centra
4ab47b1726
Add tenant-scoped PrismNET routing, security-group, port, and service-IP APIs plus a deployer reconciler and Nix module that apply declarative tenant network state. Teach PlasmaVMC to realize PrismNET NICs as a concrete local worker dataplane with Linux bridges, dnsmasq-backed DHCP, tap devices, richer network metadata, stable managed-volume IDs, and file:// image imports. Expand the VM cluster validation around the new path, including the guest webapp demo, restart and cross-node migration checks, IAM listener reservation hardening, and a flake workspace-source-root audit so Nix builds keep path dependencies complete.
10 lines
347 B
Nix
10 lines
347 B
Nix
{ lib, ... }:
|
|
|
|
{
|
|
boot.kernel.sysctl = {
|
|
# PhotonCloud control-plane services bind within this band. Reserve it from the
|
|
# ephemeral allocator so outbound peer/backend connections cannot steal a service
|
|
# port during boot and block the later listener bind.
|
|
"net.ipv4.ip_local_reserved_ports" = lib.mkDefault "50051-50090";
|
|
};
|
|
}
|