poanetwork
/
deployment-playbooks
mirror of https://github.com/poanetwork/deployment-playbooks.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixes for #76, #79, #80, #92, #99, partially #102, partially #104

This commit is contained in:
ArseniiPetrovich 2018-04-19 19:31:20 +03:00
parent 51a270a868
commit 7988410a8d
77 changed files with 788 additions and 827 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Vagrantfile vendored
View File

@ -19,6 +19,7 @@ Vagrant.configure("2") do |config|
node.vm.hostname = machine
node.vm.provision :ansible do |ansible|
ansible.compatibility_mode = "2.0"
ansible.playbook = "site.yml"
ansible.groups = {
"validator" => ["validator"],

16
aws/ansible.cfg Normal file
View File

@ -0,0 +1,16 @@
# config file for ansible -- http://ansible.com/
[defaults]
remote_tmp = $HOME/.ansible/tmp
forks = 20
gathering = implicit
# SSH timeout
timeout = 10
host_key_checking = False
remote_user = root
ansible_managed = This file is managed by ansible
[ssh_connection]
pipelining = True
scp_if_ssh = True

111
aws/bootnode.yml Normal file
View File

@ -0,0 +1,111 @@
---
- name: Create bootnode security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ bootnode_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: bootnode
- name: Create bootnode
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ bootnode_instance_name }}"
group: "{{ bootnode_security_group }}"
instance_type: "{{ bootnode_instance_type }}"
image: "{{ image }}"
count: "{{ bootnode_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: bootnode
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: Create bootnode elastic ip
hosts: localhost
gather_facts: False
tasks:
- name: associate elastic ip for bootnode
ec2_eip:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
region: "{{ region }}"
reuse_existing_ip_allowed: yes
state: present
in_vpc: yes
device_id: "{{ ec2.instance_ids[0] }}"
register: instance_elastic_ip
when: associate_bootnode_elastic_ip == true
- debug: var=instance_elastic_ip.public_ip
when: associate_bootnode_elastic_ip == true
- name: EC2 access setup
hosts: bootnode
become: True
roles:
- bootnode-access

92
aws/explorer.yml Normal file
View File

@ -0,0 +1,92 @@
---
- name: Create explorer security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: explorer
- name: Create explorer
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ explorer_instance_name }}"
group: "{{ explorer_security_group }}"
instance_type: "{{ explorer_instance_type }}"
image: "{{ image }}"
count: "{{ explorer_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: explorer
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: EC2 access setup
hosts: explorer
become: True
roles:
- explorer-access

11
aws/group_vars/bootnode.yml.example Normal file
View File

@ -0,0 +1,11 @@
bootnode_instance_type: "t2.large"
bootnode_instance_name: "bootnode"
bootnode_count_instances: "1"
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
associate_bootnode_elastic_ip: false
allow_bootnode_ssh: true
allow_bootnode_p2p: true
allow_bootnode_rpc: false

9
aws/group_vars/explorer.yml.example Normal file
View File

@ -0,0 +1,9 @@
explorer_instance_type: "t2.large"
explorer_instance_name: "explorer"
explorer_count_instances: "1"
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
allow_explorer_ssh: true
allow_explorer_p2p: true
allow_explorer_http: true

5
aws/group_vars/moc.yml.example Normal file
View File

@ -0,0 +1,5 @@
moc_instance_type: "t2.large"
moc_instance_name: "moc"
moc_count_instances: "1"
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"

5
aws/group_vars/netstat.yml.example Normal file
View File

@ -0,0 +1,5 @@
netstat_instance_type: "t2.large"
netstat_instance_name: "netstat"
netstat_count_instances: "1"
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"

6
aws/group_vars/validator.yml.example Normal file
View File

@ -0,0 +1,6 @@
validator_instance_type: "t2.large"
validator_instance_name: "validator"
validator_count_instances: "1"
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
associate_validator_elastic_ip: false

26
aws/hosts.example Normal file
View File

@ -0,0 +1,26 @@
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
[bootnode]
[moc]
[netstat]
[validator]
[explorer]
[poa:children]
bootnode
moc
netstat
validator
explorer

