This commit is contained in:
parent
51a270a868
commit
7988410a8d
|
@ -19,6 +19,7 @@ Vagrant.configure("2") do |config|
|
||||||
node.vm.hostname = machine
|
node.vm.hostname = machine
|
||||||
|
|
||||||
node.vm.provision :ansible do |ansible|
|
node.vm.provision :ansible do |ansible|
|
||||||
|
ansible.compatibility_mode = "2.0"
|
||||||
ansible.playbook = "site.yml"
|
ansible.playbook = "site.yml"
|
||||||
ansible.groups = {
|
ansible.groups = {
|
||||||
"validator" => ["validator"],
|
"validator" => ["validator"],
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
# config file for ansible -- http://ansible.com/
|
||||||
|
[defaults]
|
||||||
|
|
||||||
|
remote_tmp = $HOME/.ansible/tmp
|
||||||
|
forks = 20
|
||||||
|
gathering = implicit
|
||||||
|
# SSH timeout
|
||||||
|
timeout = 10
|
||||||
|
host_key_checking = False
|
||||||
|
|
||||||
|
remote_user = root
|
||||||
|
ansible_managed = This file is managed by ansible
|
||||||
|
|
||||||
|
[ssh_connection]
|
||||||
|
pipelining = True
|
||||||
|
scp_if_ssh = True
|
|
@ -0,0 +1,111 @@
|
||||||
|
---
|
||||||
|
- name: Create bootnode security group
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: Create Security group
|
||||||
|
ec2_group:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
name: "{{ bootnode_security_group }}"
|
||||||
|
description: "Default security group"
|
||||||
|
region: "{{ region }}"
|
||||||
|
purge_rules_egress: false
|
||||||
|
purge_rules: false
|
||||||
|
rules:
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: all
|
||||||
|
to_port: all
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
tags: bootnode
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create bootnode
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
vars:
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/sda1
|
||||||
|
volume_size: 128
|
||||||
|
delete_on_termination: true
|
||||||
|
tasks:
|
||||||
|
- name: Launch instance
|
||||||
|
ec2:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
key_name: "{{ awskeypair_name }}"
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ bootnode_instance_name }}"
|
||||||
|
group: "{{ bootnode_security_group }}"
|
||||||
|
instance_type: "{{ bootnode_instance_type }}"
|
||||||
|
image: "{{ image }}"
|
||||||
|
count: "{{ bootnode_count_instances }}"
|
||||||
|
wait: yes
|
||||||
|
region: "{{ region }}"
|
||||||
|
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||||
|
volumes: "{{ volumes }}"
|
||||||
|
assign_public_ip: yes
|
||||||
|
register: ec2
|
||||||
|
- name: Add new instance to host group
|
||||||
|
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
- name: Wait for SSH to come up
|
||||||
|
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
tags: bootnode
|
||||||
|
|
||||||
|
- name: Installing python
|
||||||
|
hosts: all
|
||||||
|
hosts: launched
|
||||||
|
gather_facts: False
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
tasks:
|
||||||
|
- name: Install python
|
||||||
|
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||||
|
|
||||||
|
- name: Configure instance(s)
|
||||||
|
hosts: launched
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
gather_facts: True
|
||||||
|
roles:
|
||||||
|
- preconf
|
||||||
|
tags: preconf
|
||||||
|
tasks:
|
||||||
|
- name: restart machine after setup
|
||||||
|
shell: shutdown -r 1
|
||||||
|
|
||||||
|
- name: Create bootnode elastic ip
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: associate elastic ip for bootnode
|
||||||
|
ec2_eip:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
region: "{{ region }}"
|
||||||
|
reuse_existing_ip_allowed: yes
|
||||||
|
state: present
|
||||||
|
in_vpc: yes
|
||||||
|
device_id: "{{ ec2.instance_ids[0] }}"
|
||||||
|
register: instance_elastic_ip
|
||||||
|
when: associate_bootnode_elastic_ip == true
|
||||||
|
|
||||||
|
- debug: var=instance_elastic_ip.public_ip
|
||||||
|
when: associate_bootnode_elastic_ip == true
