From 46ef5e10ad8766a80c0f0e1621b571872ed97fd2 Mon Sep 17 00:00:00 2001 From: Liam Date: Mon, 4 Mar 2024 17:13:50 +1100 Subject: [PATCH] add testnet and mainnet node for latest code testing (#467) --- .github/workflows/ci.yml | 44 +++++++- .gitignore | 3 +- cicd/README.md | 2 +- .../module/region/container-definition.tpl | 2 +- cicd/devnet/terraform/module/region/ecs.tf | 2 +- cicd/mainnet/start.sh | 2 +- cicd/terraform/.env | 13 +++ cicd/terraform/iam.tf | 28 +++++ cicd/terraform/main.tf | 59 ++++++++++ .../module/region/container-definition.tpl | 44 ++++++++ cicd/terraform/module/region/ecs.tf | 96 ++++++++++++++++ cicd/terraform/module/region/efs.tf | 67 +++++++++++ cicd/terraform/module/region/main.tf | 103 +++++++++++++++++ cicd/terraform/module/region/rpc.tf | 104 ++++++++++++++++++ cicd/terraform/module/region/variables.tf | 50 +++++++++ cicd/terraform/s3.tf | 14 +++ cicd/terraform/variables.tf | 35 ++++++ cicd/testnet/start.sh | 4 +- 18 files changed, 663 insertions(+), 9 deletions(-) create mode 100644 cicd/terraform/.env create mode 100644 cicd/terraform/iam.tf create mode 100644 cicd/terraform/main.tf create mode 100644 cicd/terraform/module/region/container-definition.tpl create mode 100644 cicd/terraform/module/region/ecs.tf create mode 100644 cicd/terraform/module/region/efs.tf create mode 100644 cicd/terraform/module/region/main.tf create mode 100644 cicd/terraform/module/region/rpc.tf create mode 100644 cicd/terraform/module/region/variables.tf create mode 100644 cicd/terraform/s3.tf create mode 100644 cicd/terraform/variables.tf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f64086133d14..0aeeb8f0e3fa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -97,7 +97,7 @@ jobs: needs: devnet_build_push environment: devnet env: - AWS_ACCESS_KEY_ID: ${{ vars.AWS_ACCESS_KEY_ID }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} steps: - uses: actions/checkout@v4 @@ -122,6 +122,48 @@ jobs: done aws ecs update-service --region ap-southeast-1 --cluster devnet-xdcnode-cluster --service ecs-service-rpc1 --force-new-deployment --no-cli-pager | head -n 10; + rpcnode_terraform_apply: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/') + needs: devnet_build_push + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + steps: + - uses: actions/checkout@v4 + - name: Terraform Apply + run: | + cd cicd/terraform + terraform init ${{ env.tf_init_cli_options }} + terraform apply ${{ env.tf_apply_cli_options }} + + testnet_dev-upgrade_node: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/') + needs: rpcnode_terraform_apply + environment: testnet + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + steps: + - uses: actions/checkout@v4 + - name: ECS Update + run: | + aws ecs update-service --region ap-southeast-1 --cluster testnet-xdcnode-cluster --service ecs-service-testnet-rpc1 --force-new-deployment --no-cli-pager | head -n 10; + + mainnet_dev-upgrade_node: + runs-on: ubuntu-latest + if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/') + needs: rpcnode_terraform_apply + environment: mainnet + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + steps: + - uses: actions/checkout@v4 + - name: ECS Update + run: | + aws ecs update-service --region ap-southeast-1 --cluster mainnet-xdcnode-cluster --service ecs-service-mainnet-rpc1 --force-new-deployment --no-cli-pager | head -n 10; devnet_send_notification: runs-on: ubuntu-latest diff --git a/.gitignore b/.gitignore index 5548c132dd29..1a85f2f558a2 100644 --- a/.gitignore +++ b/.gitignore @@ -50,7 +50,6 @@ profile.cov **/yarn-error.log coverage.txt go.sum -cicd/devnet/terraform/.terraform* +**/.terraform* cicd/devnet/tmp -.env cicd/devnet/terraform/node-config.json \ No newline at end of file diff --git a/cicd/README.md b/cicd/README.md index 77d22d538701..b5d61e4098ec 100644 --- a/cicd/README.md +++ b/cicd/README.md @@ -6,5 +6,5 @@ docker build -f