collective-memory-repo/shared/long-term/decisions/openclawd-infra-baseline.md

OpenClaw Infra Baseline (Imported)

• imported_from: /Users/lingyuzeng/openclawd/vaults/memory/infra.md
• imported_at_utc: 2026-03-10T07:53:38Z
• note: migrated from openclawd/vaults to collective-memory-repo.

---

memory/infra.md

OpenClaw Cluster Baseline (2026-03-10)

• Control Plane / Gateway: mac-5 (唯一 Gateway)
• Node Hosts: mac-6, mac-7
• mac-8 已下线，不再参与当前集群调度
• Node Roles:
  • mac-6: Executor / Build
  • mac-7: Browser / Web Verify

Access & Ingress

• Unified ingress via Caddy HTTPS/WSS.
• Known endpoints in docs/notes:
  • https://mac5.hs.jmsu.top:8443
  • wss://mac5.hs.jmsu.top:8443
  • runtime summary may use bot.jmsu.top:443 (confirm active deployment before operations)

Node Lifecycle

openclaw node run/install -> Pending -> openclaw devices approve <request-id> -> Online -> openclaw nodes run ...

Operating Rules

1. Never run Gateway on mac-6/mac-7.
2. Remote commands must go through openclaw nodes run.
3. Keep node allowlist/approvals least-privileged by role.
4. For failures, check: unauthorized / pairing required / origin not allowed / trusted proxy / approval required.

Memory Gateway Design (qmd-memory-gateway)

• Consistency model: query-time sync (fetch -> workspace sync -> qmd update/embed -> query).
• Workspace isolation by branch/profile, with per-workspace lock.
• Keep a single gateway on mac-5 as default topology to avoid multi-writer index drift.
• Consider per-machine gateway only if:
  • cross-machine latency becomes a bottleneck, and
  • each machine can own an isolated branch/workspace and independent qmd cache/index.