|
||||||
|
|
||||||
|
- name: EC2 access setup
|
||||||
|
hosts: bootnode
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- bootnode-access
|
|
@ -0,0 +1,92 @@
|
||||||
|
---
|
||||||
|
- name: Create explorer security group
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: Create Security group
|
||||||
|
ec2_group:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
name: "{{ explorer_security_group }}"
|
||||||
|
description: "Default security group"
|
||||||
|
region: "{{ region }}"
|
||||||
|
purge_rules_egress: false
|
||||||
|
purge_rules: false
|
||||||
|
rules:
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: all
|
||||||
|
to_port: all
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
tags: explorer
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create explorer
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
vars:
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/sda1
|
||||||
|
volume_size: 128
|
||||||
|
delete_on_termination: true
|
||||||
|
tasks:
|
||||||
|
- name: Launch instance
|
||||||
|
ec2:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
key_name: "{{ awskeypair_name }}"
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ explorer_instance_name }}"
|
||||||
|
group: "{{ explorer_security_group }}"
|
||||||
|
instance_type: "{{ explorer_instance_type }}"
|
||||||
|
image: "{{ image }}"
|
||||||
|
count: "{{ explorer_count_instances }}"
|
||||||
|
wait: yes
|
||||||
|
region: "{{ region }}"
|
||||||
|
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||||
|
volumes: "{{ volumes }}"
|
||||||
|
assign_public_ip: yes
|
||||||
|
register: ec2
|
||||||
|
- name: Add new instance to host group
|
||||||
|
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
- name: Wait for SSH to come up
|
||||||
|
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
tags: explorer
|
||||||
|
|
||||||
|
- name: Installing python
|
||||||
|
hosts: all
|
||||||
|
hosts: launched
|
||||||
|
gather_facts: False
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
tasks:
|
||||||
|
- name: Install python
|
||||||
|
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||||
|
|
||||||
|
- name: Configure instance(s)
|
||||||
|
hosts: launched
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
gather_facts: True
|
||||||
|
roles:
|
||||||
|
- preconf
|
||||||
|
tags: preconf
|
||||||
|
tasks:
|
||||||
|
- name: restart machine after setup
|
||||||
|
shell: shutdown -r 1
|
||||||
|
|
||||||
|
- name: EC2 access setup
|
||||||
|
hosts: explorer
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- explorer-access
|
|
@ -0,0 +1,11 @@
|
||||||
|
bootnode_instance_type: "t2.large"
|
||||||
|
bootnode_instance_name: "bootnode"
|
||||||
|
bootnode_count_instances: "1"
|
||||||
|
|
||||||
|
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
||||||
|
|
||||||
|
associate_bootnode_elastic_ip: false
|
||||||
|
|
||||||
|
allow_bootnode_ssh: true
|
||||||
|
allow_bootnode_p2p: true
|
||||||
|
allow_bootnode_rpc: false
|
|
@ -0,0 +1,9 @@
|
||||||
|
explorer_instance_type: "t2.large"
|
||||||
|
explorer_instance_name: "explorer"
|
||||||
|
explorer_count_instances: "1"
|
||||||
|
|
||||||
|
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
||||||
|
|
||||||
|
allow_explorer_ssh: true
|
||||||
|
allow_explorer_p2p: true
|
||||||
|
allow_explorer_http: true
|
|
@ -0,0 +1,5 @@
|
||||||
|
moc_instance_type: "t2.large"
|
||||||
|
moc_instance_name: "moc"
|
||||||
|
moc_count_instances: "1"
|
||||||
|
|
||||||
|
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
|
@ -0,0 +1,5 @@
|
||||||
|
netstat_instance_type: "t2.large"
|
||||||
|
netstat_instance_name: "netstat"
|
||||||
|
netstat_count_instances: "1"
|
||||||
|
|
||||||
|
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
|
@ -0,0 +1,6 @@
|
||||||
|
validator_instance_type: "t2.large"
|
||||||
|
validator_instance_name: "validator"
|
||||||
|
validator_count_instances: "1"