cicd/Dockerfile . ``` ## Docker Run ``` -docker run -it -e NETWORK=devnet -e PRIVATE_KEYS=$KEY $IMAGE +docker run -it -e NETWORK=devnet -e PRIVATE_KEY=$KEY $IMAGE `` \ No newline at end of file diff --git a/cicd/devnet/terraform/module/region/container-definition.tpl b/cicd/devnet/terraform/module/region/container-definition.tpl index 270a6847fc5a..008e98522ac1 100644 --- a/cicd/devnet/terraform/module/region/container-definition.tpl +++ b/cicd/devnet/terraform/module/region/container-definition.tpl @@ -3,7 +3,7 @@ "name": "tfXdcNode", "image": "xinfinorg/${image_environment}:${image_tag}", "environment": [ - {"name": "PRIVATE_KEYS", "value": "${private_keys}"}, + {"name": "PRIVATE_KEY", "value": "${private_key}"}, {"name": "LOG_LEVEL", "value": "${log_level}"}, {"name": "NODE_NAME", "value": "${node_name}"}, {"name": "NETWORK", "value": "${chain_network}"} diff --git a/cicd/devnet/terraform/module/region/ecs.tf b/cicd/devnet/terraform/module/region/ecs.tf index 0f589f944728..8cfc43427e68 100644 --- a/cicd/devnet/terraform/module/region/ecs.tf +++ b/cicd/devnet/terraform/module/region/ecs.tf @@ -6,7 +6,7 @@ data template_file devnet_container_definition { image_environment = "${lookup(each.value, "imageEnvironment", "devnet")}" image_tag = "${lookup(each.value, "imageTag", "latest")}" node_name = "${each.key}" - private_keys = "${each.value.pk}" + private_key = "${each.value.pk}" cloudwatch_group = "tf-${each.key}" cloudwatch_region = "${var.region}" log_level = "${lookup(each.value, "logLevel", "${var.logLevel}")}" diff --git a/cicd/mainnet/start.sh b/cicd/mainnet/start.sh index 86054c02c211..35f11a5d3406 100755 --- a/cicd/mainnet/start.sh +++ b/cicd/mainnet/start.sh @@ -76,7 +76,7 @@ XDC --ethstats ${netstats} --gcmode archive \ --datadir /work/xdcchain --networkid 50 \ -port $port --rpc --rpccorsdomain "*" --rpcaddr 0.0.0.0 \ --rpcport $rpc_port \ ---rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,XDPoS \ +--rpcapi admin,db,eth,debug,net,shh,txpool,personal,web3,XDPoS \ --rpcvhosts "*" --unlock "${wallet}" --password /work/.pwd --mine \ --gasprice "1" --targetgaslimit "420000000" --verbosity ${log_level} \ --debugdatadir /work/xdcchain \ diff --git a/cicd/terraform/.env b/cicd/terraform/.env new file mode 100644 index 000000000000..4eb6ca5a95c0 --- /dev/null +++ b/cicd/terraform/.env @@ -0,0 +1,13 @@ +log_level=3 + +# Ohio +us_east_2_start=0 +us_east_2_end=36 + +# Ireland +eu_west_1_start=37 +eu_west_1_end=72 + +# Sydney +ap_southeast_2_start=73 +ap_southeast_2_end=108 \ No newline at end of file diff --git a/cicd/terraform/iam.tf b/cicd/terraform/iam.tf new file mode 100644 index 000000000000..f5c5ee2fe08c --- /dev/null +++ b/cicd/terraform/iam.tf @@ -0,0 +1,28 @@ +# IAM policies +data "aws_iam_policy_document" "xdc_ecs_tasks_execution_role" { + statement { + actions = ["sts:AssumeRole"] + + principals { + type = "Service" + identifiers = ["ecs-tasks.amazonaws.com"] + } + } +} + +# Create the role +resource "aws_iam_role" "xdc_ecs_tasks_execution_role" { + name = "xdc-ecs-task-execution-role" + assume_role_policy = "${data.aws_iam_policy_document.xdc_ecs_tasks_execution_role.json}" +} + +# Attached the AWS managed policies to the new role +resource "aws_iam_role_policy_attachment" "xdc_ecs_tasks_execution_role" { + for_each = toset([ + "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess", + "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils" + ]) + role = aws_iam_role.xdc_ecs_tasks_execution_role.name + policy_arn = each.value +} diff --git a/cicd/terraform/main.tf b/cicd/terraform/main.tf new file mode 100644 index 000000000000..5df86c7c2bd1 --- /dev/null +++ b/cicd/terraform/main.tf @@ -0,0 +1,59 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.13.1" + } + } +} + +# Default +provider "aws" { + region = "us-east-1" +} + +# WARNING: APSE-1 will only be used to host rpc node +# Workaround to avoid