The FMJ Systems Private Cloud Reference Implementation is designed to demonstrate the core principles of a multi-tenant private cloud, providing isolated cloud environments to multiple tenants on shared physical infrastructure. The implemented architecture is modeled after a Managed Service Provider. the architecture can be adapted to multiple for more information on how the MSP model works in this context, please refer to FMJ Systems and the MSP Model

The reference implementation consists of FMJ Systems management infrastructure, that is hosted on its own dedicated node, and a tenant cluster that hosts all tenant workloads as well as the shared services isolated environment. the simulated internet isolated environment is also hosted on the tenant cluster, but this would not be included in a production environment at all, the simulated internet environment is only to provide a certificate authority and external DNS since the environment is not connected to the internet.

Tenant isolation is enforced at multiple layers such as networking, storage, and access control, ensuring that no tenant can access or interfere with another tenants resources. Each Tenant is provisioned with a dedicated publica and private subnet, isolated ZFS storage datasets, and Proxmox access restricted to only their resources pool

The inclusion of shared services serves a DNS server that forwards DNS requests for internal.tenant.com to each tenants AD DC and to sere internal DNS records as well as a reverse proxy for web connections to FMJ Systems and tenants.

The reference implementation consists of the following physical hardware:

Tenant Environments - Each of the three tenants (Adatum, Contoso, Fabrikam) is provisioned with a dedicated public and private subnet, isolated storage, scoped Proxmox access, and their own web server, Active Directory environment, and WireGuard VPN that is reachable from the simulated internet network.

Shared Services - A shared services network hosts infrastructure that all tenants consume, including the Nginx Proxy Manager reverse proxy and the BIND9 recursive DNS resolver. The Nginx Proxy Manager has user accounts for scoped tenant management, the DNS server is fully managed by FMJ Systems.

FMJ Systems Infrastructure — The FMJ node hosts anything related to FMJ Systems, including the FMJ Systems web server, Active Directory Environment, VPN and Management VPN. This is logically and physically separated from the tenant cluster.

Simulated Internet — An isolated VLAN (10.99.99.0/24) simulates a public internet environment for the purposes of the demo. It hosts an authoritative BIND9 DNS server and a StepCA Certificate Authority operating as a fictional public CA called Certzone, enabling realistic HTTPS certificate issuance and public DNS resolution without requiring actual internet connectivity.

This simplified topology shows a high level representation of what has been implemented for the reference architecture for the demonstration. It includes the Proxmox cluster, FMJ Systems node, router, switch and demo PC. Tenant workloads are hosted on the Proxmox cluster and any FMJ Systems required infrastructure is hosted on the FMJ Systems node. the demo computer is typically accessing either VLAN 5 (management) or VLAN 99 (Simulated Internet) to demonstrate connectivity to resources depending on network connectivity.
Note - For a more detailed look at the topology, see - Networking
For more information on how tenants are isolated, see - Tenant Isolation and Environment

In a full production deployment, the architecture would expand to include:

While this implementation is modeled after a MSP offering, the architecture is adaptable to other deployment contexts, with targeted modifications:

Note - For more information on how the architecture could be adapted to other contexts, see - Adaptations of the Architecture