status-im
/
infra-nimbus
mirror of https://github.com/status-im/infra-nimbus.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,042 Commits 10 Branches 0 Tags 31 MiB
Commit Graph

293 Commits

Author SHA1 Message Date
Jakub Sokołowski 9fddf38791
geth: open mainnet ports for rocket.prod fleet 
https://github.com/status-im/infra-rocketpool/issues/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-26 15:37:00 +02:00
Jakub Sokołowski 9887cdbfc9
requirements: udpate to use new rocketpool role name 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-26 13:08:29 +02:00
Jakub Sokołowski bcc297b796
prater: move libp2p nodes from AWS to Hetzner 
It will lower costs of Prater fleet. I've discussed this with Tanguy and
he's fine with it. I'm also addin two nodes without validators.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-25 12:58:59 +02:00
Jakub Sokołowski 961756674c
nimbus.prater: move validators to new MacOS host 
https://github.com/status-im/infra-nimbus/issues/60
https://github.com/status-im/infra-role-dist-validators/commit/f5e6c306

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-22 17:56:20 +02:00
Jakub Sokołowski 5f04e4b15a
nimbus.prater: lower max peers on macos to fix file limit 
It's a temporary fix until we apply a proper solution which involves
calling `setrlimit()` at startup to raise the soft limit:
https://github.com/status-im/nimbus-eth2/issues/2984

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-22 14:07:38 +02:00
Jakub Sokołowski c5a3c9fd91
terrafomr: change instance_type variable to just type 
https://github.com/status-im/infra-tf-amazon-web-services/commit/36571309

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-20 12:45:32 +02:00
Jakub Sokołowski 1dfba96dec
nimbus.eth1: sync goerli instad of mainnet 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-14 13:05:29 +02:00
Jakub Sokołowski f10eab7ed7
requirements: update to fix Hetzner data volumes 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-13 20:27:57 +02:00
Jakub Sokołowski 7aa5d2d420
add all users to admin group on MacOS hosts 
This fixes SSH access issue, since only admin group members can have
remote access to the host:
https://www.vinnie.work/blog/2020-12-26-why-so-hard-osx-ssh-access/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-13 13:34:56 +02:00
Jakub Sokołowski 8c69a70ccd
requirements: deploy Netdata to MacOS host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-12 17:33:23 +02:00
Jakub Sokołowski 6c67bcabdc
get-geth-web3-urls: support windows and deploy 
Fixes sync issues described in:
https://github.com/status-im/infra-nimbus/issues/75

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-12 13:52:13 +02:00
Jakub Sokołowski bd6ed56d74
deploy Consul and WireGuard to MacOS host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-06 22:24:06 +02:00
Jakub Sokołowski 67c7eff430
nimbus.prater: deploy Consul agent on MacOS host 
https://github.com/status-im/infra-role-bootstrap-macos/pull/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-06 13:57:33 +02:00
Jakub Sokołowski 3585f5615a
mainnet/prater: block libp2p ports for select nodes 
As part of experiment in how nodes behave in restrictive networks.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-05 18:28:08 +02:00
Jakub Sokołowski 6df0c868df
nimbus.prater: fix naming of libp2p services 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-05 14:51:49 +02:00
Jakub Sokołowski 89cbff6b52
switch back to original 3 branch layout of nodes 
Since with release of `1.5.0` the `stable` branch has all the necessary changes:
https://github.com/status-im/nimbus-eth2/releases/tag/v1.5.0

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-05 12:43:51 +02:00
Jakub Sokołowski 7eb4c4749c
nimbus.prater: refactor node layout configuration 
This is necessary to support multiple hosts with multiple nodes.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-04 21:59:25 +02:00
Jakub Sokołowski 4a911d1ccc
add unstable.prater.beacon-api.nimbus.team endpoint 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-04 16:54:43 +02:00
Jakub Sokołowski 5f06c39644
nimbus.mainnet: add two public Beacon API endpoints 
These nodes are intended for testing by Community.
https://ethereum.github.io/beacon-APIs/

https://github.com/status-im/infra-nimbus/issues/66

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-04 13:42:33 +02:00
Jakub Sokołowski 6c7e3384e5
nimbus.mainnet: deploy 6 nodes on new Hetzner hosts 
https://github.com/status-im/infra-nimbus/issues/66

