diff --git a/cicd/devnet/terraform/.terraform.lock.hcl b/cicd/devnet/terraform/.terraform.lock.hcl index 133c2b1a5a..97691fad56 100644 --- a/cicd/devnet/terraform/.terraform.lock.hcl +++ b/cicd/devnet/terraform/.terraform.lock.hcl @@ -20,3 +20,20 @@ provider "registry.terraform.io/hashicorp/aws" { "zh:f4b86e7df4e846a38774e8e648b41c5ebaddcefa913cfa1864568086b7735575", ] } + +provider "registry.terraform.io/hashicorp/template" { + version = "2.2.0" + hashes = [ + "h1:0wlehNaxBX7GJQnPfQwTNvvAf38Jm0Nv7ssKGMaG6Og=", + "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386", + "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53", + "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603", + "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16", + "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776", + "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451", + "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae", + "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde", + "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d", + "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2", + ] +} diff --git a/cicd/devnet/terraform/container-definition.tpl b/cicd/devnet/terraform/container-definition.tpl new file mode 100644 index 0000000000..6d3d231f85 --- /dev/null +++ b/cicd/devnet/terraform/container-definition.tpl @@ -0,0 +1,46 @@ +[ + { + "name": "tfXdcNode", + "image": "xinfinorg/${xdc_environment}:latest", + "environment": [ + {"name": "PRIVATE_KEYS", "value": "${private_keys}"} + ], + "essential": true, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "${cloudwatch_group}", + "awslogs-region": "us-east-1", + "awslogs-stream-prefix": "ecs" + } + }, + "portMappings": [ + { + "hostPort": 80, + "protocol": "tcp", + "containerPort": 80 + }, + { + "hostPort": 8555, + "protocol": "tcp", + "containerPort": 8555 + }, + { + "hostPort": 8545, + "protocol": "tcp", + "containerPort": 8545 + }, + { + "hostPort": 30304, + "protocol": "tcp", + "containerPort": 30304 + } + ], + "mountPoints": [ + { + "containerPath": "/work/xdcchain", + "sourceVolume": "efs" + } + ] + } +] \ No newline at end of file diff --git a/cicd/devnet/terraform/ecs.tf b/cicd/devnet/terraform/ecs.tf new file mode 100644 index 0000000000..cfcd82af7f --- /dev/null +++ b/cicd/devnet/terraform/ecs.tf @@ -0,0 +1,41 @@ +data template_file devnet_container_definition { + for_each = var.devnet_node_kyes + template = "${file("${path.module}/container-definition.tpl")}" + + vars = { + xdc_environment = "devnet" + private_keys = "${each.value.pk}", + cloudwatch_group = "tf-${each.key}" + } +} + +resource "aws_ecs_task_definition" "devnet_task_definition_group" { + for_each = var.devnet_node_kyes + + family = "devnet-${each.key}" + requires_compatibilities = ["FARGATE"] + network_mode = "awsvpc" + container_definitions = data.template_file.devnet_container_definition[each.key].rendered + execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn + task_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn + + cpu = 1024 + memory = 2048 + volume { + name = "efs" + + efs_volume_configuration { + file_system_id = aws_efs_file_system.devnet_efs.id + root_directory = "/" + transit_encryption = "ENABLED" + authorization_config { + access_point_id = aws_efs_access_point.devnet_efs_access_point[each.key].id + iam = "DISABLED" + } + } + } + + tags = { + Name = "TfDevnetEcs-${each.key}" + } +} \ No newline at end of file diff --git a/cicd/devnet/terraform/efs.tf b/cicd/devnet/terraform/efs.tf index 3fd03f692d..b45e8e0bd9 100644 --- a/cicd/devnet/terraform/efs.tf +++ b/cicd/devnet/terraform/efs.tf @@ -17,8 +17,8 @@ resource "aws_efs_mount_target" "devnet_efs_efs_mount_target" { } resource "aws_efs_access_point" "devnet_efs_access_point" { - file_system_id = aws_efs_file_system.devnet_efs.id for_each = var.devnet_node_kyes + file_system_id = aws_efs_file_system.devnet_efs.id root_directory { path = "/${each.key}/database" creation_info { @@ -34,6 +34,6 @@ resource "aws_efs_access_point" "devnet_efs_access_point" { } tags = { - Name = "TfDevnetEfsAccessPoint-${each.key}" + Name = "TfDevnetEfsAccessPoint${each.key}" } } \ No newline at end of file diff --git a/cicd/devnet/terraform/main.tf b/cicd/devnet/terraform/main.tf index 772e79e034..d1328e248e 100644 --- a/cicd/devnet/terraform/main.tf +++ b/cicd/devnet/terraform/main.tf @@ -34,6 +34,7 @@ terraform { resource "aws_vpc" "devnet_vpc" { cidr_block = "10.0.0.0/16" instance_tenancy = "default" + enable_dns_hostnames = true tags = { Name = "TfDevnetVpc" @@ -150,3 +151,13 @@ resource "aws_iam_role_policy_attachment" "devnet_xdc_ecs_tasks_execution_role" role = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.name policy_arn = each.value } + +# Logs +resource "aws_cloudwatch_log_group" "devnet_cloud_watch_group" { + for_each = var.devnet_node_kyes + name = "tf-${each.key}" + retention_in_days = 14 # Logs are only kept for 14 days + tags = { + Name = "TfDevnetCloudWatchGroup${each.key}" + } +} \ No newline at end of file diff --git a/cicd/devnet/terraform/variables.tf b/cicd/devnet/terraform/variables.tf index f6a9b8bf3b..e9fdcde317 100644 --- a/cicd/devnet/terraform/variables.tf +++ b/cicd/devnet/terraform/variables.tf @@ -11,7 +11,7 @@ variable "devnet_node_kyes" { Note: No `n` is allowed in the node name **/ default = { - xdc-1 = { + xdc1 = { pk = "3efdb44088929167487da052125162b48d8d54fe8f7b7db11b5d5cc3b9a1c14b", isChaosNode = false # This is a placeholder, config not supported yet }