From cb448d64f38a9c4fd54edbe8cc4809c46791f7a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Tue, 6 Sep 2022 19:26:25 +0200
Subject: [PATCH] nimbus-prater-windows: deploy dedicated Geth nodes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://github.com/status-im/infra-nimbus/issues/125

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 ansible/geth.yml                              | 21 ++++++++++
 .../group_vars/nimbus-geth-goerli-windows.yml | 41 +++++++++++++++++++
 ansible/group_vars/nimbus-prater-windows.yml  |  4 ++
 ansible/group_vars/nimbus.prater.yml          |  1 -
 .../windows-01.he-eu-hel1.nimbus.prater.yml   |  7 ++++
 ansible/prater.yml                            | 25 ++++++++++-
 ansible/requirements.yml                      |  4 +-
 7 files changed, 98 insertions(+), 5 deletions(-)
 create mode 100644 ansible/group_vars/nimbus-geth-goerli-windows.yml
 create mode 100644 ansible/host_vars/windows-01.he-eu-hel1.nimbus.prater.yml

diff --git a/ansible/geth.yml b/ansible/geth.yml
index 1dbd44f..67fc5fd 100644
--- a/ansible/geth.yml
+++ b/ansible/geth.yml
@@ -19,3 +19,24 @@
     - { role: open-ports,               tags: open-ports }
     - { role: infra-role-geth,          tags: infra-role-geth }
     - { role: infra-role-geth-exporter, tags: infra-role-geth-exporter }
+
+- name: Deploy prater Geth nodes for Windows
+  become: true
+  serial: '{{ serial|default(1) }}'
+  hosts: nimbus-geth-goerli-windows
+  roles:
+    - { role: swap-file,         tags: swap-file         }
+    - { role: open-ports,        tags: open-ports        }
+  tasks:
+    - include_role: name=infra-role-geth
+      tags: [ geth, infra-role-geth ]
+      with_items: '{{ nodes_layout[hostname] }}'
+      loop_control:
+        loop_var: node
+        index_var: idx
+    - include_role: name=infra-role-geth-exporter
+      tags: [ geth-exporter, infra-role-geth-exporter ]
+      with_items: '{{ nodes_layout[hostname] }}'
+      loop_control:
+        loop_var: node
+        index_var: idx
diff --git a/ansible/group_vars/nimbus-geth-goerli-windows.yml b/ansible/group_vars/nimbus-geth-goerli-windows.yml
new file mode 100644
index 0000000..b154c31
--- /dev/null
+++ b/ansible/group_vars/nimbus-geth-goerli-windows.yml
@@ -0,0 +1,41 @@
+---
+# Geth node
+geth_service_name: 'geth-goerli-{{ "%02d"|format(idx|int+1) }}'
+geth_service_path: '/docker/{{ geth_service_name }}'
+geth_cont_name: '{{ geth_service_name }}-node'
+geth_cont_vol: '{{ geth_service_path }}/node'
+geth_network_name: 'goerli'
+geth_sync_mode: 'full'
+geth_log_level_name: info
+# Geth auth & JWT token
+geth_account_pass: '{{lookup("bitwarden", "nimbus/geth", field="password")}}'
+geth_authrpc_jwtsecret: '{{lookup("bitwarden", "nimbus/jwt-token")}}'
+# Memory settings
+geth_cont_mem_ratio: 0.8
+geth_cache_size: '{{ (ansible_memtotal_mb * 0.25|float) | int }}'
+# Ports
+geth_port: '{{ 30303 + (idx|int) + 1 }}'
+geth_rpc_port: '{{ 8545 + (idx|int) + 1 }}'
+geth_metrics_port: '{{ 6060 + (idx|int) + 1 }}'
+geth_websocket_port: '{{ 9546 + (idx|int) + 1 }}'
+geth_authrpc_port: '{{ 8551 + (idx|int) + 1 }}'
+geth_authrpc_addr: '0.0.0.0'
+
+# Geth metrics
+geth_expo_service_name: '{{ geth_service_name }}'
+geth_expo_source_cont_name: '{{ geth_cont_name }}'
+geth_expo_source_data_path: '{{ geth_cont_vol }}/data'
+geth_expo_cont_port: '{{ 9400 + (idx|int) + 1 }}'
+
+# Open Ports
+open_ports_default_comment: 'Geth API'
+open_ports_default_chain: 'VPN'
+open_ports_list:
+  - { port: '9400:9404', ipset: 'metrics.hq', comment: 'Geth Metrics' }
+  - { port: '8551:8554', ipset: 'nimbus.prater' }
+
+nodes_layout:
+  'windows-goerli-01.he-eu-hel1.nimbus.geth':
+    - { }
+    - { }
+    - { }
diff --git a/ansible/group_vars/nimbus-prater-windows.yml b/ansible/group_vars/nimbus-prater-windows.yml
index 77a0f1b..e63982f 100644
--- a/ansible/group_vars/nimbus-prater-windows.yml
+++ b/ansible/group_vars/nimbus-prater-windows.yml
@@ -1,3 +1,7 @@
 ---
 # Scans affect disk I/O performance.
 bootstrap__defender_enabled: false
+
+# HTTP RPC support is unstable
+beacon_node_web3_urls: ['http://windows-goerli-01.he-eu-hel1.nimbus.geth.wg:{{ geth_authrpc_port }}']
+beacon_node_web3_jwt_secret: '{{ geth_authrpc_jwtsecret }}'
diff --git a/ansible/group_vars/nimbus.prater.yml b/ansible/group_vars/nimbus.prater.yml
index e6c5308..b95690d 100644
--- a/ansible/group_vars/nimbus.prater.yml
+++ b/ansible/group_vars/nimbus.prater.yml
@@ -66,7 +66,6 @@ beacon_node_service_user_pass: '{{lookup("bitwarden", "nimbus/windows", field="p
 beacon_node_payload_builder_enabled: '{{ node.get("payload_builder", false) }}'
 beacon_node_payload_builder_url: 'https://builder-relay-goerli.flashbots.net/'
 # HTTP RPC support is unstable
-#beacon_node_web3_urls: '{{ beacon_node_web3_urls_all }}'
 beacon_node_web3_urls: ['http://localhost:{{ geth_authrpc_port }}']
 beacon_node_web3_jwt_secret: '{{ geth_authrpc_jwtsecret }}'
 
