Files

defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration

- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.

2025-12-12 14:57:48 -08:00

7.7 KiB

Raw Blame History

Network Topology Diagram Template

This template can be used to create network topology diagrams for the DeFi Oracle Meta Mainnet.

Network Architecture

┌─────────────────────────────────────────────────────────────┐
│                    Virtual Network (10.0.0.0/16)            │
│                    Azure Region: East US                    │
│                                                              │
│  ┌──────────────────────────────────────────────────────┐  │
│  │  Subnet: AKS (10.0.1.0/24)                          │  │
│  │  ┌──────────────┐  ┌──────────────┐                │  │
│  │  │ AKS Control  │  │ AKS Nodes    │                │  │
│  │  │ Plane        │  │ (System Pool)│                │  │
│  │  └──────────────┘  └──────────────┘                │  │
│  └──────────────────────────────────────────────────────┘  │
│                                                              │
│  ┌──────────────────────────────────────────────────────┐  │
│  │  Subnet: Validators (10.0.2.0/24) - Private         │  │
│  │  NSG: Allow internal only                            │  │
│  │  ┌──────────────┐  ┌──────────────┐                │  │
│  │  │ Validator 1  │  │ Validator 2  │                │  │
│  │  └──────────────┘  └──────────────┘                │  │
│  │  ┌──────────────┐  ┌──────────────┐                │  │
│  │  │ Validator 3  │  │ Validator 4  │                │  │
│  │  └──────────────┘  └──────────────┘                │  │
│  └──────────────────────────────────────────────────────┘  │
│                                                              │
│  ┌──────────────────────────────────────────────────────┐  │
│  │  Subnet: Sentries (10.0.3.0/24) - Public P2P        │  │
│  │  NSG: Allow P2P (30303 TCP/UDP)                      │  │
│  │  ┌──────────────┐  ┌──────────────┐                │  │
│  │  │ Sentry 1     │  │ Sentry 2     │                │  │
│  │  └──────────────┘  └──────────────┘                │  │
│  │  ┌──────────────┐                                    │  │
│  │  │ Sentry 3     │                                    │  │
│  │  └──────────────┘                                    │  │
│  └──────────────────────────────────────────────────────┘  │
│                                                              │
│  ┌──────────────────────────────────────────────────────┐  │
│  │  Subnet: RPC (10.0.4.0/24) - DMZ                    │  │
│  │  NSG: Allow HTTPS (443)                              │  │
│  │  ┌──────────────┐  ┌──────────────┐                │  │
│  │  │ RPC Node 1   │  │ RPC Node 2   │                │  │
│  │  └──────────────┘  └──────────────┘                │  │
│  │  ┌──────────────┐                                    │  │
│  │  │ RPC Node 3   │                                    │  │
│  │  └──────────────┘                                    │  │
│  └──────────────────────────────────────────────────────┘  │
│                                                              │
│  ┌──────────────────────────────────────────────────────┐  │
│  │  Subnet: Application Gateway (10.0.5.0/24)          │  │
│  │  ┌──────────────────────────────────────────────┐  │  │
│  │  │ Application Gateway with WAF                 │  │  │
│  │  │ - Rate Limiting                              │  │  │
│  │  │ - Authentication                             │  │  │
│  │  │ - SSL Termination                            │  │  │
│  │  └──────────────────────────────────────────────┘  │  │
│  └──────────────────────────────────────────────────────┘  │
└─────────────────────────────────────────────────────────────┘

Network Security Groups

Validators NSG

Allow: Internal communication (10.0.0.0/16)
Deny: All other traffic
Purpose: Isolate validators from public internet

Sentries NSG

Allow: P2P (30303 TCP/UDP) from internet
Allow: Internal communication (10.0.0.0/16)
Purpose: Enable P2P connectivity while maintaining security

RPC NSG

Allow: HTTPS (443) from internet
Allow: HTTP (80) for redirect to HTTPS
Allow: Internal communication (10.0.0.0/16)
Purpose: Enable public RPC access with security

Network Flow

External Access

Internet → Application Gateway → RPC Nodes → Besu Network

Internal Communication

Validators ↔ Sentries ↔ RPC Nodes (Internal)

P2P Communication

Internet → Sentries (P2P Port 30303) → Validators (Internal)

Using This Template

Copy this template to create a new diagram
Use Azure icons from assets/azure-icons/svg/
Customize the diagram for your specific network topology
Add network security group rules
Include IP address ranges
Export to SVG, PNG, or PDF
Include in documentation

Icon References

Virtual Network: Icon-service-virtual-network-Azure.svg
Network Security Group: Icon-service-network-security-group-Azure.svg
Application Gateway: Icon-service-application-gateway-Azure.svg
Load Balancer: Icon-service-load-balancer-Azure.svg

See assets/azure-icons/metadata/icon-mapping.json for complete icon mapping.

7.7 KiB Raw Blame History