MOBIRAN
·
Back to products
Data Infrastructure

ARCloud

v1.0.0GA

Corporate cloud platform

Self-service IaaS over Proxmox VE. Managed PostgreSQL, Kafka, MinIO, Redis. Multi-tenant SDN and RBAC.

Request Access Read all products
Problem

What this product solves.

Enterprises building on Proxmox VE end up scripting around it: separate ticketing for VM provisioning, hand-rolled networking, undocumented quotas, no real RBAC, and a knowledge graph that lives in three engineers’ heads. ARCloud replaces those scripts with a control plane that turns the same Proxmox cluster into a multi-tenant private cloud — self-service VMs, managed databases and brokers, isolated tenant networks, audit — operated by your team, exposed through one REST and WebSocket surface.

Core capabilities

What the product does.

cap_01

VM provisioning with cloud-init

Tenants spin up VMs from curated templates with cloud-init bootstrapping. ARCloud orchestrates Proxmox storage backends (ZFS, Ceph, LVM) without exposing them.

cap_02

Managed PostgreSQL, Kafka, MinIO, Redis

First-class managed services on top of the same Proxmox cluster. PostgreSQL ships with primary/replica topology, Kafka with broker quorum, MinIO with bucket-level ACLs, Redis with persistence policy — every service has its own provisioning workflow, lifecycle, RBAC scope and audit by default.

cap_03

Multi-tenant SDN

Per-tenant networks, IPAM and reservations. Tenants do not see each other; operators see everyone. SDN realised through Linux bridges or Proxmox SDN (OVN).

cap_04

Quotas and resource accounting

CPU, memory, storage and network budgets per tenant. Hard limits prevent noisy neighbours; soft limits surface in the control plane.

cap_05

Workflow-based provisioning

Every long-running operation is a workflow (AbstractProvisionWorkflow + implementations per service). Operators see exactly where a provision is stuck.

cap_06

RBAC at platform, tenant, and resource scope

JWT identity flows across products. Roles bound to tenants, projects, and individual resources. Same model as ARStudio and ARStreams.

cap_07

SSH-tunnelled Proxmox control

Operations against Proxmox VE go through SSH tunnels managed by Apache SSHD. The API surface is not exposed publicly even on internal networks.

cap_08

Real-time control plane

REST for CRUD; WebSocket (STOMP) for live state — VM lifecycle events, workflow progress, provisioning telemetry. The same data the platform uses, surfaced to operators.

Operator surface

What operators actually see.

Captured from a live evaluation environment. Same UI customers run; nothing reproduced from a brochure.

shot_01

Virtual machines grouped by tenant — IP, resources, running state per VM.

ARCloud — virtual machines
shot_02

Managed services — PostgreSQL clusters, message brokers, internal infrastructure VMs.

ARCloud — managed services
shot_03

Tenants with quotas, current allocation and per-tenant audit surface.

ARCloud — tenants
Architecture

How it is built.

ARCloud is a Spring Boot service backed by PostgreSQL for state and a React control surface. It mediates between operators and tenants on one side, and a Proxmox VE cluster on the other. The data plane is the existing Proxmox infrastructure — ARCloud is a control plane that owns provisioning, networking and lifecycle without owning the virtualisation.

arch_01

Spring Boot control plane

REST and WebSocket (STOMP) APIs. JWT-secured. Workflow execution engine and per-service provisioning logic live here.

arch_02

PostgreSQL-resident state

Tenants, quotas, IPAM, workflow runs and audit live in the ARCloud metadata database. Flyway-versioned migrations.

arch_03

Proxmox VE via SSH-tunnelled REST

Apache SSHD tunnels Proxmox’s REST API. RSA keys generated via BouncyCastle; nothing is shared in flight.

arch_04

cloud-init for VM bootstrap

Template-driven cloud-init payloads. Tenants choose the template; ARCloud parameterises and submits.

arch_05

Workflow primitive

Every service has an AbstractProvisionWorkflow implementation. Operators observe state transitions and retry on need.

arch_06

React + Recharts + Radix UI

Operator console — tenant inventory, resource graphs, provisioning timeline. Same fonts and density as ARStudio and ARStreams.

REST API

Driven by a real REST surface.

