From d12d61621a90dd7bef165db62cfe33283ba7bc2e Mon Sep 17 00:00:00 2001 From: Wanwiset Peerapatanapokin Date: Wed, 27 Mar 2024 12:29:45 +0400 Subject: [PATCH] add files and workflow for EC2 rpc nodes (#505) --- .github/workflows/ci.yml | 10 +++ .github/workflows/deploy_rpc_image.yml | 31 +++++++ cicd/ansible/inventory.yaml | 17 ++++ cicd/ansible/playbooks/update-image.yaml | 15 ++++ cicd/terraform/.env | 2 +- cicd/terraform/main.tf | 45 ++++++++++ cicd/terraform/module/ec2_rpc/main.tf | 106 +++++++++++++++++++++++ cicd/terraform/variables.tf | 8 ++ 8 files changed, 233 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/deploy_rpc_image.yml create mode 100644 cicd/ansible/inventory.yaml create mode 100644 cicd/ansible/playbooks/update-image.yaml create mode 100644 cicd/terraform/module/ec2_rpc/main.tf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5b58cd0d87..54754e187b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -96,6 +96,16 @@ jobs: docker push xinfinorg/devnet:latest docker push xinfinorg/devnet:previous + - name: Update RPC nodes image + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbooks/update-image.yaml + directory: ./cicd/ansible + key: ${{secrets.SSH_PRIVATE_KEY_DEVNET}} + options: | + --inventory inventory.yaml + --extra-vars rpc_image=xinfinorg/devnet:dev-upgrade-${git_hash} + devnet_terraform_apply: runs-on: ubuntu-latest if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/') diff --git a/.github/workflows/deploy_rpc_image.yml b/.github/workflows/deploy_rpc_image.yml new file mode 100644 index 0000000000..908b3001b0 --- /dev/null +++ b/.github/workflows/deploy_rpc_image.yml @@ -0,0 +1,31 @@ +name: Deploy RPC Image +on: + #need to make sure only authorized people can use this function + workflow_dispatch: + inputs: + network: + type: choice + description: 'devnet, testnet, or mainnet' + options: + - devnet + - testnet + - mainnet + rpc_image: + description: 'full image name' + +jobs: + ansible: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Update RPC nodes image + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbooks/update-image.yaml + directory: ./cicd/ansible + key: ${{secrets.SSH_PRIVATE_KEY_DEVNET}} + options: | + --inventory inventory.yaml + --extra-vars network=${{inputs.network}} + --extra-vars rpc_image=${{inputs.rpc_image}} diff --git a/cicd/ansible/inventory.yaml b/cicd/ansible/inventory.yaml new file mode 100644 index 0000000000..141604ff7c --- /dev/null +++ b/cicd/ansible/inventory.yaml @@ -0,0 +1,17 @@ +ec2_rpcs: + hosts: + devnet: + ansible_host: devnet.hashlabs.apothem.network + ansible_port: 22 + ansible_user: ec2-user + deploy_path: /work/XinFin-Node/devnet + testnet: + ansible_host: testnet.hashlabs.apothem.network + ansible_port: 22 + ansible_user: ec2-user + deploy_path: /work/XinFin-Node/testnet + mainnet: + ansible_host: mainnet.hashlabs.apothem.network + ansible_port: 22 + ansible_user: ec2-user + deploy_path: /work/XinFin-Node/mainnet \ No newline at end of file diff --git a/cicd/ansible/playbooks/update-image.yaml b/cicd/ansible/playbooks/update-image.yaml new file mode 100644 index 0000000000..96baac1fdc --- /dev/null +++ b/cicd/ansible/playbooks/update-image.yaml @@ -0,0 +1,15 @@ +--- +- name: Run Bash Script on Host + hosts: "{{ network }}" + become: true #sudo/root + + tasks: + - name: Update RPC image version + shell: | + export RPC_IMAGE={{ rpc_image }} + cd {{ deploy_path }} + ./docker-down.sh + ./docker-up-hash.sh + docker ps + register: output + - debug: var=output.stdout_lines \ No newline at end of file diff --git a/cicd/terraform/.env b/cicd/terraform/.env index 4eb6ca5a95..8a64c1d224 100644 --- a/cicd/terraform/.env +++ b/cicd/terraform/.env @@ -10,4 +10,4 @@ eu_west_1_end=72 # Sydney ap_southeast_2_start=73 -ap_southeast_2_end=108 \ No newline at end of file +ap_southeast_2_end=108 diff --git a/cicd/terraform/main.tf