| Property |
Value |
| Site |
Home |
| Hypervisor host |
VE-IO-01 |
| Role |
Legacy IO/IO-Event development Docker host — non-functional at audit time (docker.service had been failed since 2026-04-06 due to /var disk-full from unbounded container logs). Was the backend for four reverse-proxy vhosts on VM-SL-21: dev.io.blackreset.com:8478, grafana.io.blackreset.com:3000, splunk.io.blackreset.com:8000, sync.io.blackreset.com:4200. Cleanup on 2026-04-29 reset Docker state to empty (see Incidents → "VM-SL-40 destructive cleanup 2026-04-29"). Pending decision on rebuild vs decommission (P-01). |
| OS |
Debian 12 bookworm (kernel 6.1.0-30) |
| Primary IP |
10.100.100.240 |
| SSH alias |
vm-sl-40 |
| vCPU |
8 (AMD Ryzen 9 9900X passthrough) |
| Memory |
5.5 GiB |
| Storage |
215 GiB on local-zfs (3.6 GiB used post-cleanup) |
| Backup |
PBS VM-image-level. Note: at the time of the 2026-04-29 audit the previous PBS snapshots are the only place the wiped 195 GB of /var/lib/docker (containers/images/volumes) still exists. If the mongo/grafana/sharelatex/jupiterData state needs to be recovered, restore from the most recent pre-2026-04-29 PBS snapshot. |
- NIC
ens18 on bridge Server (DHCP-assigned 10.100.100.240/24)
- No firewall on the host (UFW absent, nftables empty, iptables policy ACCEPT) — relies on pfSense Home for protection.
- No
/etc/docker/daemon.json at audit time — log-rotation policy missing, was the root cause of the disk-full failure (P-03).
| Property |
Value |
| SSH user |
alexander |
| SSH key (local) |
E:/Workspace/Repositories/Clean Up/.secrets/ssh/blackreset_admin_ed25519 |
| Listening ports (notable) |
22 (SSH). After rebuild (P-01): 3000/8000/8478/4200 if the four reverse-proxy backends are restored. |
| Notes |
LAN-only access; no inbound NAT forwards from RZ. Sudo passwordless via /etc/sudoers.d/alexander since 2026-04-29. |
- I-01: ROOT FS WAS 100% FULL at audit (resolved). Cause: container JSON logs grew unbounded (mongo log alone was 22 GB).
- I-02: All 19 application containers were stopped and docker.service failed since 2026-04-06; the four backends consumed by SL-21 (8478/3000/8000/4200) had been DEAD for 3+ weeks before audit.
- I-03: No /etc/docker/daemon.json — needs json-file log-rotation policy before any new workload is started here (P-03).
- I-04: DESTRUCTIVE CLEANUP SIDE EFFECT —
dpkg --purge of legacy rc-state docker.io + containerd (bullseye) wiped /var/lib/docker entirely. All container images were sourced from reg.git.blackreset.com:443/... and are reproducible from the GitLab registry; jupiterData and container-internal state (grafana DB, sharelatex DB, mongo data) are not.
- I-05: docker-compose v1 (apt) installed alongside docker-compose-plugin v2 — v1 is EOL, should be removed.
- I-06: docker-ce / containerd.io / docker-compose-plugin all carry
~debian.11~bullseye version suffixes — installed under Debian 11, still working on bookworm but should be reinstalled from the bookworm channel.
- I-09: Docker apt source still points at bullseye —
apt update fails on download.docker.com.
- I-10: GitLab Runner config in /opt/gitlab-runner/config/ preserved, but Docker-executor caches were wiped (P-07).
- I-11: qemu-guest-agent not installed (unlike SL-12/SL-21).
- I-13: docker.service is active but not enabled at boot (P-04).
Die 4 backend-vhosts (dev, grafana, splunk, sync) wurden im vm-sl-21-Cutover am 2026-05-02 gedroppt (siehe migration/2026-05-02-vm-sl-21-archive). Damit ist vm-sl-40 ohne aktive Konsumenten — Decom-Kandidat. Entscheidung pending.