hermes-ice/homelab/entities/grizzley.md

title, created, updated, type, tags, sources

title	created	updated	type	tags	sources
grizzley	2026-04-28	2026-04-29	entity	hosts rpi edge ha

grizzley

Role: Edge node — Traefik HA backup, Jellyfin media server, Hermes Gateway secondary IP: 192.168.50.84 Hostname: grizzley Uptime: 1 day, 14h (as of 2026-04-28 — recently rebooted)

Overview

grizzley is the edge node of the homelab cluster. It serves as the Traefik HA backup node (via keepalived VRRP), runs Jellyfin for media streaming, and hosts the secondary Hermes Gateway instance. It also has /mnt/fast_share as a fast local SSD mount.

Hardware

Spec	Detail
Model	Raspberry Pi 5
CPU	ARM Cortex-A76 (4 cores)
RAM	7.7 GB total, 3.7 GB available, 4.0 GB used
Swap	6.0 GB total, 2.0 GB used
Storage	917 GB (/dev/sdc2, 8% used, 68 GB)
Fast Storage	916 GB /mnt/fast_share (/dev/sdb1, 1% used, 4.1 GB) — fast SSD mount
Network	Gigabit Ethernet
IP	192.168.50.84

Systemd Services (Running)

Service	Purpose
alert-bridge.service	Prometheus → Telegram alert bridge (zero AI)
chrony.service	NTP client/server
containerd.service	Container runtime
docker.service	Docker engine
fail2ban.service	Intrusion prevention
hermes-dashboard.service	Hermes Agent Web Dashboard
hermes-gateway.service	Hermes Agent Gateway — messaging platform integration
keepalived.service	VRRP for Traefik HA (BACKUP mode)
nfs-blkmap.service	pNFS block layout mapping daemon
nfs-idmapd.service	NFSv4 ID-name mapping
nfs-mountd.service	NFS mount daemon
nfsdcld.service	NFSv4 client tracking
opencode-web.service	OpenCode Web Interface
rpc-statd.service	NFS status monitor
rpcbind.service	RPC portmapper
rsyslog.service	System logging
snapd.service	Snap daemon
ssh.service	OpenSSH server
snap.cups.*	CUPS printing services

Docker Containers

Container	Port(s)	Status	Purpose
aiomanager	1610/tcp	healthy	AI orchestration
aiomanager_db	5432/tcp	healthy	PostgreSQL for aiomanager
aiometadata	1337/tcp	healthy	AI metadata service
aiometadata-redis	6379/tcp	healthy	Redis for aiometadata
aiostreams	3002/tcp	healthy	AI streaming service
homepage-grizzley	3000/tcp	healthy	Homepage dashboard
jellyfin	8096, 9090/tcp	healthy	Media server
komodo	9120/tcp	healthy	AI service
komodo-mongo	27017/tcp	—	MongoDB for komodo
traefik-pi	80,443,2222,8080/tcp; 19132,19134,443/udp	healthy	Traefik edge ingress (HA cert generation)
uptime-kuma	3001/tcp	healthy	Uptime monitoring
vaultwarden	80/tcp	healthy	Password manager

Docker Networks

Network	Driver	Purpose
aiomanager_default	bridge	aiomanager stack
aiometadata_aiometadata-internal	bridge	aiometadata internal
komodo_komodo-internal	bridge	komodo internal
homepage_default	bridge	Homepage
traefik-proxy	bridge	Traefik ingress
desktop-test_default	bridge	Desktop test stack

NFS Mounts

192.168.50.12:/mnt/TrueNAS/traefik-certs/grizzley → /mnt/truenas/traefik-certs/grizzley (nfs4, rw, tcp, hard)

TrueNAS NFS share for Traefik TLS certificate sync. Both traefik-pi (grizzley) and traefik (ubuntu) share the same wildcard cert via this mount.

Traefik HA (Keepalived VRRP)

grizzley is the BACKUP Traefik node. VRRP runs on eth0.50 (VLAN 50):

virtual_router_id: 51
priority: 90 (BACKUP — ubuntu is PRIMARY at higher priority)
virtual_ipaddress: 192.168.50.80/27
auth_type: PASS, auth_pass: HomelabH
check_script: /etc/keepalived/check_traefik.sh (interval 2s, fall 2, rise 2)

When ubuntu Traefik fails, keepalived promotes grizzley to MASTER and the virtual IP moves here.

Access

ssh bear@192.168.50.84

Note: NFS client services run automatically. /etc/keepalived/keepalived.conf has the VRRP config.

Related

• ice — Control plane, primary agent host
• ubuntu — Main Docker host, Traefik PRIMARY partner
• truenas — NFS storage backend (cert sync)
• traefik — Traefik entity
• jellyfin — Media server running on grizzley
• hermes-gateway — Hermes Gateway secondary