Federation E2E test deployment infrastructure (mos-test-1/-2) #482

Open
opened 2026-04-22 01:07:38 +00:00 by jason.woltje · 0 comments
Owner

Goal

Stand up two federated-tier gateways at mos-test-1.woltje.com and mos-test-2.woltje.com running the M1 baseline (gateway:fed-v0.1.0-m1) on the existing Docker Swarm host (10.1.1.43, w-docker0). These are the test bed for FED-M2 enrollment and the FED-M3 federation E2E harness.

Environment (verified)

  • Docker Swarm (single node docker0); Portainer at https://10.1.1.43:9443
  • Traefik v3.6, traefik-public overlay network, letsencrypt cert resolver via Cloudflare DNS-01
  • Wildcard cert for *.woltje.com already issued; *.woltje.com → 174.137.97.162 A record exists
  • No DNS or cert work needed for the test subdomains

Scope (per docs/federation/TASKS.md — FED-M2-DEPLOY-01..05)

  • DEPLOY-01: Verify gateway:fed-v0.1.0-m1 image was published to gitea registry
  • DEPLOY-02: Author deploy/portainer/federated-test.stack.yml (Swarm compose: gateway + PG-pgvector + Valkey, Traefik labels, env-driven for per-host overrides)
  • DEPLOY-03: Deploy mosaic-test-1 stack to mos-test-1.woltje.com via Portainer wrapper; verify M1 acceptance
  • DEPLOY-04: Deploy mosaic-test-2 stack to mos-test-2.woltje.com; same M1 acceptance probes
  • DEPLOY-05: docs/federation/TEST-INFRA.md documenting hosts, secrets sourcing, redeploy/teardown

Dependencies

  • Mosaic Portainer wrapper PR (PORTAINER_INSECURE flag) merged before DEPLOY-03

Acceptance

  • Both hosts boot in federated tier
  • mosaic gateway doctor --json returns green on both
  • pgvector vector(3) round-trip works on both
  • Each gateway is independently reachable on its own subdomain

Out of scope

  • No federation logic exercised (M2 enrollment + M3 traffic deferred)
  • These are TEST hosts, not production; PRD AC-12 production targets (woltje.comuscllc.com) are separate work

Refs: PRD acceptance test bed for M2/M3+

## Goal Stand up two federated-tier gateways at `mos-test-1.woltje.com` and `mos-test-2.woltje.com` running the M1 baseline (`gateway:fed-v0.1.0-m1`) on the existing Docker Swarm host (10.1.1.43, w-docker0). These are the test bed for FED-M2 enrollment and the FED-M3 federation E2E harness. ## Environment (verified) - Docker Swarm (single node `docker0`); Portainer at `https://10.1.1.43:9443` - Traefik v3.6, `traefik-public` overlay network, `letsencrypt` cert resolver via Cloudflare DNS-01 - Wildcard cert for `*.woltje.com` already issued; `*.woltje.com → 174.137.97.162` A record exists - No DNS or cert work needed for the test subdomains ## Scope (per `docs/federation/TASKS.md` — FED-M2-DEPLOY-01..05) - DEPLOY-01: Verify `gateway:fed-v0.1.0-m1` image was published to gitea registry - DEPLOY-02: Author `deploy/portainer/federated-test.stack.yml` (Swarm compose: gateway + PG-pgvector + Valkey, Traefik labels, env-driven for per-host overrides) - DEPLOY-03: Deploy `mosaic-test-1` stack to mos-test-1.woltje.com via Portainer wrapper; verify M1 acceptance - DEPLOY-04: Deploy `mosaic-test-2` stack to mos-test-2.woltje.com; same M1 acceptance probes - DEPLOY-05: `docs/federation/TEST-INFRA.md` documenting hosts, secrets sourcing, redeploy/teardown ## Dependencies - Mosaic Portainer wrapper PR (PORTAINER_INSECURE flag) merged before DEPLOY-03 ## Acceptance - Both hosts boot in `federated` tier - `mosaic gateway doctor --json` returns green on both - pgvector `vector(3)` round-trip works on both - Each gateway is independently reachable on its own subdomain ## Out of scope - No federation logic exercised (M2 enrollment + M3 traffic deferred) - These are TEST hosts, not production; PRD AC-12 production targets (`woltje.com` ↔ `uscllc.com`) are separate work Refs: PRD acceptance test bed for M2/M3+
Sign in to join this conversation.
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#482