add files and workflow for EC2 rpc nodes (#505)

2026-06-19 21:31:37 +00:00 · 2024-03-27 12:29:45 +04:00 · 2024-03-27 12:29:45 +04:00 · d12d61621a
commit d12d61621a
parent 06b280aa0d
8 changed files with 233 additions and 1 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -96,6 +96,16 @@ jobs:
          docker push xinfinorg/devnet:latest
          docker push xinfinorg/devnet:previous

+      - name: Update RPC nodes image
+        uses: dawidd6/action-ansible-playbook@v2
+        with:
+          playbook: playbooks/update-image.yaml
+          directory: ./cicd/ansible
+          key: ${{secrets.SSH_PRIVATE_KEY_DEVNET}}
+          options: |
+            --inventory inventory.yaml
+            --extra-vars rpc_image=xinfinorg/devnet:dev-upgrade-${git_hash}
+
  devnet_terraform_apply:
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
--- a/.github/workflows/deploy_rpc_image.yml
+++ b/.github/workflows/deploy_rpc_image.yml
@ -0,0 +1,31 @@
+name: Deploy RPC Image
+on:
+  #need to make sure only authorized people can use this function
+  workflow_dispatch:
+    inputs:
+      network:
+        type: choice
+        description: 'devnet, testnet, or mainnet'
+        options: 
+          - devnet
+          - testnet
+          - mainnet
+      rpc_image:
+        description: 'full image name'
+      
+jobs:
+  ansible:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Update RPC nodes image
+        uses: dawidd6/action-ansible-playbook@v2
+        with:
+          playbook: playbooks/update-image.yaml
+          directory: ./cicd/ansible
+          key: ${{secrets.SSH_PRIVATE_KEY_DEVNET}}
+          options: |
+            --inventory inventory.yaml
+            --extra-vars network=${{inputs.network}}
+            --extra-vars rpc_image=${{inputs.rpc_image}}
--- a/cicd/ansible/inventory.yaml
+++ b/cicd/ansible/inventory.yaml
@ -0,0 +1,17 @@
+ec2_rpcs:
+  hosts:
+    devnet:
+      ansible_host: devnet.hashlabs.apothem.network
+      ansible_port: 22
+      ansible_user: ec2-user
+      deploy_path: /work/XinFin-Node/devnet
+    testnet:
+      ansible_host: testnet.hashlabs.apothem.network
+      ansible_port: 22
+      ansible_user: ec2-user
+      deploy_path: /work/XinFin-Node/testnet
+    mainnet:
+      ansible_host: mainnet.hashlabs.apothem.network
+      ansible_port: 22
+      ansible_user: ec2-user
+      deploy_path: /work/XinFin-Node/mainnet
--- a/cicd/ansible/playbooks/update-image.yaml
+++ b/cicd/ansible/playbooks/update-image.yaml
@ -0,0 +1,15 @@
+---
+- name: Run Bash Script on Host
+  hosts: "{{ network }}"
+  become: true  #sudo/root
+
+  tasks:
+    - name: Update RPC image version
+      shell: |
+        export RPC_IMAGE={{ rpc_image }}
+        cd {{ deploy_path }}
+        ./docker-down.sh
+        ./docker-up-hash.sh
+        docker ps
+      register: output
+    - debug: var=output.stdout_lines
--- a/cicd/terraform/.env
+++ b/cicd/terraform/.env
@ -10,4 +10,4 @@ eu_west_1_end=72

 # Sydney
 ap_southeast_2_start=73
-ap_southeast_2_end=108
+ap_southeast_2_end=108
--- a/cicd/terraform/main.tf
+++ b/cicd/terraform/main.tf
@ -76,3 +76,48 @@ module "mainnet-rpc" {
  }
 }

