use infra-role-geth to deploy geth for swarm

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-17 00:22:34 +01:00 · 2020-03-17 00:22:34 +01:00 · 4b6e7e9db2
parent fba129e3c6
commit 4b6e7e9db2
8 changed files with 43 additions and 116 deletions
--- a/ansible/group_vars/swarm.yml
+++ b/ansible/group_vars/swarm.yml
@ -1,5 +1,5 @@
 ---
-swarm_domain: swarm.status.im
+swarm_domain: test-swarm.status.im

 # proportion of root partition to use for swarm
 swarm_store_ratio: 0.5
@ -10,8 +10,29 @@ swarm_store_mount: |
  | list | first }}
 swarm_store_bytes: '{{ swarm_store_mount["size_total"] | int }}'
 swarm_store_chunks: '{{ swarm_store_bytes |int / swarm_chunk_size|int }}'
-
 swarm_store_size: |
  {{ (
    swarm_store_chunks | float * swarm_store_ratio | float
  ) | round | int }}
+
+# Geth node settings
+geth_cont_tag: 'v1.9.12'
+geth_cont_name: 'swarm-geth'
+geth_cont_vol: '/docker/{{ geth_cont_name }}'
+geth_sync_mode: 'light'
+# RPC access required for ENS resolution
+geth_rcp_api: 'db,eth,net,web3,admin'
+geth_rpc_addr: '0.0.0.0'
+geth_rpc_port: 8545
+# adjust cache size to available memory
+geth_cache_ratio: 0.2
+# has to be higher than mem_cache_ratio
+geth_cont_mem_ratio: 0.4
+# Create account for Geth with no password
+geth_account_pass: '{{lookup("passwordstore", "service/swarm/geth/acc-pass")}}'
+
+# Geth container to use with Swarm
+swarm_geth_account: '{{ geth_account_addr | mandatory }}'
+swarm_geth_cont_name: '{{ geth_cont_name }}'
+swarm_geth_cont_vol: '{{ geth_cont_vol }}'
+swarm_geth_rcp_port: '{{ geth_rpc_port }}'
--- a/ansible/main.yml
+++ b/ansible/main.yml
@ -2,6 +2,7 @@
 - name: Configure swarm
  hosts: swarm
  roles:
-    - origin-certs
-    - nginx
-    - swarm
+    - { role: origin-certs,    tags: origin-certs }
+    - { role: nginx,           tags: nginx }
+    - { role: infra-role-geth, tags: infra-role-geth }
+    - { role: swarm,           tags: swarm }
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -17,3 +17,7 @@
 - name: consul-service
  src: git@github.com:status-im/infra-role-consul-service.git
  scm: git
+
+- name: geth
+  src: git@github.com:status-im/infra-role-geth.git
+  scm: git
--- a/ansible/roles/swarm/defaults/main.yml
+++ b/ansible/roles/swarm/defaults/main.yml
@ -2,7 +2,7 @@
 swarm_cont_version: '0.5.7-alltools'
 swarm_cont_image: 'ethersphere/swarm:{{ swarm_cont_version }}'
 swarm_cont_name: 'swarm-node'
-swarm_cont_vol: '/docker/{{ cont_name }}'
+swarm_cont_vol: '/docker/{{ swarm_cont_name }}'
 # listen port which will be incremented for every dontainer
 swarm_cont_port: 30399 
 # address to listen on
@ -21,20 +21,11 @@ swarm_chunk_size: 5000
 swarm_store_size: 5000000
 swarm_store_cache_size: 5000

-# Geth settings
-swarm_geth_image: 'ethereum/client-go:v1.8.27'
-swarm_geth_name: 'swarm-geth'
-swarm_geth_vol: '/docker/{{ geth_name }}'
-swarm_geth_keys: '{{ geth_vol }}/keys'
-swarm_geth_port: 30303
-swarm_geth_rpc_addr: '0.0.0.0'
-swarm_geth_rpc_port: 8545
-# account to use for swarm
-swarm_geth_pass: ~
+# Geth container info
 swarm_geth_account: ~
-
-# for key generation
-genkey_image: 'ethereum/client-go:alltools-latest'
+swarm_geth_cont_name: ~
+swarm_geth_cont_vol: ~
+swarm_geth_rcp_port: ~

