Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

PlantUML Macro
@startuml

actor users as "Internet Users" #Pink#White

rectangle cloud_flare as "Cloudflare (tenzin.io)" {

    card internet_dns_names #PaleGreen [
        confluence.tenzin.io
        repo.tenzin.io
        vs.tenzin.io
        radio.tenzin.io
        vault.tenzin.io
    ]
    card firewall_dns_name as "firewall.tenzin.io" #PaleGreen

    database tenzin_io_dns as "tenzin.io"  #PaleGreen
    tenzin_io_dns .. internet_dns_names
    tenzin_io_dns .. firewall_dns_name

}

users --> tenzin_io_dns

rectangle github as "GitHub (tenzin.io)" {
    database github_repo as "GitHub Repos" #violet
    database actions_runner as "GitHub Actions" #violet
    github_repo --> actions_runner
}

rectangle oracle_cloud as "Oracle Cloud Infra (tenzin)" {
    node oci_squid as "oci-squid" #AliceBlue
    node frontend_1 as "frontend-1" #AliceBlue
    node runner_1 as "runner-1" #AliceBlue
    node runner_2 as "runner-2" #AliceBlue
    actions_runner --> runner_1
    actions_runner --> runner_2
}

internet_dns_names --> frontend_1

rectangle home_lab as "Home Lab" #AliceBlue {
    actor home_user as "Home Users" #AliceBlue
    rectangle pfsense as "pfSense Firewall" {
        node firewall as "firewall UI" #Pink
        firewall_dns_name ---> firewall
        database tenzin_io_dns_home as "tenzin.io" #AliceBlue

        rectangle home_dns_names #AliceBlue [
            confluence.tenzin.io
            repo.tenzin.io
            vs.tenzin.io
            radio.tenzin.io
            vault.tenzin.io
        ]

        card home_firewall_dns_name as "firewall.tenzin.io" #AliceBlue
        firewall <-- home_firewall_dns_name
        home_dns_names .. tenzin_io_dns_home
        home_firewall_dns_name .. tenzin_io_dns_home
        
    } 
    rectangle vsphere_2 as "vSphere Host" {
        port vsphere_ui as "vSphere UI"
        node confluence as "confluence-1" #AliceBlue
        node repo as "repo-1" #AliceBlue
        node vault as "vault-1" #AliceBlue
        node backend_1 as "backend-1" #AliceBlue

        backend_1 <-- home_dns_names


        vaultbackend_1 --> vault
        backend_1 --> repo
        repobackend_1 --> backend_1confluence
        confluencebackend_1 --> backendvsphere_1ui

    }

    home_user -> tenzin_io_dns_home
}

cloud tailscale_net as "Tailscale Network" #AliceBlue

frontend_1 --> tailscale_net
oci_squid -- tailscale_net

backendtailscale_1net <--> tailscalebackend_net1

legend right
| Color | Type |
|<#AliceBlue>| Home lab|
|<#Pink>| Firewall |
|<#violet>| GitHub|
|<#PaleGreen>| Cloudflare |
endlegend

@enduml

Notes

  • The frontend-1 node has a side-car container that updates the DNS record in Cloudflare for frontend.tenzin.io every 1 hour with its public IP address found via http://checkip.amazonaws.com service.
    • The repo.tenzin.io  and confluence, confluence.tenzin.io, vault.tenzin.io  are CNAMEs to the frontend.tenzin.io  DNS record.
  • The frontend-1 node sends all request to the backend node which will then process the given server_name field-1 node via the Tailscale network.  The backend-1 node process the forwarded server_name field and send it to the correct machine.
  • The firewall node has a dynamic DNS client that will update the firewall.tenzin.io DNS record with my home lab's Internet IP address.
  • The squid node in Oracle Cloud is essential in troubleshooting the Internet HTTP request path versus the internal home lab HTTP request path.

...