https://deevnet.github.io/deevnet-docs/docs/architecture/Recent content in 🏗️ Architecture on Deevnet Infrastructure PlatformHugoen-ushttps://deevnet.github.io/deevnet-docs/docs/architecture/builder/Mon, 01 Jan 0001 00:00:00 +0000https://deevnet.github.io/deevnet-docs/docs/architecture/builder/<h1 id="builder"> Builder <a class="anchor" href="#builder">#</a> </h1> <h2 id="purpose"> Purpose <a class="anchor" href="#purpose">#</a> </h2> <p>The <strong>builder</strong> is responsible for provisioning and configuring all substrate infrastructure.</p> <p>Every Deevnet Infrastructure Platform site needs a way to be created from scratch:</p> <blockquote> <p><em>How do you provision infrastructure when no infrastructure exists yet?</em></p> </blockquote> <p>The builder answers this by providing:</p> <ul> <li>A self-contained provisioning role</li> <li>All artifacts needed for deployment</li> <li>Automation to configure every substrate component</li> <li>Authority transition from bootstrap to production</li> </ul> <hr> <h2 id="design-principles"> Design Principles <a class="anchor" href="#design-principles">#</a> </h2> <p><strong>Self-Contained</strong> — The builder carries everything needed to stand up a substrate: IaC/CaC definitions, OS images, network boot infrastructure, and Git repositories.</p>https://deevnet.github.io/deevnet-docs/docs/architecture/network-segmentation/Mon, 01 Jan 0001 00:00:00 +0000https://deevnet.github.io/deevnet-docs/docs/architecture/network-segmentation/<h1 id="network-segmentation"> Network Segmentation <a class="anchor" href="#network-segmentation">#</a> </h1> <p>Defines the network segmentation model for Deevnet sites.</p> <hr> <h2 id="purpose"> Purpose <a class="anchor" href="#purpose">#</a> </h2> <p>Network segmentation divides each substrate into isolated broadcast domains with controlled routing between them. This provides:</p> <ul> <li><strong>Security boundaries</strong> — Limit blast radius when devices are compromised</li> <li><strong>Traffic isolation</strong> — Separate management, storage, and workload traffic</li> <li><strong>Operational clarity</strong> — Each segment has a defined purpose and trust level</li> </ul> <hr> <h2 id="segment-model"> Segment Model <a class="anchor" href="#segment-model">#</a> </h2> <p>Each substrate implements nine segment types:</p>https://deevnet.github.io/deevnet-docs/docs/architecture/addressing/Mon, 01 Jan 0001 00:00:00 +0000https://deevnet.github.io/deevnet-docs/docs/architecture/addressing/<h1 id="addressing"> Addressing <a class="anchor" href="#addressing">#</a> </h1> <p>Defines the IP addressing convention for Deevnet sites.</p> <hr> <h2 id="addressing-convention"> Addressing Convention <a class="anchor" href="#addressing-convention">#</a> </h2> <p>Each site is assigned a /16 block from the 10.0.0.0/8 RFC1918 space:</p> <table> <thead> <tr> <th>Site</th> <th>Address Block</th> </tr> </thead> <tbody> <tr> <td><strong>dvnt</strong></td> <td>10.10.0.0/16</td> </tr> <tr> <td><strong>dvntm</strong></td> <td>10.20.0.0/16</td> </tr> </tbody> </table> <p>The addressing pattern is: <code>10.{site_id}.{vlan_id}.0/24</code></p> <ul> <li>The second octet identifies the site</li> <li>The third octet matches the VLAN ID for that segment</li> <li>Each segment subnet is a /24 within the site&rsquo;s /16</li> </ul> <p>This creates a predictable, self-documenting address scheme where any IP immediately reveals which site and segment it belongs to.</p>