diff --git a/ansible/host_vars/windows-01.he-eu-hel1.nimbus.prater.yml b/ansible/host_vars/windows-01.he-eu-hel1.nimbus.prater.yml
new file mode 100644
index 0000000..e63982f
--- /dev/null
+++ b/ansible/host_vars/windows-01.he-eu-hel1.nimbus.prater.yml
@@ -0,0 +1,7 @@
+---
+# Scans affect disk I/O performance.
+bootstrap__defender_enabled: false
+
+# HTTP RPC support is unstable
+beacon_node_web3_urls: ['http://windows-goerli-01.he-eu-hel1.nimbus.geth.wg:{{ geth_authrpc_port }}']
+beacon_node_web3_jwt_secret: '{{ geth_authrpc_jwtsecret }}'
diff --git a/ansible/prater.yml b/ansible/prater.yml
index 088aece..5fa0555 100644
--- a/ansible/prater.yml
+++ b/ansible/prater.yml
@@ -9,7 +9,7 @@
     - local_action: command ./versioncheck.py
       changed_when: false
 
-- name: Deploy prater Linux beacon nodes
+- name: Deploy prater AWS Linux nodes
   become: true
   # To avoid clashing/duplicate validators.
   any_errors_fatal: true
@@ -29,7 +29,7 @@
         loop_var: node
         index_var: idx
 
-- name: Deploy mainnet linux beacon nodes
+- name: Deploy prater Hetzner linux nodes
   become: true
   serial: '{{ serial|default(1) }}'
   hosts: nimbus-prater-metal
@@ -56,6 +56,27 @@
         loop_var: node
         index_var: idx
 
+- name: Deploy prater Geth nodes for Windows
+  become: true
+  serial: '{{ serial|default(1) }}'
+  hosts: nimbus-geth-goerli-windows
+  roles:
+    - { role: swap-file,         tags: swap-file         }
+    - { role: open-ports,        tags: open-ports        }
+  tasks:
+    - include_role: name=infra-role-geth
+      tags: [ geth, infra-role-geth ]
+      with_items: '{{ nodes_layout[hostname] }}'
+      loop_control:
+        loop_var: node
+        index_var: idx
+    - include_role: name=infra-role-geth-exporter
+      tags: [ geth-exporter, infra-role-geth-exporter ]
+      with_items: '{{ nodes_layout[hostname] }}'
+      loop_control:
+        loop_var: node
+        index_var: idx
+
 - name: Deploy prater Windows beacon nodes
   become: true
   become_user: 'admin'
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index 05e199c..ae00c65 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -31,7 +31,7 @@
 
 - name: infra-role-wireguard
   src: git@github.com:status-im/infra-role-wireguard.git
-  version: 9d8c93bc44ec123b81b9912f10e377e9b953ea5a
+  version: 544b1f0435d5ca47168236c42b6a077c44d5eb4a
   scm: git
 
 - name: oauth-proxy
@@ -76,7 +76,7 @@
 
 - name: infra-role-rocketpool
   src: git@github.com:status-im/infra-role-rocketpool.git
-  version: 46764e947a5ae6a66d172efc99f07dd62fd9ef81
+  version: dad93aa3af1103734e0d68fad131644156fef685
   scm: git
 
 - name: infra-role-winsw