92
aws/moc.yml Normal file
View File

@ -0,0 +1,92 @@
---
- name: Create moc security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ moc_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: moc
- name: Create moc
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ moc_instance_name }}"
group: "{{ moc_security_group }}"
instance_type: "{{ moc_instance_type }}"
image: "{{ image }}"
count: "{{ moc_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: moc
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: EC2 access setup
hosts: moc
become: True
roles:
- moc-access

92
aws/netstat.yml Normal file
View File

@ -0,0 +1,92 @@
---
- name: Create netstat security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ netstat_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: netstat
- name: Create netstat
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ netstat_instance_name }}"
group: "{{ netstat_security_group }}"
instance_type: "{{ netstat_instance_type }}"
image: "{{ image }}"
count: "{{ netstat_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: netstat
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: EC2 access setup
hosts: netstat
become: True
roles:
- netstat-access

0
roles/bootnode-access/tasks/ec2.yml → aws/roles/bootnode-access/tasks/ec2.yml
View File

4
aws/roles/bootnode-access/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

0
roles/explorer-access/tasks/ec2.yml → aws/roles/explorer-access/tasks/ec2.yml
View File

4
aws/roles/explorer-access/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

0
roles/moc-access/tasks/ec2.yml → aws/roles/moc-access/tasks/ec2.yml
View File

4
aws/roles/moc-access/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

0
roles/netstat-access/tasks/ec2.yml → aws/roles/netstat-access/tasks/ec2.yml
View File

4
aws/roles/netstat-access/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

0
roles/validator-access/tasks/ec2.yml → aws/roles/validator-access/tasks/ec2.yml
View File

4
aws/roles/validator-access/tasks/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

19
aws/site.yml Normal file
View File

@ -0,0 +1,19 @@
- name: Bootnode deployment
import_playbook: bootnode.yml
tags: bootnode
- name: Explorer deployment
import_playbook: explorer.yml
tags: explorer
- name: Moc deployment
import_playbook: moc.yml
tags: moc
- name: Netstat deployment
import_playbook: netstat.yml
tags: netstat
- name: Validator deployment
import_playbook: validator.yml
tags: validator

111
aws/validator.yml Normal file
View File

@ -0,0 +1,111 @@
---
- name: Create validator security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ validator_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: validator
- name: Create validator
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ validator_instance_name }}"
group: "{{ validator_security_group }}"
instance_type: "{{ validator_instance_type }}"
image: "{{ image }}"
count: "{{ validator_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: validator
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: Create validator elastic ip
hosts: localhost
gather_facts: False
tasks:
- name: associate elastic ip for validator
ec2_eip:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
region: "{{ region }}"
reuse_existing_ip_allowed: yes
state: present
in_vpc: yes
device_id: "{{ ec2.instance_ids[0] }}"
register: instance_elastic_ip
when: associate_validator_elastic_ip == true
- debug: var=instance_elastic_ip.public_ip
when: associate_validator_elastic_ip == true
- name: EC2 access setup
hosts: validator
become: True
roles:
- validator-access

105
bootnode.yml
View File

@ -1,105 +1,4 @@
---
- name: Create bootnode security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ bootnode_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: bootnode
- name: Create bootnode
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ bootnode_instance_name }}"
group: "{{ bootnode_security_group }}"
instance_type: "{{ bootnode_instance_type }}"
image: "{{ image }}"
count: "{{ bootnode_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: bootnode
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
- hosts: bootnode
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: Create bootnode elastic ip
hosts: localhost
gather_facts: False
tasks:
- name: associate elastic ip for bootnode
ec2_eip:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
region: "{{ region }}"
reuse_existing_ip_allowed: yes
state: present
in_vpc: yes
device_id: "{{ ec2.instance_ids[0] }}"
register: instance_elastic_ip
when: associate_bootnode_elastic_ip == true
- debug: var=instance_elastic_ip.public_ip
when: associate_bootnode_elastic_ip == true
- bootnode

86
explorer.yml
View File

@ -1,86 +1,4 @@
---
- name: Create explorer security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: explorer
- name: Create explorer
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ explorer_instance_name }}"
group: "{{ explorer_security_group }}"
instance_type: "{{ explorer_instance_type }}"
image: "{{ image }}"
count: "{{ explorer_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: explorer
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
- hosts: explorer
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- explorer