conflicts with existing ecs cluster in existing regions +provider "aws" { + alias = "ap-southeast-1" + region = "ap-southeast-1" +} + +module "testnet-rpc" { + source = "./module/region" + region = "ap-southeast-1" + nodeKeys = local.rpcTestnetNodeKeys + enableFixedIp = true + logLevel = local.logLevel + xdc_ecs_tasks_execution_role_arn = aws_iam_role.xdc_ecs_tasks_execution_role.arn + + cpu = 1024 + memory = 4096 + + network = "testnet" + vpc_cidr = "10.1.0.0/16" + subnet_cidr = "10.1.0.0/20" + providers = { + aws = aws.ap-southeast-1 + } +} + +module "mainnet-rpc" { + source = "./module/region" + region = "ap-southeast-1" + nodeKeys = local.rpcMainnetNodeKeys + enableFixedIp = true + logLevel = local.logLevel + xdc_ecs_tasks_execution_role_arn = aws_iam_role.xdc_ecs_tasks_execution_role.arn + + cpu = 1024 + memory = 4096 + + network = "mainnet" + vpc_cidr = "10.2.0.0/16" + subnet_cidr = "10.2.0.0/20" + providers = { + aws = aws.ap-southeast-1 + } +} + diff --git a/cicd/terraform/module/region/container-definition.tpl b/cicd/terraform/module/region/container-definition.tpl new file mode 100644 index 000000000000..008e98522ac1 --- /dev/null +++ b/cicd/terraform/module/region/container-definition.tpl @@ -0,0 +1,44 @@ +[ + { + "name": "tfXdcNode", + "image": "xinfinorg/${image_environment}:${image_tag}", + "environment": [ + {"name": "PRIVATE_KEY", "value": "${private_key}"}, + {"name": "LOG_LEVEL", "value": "${log_level}"}, + {"name": "NODE_NAME", "value": "${node_name}"}, + {"name": "NETWORK", "value": "${chain_network}"} + ], + "essential": true, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "${cloudwatch_group}", + "awslogs-region": "${cloudwatch_region}", + "awslogs-stream-prefix": "ecs" + } + }, + "portMappings": [ + { + "hostPort": 8555, + "protocol": "tcp", + "containerPort": 8555 + }, + { + "hostPort": 8545, + "protocol": "tcp", + "containerPort": 8545 + }, + { + "hostPort": 30303, + "protocol": "tcp", + "containerPort": 30303 + } + ], + "mountPoints": [ + { + "containerPath": "/work/xdcchain", + "sourceVolume": "efs" + } + ] + } +] \ No newline at end of file diff --git a/cicd/terraform/module/region/ecs.tf b/cicd/terraform/module/region/ecs.tf new file mode 100644 index 000000000000..d529cafb4702 --- /dev/null +++ b/cicd/terraform/module/region/ecs.tf @@ -0,0 +1,96 @@ +data template_file container_definition { + for_each = var.nodeKeys + template = "${file("${path.module}/container-definition.tpl")}" + + vars = { + image_environment = "${lookup(each.value, "imageEnvironment", "devnet")}" + image_tag = "${lookup(each.value, "imageTag", "latest")}" + node_name = "${each.key}" + private_key = "${each.value.pk}" + cloudwatch_group = "tf-${each.key}" + cloudwatch_region = "${var.region}" + log_level = "${lookup(each.value, "logLevel", "${var.logLevel}")}" + chain_network = var.network + } +} + +resource "aws_ecs_task_definition" "task_definition_group" { + for_each = var.nodeKeys + + family = "${var.network}-${each.key}" + requires_compatibilities = ["FARGATE"] + network_mode = "awsvpc" + container_definitions = data.template_file.container_definition[each.key].rendered + execution_role_arn = var.xdc_ecs_tasks_execution_role_arn + task_role_arn = var.xdc_ecs_tasks_execution_role_arn + + # New nodes will consume a lot more CPU usage than existing nodes. + # This is due to sync is resource heavy. Recommending set to below if doing sync: + # CPU = 2048, Memory = 4096 + # Please set it back to cpu 256 and memory of 2048 after sync is done to save the cost + # cpu = 256 + # memory = 2048 + cpu = var.cpu + memory = var.memory + volume { + name = "efs" + + efs_volume_configuration { + file_system_id = aws_efs_file_system.efs[each.key].id + root_directory = "/" + transit_encryption = "ENABLED" + authorization_config { + access_point_id = aws_efs_access_point.efs_access_point[each.key].id + iam = "DISABLED" + } + } + } + + tags = { + Name = "Tf${var.network}Ecs-${each.key}" + } +} + +data "aws_ecs_task_definition" "ecs_task_definition" { + for_each = var.nodeKeys + task_definition = aws_ecs_task_definition.task_definition_group[each.key].family +} + +# ECS cluster +resource "aws_ecs_cluster" "ecs_cluster" { + name = "${var.network}-xdcnode-cluster" + tags = { + Name = "Tf${var.network}EcsCluster" + } +} + + +resource "aws_ecs_service" "ecs_service" { + for_each = var.enableFixedIp ? {} : var.nodeKeys + name = "ecs-service-${each.key}" + cluster = aws_ecs_cluster.ecs_cluster.id + task_definition = "${aws_ecs_task_definition.task_definition_group[each.key].family}:${max(aws_ecs_task_definition.task_definition_group[each.key].revision, data.aws_ecs_task_definition.ecs_task_definition[each.key].revision)}" + launch_type = "FARGATE" + scheduling_strategy = "REPLICA" + desired_count = 1 + force_new_deployment = true + deployment_minimum_healthy_percent = 0 + deployment_maximum_percent = 100 + + network_configuration { + subnets = [aws_subnet.subnet.id] + assign_public_ip = true + security_groups = [ + aws_default_security_group.xdcnode_security_group.id + ] + } + + deployment_circuit_breaker { + enable = true + rollback = false + } + + tags = { + Name = "Tf${var.network}EcsService-${each.key}" + } +} \ No newline at end of file diff --git a/cicd/terraform/module/region/efs.tf b/cicd/terraform/module/region/efs.tf new file mode 100644 index 000000000000..11b426ff3754 --- /dev/null +++ b/cicd/terraform/module/region/efs.tf @@ -0,0 +1,67 @@ + +# EFS +resource "aws_security_group" "efs_security_group" { + name = "Tf${var.network}EfsSecurityGroup" + description = "Allow HTTP in and out of ${var.network} EFS" + vpc_id = aws_vpc.vpc.id + + ingress { + from_port = 2049 + to_port = 2049 + protocol = "TCP" + security_groups = [aws_default_security_group.xdcnode_security_group.id] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { + Name = "Tf${var.network}Efs" + } +} + +resource "aws_efs_file_system" "efs" { + for_each = var.nodeKeys + creation_token = "efs-${each.key}" + performance_mode = "generalPurpose" + throughput_mode = "bursting" + encrypted = "true" + lifecycle_policy { + transition_to_ia = "AFTER_30_DAYS" + } + tags = { + Name = "Tf${var.network}Efs${each.key}" + } + } + +resource "aws_efs_mount_target" "efs_efs_mount_target" { + for_each = var.nodeKeys + file_system_id = aws_efs_file_system.efs[each.key].id + subnet_id = aws_subnet.subnet.id + security_groups = [aws_security_group.efs_security_group.id] +} + +resource "aws_efs_access_point" "efs_access_point" { + for_each = var.nodeKeys + file_system_id = aws_efs_file_system.efs[each.key].id + root_directory { + path = "/${each.key}/database" + creation_info { + owner_gid = 1001 + owner_uid = 1001 + permissions = 777 + } + } + posix_user { + gid = 1001 + uid = 1001 + secondary_gids = [0] + } + + tags = { + Name = "Tf${var.network}EfsAccessPoint${each.key}" + } +} \ No newline at end of file diff --git a/cicd/terraform/module/region/main.tf b/cicd/terraform/module/region/main.tf new file mode 100644 index 000000000000..5c6e0a47cd16 --- /dev/null +++ b/cicd/terraform/module/region/main.tf @@ -0,0 +1,103 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.13.1" + } + } +} + +resource "aws_vpc" "vpc" { + cidr_block = var.vpc_cidr + instance_tenancy = "default" + enable_dns_hostnames = true + + tags = { + Name = "Tf${var.network}Vpc" + } +} + +resource "aws_subnet" "subnet" { + vpc_id = aws_vpc.vpc.id + cidr_block = var.subnet_cidr + map_public_ip_on_launch = true + + tags = { + Name = "Tf${var.network}VpcSubnet" + } +} + +resource "aws_internet_gateway" "gatewat" { + vpc_id = aws_vpc.vpc.id + + tags = { + Name = "Tf${var.network}Gateway" + } +} + +resource "aws_route_table" "route_table" { + vpc_id = aws_vpc.vpc.id + + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.gatewat.id + } + + tags = { + Name = "Tf${var.network}VpcRoutingTable" + } +} + +resource "aws_route_table_association" "route_table_association" { + subnet_id = aws_subnet.subnet.id + route_table_id = aws_route_table.route_table.id +} + +resource "aws_default_security_group" "xdcnode_security_group" { + vpc_id = aws_vpc.vpc.id + + ingress { + description = "listener port" + from_port = 30303 + to_port = 30303 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + description = "discovery port" + from_port = 30303 + to_port = 30303 + protocol = "udp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + description = "rpc port" + from_port = 8545 + to_port = 8545 + protocol = "tcp" + cidr_blocks = [var.vpc_cidr] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { + Name = "Tf${var.network}Node" + } +} + +# Logs +resource "aws_cloudwatch_log_group" "cloud_watch_group" { + for_each = var.nodeKeys + + name = "tf-${each.key}" + retention_in_days = 14 # Logs are only kept for 14 days + tags = { + Name = "Tf${var.network}CloudWatchGroup${each.key}" + } +} \ No newline at end of file diff --git a/cicd/terraform/module/region/rpc.tf b/cicd/terraform/module/region/rpc.tf new file mode 100644 index 000000000000..901b3b9c0bca --- /dev/null +++ b/cicd/terraform/module/region/rpc.tf @@ -0,0 +1,104 @@ +# Allocate an Elastic IP for the NLB +resource "aws_eip" "nlb_eip" { + domain = "vpc" +} + + +# Create a Network Load Balancer +resource "aws_lb" "rpc_node_nlb" { + count = var.enableFixedIp ? 1 : 0 + name = "${var.network}-rpc-node-nlb" + load_balancer_type = "network" + + enable_deletion_protection = false + + subnet_mapping { + subnet_id = aws_subnet.subnet.id + allocation_id = aws_eip.nlb_eip.id + } +} + +# Listener and Target Group for the rpc node container +resource "aws_lb_target_group" "rpc_node_tg_8545" { + count = var.enableFixedIp ? 1 : 0 + name = "${var.network}-rpc-node-tg" + port = 8545 + protocol = "TCP" + vpc_id = aws_vpc.vpc.id + target_type = "ip" +} + +resource "aws_lb_listener" "rpc_node_listener_8545" { + count = var.enableFixedIp ? 1 : 0 + load_balancer_arn = aws_lb.rpc_node_nlb[0].arn + port = 8545 + protocol = "TCP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.rpc_node_tg_8545[0].arn + } +} + +resource "aws_ecs_service" "rpc_node_ecs_service" { + for_each = var.enableFixedIp ? var.nodeKeys : {} + name = "ecs-service-${each.key}" + cluster = aws_ecs_cluster.ecs_cluster.id + task_definition = "${aws_ecs_task_definition.task_definition_group[each.key].family}:${max(aws_ecs_task_definition.task_definition_group[each.key].revision, data.aws_ecs_task_definition.ecs_task_definition[each.key].revision)}" + launch_type = "FARGATE" + scheduling_strategy = "REPLICA" + desired_count = 1 + force_new_deployment = true + deployment_minimum_healthy_percent = 0 + deployment_maximum_percent = 100 + + network_configuration { + subnets = [aws_subnet.subnet.id] + assign_public_ip = true + security_groups = [ + aws_default_security_group.xdcnode_security_group.id + ] + } + + deployment_circuit_breaker { + enable = true + rollback = false + } + + load_balancer { + target_group_arn = aws_lb_target_group.rpc_node_tg_8545[0].arn + container_name = "tfXdcNode" + container_port = 8545 + } + + depends_on = [ + aws_lb_listener.rpc_node_listener_8545 + ] + + tags = { + Name = "TfRpcNodeEcsService-${each.key}" + } +} + +# Target Group for port 30303 +resource "aws_lb_target_group" "rpc_node_tg_30303" { + count = var.enableFixedIp ? 1 : 0 + name = "${var.network}-rpc-node-tg-30303" + port = 30303 + protocol = "TCP" + vpc_id = aws_vpc.vpc.id + target_type = "ip" +} + +# Listener for port 30303 +resource "aws_lb_listener" "rpc_node_listener_30303" { + count = var.enableFixedIp ? 