|
||||||
|
|
||||||
|
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
||||||
|
associate_validator_elastic_ip: false
|
|
@ -0,0 +1,26 @@
|
||||||
|
# This is the default ansible 'hosts' file.
|
||||||
|
#
|
||||||
|
# It should live in /etc/ansible/hosts
|
||||||
|
#
|
||||||
|
# - Comments begin with the '#' character
|
||||||
|
# - Blank lines are ignored
|
||||||
|
# - Groups of hosts are delimited by [header] elements
|
||||||
|
# - You can enter hostnames or ip addresses
|
||||||
|
# - A hostname/ip can be a member of multiple groups
|
||||||
|
|
||||||
|
[bootnode]
|
||||||
|
|
||||||
|
[moc]
|
||||||
|
|
||||||
|
[netstat]
|
||||||
|
|
||||||
|
[validator]
|
||||||
|
|
||||||
|
[explorer]
|
||||||
|
|
||||||
|
[poa:children]
|
||||||
|
bootnode
|
||||||
|
moc
|
||||||
|
netstat
|
||||||
|
validator
|
||||||
|
explorer
|
|
@ -0,0 +1,92 @@
|
||||||
|
---
|
||||||
|
- name: Create moc security group
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: Create Security group
|
||||||
|
ec2_group:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
name: "{{ moc_security_group }}"
|
||||||
|
description: "Default security group"
|
||||||
|
region: "{{ region }}"
|
||||||
|
purge_rules_egress: false
|
||||||
|
purge_rules: false
|
||||||
|
rules:
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: all
|
||||||
|
to_port: all
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
tags: moc
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create moc
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
vars:
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/sda1
|
||||||
|
volume_size: 128
|
||||||
|
delete_on_termination: true
|
||||||
|
tasks:
|
||||||
|
- name: Launch instance
|
||||||
|
ec2:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
key_name: "{{ awskeypair_name }}"
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ moc_instance_name }}"
|
||||||
|
group: "{{ moc_security_group }}"
|
||||||
|
instance_type: "{{ moc_instance_type }}"
|
||||||
|
image: "{{ image }}"
|
||||||
|
count: "{{ moc_count_instances }}"
|
||||||
|
wait: yes
|
||||||
|
region: "{{ region }}"
|
||||||
|
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||||
|
volumes: "{{ volumes }}"
|
||||||
|
assign_public_ip: yes
|
||||||
|
register: ec2
|
||||||
|
- name: Add new instance to host group
|
||||||
|
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
- name: Wait for SSH to come up
|
||||||
|
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
tags: moc
|
||||||
|
|
||||||
|
- name: Installing python
|
||||||
|
hosts: all
|
||||||
|
hosts: launched
|
||||||
|
gather_facts: False
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
tasks:
|
||||||
|
- name: Install python
|
||||||
|
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||||
|
|
||||||
|
- name: Configure instance(s)
|
||||||
|
hosts: launched
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
gather_facts: True
|
||||||
|
roles:
|
||||||
|
- preconf
|
||||||
|
tags: preconf
|
||||||
|
tasks:
|
||||||
|
- name: restart machine after setup
|
||||||
|
shell: shutdown -r 1
|
||||||
|
|
||||||
|
- name: EC2 access setup
|
||||||
|
hosts: moc
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- moc-access
|
|
@ -0,0 +1,92 @@
|
||||||
|
---
|
||||||
|
- name: Create netstat security group
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: Create Security group
|
||||||
|
ec2_group:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
name: "{{ netstat_security_group }}"
|
||||||
|
description: "Default security group"
|
||||||
|
region: "{{ region }}"
|
||||||
|
purge_rules_egress: false
|
||||||
|
purge_rules: false
|
||||||
|
rules:
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: all