+
+module "devnet_rpc" {
+  source = "./module/ec2_rpc"
+  network = "devnet"
+  vpc_id = local.vpc_id
+  aws_subnet_id = local.aws_subnet_id
+  ami_id = local.ami_id
+  instance_type = "t3.large"
+  ssh_key_name = local.ssh_key_name
+  rpc_image = local.rpc_image 
+
+  providers = {
+    aws = aws.ap-southeast-1
+  }
+}
+
+module "testnet_rpc" {
+  source = "./module/ec2_rpc"
+  network = "testnet"
+  vpc_id = local.vpc_id
+  aws_subnet_id = local.aws_subnet_id
+  ami_id = local.ami_id
+  instance_type = "t3.large"
+  ssh_key_name = local.ssh_key_name
+  rpc_image = local.rpc_image 
+
+  providers = {
+    aws = aws.ap-southeast-1
+  }
+}
+
+module "mainnet_rpc" {
+  source = "./module/ec2_rpc"
+  network = "mainnet"
+  vpc_id = local.vpc_id
+  aws_subnet_id = local.aws_subnet_id
+  ami_id = local.ami_id
+  instance_type = "t3.large"
+  ssh_key_name = local.ssh_key_name
+  rpc_image = local.rpc_image 
+
+  providers = {
+    aws = aws.ap-southeast-1
+  }
+}
--- a/cicd/terraform/module/ec2_rpc/main.tf
+++ b/cicd/terraform/module/ec2_rpc/main.tf
@ -0,0 +1,106 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.13.1"
+    }
+  }
+}
+variable network {
+  type = string
+}
+variable vpc_id {
+  type = string
+}
+variable aws_subnet_id {
+  type = string
+}
+variable ami_id {
+  type = string
+}
+variable instance_type {
+  type = string
+}
+variable ssh_key_name {
+  type = string
+}
+variable rpc_image {
+  type = string
+}
+
+resource "aws_security_group" "rpc_sg" {
+  name_prefix = "${var.network}_rpc_sg"
+
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  
+  ingress {
+    from_port   = 30303
+    to_port     = 30303
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port   = 8545
+    to_port     = 8545
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port   = 8555
+    to_port     = 8555
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+resource "aws_instance" "rpc_instance" {
+  instance_type           = var.instance_type 
+  ami                     = var.ami_id
+  tags                    = {
+                              Name = var.network
+                            }
+  key_name                = var.ssh_key_name
+  vpc_security_group_ids  = [aws_security_group.rpc_sg.id]
+  ebs_block_device {
+    device_name = "/dev/sda1"
+    volume_size = 500
+  }
+
+
+  #below still need to remove git checkout {{branch}} after files merged to master
+  user_data = <<-EOF
+              #!/bin/bash
+              sudo yum update -y
+              sudo yum upgrade -y
+              sudo yum install git -y
+              sudo yum install docker -y
+              mkdir -p /root/.docker/cli-plugins
+              curl -SL https://github.com/docker/compose/releases/download/v2.25.0/docker-compose-linux-x86_64 -o /root/.docker/cli-plugins/docker-compose
+              sudo chmod +x /root/.docker/cli-plugins/docker-compose
+              echo checking compose version
+              docker compose version
+              sudo systemctl enable docker
+              sudo systemctl start docker
+              mkdir -p /work
+              cd /work
+              git clone https://github.com/XinFinOrg/XinFin-Node
+              cd /work/XinFin-Node/${var.network}
+              export RPC_IMAGE="${var.rpc_image}"
+              echo RPC_IMAGE=$RPC_IMAGE
+              ./docker-up-hash.sh
+              EOF
+}
--- a/cicd/terraform/variables.tf
+++ b/cicd/terraform/variables.tf
@ -34,3 +34,11 @@ locals {
    rpcTestnetNodeKeys = { "testnet-rpc1": local.predefinedNodesConfig["testnet-rpc1"]} // we hardcode the rpc to a single node for now
    rpcMainnetNodeKeys = { "mainnet-rpc1": local.predefinedNodesConfig["mainnet-rpc1"]} // we hardcode the rpc to a single node for now
 }
+
+locals { //ec2_rpc values
+  ami_id = "ami-097c4e1feeea169e5"
+  rpc_image = "xinfinorg/xdposchain:v2.2.0-beta1"
+  vpc_id = "vpc-20a06846"
+  aws_subnet_id = "subnet-4653ee20"
+  ssh_key_name = "devnetkey"
+}