56
group_vars/all.example
View File

@ -45,58 +45,4 @@ NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
ORCHESTRATOR_BIN_LOC: ""
ORCHESTRATOR_BIN_SHA256: ""
#bootnode
bootnode_instance_type: "t2.large"
bootnode_instance_name: "bootnode"
bootnode_count_instances: "1"
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
bootnode_archive: "off"
bootnode_orchestrator: "off"
#netstat
netstat_instance_type: "t2.large"
netstat_instance_name: "netstat"
netstat_count_instances: "1"
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
#validator
validator_instance_type: "t2.large"
validator_instance_name: "validator"
validator_count_instances: "1"
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
validator_archive: "off"
#moc
moc_instance_type: "t2.large"
moc_instance_name: "moc"
moc_count_instances: "1"
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
moc_archive: "off"
#explorer
explorer_instance_type: "t2.large"
explorer_instance_name: "explorer"
explorer_count_instances: "1"
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
#restrict network access to instances
allow_bootnode_ssh: true
allow_bootnode_p2p: true
allow_bootnode_rpc: true
associate_bootnode_elastic_ip: false
allow_explorer_ssh: true
allow_explorer_p2p: true
allow_explorer_http: true
allow_moc_ssh: true
allow_moc_p2p: true
allow_netstat_ssh: true
allow_netstat_http: true
allow_validator_ssh: true
allow_validator_p2p: true
associate_validator_elastic_ip: false
ORCHESTRATOR_BIN_SHA256: ""

55
group_vars/all.network
View File

@ -23,58 +23,3 @@ GENESIS_NETWORK_NAME: "PoA"
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
BLK_GAS_LIMIT: "6700000"
#bootnode
bootnode_instance_type: "t2.large"
bootnode_instance_name: "bootnode"
bootnode_count_instances: "1"
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
bootnode_archive: "off"
bootnode_orchestrator: "off"
#netstat
netstat_instance_type: "t2.large"
netstat_instance_name: "netstat"
netstat_count_instances: "1"
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
#validator
validator_instance_type: "t2.large"
validator_instance_name: "validator"
validator_count_instances: "1"
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
validator_archive: "off"
#moc
moc_instance_type: "t2.large"
moc_instance_name: "moc"
moc_count_instances: "1"
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
moc_archive: "off"
#explorer
explorer_instance_type: "t2.large"
explorer_instance_name: "explorer"
explorer_count_instances: "1"
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
#restrict network access to instances
allow_bootnode_ssh: true
allow_bootnode_p2p: true
allow_bootnode_rpc: true
associate_bootnode_elastic_ip: false
allow_explorer_ssh: true
allow_explorer_p2p: true
allow_explorer_http: true
allow_moc_ssh: true
allow_moc_p2p: true
allow_netstat_ssh: true
allow_netstat_http: true
allow_validator_ssh: true
allow_validator_p2p: true
associate_validator_elastic_ip: false
################################################################

10
group_vars/bootnode.example
View File

@ -9,3 +9,13 @@ NODE_ADMIN_EMAIL: "INSERT@EMAIL"
NETSTATS_SERVER: "INSERT FULL URL"
NETSTATS_SECRET: "INSERT SECRET"
username: "bootnode"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
nginx_headers: "on"
PROXY_PORT: "8545"
bootnode_archive: "off"
bootnode_orchestrator: "off"

9
group_vars/explorer.example
View File

@ -3,3 +3,12 @@ secret_key: "INSERT SECRET HERE"
awskeypair_name: "keypairname"
vpc_subnet_id: "subnet-ID-number"
username: "explorer"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
nginx_headers: "off"
PROXY_PORT: "3000"
explorerS_SERVER: "localhost"

7
group_vars/moc.example
View File

@ -12,3 +12,10 @@ NETSTATS_SECRET: "INSERT SECRET"
MOC_KEYPASS: "INSERT HERE"
MOC_KEYFILE: 'INSERT HERE'
username: "moc"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
moc_archive: "off"

9
group_vars/netstat.example
View File

@ -8,3 +8,12 @@ NODE_FULLNAME: "INSERT NODENAME"
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
NETSTATS_SECRET: "INSERT SECRET"
username: "netstat"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
nginx_headers: "off"
PROXY_PORT: "3000"
NETSTATS_SERVER: "http://localhost:3000"