|
||||||
|
to_port: all
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
tags: netstat
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create netstat
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
vars:
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/sda1
|
||||||
|
volume_size: 128
|
||||||
|
delete_on_termination: true
|
||||||
|
tasks:
|
||||||
|
- name: Launch instance
|
||||||
|
ec2:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
key_name: "{{ awskeypair_name }}"
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ netstat_instance_name }}"
|
||||||
|
group: "{{ netstat_security_group }}"
|
||||||
|
instance_type: "{{ netstat_instance_type }}"
|
||||||
|
image: "{{ image }}"
|
||||||
|
count: "{{ netstat_count_instances }}"
|
||||||
|
wait: yes
|
||||||
|
region: "{{ region }}"
|
||||||
|
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||||
|
volumes: "{{ volumes }}"
|
||||||
|
assign_public_ip: yes
|
||||||
|
register: ec2
|
||||||
|
- name: Add new instance to host group
|
||||||
|
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
- name: Wait for SSH to come up
|
||||||
|
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
tags: netstat
|
||||||
|
|
||||||
|
- name: Installing python
|
||||||
|
hosts: all
|
||||||
|
hosts: launched
|
||||||
|
gather_facts: False
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
tasks:
|
||||||
|
- name: Install python
|
||||||
|
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||||
|
|
||||||
|
- name: Configure instance(s)
|
||||||
|
hosts: launched
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
gather_facts: True
|
||||||
|
roles:
|
||||||
|
- preconf
|
||||||
|
tags: preconf
|
||||||
|
tasks:
|
||||||
|
- name: restart machine after setup
|
||||||
|
shell: shutdown -r 1
|
||||||
|
|
||||||
|
- name: EC2 access setup
|
||||||
|
hosts: netstat
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- netstat-access
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Setup EC2 firewall
|
||||||
|
import_tasks: ec2.yml
|
||||||
|
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Setup EC2 firewall
|
||||||
|
import_tasks: ec2.yml
|
||||||
|
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Setup EC2 firewall
|
||||||
|
import_tasks: ec2.yml
|
||||||
|
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Setup EC2 firewall
|
||||||
|
import_tasks: ec2.yml
|
||||||
|
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Setup EC2 firewall
|
||||||
|
import_tasks: ec2.yml
|
||||||
|
when: ansible_bios_version | search("amazon")
|
|
@ -0,0 +1,19 @@
|
||||||
|
- name: Bootnode deployment
|
||||||
|
import_playbook: bootnode.yml
|
||||||
|
tags: bootnode
|
||||||
|
|
||||||
|
- name: Explorer deployment
|
||||||
|
import_playbook: explorer.yml
|
||||||
|
tags: explorer
|
||||||
|
|
||||||
|
- name: Moc deployment
|
||||||
|
import_playbook: moc.yml
|
||||||
|
tags: moc
|
||||||
|
|
||||||
|
- name: Netstat deployment
|
||||||
|
import_playbook: netstat.yml
|
||||||
|
tags: netstat
|
||||||
|
|
||||||
|
- name: Validator deployment
|
||||||
|
import_playbook: validator.yml
|
||||||
|
tags: validator
|
|
@ -0,0 +1,111 @@
|
||||||
|
---
|
||||||
|
- name: Create validator security group
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: Create Security group
|
||||||
|
ec2_group:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
name: "{{ validator_security_group }}"
|
||||||
|
description: "Default security group"
|
||||||
|
region: "{{ region }}"
|
||||||
|
purge_rules_egress: false
|
||||||
|
purge_rules: false
|
||||||
|
rules:
|
||||||
|
- proto: tcp
|
||||||
|
from_port: 22
|
||||||
|
to_port: 22
