In the beginning God created heaven and earth...
Assumptions
-
We expect the home networks subnet is already set to
10.2.2.0/16. -
Router R-NT-02 (MikroTik hEX refresh) is reseted since we use Terraform to initialise it.
-
We assume the existence of an upstream DNS being 1.1.1.1 until the internal Lab DNS (Pi-hole/AdGuard) is deployed.
The Recipe
1. Router and Network
follow Initialisation and Bootstrap Sequence
2. Layer 0 Hosts
Proxmox Setup
-
Get the latest image of proxmox virtual environment from proxmox.com
-
Burn it into a USB or drop the iso into a usb with Ventoy.
-
Go through the installations process as usual once setup add the following to
/etc/network/interfaces
Make sure to change the Subnet ID, IP and Gatway IP.
auto lo
iface lo inet loopback
auto nic0
iface nic0 inet manual
auto vmbr0
iface vmbr0 inet manual
bridge-ports nic0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
auto vmbr0.<SUBNET>
iface vmbr0.<SUBNET> inet static
address <IP>
gateway <GATEWAY IP>
This makes the nic vlan aware.
TODO: add the setup for Ansible bit and run the runbooks.
TODO: add the teraform instalation bit or add that in ansable
Out Expectation
-
After initialising 4 subnets are created landing zone, prod net, core net, and test net all on the R-NT-02 (MikroTik hEX refresh) router.
-
All devices with no VLAN number is dropped into "Landing Zone" by default.
-
We can follow (/network)[/infra/network/] for allocation the correct IP / subnet / Gateway...
-
RULE: we expect all traffic from core to the other subnets to be allowed.
-
RULE:
-
22ssh access for all hosts (unless specified). -
Proxmox hosts to be available via http on port
8006.