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-04 12:08:58 +02:00
Jakub Sokołowski e7e457395a
nimbus.eth1: deploy eth1 node with infra-role-nimbus-eth1 
https://github.com/status-im/infra-nimbus/issues/72

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-10-01 14:32:09 +02:00
Jakub Sokołowski f59c8d8f43
macos: add bootstrap role, add hostname fix 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-30 17:21:23 +02:00
Jakub Sokołowski c56a7cee04
nimbus.prater: switch to using systemd services 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-29 19:38:30 +02:00
Jakub Sokołowski c8f539dd89
beacon-node-builds: drop building docker containers 
All Linux hosts will be migrated to using systemd services.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-29 19:34:24 +02:00
Jakub Sokołowski 879a15b91f
update requirements, change order of prater tasks 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-24 21:35:05 +02:00
Arthur Koziel 7f80f68804 add macos beacon nodes 
Signed-off-by: Arthur Koziel <arthur@arthurkoziel.com>
 2021-09-24 12:29:28 +02:00
Jakub Sokołowski 0bfc961817
update requirements to include logging fixes 
They make linux systemd service not send logs to Journald store.

Issue:
https://github.com/status-im/infra-role-bootstrap-linux/issues/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-21 17:59:47 +02:00
Zahary Karadjov 3a02974e3a
A/B testing for the taskpool implementation 
The `stable` hosts will run with the taskpool code reverted, the
testing hosts will employ multiple cores.
 2021-09-21 16:45:10 +03:00
Jakub Sokołowski ca46d0fc54
fix restarting of systemd services 
Only one `sudoers` file was being modified by multiple roles:
https://github.com/status-im/infra-role-beacon-node-linux/commit/ff400bfb

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-07 15:47:25 +02:00
Jakub Sokołowski d7e0530d97
log-dash: fix ES LB access to log-store nodes 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-02 13:15:08 +02:00
Jakub Sokołowski 437d9e034f
temproarily switch nodes to run unstable for Altair 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-09-02 08:14:34 +02:00
Zahary Karadjov 4be33a288d
Specify the correct web3_url for the Rocket Pool node on nimbus.eth1 2021-08-26 21:27:41 +03:00
Jakub Sokołowski 28b69ccc69
fix bootstrap root password secret, bump roles 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-26 20:19:00 +02:00
Zahary Karadjov 3e69657de8
Bump RocketPool to v1.0.0-RC7 2021-08-26 20:38:42 +03:00
Jakub Sokołowski 345ceb8050
add metal-01.he-eu-hel1.nimbus.eth1 host 
https://github.com/status-im/infra-nimbus/issues/70

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-26 15:52:16 +02:00
Jakub Sokołowski abe15b05db
geth: explicitly open RPC and WebSocket ports to VPN 
Since geth role now defaults to using `localhost` for both.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-25 15:26:42 +02:00
Zahary Karadjov 7a2120c8cb Explicitly enable the RPC service on Pyrmont and Prater hosts 2021-08-25 15:05:29 +02:00
Zahary Karadjov 8f01241bc8 Experimental deployment of RocketPool on the Rayonism host 2021-08-25 15:05:29 +02:00
Jakub Sokołowski 9f5bc6be6a
upgrade Geth to 1.10.8 to fix CVE-2021-39137 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-25 13:11:43 +02:00
Jakub Sokołowski e0d70f46f3
prater/pyrmont: add config for REST API port 
https://github.com/status-im/infra-role-beacon-node-linux/pull/1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-23 16:46:05 +02:00
Jakub Sokołowski ecdaa70356
geth: open WebSocket port for Nimbus fleets 
This worked before due to connections being already established.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-19 15:32:59 +02:00
Jakub Sokołowski 4f05e2f40d
beacon-node-builds: drop targets, move to prater host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-18 12:43:51 +02:00
Jakub Sokołowski a21ac2fe8c
port rest of fleet secrets to BitWarden 
https://github.com/status-im/infra-docs/issues/9

