centra/photoncloud-monorepo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
photoncloud-monorepo/nix/images/netboot-all-in-one.nix
centra 5c6eb04a46 T036: Add VM cluster deployment configs for nixos-anywhere 
- netboot-base.nix with SSH key auth
- Launch scripts for node01/02/03
- Node configuration.nix and disko.nix
- Nix modules for first-boot automation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-11 09:59:19 +09:00

267 lines
7.9 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
{
imports = [
./netboot-base.nix
../modules # Import PlasmaCloud service modules
];
# ============================================================================
# ALL-IN-ONE PROFILE
# ============================================================================
# This profile includes all 8 PlasmaCloud services for a single-node deployment:
# - Chainfire: Distributed configuration and coordination
# - FlareDB: Time-series metrics and events database
# - IAM: Identity and access management
# - PlasmaVMC: Virtual machine control plane
# - NovaNET: Software-defined networking controller
# - FlashDNS: High-performance DNS server
# - FiberLB: Layer 4/7 load balancer
# - LightningStor: Distributed block storage
# - K8sHost: Kubernetes hosting component
#
# This profile is optimized for:
# - Development/testing environments
# - Small deployments (1-3 nodes)
# - Edge locations with limited infrastructure
# - Proof-of-concept installations
#
# Services are DISABLED by default in the netboot image.
# They will be enabled in the final installed system configuration.
# ============================================================================
# ============================================================================
# SERVICE PACKAGE AVAILABILITY
# ============================================================================
# Make all service packages available in the netboot image
environment.systemPackages = with pkgs; [
# Core services
chainfire-server
flaredb-server
iam-server
# Compute and networking
plasmavmc-server
novanet-server
# Network services
flashdns-server
fiberlb-server
# Storage
lightningstor-server
# Container orchestration
k8shost-server
# Additional tools for all-in-one deployment
qemu # For running VMs
libvirt # Virtualization management
bridge-utils # Network bridge configuration
openvswitch # Software-defined networking
];
# ============================================================================
# CHAINFIRE CONFIGURATION (DISABLED)
# ============================================================================
services.chainfire = {
enable = lib.mkDefault false;
port = 2379;
raftPort = 2380;
gossipPort = 2381;
};
# ============================================================================
# FLAREDB CONFIGURATION (DISABLED)
# ============================================================================
services.flaredb = {
enable = lib.mkDefault false;
port = 2479;
raftPort = 2480;
};
# ============================================================================
# IAM CONFIGURATION (DISABLED)
# ============================================================================
services.iam = {
enable = lib.mkDefault false;
port = 8080;
};
# ============================================================================
# PLASMAVMC CONFIGURATION (DISABLED)
# ============================================================================
services.plasmavmc = {
enable = lib.mkDefault false;
port = 8081;
};
# ============================================================================
# NOVANET CONFIGURATION (DISABLED)
# ============================================================================
services.novanet = {
enable = lib.mkDefault false;
port = 8082;
};
# ============================================================================
# FLASHDNS CONFIGURATION (DISABLED)
# ============================================================================
services.flashdns = {
enable = lib.mkDefault false;
port = 53;
};
# ============================================================================
# FIBERLB CONFIGURATION (DISABLED)
# ============================================================================
services.fiberlb = {
enable = lib.mkDefault false;
port = 8083;
};
# ============================================================================
# LIGHTNINGSTOR CONFIGURATION (DISABLED)
# ============================================================================
services.lightningstor = {
enable = lib.mkDefault false;
port = 8084;
};
# ============================================================================
# K8SHOST CONFIGURATION (DISABLED)
# ============================================================================
services.k8shost = {
enable = lib.mkDefault false;
port = 8085;
};
# ============================================================================
# VIRTUALIZATION SUPPORT
# ============================================================================
# Enable KVM virtualization
boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
# Enable nested virtualization
boot.extraModprobeConfig = ''
options kvm_intel nested=1
options kvm_amd nested=1
'';
# ============================================================================
# NETWORKING CONFIGURATION
# ============================================================================
# Enable Open vSwitch for SDN
networking.vswitches = lib.mkDefault {};
# Open firewall ports for all services
networking.firewall.allowedTCPPorts = [
# Chainfire
2379 # API
2380 # Raft
2381 # Gossip
# FlareDB
2479 # API
2480 # Raft
# IAM
8080
# PlasmaVMC
8081
# NovaNET
8082
# FlashDNS
53
# FiberLB
8083
# LightningStor
8084
# K8sHost
8085
# QEMU/LibVirt
16509 # libvirtd
5900 # VNC (for VM console access)
];
networking.firewall.allowedUDPPorts = [
# FlashDNS
53
# Chainfire gossip
2381
# VXLAN for overlay networking
4789
];
# ============================================================================
# STORAGE CONFIGURATION
# ============================================================================
# Enable LVM for flexible storage management
services.lvm.enable = true;
# Enable ZFS if needed
boot.supportedFilesystems = [ "ext4" "xfs" "btrfs" "zfs" ];
# ============================================================================
# RESOURCE LIMITS (BALANCED FOR ALL-IN-ONE)
# ============================================================================
# Balance resources between services on a single node
# These are minimal limits for netboot; adjust in final config based on hardware
systemd.services.chainfire.serviceConfig = lib.mkIf config.services.chainfire.enable {
MemoryMax = "1G";
CPUQuota = "100%";
};
systemd.services.flaredb.serviceConfig = lib.mkIf config.services.flaredb.enable {
MemoryMax = "1G";
CPUQuota = "100%";
};
systemd.services.iam.serviceConfig = lib.mkIf config.services.iam.enable {
MemoryMax = "512M";
CPUQuota = "50%";
};
systemd.services.plasmavmc.serviceConfig = lib.mkIf config.services.plasmavmc.enable {
MemoryMax = "512M";
CPUQuota = "50%";
};
systemd.services.novanet.serviceConfig = lib.mkIf config.services.novanet.enable {
MemoryMax = "512M";
CPUQuota = "50%";
};
# ============================================================================
# PERFORMANCE TUNING
# ============================================================================
# Optimize for mixed workload (services + VMs)
boot.kernel.sysctl = {
# Increase max number of open files
"fs.file-max" = 1000000;
# Increase network buffer sizes
"net.core.rmem_max" = 134217728;
"net.core.wmem_max" = 134217728;
# Enable IP forwarding for VM networking
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
# Optimize for high-performance networking
"net.core.netdev_max_backlog" = 5000;
# Swappiness for server workloads
"vm.swappiness" = 10;
};
}
Reference in a new issue View git blame Copy permalink