Refactor RDP proxy handling and update related tests
This commit is contained in:
@@ -88,6 +88,16 @@ Native host process responsible for node identity, enrollment, certificates, hea
|
||||
Service Workload:
|
||||
A workload executed on a node. It may be native or containerized. Examples: `rdp-worker`, `vnc-worker`, `entry-node`, `relay-node`, `file-storage-cache`.
|
||||
|
||||
Public/Admin HTTPS Ingress:
|
||||
A service-edge role that listens on TCP `80`/`443` for browser/API HTTPS and
|
||||
forwards accepted requests into the QUIC-only fabric service channel. It is not
|
||||
an authority service and does not imply permission to manage the cluster.
|
||||
|
||||
Admin UI Runtime:
|
||||
A scoped admin service runtime. Global admin runtime may run only on
|
||||
platform-owner trusted nodes; cluster, organization, and user portal runtimes
|
||||
receive only their scoped projections.
|
||||
|
||||
Capability:
|
||||
What a node can technically do. Example: `can_run_rdp_worker`.
|
||||
|
||||
@@ -162,6 +172,13 @@ policy, approvals, and audit.
|
||||
20. Node-agent is the local supervisor for health, restart, update, and rollback
|
||||
of node services, but Control Plane owns rollout policy and durable schema
|
||||
migration orchestration.
|
||||
21. HTTP/HTTPS is an external service edge only. Fabric node-to-node transport
|
||||
remains QUIC-only.
|
||||
22. A node that accepts `443` does not own management authority. Admin authority
|
||||
belongs to signed roles, scoped claims, policy, and trusted runtime nodes.
|
||||
23. Global admin runtime, policy authority, and audit sink must run only on
|
||||
platform-owner controlled nodes. Organization and cluster portals must not
|
||||
expose unrelated tenants, clusters, or internal mesh topology.
|
||||
|
||||
## Existing Node Management Semantics
|
||||
|
||||
|
||||
Reference in New Issue
Block a user