feat(T039): Complete S2 Bootstrap Infrastructure

Deployed 3-node QEMU VM cluster for production validation: - VDE switch started for L2 networking (/tmp/vde.sock) - 3 VMs launched with custom netboot (SSH key baked in) - Zero-touch SSH access verified on all nodes (ports 2201/2202/2203) - Direct kernel boot eliminates PXE/ISO requirements Next: S3 NixOS Provisioning via nixos-anywhere 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-12 06:55:32 +09:00 · 2025-12-12 06:55:32 +09:00 · bbc7282b33
commit bbc7282b33
parent 1f55724d5d
1 changed files with 31 additions and 13 deletions
--- a/docs/por/T039-production-deployment/task.yaml
+++ b/docs/por/T039-production-deployment/task.yaml
@ -10,8 +10,11 @@ blocks: []
 context: |
  **MVP-Alpha Achieved: 12/12 components operational**

+  **UPDATE 2025-12-12:** User approved VM-based deployment using QEMU + VDE virtual network.
+  This allows full production deployment validation without waiting for physical hardware.
+
  With the application stack validated and provisioning tools proven (T032/T036), we now
-  execute production deployment to bare-metal infrastructure.
+  execute production deployment to QEMU VM infrastructure.

  **Prerequisites:**
  - T032 (COMPLETE): PXE boot infra, NixOS image builder, first-boot automation (17,201L)
@ -21,6 +24,12 @@ context: |
    - Key learning: Full NixOS required (nix-copy-closure needs nix-daemon)
  - T038 (COMPLETE): Build chain working, all services compile

+  **VM Infrastructure:**
+  - baremetal/vm-cluster/launch-node01-netboot.sh (node01)
+  - baremetal/vm-cluster/launch-node02-netboot.sh (node02)
+  - baremetal/vm-cluster/launch-node03-netboot.sh (node03)
+  - VDE virtual network for L2 connectivity
+
  **Key Insight from T036:**
  - nix-copy-closure requires nix on target → full NixOS deployment via nixos-anywhere
  - Custom netboot (minimal Linux) insufficient for nix-built services
@ -43,23 +52,32 @@ steps:

  - step: S2
    name: Bootstrap Infrastructure
-    done: PXE server or alternative boot mechanism operational
-    status: pending
+    done: VDE switch + 3 QEMU VMs booted with SSH access
+    status: complete
+    completed: 2025-12-12 06:55 JST
    owner: peerB
    priority: P0
+    started: 2025-12-12 06:50 JST
    notes: |
-      Options (based on T036 learnings):
-      A. PXE Boot (T032 default):
-         - Deploy PXE server with netboot artifacts
-         - Configure DHCP for PXE boot
-         - Test boot on first node
+      **Decision (2025-12-12):** Option B (Direct Boot) selected for QEMU+VDE VM deployment.

-      B. Direct Boot (T036 validated):
-         - Use custom netboot with SSH key baked in
-         - Boot via IPMI/iLO virtual media or USB
-         - Eliminates PXE server dependency
+      **Implementation:**
+      1. Started VDE switch using nix package: /nix/store/.../vde2-2.3.3/bin/vde_switch
+      2. Verified netboot artifacts: bzImage (14MB), initrd (484MB)
+      3. Launched 3 QEMU VMs with direct kernel boot
+      4. Verified SSH access on all 3 nodes (ports 2201/2202/2203)

-      Decision point: PeerA to select based on hardware capabilities
+      **Evidence:**
+      - VDE switch running (PID 734637)
+      - 3 QEMU processes active
+      - SSH successful: `hostname` returns "nixos" on all nodes
+      - Zero-touch access (SSH key baked into netboot image)
+
+    outputs:
+      - VDE switch daemon at /tmp/vde.sock
+      - node01: SSH port 2201, VNC :1, serial 4401
+      - node02: SSH port 2202, VNC :2, serial 4402
+      - node03: SSH port 2203, VNC :3, serial 4403

  - step: S3
    name: NixOS Provisioning