7
group_vars/validator.example
View File

@ -13,3 +13,10 @@ NETSTATS_SECRET: "INSERT SECRET"
MINING_KEYFILE: 'INSERT HERE'
MINING_ADDRESS: "INSERT HERE"
MINING_KEYPASS: "INSERT HERE"
username: "validator"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
validator_archive: "off"

2
hosts.example
View File

@ -23,4 +23,4 @@ bootnode
moc
netstat
validator
explorer
explorer

86
moc.yml
View File

@ -1,86 +1,4 @@
---
- name: Create moc security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ moc_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: moc
- name: Create moc
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ moc_instance_name }}"
group: "{{ moc_security_group }}"
instance_type: "{{ moc_instance_type }}"
image: "{{ image }}"
count: "{{ moc_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: moc
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
- hosts: moc
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- moc

86
netstat.yml
View File

@ -1,86 +1,4 @@
---
- name: Create netstat security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ netstat_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: netstat
- name: Create netstat
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ netstat_instance_name }}"
group: "{{ netstat_security_group }}"
instance_type: "{{ netstat_instance_type }}"
image: "{{ image }}"
count: "{{ netstat_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: netstat
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
- hosts: netstat
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- netstat

8
roles/bootnode-access/tasks/main.yml
View File

@ -1,8 +0,0 @@
---
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

11
roles/bootnode/defaults/main.yml
View File

@ -1,14 +1,5 @@
---
username: "bootnode"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
nginx_headers: "on"
PROXY_PORT: "8545"
allow_bootnode_ssh: true
allow_bootnode_p2p: true
allow_bootnode_rpc: false
bootnode_archive: "off"
bootnode_orchestrator: "off"
allow_bootnode_rpc: false

0
roles/bootnode-access/handlers/main.yml → roles/bootnode/handlers/main.yml
View File

11
roles/bootnode/meta/main.yml Normal file
View File

@ -0,0 +1,11 @@
dependencies:
- { role: preconf }
- { role: usermanager }
# - { role: logentries }
- { role: nodejs }
- { role: poa-logrotate }
- { role: poa-parity }
- { role: poa-pm2 }
- { role: poa-netstats }
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
- { role: nginx }

25
roles/bootnode/tasks/main.yml
View File

@ -1,29 +1,12 @@
---
- name: Create directory parity_data/keys/NetworkName
file:
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
- name: Create node.toml
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
with_items:
- node.toml
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
#- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes

0
roles/bootnode-access/tasks/ufw.yml → roles/bootnode/tasks/ufw.yml
View File

8
roles/explorer-access/tasks/main.yml
View File

@ -1,8 +0,0 @@
---
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

11
roles/explorer/defaults/main.yml
View File

@ -1,12 +1,5 @@
username: "explorer"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
-----
allow_explorer_ssh: true
allow_explorer_p2p: true
allow_explorer_http: true
nginx_headers: "off"
PROXY_PORT: "3000"
explorerS_SERVER: "localhost"
allow_explorer_http: true

3
roles/explorer/handlers/main.yml
View File

@ -1,3 +1,6 @@
---
- name: restart poa-chain-explorer
service: name=poa-chain-explorer state=restarted
- name: restart ufw
service: name=ufw state=restarted

8
roles/explorer/meta/main.yml Normal file
View File

@ -0,0 +1,8 @@
dependencies:
- { role: preconf }
- { role: usermanager }
- { role: nodejs }
- { role: poa-logrotate }
- { role: poa-parity }
- { role: poa-pm2 }
- { role: nginx }

25
roles/explorer/tasks/main.yml
View File

@ -1,25 +1,4 @@
---
- name: Create directory parity_data/keys/NetworkName
file:
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
- name: Create node.toml
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
@ -60,3 +39,7 @@
- name: Ensure poa-chain-explorer is running and enabled to start at boot
service: name=poa-chain-explorer state=started enabled=yes
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")

0
roles/explorer-access/tasks/ufw.yml → roles/explorer/tasks/ufw.yml
View File

1
roles/explorer/vars/main.yml
View File

@ -1 +0,0 @@
explorer_version: "acee07c"

3
roles/moc-access/handlers/main.yml
View File

@ -1,3 +0,0 @@
---
- name: restart ufw
service: name=ufw state=restarted

8
roles/moc-access/tasks/main.yml
View File

@ -1,8 +0,0 @@
---
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

6
roles/moc/defaults/main.yml
View File

@ -1,8 +1,4 @@
---
username: "moc"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
allow_moc_ssh: true
allow_moc_p2p: true
allow_moc_p2p: true

