HOWTO: Run the Authoritative On-Prem Foundation

Purpose: Execute the full on-prem foundation blueprint in the correct dependency order and validate each layer before proceeding.

Difficulty: Advanced

Track: IPAM-Driven Infrastructure

---

Overview

Runs onprem/authoritative-foundation@v1. Layer gate order: SDN reaches state ok before IPAM seeds; NetBox must be API-reachable and populated before the control node deploys. A partial run leaves the blueprint in progress: rerunning picks up from the last failed layer.

---

1. Blueprint Overview

• Blueprint ID: blueprints/onprem/authoritative-foundation.
• Layers: SDN configuration, IPAM seeding, NetBox deployment, control node.
• Dependency graph and layer gate conditions.

2. Prerequisites

• Proxmox host with VLAN-aware bridge configured.
• Management network reachable from the operator workstation.
• Secrets manager with bootstrap credentials populated.

3. Layer 1: SDN Configuration

• Module: core/onprem/network-sdn.
• What it configures and what validation it produces.
• Gate condition for proceeding to IPAM seeding.

4. Layer 2: IPAM Seeding

• VLAN and prefix data seeding into the NetBox data model.
• How IPAM seed data is sourced from the platform configuration.
• Validation: prefix coverage complete, no conflicts.

5. Layer 3: NetBox Deployment

• Module: platform/onprem/bootstrap-netbox.
• Post-deployment validation: API reachable, data seeded.
• Gate condition for control node bootstrap.

6. Layer 4: Control Node Bootstrap

• Module: platform/onprem/control-node.
• Validation: HybridOps CLI, Ansible, Nornir, and Jenkins operational.

7. Blueprint Run Record

• Navigating the top-level blueprint record and its sub-run records.
• Cross-layer run-record references.
• Resuming a partial blueprint run after a failure.

---

References

• HOWTO: Deploy NetBox Authoritative
• HOWTO: Provision Control Node
• HOWTO: Allocate IPs from NetBox

---

License: MIT-0 for code, CC-BY-4.0 for documentation unless otherwise stated.