1 : 0 + load_balancer_arn = aws_lb.rpc_node_nlb[0].arn + port = 30303 + protocol = "TCP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.rpc_node_tg_30303[0].arn + } +} \ No newline at end of file diff --git a/cicd/terraform/module/region/variables.tf b/cicd/terraform/module/region/variables.tf new file mode 100644 index 000000000000..3f09785b8142 --- /dev/null +++ b/cicd/terraform/module/region/variables.tf @@ -0,0 +1,50 @@ +variable "region" { + description = "AWS region" + type = string +} + +variable "nodeKeys" { + description = "each miner's key" + type = map +} + +variable "logLevel" { + description = "containers log level" + type = string +} + +variable "xdc_ecs_tasks_execution_role_arn" { + description = "aws iam role resource arn" + type = string +} + +variable "enableFixedIp" { + description = "a flag to indicate whether fixed ip should be associated to the nodes. This is used for RPC node" + type = bool + default = false +} + +variable "network" { + description = "blockchain network" + type = string +} + +variable "cpu" { + description = "container cpu" + type = number +} + +variable "memory" { + description = "container memory" + type = number +} + +variable "vpc_cidr" { + description = "vpc cidr" + type = string +} + +variable "subnet_cidr" { + description = "subnet cidr" + type = string +} \ No newline at end of file diff --git a/cicd/terraform/s3.tf b/cicd/terraform/s3.tf new file mode 100644 index 000000000000..4968c852c33f --- /dev/null +++ b/cicd/terraform/s3.tf @@ -0,0 +1,14 @@ +# Bucket need to be created first. If first time run terraform init, need to comment out the below section +terraform { + backend "s3" { + bucket = "tf-xinfin-bucket" + key = "tf/terraform.tfstate" + region = "us-east-1" + encrypt = true + } +} + +data "aws_s3_object" "xdc_node_config" { + bucket = "tf-xinfin-bucket" + key = "node-config.json" +} diff --git a/cicd/terraform/variables.tf b/cicd/terraform/variables.tf new file mode 100644 index 000000000000..d952bc258cf4 --- /dev/null +++ b/cicd/terraform/variables.tf @@ -0,0 +1,35 @@ +locals { + /** + Load the nodes data from s3 + Below is the the format the config needs to follow: + {{Name of the node, in a pattern of 'xdc'+ number. i.e xdc50}}: { + pk: {{Value of the node private key}}, + ... any other configuration we want to pass. + } + Note: No `n` is allowed in the node name + **/ + predefinedNodesConfig = jsondecode(data.aws_s3_object.xdc_node_config.body) + envs = { for tuple in regexall("(.*)=(.*)", file(".env")) : tuple[0] => tuple[1] } + logLevel = local.envs["log_level"] + + # regions = [ + # { + # "name": "us-east-2", // Ohio + # "start": local.envs["us_east_2_start"], + # "end": local.envs["us_east_2_end"], + # } + # ] + + # keyNames = { + # for r in local.regions : + # r.name => [for i in range(r.start, r.end+1) : "xdc${i}"] + # } + + # nodeKeys = { + # for r in local.regions : + # r.name => { for i in local.keyNames[r.name]: i => local.predefinedNodesConfig[i] } + # } + + rpcTestnetNodeKeys = { "testnet-rpc1": local.predefinedNodesConfig["testnet-rpc1"]} // we hardcode the rpc to a single node for now + rpcMainnetNodeKeys = { "mainnet-rpc1": local.predefinedNodesConfig["mainnet-rpc1"]} // we hardcode the rpc to a single node for now +} diff --git a/cicd/testnet/start.sh b/cicd/testnet/start.sh index 665c0637fc9e..d5f9a0f443fc 100755 --- a/cicd/testnet/start.sh +++ b/cicd/testnet/start.sh @@ -78,9 +78,9 @@ XDC --ethstats ${netstats} --gcmode archive \ --datadir /work/xdcchain --networkid 51 \ -port $port --rpc --rpccorsdomain "*" --rpcaddr 0.0.0.0 \ --rpcport $rpc_port \ ---rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,XDPoS \ +--rpcapi admin,db,eth,debug,net,shh,txpool,personal,web3,XDPoS \ --rpcvhosts "*" --unlock "${wallet}" --password /work/.pwd --mine \ --gasprice "1" --targetgaslimit "420000000" --verbosity ${log_level} \ ---periodicprofile --debugdatadir /work/xdcchain \ +--debugdatadir /work/xdcchain \ --ws --wsaddr=0.0.0.0 --wsport $ws_port \ --wsorigins "*" 2>&1 >>/work/xdcchain/xdc.log | tee -a /work/xdcchain/xdc.log