 # Generic container options
 cont_state: started
--- a/ansible/roles/swarm/tasks/account.yml
+++ b/ansible/roles/swarm/tasks/account.yml
@ -1,44 +0,0 @@
---
- name: Find all enode files
-  find:
-    paths: '{{ geth_keys }}'
-    patterns: 'UTC--*'
-    file_type: file
-  register: account_files
-
- name: Set Geth password to be empty
-  copy:
-    dest: '{{ geth_keys }}/password'
-    content: ''
-
- name: Generate Geth account
-  docker_container:
-    name: '{{ geth_name }}-acc-gen'
-    image: '{{ geth_image }}'
-    user: root
-    pull: true
-    auto_remove: yes
-    entrypoint: '/usr/local/bin/geth'
-    command: |
-      account new
-      --keystore=/keys
-      --password=/keys/password
-    volumes:
-      - '{{ geth_vol }}/keys:/keys:rw'
-  when: account_files.files | length == 0
-  register: dbg
-
- name: Find all enode files
-  find:
-    paths: '{{ geth_keys }}'
-    patterns: 'UTC--*'
-    file_type: file
-  register: account_files
-
- name: Read account addres
-  shell: 'cat {{ account_files.files[0].path }} | jq -r .address'
-  register: account_address
-
- name: Save geth account address
-  set_fact:
-    geth_account: '{{ account_address.stdout }}'
--- a/ansible/roles/swarm/tasks/geth.yml
+++ b/ansible/roles/swarm/tasks/geth.yml
@ -1,41 +0,0 @@
---
- name: Run Geth container
-  docker_container:
-    name: '{{ geth_name }}'
-    image: '{{ geth_image }}'
-    user: root
-    pull: true
-    restart_policy: always
-    state: '{{ cont_state }}'
-    recreate: '{{ cont_recreate }}'
-    restart: '{{ cont_restart }}'
-    # enable image updates via watchtower
-    labels:
-      com.centurylinklabs.watchtower.enable: 'true'
-    ports:
-      - '{{ geth_port }}:{{ geth_port }}'
-      - '{{ geth_rpc_port }}:{{ geth_rpc_port }}'
-    command: |
-      --testnet
-      --syncmode=light
-      --datadir=/data
-      --keystore=/keys
-      --port={{ geth_port }}
-      --rpc
-      --rpcaddr={{ geth_rpc_addr }}
-      --rpcport={{ geth_rpc_port }}
-      --rpcapi=db,eth,net,web3,admin
-    volumes:
-      - '{{ geth_vol }}/keys:/keys:rw'
-      - '{{ geth_vol }}/data:/data:rw'
-
- name: Enable geth port
-  iptables:
-    comment: '{{ geth_name }}'
-    chain: INPUT
-    jump: ACCEPT
-    source: '0.0.0.0/0'
-    protocol: udp
-    destination_port: '{{ geth_port }}'
-  notify:
-    - Save iptables rules
--- a/ansible/roles/swarm/tasks/main.yml
+++ b/ansible/roles/swarm/tasks/main.yml
@ -1,18 +1,14 @@
 ---
- name: Create directories for geth
+- name: Create directories for Swarm
  file:
    path: '{{ item }}'
    state: directory
    owner: dockremap
    recurse: true
  with_items:
-    - '{{ geth_vol }}/data'
-    - '{{ geth_vol }}/keys'
    - '{{ swarm_cont_vol }}/data'
    - '{{ swarm_cont_vol }}/store'

- include_tasks: account.yml
- include_tasks: geth.yml
 - include_tasks: firewall.yml
 - include_tasks: swarm.yml
 - include_tasks: consul.yml
--- a/ansible/roles/swarm/tasks/swarm.yml
+++ b/ansible/roles/swarm/tasks/swarm.yml
@ -1,5 +1,5 @@
 ---
- name: Run Swarm container
+- name: Start Swarm container
  docker_container:
    name: '{{ swarm_cont_name }}'
    image: '{{ swarm_cont_image }}'
@ -9,7 +9,6 @@
    state: '{{ cont_state }}'
    recreate: '{{ cont_recreate }}'
    restart: '{{ cont_restart }}'
-    entrypoint: '/swarm'
    # enable image updates via watchtower
    labels:
      com.centurylinklabs.watchtower.enable: 'true'
@ -17,21 +16,21 @@
      - '{{ swarm_cont_port }}:{{ swarm_cont_port }}'
      - '127.0.0.1:{{ swarm_http_port }}:8500'
    links:
-      - '{{ geth_name }}:geth'
+      - '{{ swarm_geth_cont_name | mandatory }}:geth'
    command: |
      --verbosity={{ swarm_log_lvl }}
      --port={{ swarm_cont_port }}
      --httpaddr={{ swarm_addr }}
-      --bzzaccount={{ geth_account }}
+      --bzzaccount={{ swarm_geth_account | mandatory }}
      --datadir=/data
      --keystore=/keys
-      --password=/keys/password
+      --password=/keys/account.pass
      --store.path=/store
      --store.size={{ swarm_store_size }}
      --store.cache.size={{ swarm_store_cache_size }}
      --corsdomain='*'
-      --ens-api=http://geth:{{ geth_rpc_port }}
+      --ens-api=http://geth:{{ swarm_geth_rcp_port | mandatory }}
    volumes:
-      - '{{ geth_vol }}/keys:/keys:rw'
+      - '{{ swarm_geth_cont_vol | mandatory }}/keys:/keys:rw'
      - '{{ swarm_cont_vol }}/data:/data:rw'
      - '{{ swarm_cont_vol }}/store:/store:rw'