feat: Preserve comprehensive CHORUS enhancements and P2P improvements

This commit preserves substantial development work including:

## Core Infrastructure:
- **Bootstrap Pool Manager** (pkg/bootstrap/pool_manager.go): Advanced peer
  discovery and connection management for distributed CHORUS clusters
- **Runtime Configuration System** (pkg/config/runtime_config.go): Dynamic
  configuration updates and assignment-based role management
- **Cryptographic Key Derivation** (pkg/crypto/key_derivation.go): Secure
  key management for P2P networking and DHT operations

## Enhanced Monitoring & Operations:
- **Comprehensive Monitoring Stack**: Added Prometheus and Grafana services
  with full metrics collection, alerting, and dashboard visualization
- **License Gate System** (internal/licensing/license_gate.go): Advanced
  license validation with circuit breaker patterns
- **Enhanced P2P Configuration**: Improved networking configuration for
  better peer discovery and connection reliability

## Health & Reliability:
- **DHT Health Check Fix**: Temporarily disabled problematic DHT health
  checks to prevent container shutdown issues
- **Enhanced License Validation**: Improved error handling and retry logic
  for license server communication

## Docker & Deployment:
- **Optimized Container Configuration**: Updated Dockerfile and compose
  configurations for better resource management and networking
- **Static Binary Support**: Proper compilation flags for Alpine containers

This work addresses the P2P networking issues that were preventing proper
leader election in CHORUS clusters and establishes the foundation for
reliable distributed operation.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

p2p/config.go

@@ -9,25 +9,31 @@ type Config struct {
 	// Network configuration
 	ListenAddresses []string
 	NetworkID       string
-	
+
 	// Discovery configuration
 	EnableMDNS     bool
 	MDNSServiceTag string
-	
+
 	// DHT configuration
 	EnableDHT        bool
 	DHTBootstrapPeers []string
 	DHTMode          string // "client", "server", "auto"
 	DHTProtocolPrefix string
-	
-	// Connection limits
-	MaxConnections    int
-	MaxPeersPerIP     int
-	ConnectionTimeout time.Duration
-	
+
+	// Connection limits and rate limiting
+	MaxConnections      int
+	MaxPeersPerIP       int
+	ConnectionTimeout   time.Duration
+	LowWatermark        int           // Connection manager low watermark
+	HighWatermark       int           // Connection manager high watermark
+	DialsPerSecond      int           // Dial rate limiting
+	MaxConcurrentDials  int           // Maximum concurrent outbound dials
+	MaxConcurrentDHT    int           // Maximum concurrent DHT queries
+	JoinStaggerMS       int           // Join stagger delay in milliseconds
+
 	// Security configuration
 	EnableSecurity bool
-	
+
 	// Pubsub configuration
 	EnablePubsub           bool
 	BzzzTopic             string    // Task coordination topic
@@ -47,25 +53,31 @@ func DefaultConfig() *Config {
 			"/ip6/::/tcp/3333",
 		},
 		NetworkID: "CHORUS-network",
-		
-		// Discovery settings
-		EnableMDNS:     true,
+
+		// Discovery settings - mDNS disabled for Swarm by default
+		EnableMDNS:     false, // Disabled for container environments
 		MDNSServiceTag: "CHORUS-peer-discovery",
-		
+
 		// DHT settings (disabled by default for local development)
 		EnableDHT:        false,
 		DHTBootstrapPeers: []string{},
 		DHTMode:          "auto",
 		DHTProtocolPrefix: "/CHORUS",
-		
-		// Connection limits for local network
-		MaxConnections:    50,
-		MaxPeersPerIP:     3,
-		ConnectionTimeout: 30 * time.Second,
-		
+
+		// Connection limits and rate limiting for scaling
+		MaxConnections:      50,
+		MaxPeersPerIP:       3,
+		ConnectionTimeout:   30 * time.Second,
+		LowWatermark:        32,  // Keep at least 32 connections
+		HighWatermark:       128, // Trim above 128 connections
+		DialsPerSecond:      5,   // Limit outbound dials to prevent storms
+		MaxConcurrentDials:  10,  // Maximum concurrent outbound dials
+		MaxConcurrentDHT:    16,  // Maximum concurrent DHT queries
+		JoinStaggerMS:       0,   // No stagger by default (set by assignment)
+
 		// Security enabled by default
 		EnableSecurity: true,
-		
+
 		// Pubsub for coordination and meta-discussion
 		EnablePubsub:           true,
 		BzzzTopic:             "CHORUS/coordination/v1",
@@ -164,4 +176,34 @@ func WithDHTProtocolPrefix(prefix string) Option {
 	return func(c *Config) {
 		c.DHTProtocolPrefix = prefix
 	}
+}
+
+// WithConnectionManager sets connection manager watermarks
+func WithConnectionManager(low, high int) Option {
+	return func(c *Config) {
+		c.LowWatermark = low
+		c.HighWatermark = high
+	}
+}
+
+// WithDialRateLimit sets the dial rate limiting
+func WithDialRateLimit(dialsPerSecond, maxConcurrent int) Option {
+	return func(c *Config) {
+		c.DialsPerSecond = dialsPerSecond
+		c.MaxConcurrentDials = maxConcurrent
+	}
+}
+
+// WithDHTRateLimit sets the DHT query rate limiting
+func WithDHTRateLimit(maxConcurrentDHT int) Option {
+	return func(c *Config) {
+		c.MaxConcurrentDHT = maxConcurrentDHT
+	}
+}
+
+// WithJoinStagger sets the join stagger delay in milliseconds
+func WithJoinStagger(delayMS int) Option {
+	return func(c *Config) {
+		c.JoinStaggerMS = delayMS
+	}
 }