0
roles/explorer-access/handlers/main.yml → roles/moc/handlers/main.yml
View File

8
roles/moc/meta/main.yml Normal file
View File

@ -0,0 +1,8 @@
dependencies:
- { role: preconf }
- { role: usermanager }
- { role: nodejs }
- { role: poa-logrotate }
- { role: poa-parity }
- { role: poa-pm2 }
- { role: poa-netstats }

25
roles/moc/tasks/main.yml
View File

@ -1,25 +1,4 @@
---
- name: Create directory parity_data/keys/NetworkName
file:
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
- name: Create node.toml
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
@ -60,3 +39,7 @@
path: "{{ home }}/poa-scripts-moc/distributeTokens"
become: true
become_user: "{{ username }}"
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")

0
roles/moc-access/tasks/ufw.yml → roles/moc/tasks/ufw.yml
View File

3
roles/netstat-access/handlers/main.yml
View File

@ -1,3 +0,0 @@
---
- name: restart ufw
service: name=ufw state=restarted

8
roles/netstat-access/tasks/main.yml
View File

@ -1,8 +0,0 @@
---
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

8
roles/netstat/defaults/main.yml
View File

@ -1,12 +1,4 @@
---
username: "netstat"
users:
- name: "{{ username }}"
home: "/home/{{ username }}"
allow_netstat_ssh: true
allow_netstat_http: true
nginx_headers: "off"
PROXY_PORT: "3000"
NETSTATS_SERVER: "http://localhost:3000"

3
roles/netstat/handlers/main.yml
View File

@ -1,3 +1,6 @@
---
- name: restart poa-dashboard
service: name=poa-dashboard state=restarted
- name: restart ufw
service: name=ufw state=restarted

6
roles/netstat/meta/main.yml Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- { role: preconf }
- { role: usermanager }
- { role: nodejs }
- { role: poa-logrotate }
- { role: nginx }

11
roles/netstat/tasks/main.yml
View File

@ -1,11 +1,4 @@
---
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Clone poanetworks/eth-netstats repo from GitHub
git:
@ -50,3 +43,7 @@
- name: Ensure poa-dashboard is running and enabled to start at boot
service: name=poa-dashboard state=started enabled=yes
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")

0
roles/netstat-access/tasks/ufw.yml → roles/netstat/tasks/ufw.yml
View File

1
roles/netstat/vars/main.yml
View File

@ -1 +0,0 @@
netstat_version: "cb431d6"

7
roles/preconf/tasks/keys.yml Normal file
View File

@ -0,0 +1,7 @@
- name: Create directory parity_data/keys/NetworkName
file:
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"

7
roles/preconf/tasks/logs.yml Normal file
View File

@ -0,0 +1,7 @@
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"

5
roles/preconf/tasks/main.yml
View File

@ -9,3 +9,8 @@
- import_tasks: chrony.yml
- import_tasks: logrotate.yml
- import_tasks: swap.yml
- import_tasks: logs.yml
- import_tasks: keys.yml
when: netstat not in ansible_hostname
- import_tasks: spec.yml
when: netstat not in ansible_hostname

5
roles/preconf/tasks/spec.yml Normal file
View File

@ -0,0 +1,5 @@
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"

3
roles/validator-access/handlers/main.yml
View File

@ -1,3 +0,0 @@
---
- name: restart ufw
service: name=ufw state=restarted

8
roles/validator-access/tasks/main.yml
View File

@ -1,8 +0,0 @@
---
- name: Setup ufw firewall
import_tasks: ufw.yml
when: not ansible_bios_version | search("amazon")
- name: Setup EC2 firewall
import_tasks: ec2.yml
when: ansible_bios_version | search("amazon")

5
roles/validator/defaults/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
allow_validator_ssh: true
allow_validator_p2p: true

3
roles/validator/handlers/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
- name: restart ufw
service: name=ufw state=restarted

8
roles/validator/meta/main.yml Normal file
View File

@ -0,0 +1,8 @@
dependencies:
- { role: preconf }
- { role: usermanager }
- { role: nodejs }
- { role: poa-logrotate }
- { role: poa-parity }
- { role: poa-pm2 }
- { role: poa-netstats }

