diff --git a/docs/v1-redeploy-changelog.md b/docs/v1-redeploy-changelog.md index d75e50e..656ef67 100644 --- a/docs/v1-redeploy-changelog.md +++ b/docs/v1-redeploy-changelog.md @@ -658,5 +658,41 @@ discovery (select(.cidr=="10.12.4.0/22")), exactly as scripts/phase-04-network-verify.sh does; cross-ref the verify script from the do-doc's CHECK block. Not yet applied to the do-doc. +### Phase-04 EXECUTED -- network carve COMPLETE (2026-06-27) +Step 4.1 create block ran clean (do-doc idempotent `( set -e )`, with the DOCFIX-047 +CIDR-discovery correction for the gateway; the `[ GW = 10.12.4.1 ]` gate retained as belt+braces): + network provider-ext = bb386c86-d646-4c71-b6b7-550f5c691bfb (created + tagged role=provider) + subnet provider-ext-fip = 544afa6a-b0cf-486b-89be-2b8e36983072 (created + tagged) + (object IDs regenerate per deploy; the do-doc's As-built IDs are dead post-teardown, not a discrepancy.) +CONFIRM: provider-ext external=true type=flat physnet=physnet1 shared=false; + provider-ext-fip cidr=10.12.4.0/22 gateway=10.12.4.1 enable_dhcp=false + allocation_pools=[{start:10.12.5.0,end:10.12.7.254}] tags=[role=provider, netbox-iprange=10.12.5.0-10.12.7.254]. +phase-04-network-verify.sh POST gate: PASS -- EXIT GATE met (all network+subnet assertions green; + fip-pool-match=true). Live allocation_pools came back as the list-of-OBJECTS shape -- the real + client emits {start,end} objects; the harness string-shape case is confirmed safety-margin only. + PRE re-run also PASS (provider subnet by CIDR id=1 this deploy; gateway pinned; FIP reserved). +PHASE-04 EXIT GATE MET. FIP allocation + tenant router gateways now possible (needed by phase-06 +mgmt-VM FIP; phase-08 cluster FIPs + LB validation). + +DOCFIX-047 CONFIRMED LIVE: provider resolved to subnet id=1 THIS deploy, so the do-doc's +`subnet read 1` would have worked by luck -- but CIDR discovery is the correct id-independent +pattern (lib-net.sh:9: cutover moved metal-internal 6->10) and ran clean. Do-doc fix still pending +at consolidation. + +DOCFIX-048 -- phase-04 do-doc IPAM reference VIP-reserve width drift. + The do-doc "IPAM carve reference" lists the provider VIP reserve as 10.12.4.2-10.12.4.63 (front- + loaded /26). LIVE MAAS shows the WIDER reserve 10.12.4.2-10.12.4.100 (comment "supersedes + .224-.236") -- the D-052 "VIP reserve ceilings" correction. Both sit entirely in .4.x, OUTSIDE + the FIP pool (10.12.5.0-10.12.7.254) -> no conflict; provider-ext created cleanly. The live + mgmt-plane reserve 10.12.4.101-10.12.4.110 is also present (already in the do-doc As-built note). + FIX (consolidation): update the do-doc IPAM reference VIP-reserve from .2-.63 to .2-.100 to match + live + D-052. Non-blocking. + +NOTE (repo hygiene, operator decision pending): all scripts on origin are committed mode 100644 +(the Windows/GitHub-Desktop path strips +x), so the jumphost must invoke them as `bash scripts/X.sh` +(`./scripts/X.sh` -> Permission denied). Two durable fixes offered: (a) standardize do-docs on +`bash scripts/...`; or (b) one-time `git update-index --chmod=+x scripts/*.sh tests/*/run-tests.sh +tests/*/fakebin/*` from Git Bash + commit (writes 755 into the tree). Not yet actioned. + ### Next-free numbers -Design decision: D-056. Doc fix: DOCFIX-048. +Design decision: D-056. Doc fix: DOCFIX-049.