform backup tier |
dev-bck |
47 |
10.0.47.0/24 |
10.0.47.1 |
off | live |
acc-bck |
48 |
10.0.48.0/24 |
10.0.48.1 |
off | live in UniFi; no current VM attached |
Notes:
nfr-mgmtremains substrate-only.prd-adminanddev-adminare the current admin-source networks.- the live shared-platform service tiers now use
pfm-svc,pfm-core,pfm-egress, andpfm-bck - managed service VMs default to workload or service networks only; dedicated guest-admin NICs are exception-only.
4. Proxmox host assignments (5-node baseline)¶
This section captures management and Corosync addressing baseline for the 5-node Proxmox plan. Detailed DNS/addressing baseline remains in Vijfpas Network Implementation.
| Node | Hostname (FQDN) | Mgmt (vmbr0) |
Corosync (bond0.21) |
MAC (mgmt) | Addressing method | Notes |
|---|---|---|---|---|---|---|
| Proxmox A | proxmox-a.nfr-mgmt.vijfpas.be |
10.0.20.2 |
10.0.21.2 |
00:10:e0:24:41:12 |
DHCP reservation (nfr-mgmt) + static (nfr-corosync) |
Oracle X3-2L Proxmox node |
| Proxmox B | proxmox-b.nfr-mgmt.vijfpas.be |
10.0.20.3 |
10.0.21.3 |
00:10:e0:22:2e:08 |
DHCP reservation (nfr-mgmt) + static (nfr-corosync) |
Oracle X3-2L Proxmox node |
| Proxmox C | proxmox-c.nfr-mgmt.vijfpas.be |
10.0.20.4 |
10.0.21.4 |
TBD | DHCP reservation (nfr-mgmt) + static (nfr-corosync) |
live node; MAC still to record |
| Proxmox D | proxmox-d.nfr-mgmt.vijfpas.be |
10.0.20.5 |
10.0.21.5 |
TBD | DHCP reservation (nfr-mgmt) + static (nfr-corosync) |
live node; MAC still to record |
| Proxmox E | proxmox-e.nfr-mgmt.vijfpas.be |
10.0.20.6 |
10.0.21.6 |
TBD | DHCP reservation (nfr-mgmt) + static (nfr-corosync) |
live node; MAC still to record |
5. Proxmox storage baseline reference¶
Current node-local storage pools are tracked in Vijfpas Inventory, section 2.3 Local Proxmox ZFS pools (current).
VM-specific storage use in the platform VM stack is tracked in Vijfpas Bootstrap Implementation and the Terraform stack under infra-live/platform-dev-vms/.