Deployment Overview¶
The Toyota TMNA POC deployment follows a four-phase approach: first deploying the Palette Management Appliance as a VM, then imaging and registering the 3 bare-metal nodes to form a Kubernetes cluster.
Deployment Phases¶
graph LR
P1["Phase 1<br/>Palette Appliance"] --> P2["Phase 2<br/>Bare Metal Nodes"]
P2 --> P3["Phase 3<br/>Cluster Deploy"]
P3 --> P4["Phase 4<br/>Workload Testing"]
style P1 fill:#1F7A78,color:#fff
style P2 fill:#005B5B,color:#fff
style P3 fill:#043736,color:#fff
style P4 fill:#9EB277,color:#fffPhase 1: Palette Management Appliance¶
Deploy the self-hosted Palette management plane as a VM on existing infrastructure.
- Download Palette ISO and content bundles from Artifact Studio
- Transfer to air-gapped environment
- Install PMA on a VM (10 vCPU, 20GB RAM, 300GB + 500GB disks)
- Configure networking, create tenant, upload content bundles
See Palette Management Appliance for detailed steps.
Phase 2: Bare Metal Node Imaging¶
Build and deploy the production appliance mode ISO to all 3 bare-metal nodes.
- Build production ISO with CanvOS (drive wipe, LACP network, Legacy boot)
- Create per-node site-user-data ISOs with unique hostnames and IPs
- Image nodes via IPMI virtual media mount
- Nodes auto-register with Palette after boot
See Bare Metal Nodes for the imaging process.
Phase 3: Cluster Deployment¶
Create and deploy the 3-node Kubernetes cluster through Palette.
- Create cluster profiles (infrastructure + add-on packs)
- Deploy cluster with Portworx, Cilium, VMO, VMA, Prometheus
- Validate cluster health, storage pools, and networking
Phase 4: Workload Testing¶
Deploy IVS applications and validate POC success criteria.
- Deploy 3 IVS sample jobs
- Test Portworx failover, live migration, and persistence
- Validate Azure DevOps CI/CD integration
- Demonstrate OS upgrade via A/B partitions
Prerequisites¶
Infrastructure Requirements¶
| Requirement | Specification | Status |
|---|---|---|
| Palette VM | 10 vCPU, 20GB RAM, 300GB OS + 500GB storage | Provisioned |
| Palette VIP | 10.25.232.155 (same subnet as VM) | Allocated |
| Bare Metal Nodes | 3x NX-8150-G7 (Supermicro), decommissioned | Ready |
| Node IPs | 10.25.233.4, .5, .6 on VLAN 111 | Assigned |
| IPMI Access | Virtual media mount capability on all 3 nodes | Available |
| DNS Server | 10.213.129.245 | Confirmed |
| NTP Server | 10.53.12.18 / ntp.services.glb.toyota.com | Confirmed |
| Gateway | 10.25.233.254 | Confirmed |
| Firewall | RFC approved, ports opened | Approved 4/21 |
Software Artifacts¶
All software is downloaded from Artifact Studio and transferred to the air-gapped environment:
| Artifact | Size | Source |
|---|---|---|
| Palette Management Appliance ISO | ~22 GB | Artifact Studio v4.8.51 |
| Content Bundles (.zst) | ~9 files, varies | Artifact Studio |
| Production Install ISO | ~1.8 GB | CanvOS build (v4.8.8) |
| Site User Data ISOs | ~1 MB each | Custom build per node |
See Content Bundles for the complete pack list and upload process.
Network Requirements¶
All traffic flows on VLAN 111 (10.25.233.0/24). See the Port Matrix for complete port requirements.
Key connectivity paths:
- Bare metal nodes --> Palette Appliance on TCP 443 (agent heartbeat) and TCP 30003 (image pull)
- Palette Appliance --> Bare metal nodes on TCP 6443 (K8s API management)
- Inter-node: TCP 2379-2380 (etcd), TCP 10250 (kubelet), TCP 6443 (K8s API), TCP/UDP 9001-9022 (Portworx)
Credentials¶
| System | Username | Password | Notes |
|---|---|---|---|
| Node OS | kairos |
kairos |
Default appliance mode credentials |
| Edge Host Token | -- | OTVhZDVlMzc5NDI0YzVlYjgyYjg1YjQzNDg4NGQwZjc= |
Registration token |
| Palette Endpoint | -- | 10.25.232.155 |
PMA VIP address |
| Artifact Studio | spectro |
mV715z##spPSJC |
Download ISOs and bundles |
Change Default Passwords
The Palette system console default password (admin/admin) must be changed immediately after first login. Node credentials should be updated post-deployment via Palette user-data management.