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
rules_egress:
|
||||||
|
- proto: all
|
||||||
|
from_port: all
|
||||||
|
to_port: all
|
||||||
|
cidr_ip: 0.0.0.0/0
|
||||||
|
tags: validator
|
||||||
|
|
||||||
|
|
||||||
|
- name: Create validator
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
vars:
|
||||||
|
volumes:
|
||||||
|
- device_name: /dev/sda1
|
||||||
|
volume_size: 128
|
||||||
|
delete_on_termination: true
|
||||||
|
tasks:
|
||||||
|
- name: Launch instance
|
||||||
|
ec2:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
key_name: "{{ awskeypair_name }}"
|
||||||
|
instance_tags:
|
||||||
|
Name: "{{ validator_instance_name }}"
|
||||||
|
group: "{{ validator_security_group }}"
|
||||||
|
instance_type: "{{ validator_instance_type }}"
|
||||||
|
image: "{{ image }}"
|
||||||
|
count: "{{ validator_count_instances }}"
|
||||||
|
wait: yes
|
||||||
|
region: "{{ region }}"
|
||||||
|
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
||||||
|
volumes: "{{ volumes }}"
|
||||||
|
assign_public_ip: yes
|
||||||
|
register: ec2
|
||||||
|
- name: Add new instance to host group
|
||||||
|
add_host: hostname={{ item.public_ip }} groupname=launched
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
- name: Wait for SSH to come up
|
||||||
|
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
||||||
|
with_items: "{{ ec2.instances }}"
|
||||||
|
tags: validator
|
||||||
|
|
||||||
|
- name: Installing python
|
||||||
|
hosts: all
|
||||||
|
hosts: launched
|
||||||
|
gather_facts: False
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
tasks:
|
||||||
|
- name: Install python
|
||||||
|
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
||||||
|
|
||||||
|
- name: Configure instance(s)
|
||||||
|
hosts: launched
|
||||||
|
user: ubuntu
|
||||||
|
become: True
|
||||||
|
vars:
|
||||||
|
ansible_ssh_port: 22
|
||||||
|
gather_facts: True
|
||||||
|
roles:
|
||||||
|
- preconf
|
||||||
|
tags: preconf
|
||||||
|
tasks:
|
||||||
|
- name: restart machine after setup
|
||||||
|
shell: shutdown -r 1
|
||||||
|
|
||||||
|
- name: Create validator elastic ip
|
||||||
|
hosts: localhost
|
||||||
|
gather_facts: False
|
||||||
|
tasks:
|
||||||
|
- name: associate elastic ip for validator
|
||||||
|
ec2_eip:
|
||||||
|
ec2_access_key: "{{ access_key }}"
|
||||||
|
ec2_secret_key: "{{ secret_key }}"
|
||||||
|
region: "{{ region }}"
|
||||||
|
reuse_existing_ip_allowed: yes
|
||||||
|
state: present
|
||||||
|
in_vpc: yes
|
||||||
|
device_id: "{{ ec2.instance_ids[0] }}"
|
||||||
|
register: instance_elastic_ip
|
||||||
|
when: associate_validator_elastic_ip == true
|
||||||
|
|
||||||
|
- debug: var=instance_elastic_ip.public_ip
|
||||||
|
when: associate_validator_elastic_ip == true
|
||||||
|
|
||||||
|
- name: EC2 access setup
|
||||||
|
hosts: validator
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- validator-access
|
105
bootnode.yml
105
bootnode.yml
|
@ -1,105 +1,4 @@
|
||||||
---
|
- hosts: bootnode
|
||||||
- name: Create bootnode security group
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: Create Security group
|
|
||||||
ec2_group:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
name: "{{ bootnode_security_group }}"
|
|
||||||
description: "Default security group"
|
|
||||||
region: "{{ region }}"
|
|
||||||
purge_rules_egress: false
|
|
||||||
purge_rules: false
|
|
||||||
rules:
|
|
||||||
- proto: tcp
|
|
||||||
from_port: 22
|
|
||||||
to_port: 22
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
rules_egress:
|
|
||||||
- proto: all
|
|
||||||
from_port: all
|
|
||||||
to_port: all
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
tags: bootnode
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create bootnode
