vlans
The infrastructure includes various networks segmented by VLANs, each designated for specific purposes such as databases, services, and platform environments. The network design is optimized for security, scalability, and ease of management using VLANs and domain segregation.
Table of Contents
Architecture Overview
The c0 Private Datacenter operates on a segmented network using VLANs for better traffic management and security isolation.
Each VLAN is associated with a specific function, whether it's related to databases, services, or platforms.
Traffic routing between VLANs is handled by a central Unifi 24-Port Switch, which interfaces with a router for external access.
Net Bird Connectors are used to ensure secure communication within the network and with external services, while Cloudflare tunnels are used for secure public access where necessary.
| VLAN | Network | Domain | Additional Domains |
|---|---|---|---|
| VLAN 10 | db_prod | db.c0.spakl | db.c0.spakl.io |
| VLAN 20 | db_test | test.db.c0.spakl | |
| VLAN 30 | spaklsvc_prod | svc.c0.spakl | svc.c0.spakl.io |
| VLAN 40 | spaklsvc_test | test.svc.c0.spakl | |
| VLAN 50 | spaklsvc_dev | dev.test.svc.c0.spakl | |
| VLAN 60 | platform_prod | pltfrm.c0.spakl | pltfrm.c0.spakl.io |
| VLAN 70 | platform_test | test.pltfrm.c0.spakl | test.pltfrm.c0.spakl.io |
| VLAN 99 | DMZ |
Network and Domain Description
Each VLAN is assigned a set of services and domains. The network design is modular, with services grouped into environments like production, testing, and development. Each environment has its own domain setup, facilitating easier management and secure access. The table below provides a description of each VLAN and its associated network.
VLAN Breakdown
db_prod (VLAN 10)
- Description: Production database network for critical data services.
- Domain:
db.c0.spakldb.c0.spakl.io
- Purpose: Hosts the production database and related services.
db_test (VLAN 20)
- Description: Test database network for development and staging environments.
- Domain:
test.db.c0.spakl
- Purpose: Hosts the testing and staging databases.
spaklsvc_prod (VLAN 30)
- Description: Production environment for Spakl services.
- Domain:
svc.c0.spaklsvc.c0.spakl.io
- Purpose: Manages production Spakl services and associated resources.
spaklsvc_test (VLAN 40)
- Description: Testing environment for Spakl services.
- Domain:
test.svc.c0.spakl
- Purpose: Manages testing Spakl services, providing a sandbox for new features.
spaklsvc_dev (VLAN 50)
- Description: Development environment for Spakl services.
- Domain:
dev.test.svc.c0.spakl
- Purpose: Provides a dedicated network for developing Spakl services.
platform_prod (VLAN 60)
- Description: Production environment for platform services.
- Domain:
pltfrm.c0.spaklpltfrm.c0.spakl.io
- Purpose: Hosts production platform services accessible by end-users.
platform_test (VLAN 70)
- Description: Testing environment for platform services.
- Domain:
test.pltfrm.c0.spakltest.pltfrm.c0.spakl.io
- Purpose: Provides an isolated testing environment for platform services.
DMZ (VLAN 99)
- Description: DMZ network for managing external access through Cloudflare tunnels.
- Purpose: Manages external traffic to services that require public access, secured via Cloudflare tunnels.