Core Infrastructure
The foundation for peak agility and process automation in your data center.
infradesk
The Sovereign Enterprise Platform
infradesk acts as an intelligent, uncompromising API-first management layer, extending the proven open-source core of Proxmox with cutting-edge orchestration and simplified cluster management. The solution seamlessly unifies a central API backend with a highly secure, WireGuard-based Software-Defined Network (SDN), deep multi-tenancy, and Role-Based Access Control (RBAC) via a global Identity Provider.
While older Proxmox installations often suffer from fragmented management at the host level, infradesk offers holistic, comprehensive control—through the logical, physical, or tenant-related centralization of global clusters via a single interface. The key advantage over standard Proxmox PVE lies in the radical automation of network and authorization structures: Instead of manually tracking IP addresses, infradesk connects multiple locations completely autonomously via a WireGuard network with integrated IPAM.
Furthermore, infradesk shatters traditional silos using a strictly object-based hierarchy model featuring "Deep Nesting." This ensures permissions are inherited securely, making complex shared hosting a professional reality for MSPs and enterprises. This technological edge is rounded off by intelligent, AI-driven routines like proactive auto-healing and automated host evacuations—transforming a standard hypervisor into a self-healing, autonomous enterprise cloud.
Global Connectivity & Smart IP Management
Secure Zero Trust WireGuard Mesh
Complex VPN routing and risky firewall configurations for multi-site deployments are a thing of the past—if you want them to be. At the click of a button, infradesk connects your locations via a highly secure WireGuard mesh, fully automating the underlying network configuration:
- Integrated IPAM instead of Excel spreadsheets: Where native Proxmox still leaves you tracking IPs manually, our system understands your network topology, identifies available addresses in real time, and automatically provisions new nodes with conflict-free network parameters.
- Zero Trust by Default: Management traffic and live migrations flow through a natively encrypted tunnel with built-in NAT traversal. New systems are authorized via audit-proof PIN pairing.
- Architectural Freedom (Opt-Out): Our VPN mesh is a powerful, free value-add, but never an obligation. If you prefer to rely on your established corporate network, MPLS, or SD-WAN infrastructure, the module can be seamlessly disabled.
Combined with our granular IP Access Control Lists (IPACLs), you drastically slash administrative overhead while retaining uncompromising sovereignty over your global network design.
Audit-Proof Compliance & Atomic Upgrades
Pre-Built Image Architecture
Leave tedious and risky patch cycles behind. infradesk completely decouples the hypervisor OS from legacy installation routines, leveraging a cutting-edge, image-based architecture instead. The Proxmox core boots directly from pre-built images residing on your local disk.
Unlike rigid legacy solutions that demand invasive system modifications, your upgrades and downgrades become entirely risk-free. A simple server reboot is all it takes to seamlessly transition to a new—or older—version. This atomic update mechanism not only guarantees blazing-fast rollouts across hundreds of nodes, but also provides an instant rollback safety net if anything goes wrong.
The result: Slashed maintenance windows, virtually eliminated update risks, and maximum operational agility for your data center teams.
Digital Sovereignty:
Your vSphere Exit Strategy
Break free from the dictated licensing policies of US monopolies. infradesk provides a transparent, European management layer with zero hidden core-pricing traps. Under the hood runs an unmodified Proxmox core, ensuring your data structures remain highly portable and firmly rooted in proven open-source industry standards.
You gain the operational comfort of a full-fledged enterprise cloud while—thanks to strict Separation of Concerns—retaining absolute data sovereignty and long-term budget predictability at all times.
Multi-Tenant Object Orchestration:
Limitless Scalability for MSPs and Enterprises
Shatter legacy vCenter silos. Govern complex corporate and tenant environments through a rigorously object-based, hierarchical architectural model. infradesk delivers strict Deep Nesting: Permissions and quotas are inherited with granular precision, guaranteeing zero security-critical overlaps across your networks and storage.
Combined with a white-label-ready UI and an API-first architecture, you can host shared-model workloads with enterprise-grade professionalism while radically optimizing your licensing costs.
Intelligent Metrics:
Kernel-Direct Telemetry & Viewport-Aware Metrics
Proxmox and its API are a reliable workhorse, but they hit architectural limits during the live monitoring of large enterprise clusters. Traditional, "expensive" API calls often result in sluggish 10-second polling intervals. In infradesk, we’ve completely engineered this bottleneck out of the equation:
- Kernel-Push instead of API-Polling: Rather than inefficiently polling the API, we intercept data right at the source. Telemetry is pushed natively from the kernel via MQTT into infradesk—delivering unmatched speed and efficiency.
- Per-Object WebSocket Streams: Our Viewport-Aware Metrics Engine processes the raw data and feeds it to our ultra-lightweight UI. Every node, VM, or disk gets its own dedicated data stream, identified by UUID.
- Smart Intersection Observer Logic: Your browser only subscribes to metrics actively visible in your viewport. Scroll away, and the system instantly cuts the stream, throttling traffic to an absolute minimum.
The result: A revolutionary, lightning-fast, and uncompromisingly reactive user interface that drastically conserves resources across your entire global infrastructure.
Enterprise RBAC & Object Locking
Granular Control and Collaborative Security
In hyper-scaling organizations and multi-tenant environments, the principle of "least privilege" is simply non-negotiable. infradesk integrates a comprehensive, API-centric Role-Based Access Control (RBAC) system, complemented by an intelligent frontend permission service. This allows you to define permission structures for users and groups with ultra-granular precision.
We enforce a strict, two-tier validation architecture: For every single request, the system not only authorizes in real time whether the actor holds the fundamental permission for an action, but it also validates whether the target object's current state technically and logically permits the operation.
To fend off dangerous configuration collisions within large IT teams, a native locking mechanism kicks in. The moment an administrator or an API script modifies an object, it is instantly locked against concurrent edits.
The result for your data center operations: Absolute data consistency, flawless workflows, and the audit-proof delegation of tasks across all administrative tiers.
Self-healing infrastructure
Don't wait for systems to fail before you act. Our proactive, ML-driven balancing anticipates bottlenecks like CPU steal and shifts workloads seamlessly. During a hardware outage, historical load profiles prevent dangerous cascading effects, while dedicated spare nodes are brought online autonomously. Your infrastructure heals itself.
Infra Task Orchestrator
Turn manual maintenance into set-and-forget workflows. The Orchestrator autonomously manages cluster-wide updates and AI-powered node evacuations. Every single task is fully detailed in your digital operations log.
Infra AI Evacuation
Predictive host evacuation for zero-downtime maintenance. Our AI analyzes workload profiles to optimally distribute VMs, fully respecting your anti-affinity rules. Once completed, a State Snapshot flawlessly restores your original architecture.