b/cicd/terraform/main.tf index ccb6ce690e..5a44d22385 100644 --- a/cicd/terraform/main.tf +++ b/cicd/terraform/main.tf @@ -76,3 +76,48 @@ module "mainnet-rpc" { } } + +module "devnet_rpc" { + source = "./module/ec2_rpc" + network = "devnet" + vpc_id = local.vpc_id + aws_subnet_id = local.aws_subnet_id + ami_id = local.ami_id + instance_type = "t3.large" + ssh_key_name = local.ssh_key_name + rpc_image = local.rpc_image + + providers = { + aws = aws.ap-southeast-1 + } +} + +module "testnet_rpc" { + source = "./module/ec2_rpc" + network = "testnet" + vpc_id = local.vpc_id + aws_subnet_id = local.aws_subnet_id + ami_id = local.ami_id + instance_type = "t3.large" + ssh_key_name = local.ssh_key_name + rpc_image = local.rpc_image + + providers = { + aws = aws.ap-southeast-1 + } +} + +module "mainnet_rpc" { + source = "./module/ec2_rpc" + network = "mainnet" + vpc_id = local.vpc_id + aws_subnet_id = local.aws_subnet_id + ami_id = local.ami_id + instance_type = "t3.large" + ssh_key_name = local.ssh_key_name + rpc_image = local.rpc_image + + providers = { + aws = aws.ap-southeast-1 + } +} \ No newline at end of file diff --git a/cicd/terraform/module/ec2_rpc/main.tf b/cicd/terraform/module/ec2_rpc/main.tf new file mode 100644 index 0000000000..dda67ebfde --- /dev/null +++ b/cicd/terraform/module/ec2_rpc/main.tf @@ -0,0 +1,106 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.13.1" + } + } +} +variable network { + type = string +} +variable vpc_id { + type = string +} +variable aws_subnet_id { + type = string +} +variable ami_id { + type = string +} +variable instance_type { + type = string +} +variable ssh_key_name { + type = string +} +variable rpc_image { + type = string +} + +resource "aws_security_group" "rpc_sg" { + name_prefix = "${var.network}_rpc_sg" + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 30303 + to_port = 30303 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 8545 + to_port = 8545 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 8555 + to_port = 8555 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_instance" "rpc_instance" { + instance_type = var.instance_type + ami = var.ami_id + tags = { + Name = var.network + } + key_name = var.ssh_key_name + vpc_security_group_ids = [aws_security_group.rpc_sg.id] + ebs_block_device { + device_name = "/dev/sda1" + volume_size = 500 + } + + + #below still need to remove git checkout {{branch}} after files merged to master + user_data = <<-EOF + #!/bin/bash + sudo yum update -y + sudo yum upgrade -y + sudo yum install git -y + sudo yum install docker -y + mkdir -p /root/.docker/cli-plugins + curl -SL https://github.com/docker/compose/releases/download/v2.25.0/docker-compose-linux-x86_64 -o /root/.docker/cli-plugins/docker-compose + sudo chmod +x /root/.docker/cli-plugins/docker-compose + echo checking compose version + docker compose version + sudo systemctl enable docker + sudo systemctl start docker + mkdir -p /work + cd /work + git clone https://github.com/XinFinOrg/XinFin-Node + cd /work/XinFin-Node/${var.network} + export RPC_IMAGE="${var.rpc_image}" + echo RPC_IMAGE=$RPC_IMAGE + ./docker-up-hash.sh + EOF +} \ No newline at end of file diff --git a/cicd/terraform/variables.tf b/cicd/terraform/variables.tf index 89d6945e61..c5a1eb8970 100644 --- a/cicd/terraform/variables.tf +++ b/cicd/terraform/variables.tf @@ -34,3 +34,11 @@ locals { rpcTestnetNodeKeys = { "testnet-rpc1": local.predefinedNodesConfig["testnet-rpc1"]} // we hardcode the rpc to a single node for now rpcMainnetNodeKeys = { "mainnet-rpc1": local.predefinedNodesConfig["mainnet-rpc1"]} // we hardcode the rpc to a single node for now } + +locals { //ec2_rpc values + ami_id = "ami-097c4e1feeea169e5" + rpc_image = "xinfinorg/xdposchain:v2.2.0-beta1" + vpc_id = "vpc-20a06846" + aws_subnet_id = "subnet-4653ee20" + ssh_key_name = "devnetkey" +} \ No newline at end of file