Every product action available in the UI is reachable through a JWT-secured REST API. The control plane is the API; the UI is one of its consumers.

api_01JWT

Provision a VM

Declarative VM request — cores, memory, disk, OS image, tenant. ARCloud schedules, builds and registers it.

POST/api/v1/tenants/{tenant}/vms
Response
{
  "vm_id": "vm_018f0d2c",
  "state": "scheduling",
  "node": null,
  "ipv4": null
}
api_02JWT

List tenants

Tenants the operator can see, with quota, current allocation and active VM count.

GET/api/v1/tenants
Response
[
  {
    "id": "tenant_billing",
    "cores_used": 96,
    "cores_quota": 128,
    "vms_active": 14
  }
]
api_03JWT

Inspect cluster state

Per-node CPU, memory, disk and degraded-resource state — same data the operator console reads.

GET/api/v1/clusters/{id}/state
Operator CLI

Operated from the terminal too.

The `arctl` CLI talks to the same control plane as the UI. Same primitives, scriptable, suitable for CI and on-call.

cli_01arctl

Create a VM from a spec

Declarative VM definition committed to git; replay it to rebuild a tenant on a fresh cluster.

arctl cloud vm create -f tenants/billing/api-01.yaml
cli_02arctl

List tenants and quotas

Operator-grade visibility — pipe through awk to flag tenants near quota.

arctl cloud tenants list
Output
TENANT              CORES   QUOTA   VMS   STATE
tenant_billing      96      128     14    ok
tenant_analytics    44      64      9     ok
tenant_reporting    62      64      11    warn
cli_03arctl

Show cluster health

Per-node summary with degraded resources flagged. Non-zero exit if any node is in fail.

arctl cloud cluster status prod-01
Integrations

What it connects to.

integration

Proxmox VE

Up to ~32-node clusters (8–20 typical). ZFS, Ceph or LVM storage. Linux bridges or Proxmox SDN for tenant networks.

integration

PostgreSQL (managed)

Managed PostgreSQL service offered to tenants. Same engine your other AR products run on — operationally consistent.

integration

Kafka, MinIO, Redis (managed)

First-class managed services. Each one ships with its own provisioning workflow and quota accounting.

integration

ARStudio

PostgreSQL clusters provisioned through ARCloud are first-class citizens in ARStudio — monitored, alert-rule covered, SQL-editable through the same identity.

integration

ARStreams

CDC streams against managed PostgreSQL targets register through ARCloud’s tenant identity. Streaming is one tenant resource among others.

integration

Cloud-init OS images

Ubuntu 24.04 and ALT Linux ship as ready templates. Tenants and operators can register their own.

Use cases

Where it runs in production.

  1. case_01

    Sovereign private cloud

    A ministry or bank consolidates Proxmox-hosted VMs into a managed, multi-tenant private cloud — self-service for internal teams, full audit for compliance.

  2. case_02

    Import substitution for VMware

    Replace VMware vCloud-style operations on Proxmox VE. Tenants, quotas, networking and managed services without a hypervisor swap.

  3. case_03

    Managed PostgreSQL fleet for line-of-business teams

    Engineering teams request databases through ARCloud; DBAs supervise through ARStudio. Provisioning, RBAC and audit all flow from the same identity.

  4. case_04

    Tenant-isolated streaming infrastructure

    Provision ARStreams workspaces and their managed PostgreSQL targets as tenant resources. Streaming, storage and compute charged to the same account.

  5. case_05

    Compact ops footprint

    A 20-node Proxmox cluster supported by 1–2 engineers serves hundreds of internal users — the platform absorbs the toil that used to require a dedicated cloud team.

Deployment

How it is operated.

ARCloud ships as a Spring Boot JAR with a React control surface. It runs on a control-plane host alongside the Proxmox VE cluster it manages. The metadata PostgreSQL lives on the same host or on a dedicated database VM you provision through ARCloud itself.

  • Single JAR, systemd unit, optional nginx reverse-proxy.
  • Requires SSH access to the Proxmox cluster (RSA keypair owned by ARCloud).
  • Ubuntu 24.04 and ALT Linux are first-class host operating systems.
  • Air-gap-ready: no outbound calls; no SaaS dependency.
  • Scales from a single node up to ~32 Proxmox nodes (8–20 typical).
Core capabilities

Evaluate this product.

Open the workspace if you already hold credentials, or request guided access through the briefing flow.

Request Access Read all productsRead the docs