coulomb/railiance-cluster
2
0
Fork 0
Code Issues Pull Requests Actions 2 Projects Releases Wiki Activity

docs: add SCOPE.md for rapid orientation

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Bernd Worsch
2026-03-17 23:11:38 +01:00
parent 4e1a90032b
commit 2acc06f466
1 changed files with 101 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
SCOPE.md Normal file
View File

@@ -0,0 +1,101 @@
# SCOPE
> This file helps you quickly understand what this repository is about,
> when it is relevant, and when it is not.
> It is intentionally lightweight and may be incomplete.
---
## One-liner
S2 Cluster Runtime layer of the Railiance OAS Stack — owns k3s installation, Helm, ingress, CNI, admission controllers, operators, and kubeconfig management.
---
## Core Idea
Railiance is structured as five independent repos per OAS Stack layer. This repo is S2. It installs and configures the Kubernetes cluster runtime: k3s, Helm, ingress controller, CNI plugin, cluster addons and operators. S1 (OS) must be converged before S2 can run. S2 explicitly does not own platform services (PostgreSQL, caches) — those are S3.
---
## In Scope
- k3s installation and baseline configuration
- Helm chart management
- Ingress controller, CNI plugin
- Admission controllers and cluster operators
- Cluster addons (cert-manager, etc.)
- kubeconfig management and access
- Smoke tests to validate cluster health
---
## Out of Scope (per ADR-003)
- OS security hardening, SSH, firewall → railiance-infra (S1)
- Platform services (PostgreSQL HA, Valkey, object storage) → railiance-platform (S3)
- CI/CD and developer tooling → railiance-enablement (S4)
- Application deployments → railiance-apps (S5)
- No re-configuration of S1 concerns from this repo
---
## Relevant When
- Setting up or maintaining the Kubernetes cluster runtime
- Installing or updating cluster-level operators and addons
- Diagnosing cluster health (smoke tests)
- k3s upgrades or kubeconfig rotation
---
## Not Relevant When
- OS-level work (use railiance-infra)
- Platform service configuration (use railiance-platform)
- Application deployments (use railiance-apps)
---
## Current State
- Status: active / mostly complete
- Implementation: k3s baseline complete (RAIL-BS-WP-0002); active bug fixes (RAIL-BS-WP-0003 pgpool HA failover); safety net tooling in progress (RAIL-BS-WP-0004)
- Stability: high for k3s baseline; active improvements ongoing
- Usage: core Kubernetes runtime for all Railiance deployments; runs on HostEurope server
---
## How It Fits
- Upstream dependencies: railiance-infra (S1) — OS must be converged and verified
- Downstream consumers: railiance-platform (S3), railiance-enablement (S4), railiance-apps (S5)
- Often used with: railiance-platform (next layer to configure after cluster is up)
---
## Terminology
- Preferred terms: OAS Stack Level S2, smoke test, pre-condition chain, boundary rule
- Potentially confusing terms: cluster runtime ≠ platform services; Gitea and databases are NOT S2 concerns
---
## Related / Overlapping Repositories
- `railiance-infra` (S1) — must be converged before this layer runs
- `railiance-platform` (S3) — consumes the cluster runtime provided by S2
---
## Getting Oriented
- Start with: `CLAUDE.md` (session protocol, remote execution via SSH tunnel), `README.md`
- Key files / directories: `workplans/` (4 active), `.sops.yaml` (secret encryption)
- Entry points: `Makefile` targets; remote work requires SSH tunnel to State Hub
---
## Notes
Designed for remote execution from HostEurope (92.205.130.254). Requires SSH reverse tunnel: `ssh -R 8000:127.0.0.1:8000 <user>@remote`.