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
- device_name: /dev/sda1
|
|
||||||
volume_size: 128
|
|
||||||
delete_on_termination: true
|
|
||||||
tasks:
|
|
||||||
- name: Launch instance
|
|
||||||
ec2:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
key_name: "{{ awskeypair_name }}"
|
|
||||||
instance_tags:
|
|
||||||
Name: "{{ bootnode_instance_name }}"
|
|
||||||
group: "{{ bootnode_security_group }}"
|
|
||||||
instance_type: "{{ bootnode_instance_type }}"
|
|
||||||
image: "{{ image }}"
|
|
||||||
count: "{{ bootnode_count_instances }}"
|
|
||||||
wait: yes
|
|
||||||
region: "{{ region }}"
|
|
||||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
|
||||||
volumes: "{{ volumes }}"
|
|
||||||
assign_public_ip: yes
|
|
||||||
register: ec2
|
|
||||||
- name: Add new instance to host group
|
|
||||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
- name: Wait for SSH to come up
|
|
||||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
tags: bootnode
|
|
||||||
|
|
||||||
- name: Installing python
|
|
||||||
hosts: all
|
|
||||||
hosts: launched
|
|
||||||
gather_facts: False
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
become: True
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
tasks:
|
|
||||||
- name: Install python
|
|
||||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
|
||||||
|
|
||||||
- name: Configure instance(s)
|
|
||||||
hosts: launched
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
gather_facts: True
|
|
||||||
roles:
|
roles:
|
||||||
- preconf
|
- bootnode
|
||||||
tags: preconf
|
|
||||||
tasks:
|
|
||||||
- name: restart machine after setup
|
|
||||||
shell: shutdown -r 1
|
|
||||||
|
|
||||||
- name: Create bootnode elastic ip
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: associate elastic ip for bootnode
|
|
||||||
ec2_eip:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
region: "{{ region }}"
|
|
||||||
reuse_existing_ip_allowed: yes
|
|
||||||
state: present
|
|
||||||
in_vpc: yes
|
|
||||||
device_id: "{{ ec2.instance_ids[0] }}"
|
|
||||||
register: instance_elastic_ip
|
|
||||||
when: associate_bootnode_elastic_ip == true
|
|
||||||
|
|
||||||
- debug: var=instance_elastic_ip.public_ip
|
|
||||||
when: associate_bootnode_elastic_ip == true
|
|
||||||
|
|
86
explorer.yml
86
explorer.yml
|
@ -1,86 +1,4 @@
|
||||||
---
|
- hosts: explorer
|
||||||
- name: Create explorer security group
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: Create Security group
|
|
||||||
ec2_group:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
name: "{{ explorer_security_group }}"
|
|
||||||
description: "Default security group"
|
|
||||||
region: "{{ region }}"
|
|
||||||
purge_rules_egress: false
|
|
||||||
purge_rules: false
|
|
||||||
rules:
|
|
||||||
- proto: tcp
|
|
||||||
from_port: 22
|
|
||||||
to_port: 22
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
rules_egress:
|
|
||||||
- proto: all
|
|
||||||
from_port: all
|
|
||||||
to_port: all
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
tags: explorer
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create explorer
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
- device_name: /dev/sda1
|
|
||||||
volume_size: 128
|
|
||||||
delete_on_termination: true
|
|
||||||
tasks:
|
|
||||||
- name: Launch instance
|
|
||||||
ec2:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
key_name: "{{ awskeypair_name }}"
|
|
||||||
instance_tags:
|
|
||||||
Name: "{{ explorer_instance_name }}"
|
|
||||||
group: "{{ explorer_security_group }}"
|
|
||||||
instance_type: "{{ explorer_instance_type }}"
|
|
||||||
image: "{{ image }}"
|
|
||||||
count: "{{ explorer_count_instances }}"
|