21
roles/validator/tasks/main.yml
View File

@ -1,25 +1,4 @@
---
- name: Create directory parity_data/keys/NetworkName
file:
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
state: directory
mode: 0700
owner: "{{ username }}"
group: "{{ username }}"
- name: Create logs directories
file:
path: "/{{ home }}/logs/old"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ username }}"
- name: Download spec.json
get_url: url={{ item }} dest={{ home }}/ mode=0644
with_items:
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
- name: Create node.toml
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644

0
roles/validator-access/tasks/ufw.yml → roles/validator/tasks/ufw.yml
View File

103
site.yml
View File

@ -1,84 +1,19 @@
---
- hosts: all
user: ubuntu
become: True
# user: root
roles:
- preconf
tags: preconf
- hosts: bootnode
become: True
roles:
- usermanager
# - logentries
- nodejs
- bootnode
- poa-logrotate
- poa-parity
- poa-pm2
- poa-netstats
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
- nginx
- bootnode-access
tags:
- bootnode
- hosts: validator
become: True
vars:
username: "validator"
users:
- name: "validator"
home: "/home/validator"
roles:
- usermanager
- nodejs
- poa-logrotate
- poa-parity
- poa-pm2
- poa-netstats
- validator
- validator-access
tags:
- validator
- hosts: netstat
become: True
roles:
- usermanager
- nodejs
- poa-logrotate
- netstat
- nginx
- netstat-access
tags:
- netstat
- hosts: explorer
become: True
roles:
- usermanager
- nodejs
- poa-logrotate
- poa-parity
- poa-pm2
- explorer
- nginx
- explorer-access
tags:
- explorer
- hosts: moc
become: True
roles:
- usermanager
- nodejs
- poa-logrotate
- poa-parity
- poa-pm2
- poa-netstats
- moc
- moc-access
tags:
- moc
- name: Bootnode deployment
import_playbook: bootnode.yml
tags: bootnode
- name: Explorer deployment
import_playbook: explorer.yml
tags: explorer
- name: Moc deployment
import_playbook: moc.yml
tags: moc
- name: Netstat deployment
import_playbook: netstat.yml
tags: netstat
- name: Validator deployment
import_playbook: validator.yml
tags: validator

105
validator.yml
View File

@ -1,105 +1,4 @@
---
- name: Create validator security group
hosts: localhost
gather_facts: False
tasks:
- name: Create Security group
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ validator_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
tags: validator
- name: Create validator
hosts: localhost
gather_facts: False
vars:
volumes:
- device_name: /dev/sda1
volume_size: 128
delete_on_termination: true
tasks:
- name: Launch instance
ec2:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
key_name: "{{ awskeypair_name }}"
instance_tags:
Name: "{{ validator_instance_name }}"
group: "{{ validator_security_group }}"
instance_type: "{{ validator_instance_type }}"
image: "{{ image }}"
count: "{{ validator_count_instances }}"
wait: yes
region: "{{ region }}"
vpc_subnet_id: "{{ vpc_subnet_id }}"
volumes: "{{ volumes }}"
assign_public_ip: yes
register: ec2
- name: Add new instance to host group
add_host: hostname={{ item.public_ip }} groupname=launched
with_items: "{{ ec2.instances }}"
- name: Wait for SSH to come up
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
with_items: "{{ ec2.instances }}"
tags: validator
- name: Installing python
hosts: all
hosts: launched
gather_facts: False
user: ubuntu
- hosts: validator
become: True
vars:
ansible_ssh_port: 22
tasks:
- name: Install python
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
- name: Configure instance(s)
hosts: launched
user: ubuntu
become: True
vars:
ansible_ssh_port: 22
gather_facts: True
roles:
- preconf
tags: preconf
tasks:
- name: restart machine after setup
shell: shutdown -r 1
- name: Create validator elastic ip
hosts: localhost
gather_facts: False
tasks:
- name: associate elastic ip for validator
ec2_eip:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
region: "{{ region }}"
reuse_existing_ip_allowed: yes
state: present
in_vpc: yes
device_id: "{{ ec2.instance_ids[0] }}"
register: instance_elastic_ip
when: associate_validator_elastic_ip == true
- debug: var=instance_elastic_ip.public_ip
when: associate_validator_elastic_ip == true
- validator