incident-2026-04-03-uid-change.md: Detailed post-mortem of the UID
change cascading failure that took down all services on rift. Documents
the timeline, root causes, recovery steps, and lessons learned.
disaster-recovery.md: Step-by-step runbook for bootstrapping the
platform from zero when all containers are gone. Covers the boot
order (MCNS → mc-proxy/MCR/Metacrypt → master → apps), exact podman
run commands for each service, common errors, and verification.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reflect that the platform now spans multiple nodes (rift for compute,
svc for public edge routing, orion provisioned but offline). Add Fleet
Topology section, update deploy steps to include TLS cert provisioning
from Metacrypt CA, DNS registration in MCNS, and gRPC-based mc-proxy
route registration.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
mcp-agent and mc-proxy run on every node as systemd services — they
are not placed by the master and don't belong in the placements table.
Snapshot paths are node-keyed for infrastructure (<service>/<node>/)
to avoid collisions between instances on different nodes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Review is complete — all items resolved, document approved for
implementation. The review served its purpose and is no longer needed
in the repo.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- docs/architecture-v2.md: Full MCP v2 multi-node architecture
covering master/agent topology, security model, service placement,
edge routing, snapshots, migration, and 6-phase implementation plan.
Reviewed and ready for implementation.
- docs/architecture-v2-review.md: External architecture review with
all items resolved.
- docs/phase-e-plan.md: Updated to match v2 decisions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add SSO redirect flow alongside direct credentials, MCIAS client
registration steps, [sso] config section, and updated service versions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Update version references to match current git tags: MCIAS v1.9.0,
Metacrypt v1.3.1, MCP v0.7.6. Add Phase D (DNS registration) to MCP
status, update RPC/CLI counts, and document undeploy as a first-class
capability. Also sync STATUS.md and packaging-and-deployment.md with
the same version updates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sync the deployed services version table with current git tags (MCIAS
v1.9.0, Metacrypt v1.3.1, MCR v1.2.1, MCNS v1.1.1, MCP v0.7.6) and
add mcp logs and mcp edit to the command reference.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- PLATFORM_EVOLUTION: Mark Phase D (DNS) complete, add Phase E
(multi-node agent management) planning with items #10-12
- PLATFORM_EVOLUTION: Fix stale mcdsl reference (v1.2.0 adds → added,
consuming services now on v1.4.0)
- STATUS: Update all service versions to current, note Phase A-D
completion and Phase E planning
- docs/packaging-and-deployment: Add agent management section
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Document the three-tier identity model across MCIAS, MCR, Metacrypt,
MCNS, and MCP. Update version numbers for MCR (v1.2.1), MCNS (v1.1.1),
MCP (v0.7.2). Clarify that admin is reserved for MCIAS administration,
not routine deploy operations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix service definition examples to require explicit image fields,
remove phantom version top-level field, document container listen
address requirement (0.0.0.0:$PORT not localhost), add undeploy
command, and update deployed service versions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Self-contained doc covering the full service lifecycle: Dockerfile
patterns, MCP service definitions, build/push/deploy workflow, data
directory conventions, $PORT env vars, MCIAS auth, and networking.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- docs/svc-deployment-plan.md: detailed plan for mc-proxy + MCNS on svc
as the public edge (executed and live)
- .mcp.json: Gitea MCP server config for Claude Code integration
- PLATFORM_EVOLUTION.md: mark mc-proxy route persistence as done
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
10k-word narrative covering the full session: DNS diagnosis, MCNS
architecture and implementation, engineering review with parallel
agents, deployment to rift, platform documentation audit, public edge
deployment on svc, and reflections on AI-assisted infrastructure work.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Metacrypt SSH CA, transit, and user-to-user engines are all implemented
(not planned). MCR is at phase 13. MCDSL package list was incomplete.
Added mcns (CoreDNS precursor) to project map and dependency graph.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
