A cloud realm, for aerial sailors.
(https://en.wikipedia.org/wiki/Magonia)
0d9ad1921e
Some checks failed
ci.yaml / docs(global): :memo: update README.md (push) Failing after 0s
add section to describe build process and mise command |
||
|---|---|---|
| .devcontainer | ||
| .forgejo/workflows | ||
| .vscode | ||
| assets | ||
| mgn_devcontainers | ||
| stemcells | ||
| tools | ||
| .committed.conf | ||
| .editorconfig | ||
| .gitignore | ||
| .hadolint.yaml | ||
| .prettierrc.yaml | ||
| lefthook.yaml | ||
| mise.toml | ||
| pants.toml | ||
| README.md | ||
| trivy.yaml | ||
Magonia
This is the main repo of the magonia project. The end goal is to propose 2 things
- A immutable lightweight and customisable private cloud plateform.
- a cli tool to bootstrap and interact with the plateform
This project is still a work in progress, and not ready for production
Plateform architecture
Magonia is architectured arround 3 node :
- access nodes : running panglin, its the entrypoint for customers. It need to be on a public net, in the cloud or on premise.
- Compute node: running incus, it run all workload, in vm or in LXC/OCI containers. its configured by default with a and a ssh bastion VM and a OIDC vm, with a web UI. It can be located on any private networt that can reach internet
- a storage node. It can be located on any private networt that can reach internet
Here is a simple diagram
Stemcells
Node and vm in magonia deployed using preconfigured system image derivated from fedora-bootc, called "stemcells". For more information, check the stemcells directory readme
Mgn-cli
This plateform will have a CLI tool toautomat vaious operation such as
- Initial deployment of core the plateform components
- Deployment of addon services ( forge, monitoring, vaut , etc)
- deployment of a CaaS offering with virtual k8s clusters
- and a lot of cool stuff !
Th cli will be written in go. More info on the 'tools' readme !
Production workflow
To product artifact, i use mise-en-place and pantsbuild. The global logic is the following
- pantsbuild is the main build engine. Its the only one buidling and publishing main artifact, its also used for formatting,lint and test wherever its posible.
- Mise-en-place handle thing around pantsbuild, such has env variable and dev tools. Mise tasks are used to run pants command, and do what i cant do with pants ( automatic versioning and changelog generation, for example).
mise task list
see below to see available task for subproject
stemcells
- mise //stemcells:fmt -- format the code
- mise //stemcells:lint -- lint the code
- mise //stemcells:build -- build OCI images
- mise //stemcells:test -- run CST test on builded artifact
- mise //stemcells:scan -- generate SBOMs and produce CVE report
- mise //stemcells:bump -- bump version tag
Roadmap
Here is the roadmap with my progress so far
Stemcell
- stemcell for access node without pangolin compatible with hetzner provider
- confirm compatibility between pangolin and stemcell setup
- stemcell for compute node with incus deploed on prem, conected to pangolin
- stemcell for compute node VM
- core stemcell with base config
- create a storage stemcell
- integrate CI process
Mgn-cli
- add a templating fonction to generate conf files
- Find how to integrate IaC tools in the cli ( terraform or Pulumi)
- add fuction to interact with incus API
- integrate CI process
miscellaneous
- Find the best way to povision pangolin default automatically
- Find the best way to povision incus default config and bootsrap core service automatically
- define what technologies will be used for the storage stemcell and for what objectives
- find a way to have persistent storage for data and ephermeral storage for config
- find a way to handle disk encryption for node