d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Sankofa/docs/proxmox/INTER_INSTANCE_CONNECTIVITY.md
defiQUG 9daf1fd378 Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements 
- Add comprehensive database migrations (001-024) for schema evolution
- Enhance API schema with expanded type definitions and resolvers
- Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth
- Implement new services: AI optimization, billing, blockchain, compliance, marketplace
- Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage)
- Update Crossplane provider with enhanced VM management capabilities
- Add comprehensive test suite for API endpoints and services
- Update frontend components with improved GraphQL subscriptions and real-time updates
- Enhance security configurations and headers (CSP, CORS, etc.)
- Update documentation and configuration files
- Add new CI/CD workflows and validation scripts
- Implement design system improvements and UI enhancements
2025-12-12 18:01:35 -08:00

199 lines
4.2 KiB
Markdown
Raw Permalink Blame History

# Proxmox Inter-Instance Connectivity
**Last Updated**: 2024-12-19
## Overview
This document describes the connectivity status between the two Proxmox instances and how to verify they can see each other.
## Instance Configuration
- **Instance 1**: ML110-01
- IP: 192.168.11.10
- FQDN: ml110-01.sankofa.nexus
- Site: us-sfvalley
- **Instance 2**: R630-01
- IP: 192.168.11.11
- FQDN: r630-01.sankofa.nexus
- Site: us-sfvalley-2
## Network Configuration
Both instances are on the same network:
- **Subnet**: 192.168.11.0/24
- **Network Type**: Private LAN
- **Gateway**: (to be determined)
## Connectivity Test Results
### From External Machine (This Machine)
**Both instances are reachable:**
- ML110-01 → R630-01: ✅ Reachable (HTTP 401 - auth required)
- R630-01 → ML110-01: ✅ Reachable (HTTP 401 - auth required)
- Both respond to API calls with authentication ✅
### API-Based Tests
Using Proxmox API tokens:
1. **ML110-01 can reach R630-01 API**: ✅
- Version: 9.1.1
- Authentication: Successful
2. **R630-01 can reach ML110-01 API**: ✅
- Version: 9.1.1
- Authentication: Successful
### Cluster Status
Check cluster membership:
```bash
# From ML110-01
curl -k -H "Authorization: PVEAPIToken <token>" \
https://192.168.11.10:8006/api2/json/cluster/status
# From R630-01
curl -k -H "Authorization: PVEAPIToken <token>" \
https://192.168.11.11:8006/api2/json/cluster/status
```
## Verification Methods
### Method 1: API-Based (From External Machine)
```bash
source .env
# Test ML110-01 → R630-01
curl -k -H "Authorization: PVEAPIToken ${PROXMOX_TOKEN_R630_01}" \
https://192.168.11.11:8006/api2/json/version
# Test R630-01 → ML110-01
curl -k -H "Authorization: PVEAPIToken ${PROXMOX_TOKEN_ML110_01}" \
https://192.168.11.10:8006/api2/json/version
```
### Method 2: SSH-Based (From Within Instances)
Requires SSH access to instances:
```bash
# SSH into ML110-01
ssh root@192.168.11.10
# Test connectivity to R630-01
curl -k https://192.168.11.11:8006/api2/json/version
ping -c 3 192.168.11.11
# SSH into R630-01
ssh root@192.168.11.11
# Test connectivity to ML110-01
curl -k https://192.168.11.10:8006/api2/json/version
ping -c 3 192.168.11.10
```
### Method 3: Using Proxmox Web UI
1. Log in to ML110-01 web UI
2. Go to: Datacenter → Cluster
3. Check if R630-01 appears in cluster members
4. Repeat from R630-01
## Cluster Requirements
If you want to cluster these instances:
### Network Requirements
- ✅ Same subnet (192.168.11.0/24) - **Met**
- ✅ Network connectivity - **Confirmed**
- ⚠️ Firewall rules for clustering ports
### Firewall Ports for Clustering
Required ports:
- **8006**: Proxmox API (HTTPS)
- **5404-5405**: Corosync (cluster communication)
- **22**: SSH (for cluster operations)
- **3128**: Spice proxy (optional)
### Cluster Setup Steps
1. **Prepare first node (ML110-01)**:
```bash
# On ML110-01
pvecm create <cluster-name>
```
2. **Add second node (R630-01)**:
```bash
# On R630-01
pvecm add <first-node-ip> -link0 <first-node-ip>
```
3. **Verify cluster**:
```bash
# On either node
pvecm status
pvecm nodes
```
## Current Status
### ✅ Confirmed
- Both instances are on the same network
- Both instances are reachable via IP and FQDN
- API connectivity works from external machine
- Both instances respond to authenticated API calls
### ⚠️ To Verify
- Direct connectivity from within instances (requires SSH)
- Cluster membership status
- Firewall configuration for clustering
- Corosync port accessibility
## Troubleshooting
### Instances Can't See Each Other
1. **Check network connectivity**:
```bash
ping <other-instance-ip>
```
2. **Check firewall rules**:
```bash
# On Proxmox
iptables -L -n | grep <other-instance-ip>
pve-firewall status
```
3. **Check routing**:
```bash
ip route show
route -n
```
### Cluster Issues
1. **Check corosync**:
```bash
systemctl status corosync
corosync-cmapctl | grep members
```
2. **Check quorum**:
```bash
pvecm status
pvecm expected 2 # For 2-node cluster
```
## Related Documentation
- [Deployment Readiness](./DEPLOYMENT_READINESS.md)
- [Network Configuration](./NETWORK_CONFIGURATION.md)
- [Cluster Setup Guide](./CLUSTER_SETUP.md)
Reference in New Issue View Git Blame Copy Permalink