infra-nimbus/ansible/group_vars/nimbus.mainnet.yml

152 lines
5.9 KiB
YAML

---
# Beacon nodes are held on /data so we can't bind it.
bootstrap__extra_volume_path: '/docker'
bootstrap__extra_volume_bind_path: null
# SWAP
swap_file_size_mb: 2048
# Go-Ethereum
geth_service_name: 'geth-{{ geth_network_name }}'
geth_service_path: '/docker/{{ geth_service_name }}'
geth_network_name: 'mainnet'
geth_cont_name: '{{ geth_service_name }}-node'
geth_cont_vol: '{{ geth_service_path }}/node'
geth_sync_mode: 'snap'
geth_log_level_name: 'info'
geth_account_pass: '{{lookup("bitwarden", "nimbus/geth", field="password")}}'
geth_authrpc_jwtsecret: '{{lookup("bitwarden", "nimbus/jwt-token")}}'
# Memory settings¬
geth_cont_mem_ratio: 0.15
geth_cache_size: '{{ (ansible_memtotal_mb * 0.05|float) | int }}'
# Ports
geth_port: 30303
geth_rpc_addr: '0.0.0.0'
geth_rpc_port: 8545
geth_authrpc_addr: '127.0.0.1'
geth_authrpc_port: 8551
# Geth metrics¬
geth_expo_service_name: '{{ geth_service_name }}'
geth_expo_source_cont_name: '{{ geth_cont_name }}'
geth_expo_source_data_path: '{{ geth_cont_vol }}/data'
geth_expo_cont_port: 9400
# Nimbus Beacon Node
beacon_node_network: 'mainnet'
# TODO This is to avoid too long service names.
beacon_node_repo_branch: '{{ (node.branch == "libp2p") | ternary("nim-libp2p-auto-bump-unstable", node.branch) }}'
# TODO Drop this once all nodes have an number.
service_number: '{{ node.get("num", False) | ternary(("-%02d"|format(node.get("num", 0))), "") }}'
beacon_node_service_name: 'beacon-node-{{ beacon_node_network }}-{{ node.branch | mandatory }}{{ service_number }}'
beacon_node_service_path: '/data/{{ beacon_node_service_name }}'
beacon_node_era_dir_path: '{{ nimbus_era_files_timer_path }}'
# Ports
beacon_node_discovery_port: '{{ 9000 + idx }}'
beacon_node_listening_port: '{{ 9000 + idx }}'
beacon_node_metrics_port: '{{ 9200 + idx }}'
beacon_node_rest_port: '{{ beacon_node_rest_port_base + idx }}'
beacon_node_rest_port_base: 9300
beacon_node_rest_address: '0.0.0.0'
# Firewall
beacon_node_firewall_libp2p_open: '{{ node.get("open_libp2p_ports", true) }}'
# Builds
beacon_node_build_frequency: '*-*-* {{ 12 + idx }}:00:00'
# Tuning
beacon_node_threads: '{{ (node.branch == "testing") | ternary(4, 1) }}'
# Monitoring
beacon_node_validator_monitor_auto: true
beacon_node_validator_monitor_totals: '{{ (node.public_api is defined and node.public_api) }}'
# Mainnet validators run on a separate fleet.
beacon_node_dist_validators_enabled: false
# Bootnodes should subscribe to all subnets
beacon_node_subscribe_all: true
# HTTP RPC support is unstable
beacon_node_web3_urls: '{{ beacon_node_web3_urls_all }}'
# Periodic resync to save space
beacon_node_resync_enabled: true
beacon_node_resync_timer_enabled: '{{ idx % 2 == 1 }}'
beacon_node_resync_timer_frequency: 'monthly'
beacon_node_resync_timer_random_delay_sec: 604800 # 7 days
beacon_node_resync_timer_trusted_api_url: 'http://localhost:{{ beacon_node_rest_port_base }}'
# Purge node DB periodically to test syncing.
nimbus_db_purge_node_service_name: '{{ beacon_node_service_name }}'
nimbus_db_purge_node_service_path: '{{ beacon_node_service_path }}'
nimbus_db_purge_node_network_name: '{{ beacon_node_network }}'
nimbus_db_purge_timer_frequency: 'weekly'
nimbus_db_purge_truster_node_api_url: 'http://localhost:{{ beacon_node_rest_port|int - 1 }}'
nimbus_db_purge_trusted_node_sync_enabled: '{{ node.get("db_sync", false) }}'
# ERA files geneartion.
nimbus_era_files_timer_enabled: '{{ (nodes_layout[hostname]|length) > 1 }}'
nimbus_era_files_timer_path: '/data/era'
# FIXME: Not pretty, since hardcoded, but the simplest way to do it right now.
nimbus_era_files_node_service_path: '/data/beacon-node-{{ beacon_node_network }}-stable-01'
nimbus_era_files_nclidb_path: '{{ nimbus_era_files_node_service_path }}/repo/build/ncli_db'
nimbus_era_files_db_path: '{{ nimbus_era_files_node_service_path }}/data/db'
# Open Ports
open_ports_default_comment: 'Nimbus REST API'
open_ports_default_chain: 'VPN'
open_ports_list:
- { port: '9300:9310', ipset: '{{ env }}.{{ stage }}' }
- { port: '9400', ipset: 'metrics.hq', comment: 'Geth Exporter' }
# Split by hostname for more central location
nodes_layout:
'stable-small-01.aws-eu-central-1a.nimbus.mainnet':
- { branch: 'stable' }
'stable-small-02.aws-eu-central-1a.nimbus.mainnet':
- { branch: 'stable' }
'metal-01.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1, open_libp2p_ports: false }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1, public_api: true }
- { branch: 'unstable', num: 2 }
'metal-02.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1, public_api: true }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1, open_libp2p_ports: false }
- { branch: 'unstable', num: 2 }
'metal-03.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1 }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1 }
- { branch: 'unstable', num: 2 }
'metal-04.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1 }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1 }
- { branch: 'unstable', num: 2 }
'metal-05.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1 }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1, db_purge: true }
- { branch: 'unstable', num: 2 }
- { branch: 'libp2p', num: 1 }
'metal-06.he-eu-hel1.nimbus.mainnet':
- { branch: 'stable', num: 1 }
- { branch: 'stable', num: 2 }
- { branch: 'testing', num: 1 }
- { branch: 'testing', num: 2 }
- { branch: 'unstable', num: 1, db_purge: true, db_sync: true }
- { branch: 'unstable', num: 2 }
- { branch: 'libp2p', num: 1 }