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-13 22:25:19 +02:00
Jakub Sokołowski 5d36d3ad3e
firewall: use new IP sets and iptables chains 
https://github.com/status-im/infra-hq/issues/69
https://github.com/status-im/infra-role-bootstrap-linux/commit/92d8923b
https://github.com/status-im/infra-role-wireguard/commit/8394639e

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-08-11 19:54:36 +02:00
Jakub Sokołowski 1ff378d392
update WireGuard config files layout 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-29 18:57:45 +02:00
Jakub Sokołowski 6375725d87
deploy rpc.sh wrapper for windows beacon nodes 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-29 09:32:12 +02:00
Jakub Sokołowski 4384f62e5f
rename infra-role-bootstrap-linux, upgrde consul 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-28 12:29:01 +02:00
Jakub Sokołowski c3a8883662
upgrade Geth to 1.10.6 for the London hard-fork 
https://github.com/ethereum/go-ethereum/releases/tag/v1.10.6

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-22 19:44:24 +02:00
Jakub Sokołowski 4a7ab275a5
move validators from 04 Pyrmont hosts to one windows host 
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-19 16:48:08 +02:00
Jakub Sokołowski 32baf5e4b7
migrate Pyrmont fleet to Hetzner metal hosts 
https://github.com/status-im/infra-nimbus/issues/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-19 12:33:23 +02:00
Jakub Sokołowski 87d23f8fa1
deploy 3 beacon nodes on all Pyrmont metal hosts 
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-15 20:15:58 +02:00
Jakub Sokołowski 8f05a0191c
prater: add service user pass and facts path for windows 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-07-14 14:59:40 +02:00
Jakub Sokołowski b5f75078f3
move validators from prater 05 hosts to Hetzner host 
https://github.com/status-im/infra-nimbus/issues/52

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-30 22:48:36 +02:00
Jakub Sokołowski bdab0a2f8b
deploy prater nodes on hetzner node 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-28 21:30:00 +02:00
Jakub Sokołowski a9dfaa12a3
give extra users admin rights on the windows hosts 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-28 18:02:45 +02:00
Jakub Sokołowski 5122d41a99
move distribute-validators role to a separate repo 
https://github.com/status-im/infra-role-dist-validators

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-28 16:40:48 +02:00
Jakub Sokołowski 054c5c2d26
ansible/requirements: update bootstrap and winsw 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-28 09:52:38 +02:00
Jakub Sokołowski db456f7f5c
upgrade Terraform to 1.0, upgrade all providers 
https://www.terraform.io/upgrade-guides/0-15.html
https://www.terraform.io/upgrade-guides/1-0.html

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-23 11:48:43 +02:00
Arthur Koziel 0a75a69a09 Deploy mainnet beacon nodes on hetzner server 
This will run multiple mainnet beacon nodes on the hetzner server. It
will use the `infra-role-beacon-node-linux` to build and run `stable`,
`unstable` and `testing` on the machine.

Signed-off-by: Arthur Koziel <arthur@arthurkoziel.com>
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-22 12:29:01 +02:00
Jakub Sokołowski 3d522beb2f
windows: use non-core image with full GUI for debugging 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-21 19:36:11 +02:00
Jakub Sokołowski 13b27db54d
windows: configure running multiple beacon nodes 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-16 15:41:50 +02:00
Jakub Sokołowski 23af824b2b
ansible/requirements.yml: add fix for consul handler errors 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-14 17:20:50 +02:00
Jakub Sokołowski 8468615f7d
deploy one Nimbus Prater node on Windows host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-10 18:09:05 +02:00
Jakub Sokołowski b5cbe7fa4d
provision windows-01.gc-us-central1-a.nimbus.prater 
https://github.com/status-im/infra-nimbus/issues/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-02 14:37:32 +02:00
Jakub Sokołowski 39f9b71dff
beacon-node-builds: add vim: ft=sh for buils.sh 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-06-01 21:26:42 +02:00
Jakub Sokołowski 38745d0495
ansible/requirements: bump bootstrap so watchtower fixes containers 
We've added flags so that containers are fixed even when stuck in `Restarting...`:
https://github.com/status-im/infra-role-bootstrap/commit/c9bdc2ba

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-26 11:50:02 +02:00
Jakub Sokołowski ee9f8a74b7
bump beacon-node role and others to use WireGuard 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-19 23:03:14 +02:00
Jakub Sokołowski e3171c98a9
use WireGuard instead of Tinc VPN for metrics 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-19 14:12:47 +02:00
Jakub Sokołowski 2047fe1702
ansible/requirements: bump origin-certs role 
https://github.com/status-im/infra-role-origin-certs/commit/586d81d6

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-13 10:53:51 +02:00
Jakub Sokołowski 6c0b62a6a8
rayonism: adjust location of rpc.sh wrapper 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-11 12:23:28 +02:00
Jakub Sokołowski f933dd0df8
rayonism: put Geth config in the same folder as Beacon node 
This way we create both as part of the same Docker network.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-11 11:59:34 +02:00
Jakub Sokołowski e20bbb1c48
rayonism: replace steklo testnet with nocturne 
Changes done according to:
https://github.com/status-im/infra-nimbus/issues/54

For more details see:
https://github.com/protolambda/nocturne

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-11 10:42:11 +02:00
Jakub Sokołowski d7930a8437
ansible/requirements: bump bootstrap and elasticsearch roles 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-11 10:31:33 +02:00
Jakub Sokołowski 1283cec6ee
ansible/requirements: update oauth-proxy rol 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-06 11:17:56 +02:00
Jakub Sokołowski 97db7ea804
rayonism: deploy beacon node for steklo testnet 
https://github.com/status-im/infra-nimbus/issues/53

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-04-29 15:14:25 +02:00
Jakub Sokołowski 1ce2b2c7fb
rayonism: deploy Geth node for steklo testnet 
https://github.com/status-im/infra-nimbus/issues/53

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-04-29 14:35:06 +02:00
Jakub Sokołowski 65d8302527
implement Eth1 Web3 URL fallbacks 
Related:
https://github.com/status-im/infra-role-beacon-node/commit/92f740e0

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-04-19 20:27:52 +02:00
Jakub Sokołowski 762f4e3457
requirements: bump bootstrap role version 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-04-14 16:18:03 +02:00
Jakub Sokołowski 757b097c81 add versioncheck.py script to verify Ansible role versions 
Since Ansible or Ansible Galaxy doesn't actually check role versions
itself, we have to do it ourselves. This script goes through contents of
`ansible/requirements.txt` and verifies each role is installed and has
correct version.

It also checks the version of Ansible itself.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-04-13 08:07:26 +02:00
Jakub Sokołowski b7226818d3
disable kibana-logtrail, it's not been updated to 7.10.2 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-02-01 16:05:50 +01:00
Jakub Sokołowski 45a0315bb0
deploy elasticsearch and a kibana dashboard 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-01-20 16:00:29 +01:00
Jakub Sokołowski d0a7c82d24
configure Goerli full sync on nimbus.geth node 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-24 14:44:50 +01:00
Jakub Sokołowski 9d56aa3e84
use our own fork of Nginx role to fix permissions 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-07 19:50:55 +02:00
Jakub Sokołowski 118b780312
destory the Nimbus ElasticSearch cluster and dashboard 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-08-03 16:29:33 +02:00
Jakub Sokołowski b3e320e064
deploy 2GB swap files on Nimbus hosts 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-03-26 19:04:59 +01:00
Jakub Sokołowski fcd17845b8
nimbus-stats: port to use systemd timer, fix consul query 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-02-19 11:51:09 +01:00
Jakub Sokołowski 24a87596b4
log-dash: configure Kibana dashboard 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-02-05 13:39:43 +01:00
Jakub Sokołowski 1ba18ae134
log-store: deploy an ElasticSearch cluster 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-02-03 13:10:28 +01:00
Jakub Sokołowski f519666812
update origin-certs role arguments 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2019-11-12 23:45:58 +01:00
Jakub Sokołowski 35dd23be1d
fix name of testnet-site role 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2019-03-22 18:20:55 +01:00
Jakub Sokołowski 87765ef6d9
use new roles 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2019-03-22 16:50:30 +01:00
Jakub Sokołowski dca0efdd5b
fix name of nimbus role 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2019-03-21 16:31:23 +01:00
Jakub Sokołowski beb8fb4ac6
add requirements.yml with new nimbus role 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2019-03-20 13:38:44 +01:00