|
||||||
wait: yes
|
|
||||||
region: "{{ region }}"
|
|
||||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
|
||||||
volumes: "{{ volumes }}"
|
|
||||||
assign_public_ip: yes
|
|
||||||
register: ec2
|
|
||||||
- name: Add new instance to host group
|
|
||||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
- name: Wait for SSH to come up
|
|
||||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
tags: explorer
|
|
||||||
|
|
||||||
- name: Installing python
|
|
||||||
hosts: all
|
|
||||||
hosts: launched
|
|
||||||
gather_facts: False
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
become: True
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
tasks:
|
|
||||||
- name: Install python
|
|
||||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
|
||||||
|
|
||||||
- name: Configure instance(s)
|
|
||||||
hosts: launched
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
gather_facts: True
|
|
||||||
roles:
|
roles:
|
||||||
- preconf
|
- explorer
|
||||||
tags: preconf
|
|
||||||
tasks:
|
|
||||||
- name: restart machine after setup
|
|
||||||
shell: shutdown -r 1
|
|
|
@ -45,58 +45,4 @@ NODE_SOURCE_DEB: "https://deb.nodesource.com/node_8.x"
|
||||||
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
PARITY_BIN_LOC: "https://d1h4xl4cr1h0mo.cloudfront.net/v1.9.2/x86_64-unknown-linux-gnu/parity"
|
||||||
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
PARITY_BIN_SHA256: "3604a030388cd2c22ebe687787413522106c697610426e09b3c5da4fe70bbd33"
|
||||||
ORCHESTRATOR_BIN_LOC: ""
|
ORCHESTRATOR_BIN_LOC: ""
|
||||||
ORCHESTRATOR_BIN_SHA256: ""
|
ORCHESTRATOR_BIN_SHA256: ""
|
||||||
|
|
||||||
#bootnode
|
|
||||||
bootnode_instance_type: "t2.large"
|
|
||||||
bootnode_instance_name: "bootnode"
|
|
||||||
bootnode_count_instances: "1"
|
|
||||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
|
||||||
bootnode_archive: "off"
|
|
||||||
bootnode_orchestrator: "off"
|
|
||||||
|
|
||||||
#netstat
|
|
||||||
netstat_instance_type: "t2.large"
|
|
||||||
netstat_instance_name: "netstat"
|
|
||||||
netstat_count_instances: "1"
|
|
||||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
|
||||||
|
|
||||||
#validator
|
|
||||||
validator_instance_type: "t2.large"
|
|
||||||
validator_instance_name: "validator"
|
|
||||||
validator_count_instances: "1"
|
|
||||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
|
||||||
validator_archive: "off"
|
|
||||||
|
|
||||||
#moc
|
|
||||||
moc_instance_type: "t2.large"
|
|
||||||
moc_instance_name: "moc"
|
|
||||||
moc_count_instances: "1"
|
|
||||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
|
||||||
moc_archive: "off"
|
|
||||||
|
|
||||||
#explorer
|
|
||||||
explorer_instance_type: "t2.large"
|
|
||||||
explorer_instance_name: "explorer"
|
|
||||||
explorer_count_instances: "1"
|
|
||||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
|
||||||
|
|
||||||
#restrict network access to instances
|
|
||||||
allow_bootnode_ssh: true
|
|
||||||
allow_bootnode_p2p: true
|
|
||||||
allow_bootnode_rpc: true
|
|
||||||
associate_bootnode_elastic_ip: false
|
|
||||||
|
|
||||||
allow_explorer_ssh: true
|
|
||||||
allow_explorer_p2p: true
|
|
||||||
allow_explorer_http: true
|
|
||||||
|
|
||||||
allow_moc_ssh: true
|
|
||||||
allow_moc_p2p: true
|
|
||||||
|
|
||||||
allow_netstat_ssh: true
|
|
||||||
allow_netstat_http: true
|
|
||||||
|
|
||||||
allow_validator_ssh: true
|
|
||||||
allow_validator_p2p: true
|
|
||||||
associate_validator_elastic_ip: false
|
|
|
@ -23,58 +23,3 @@ GENESIS_NETWORK_NAME: "PoA"
|
||||||
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
MOC_ADDRESS: "0xdd0bb0e2a1594240fed0c2f2c17c1e9ab4f87126"
|
||||||
BLK_GAS_LIMIT: "6700000"
|
BLK_GAS_LIMIT: "6700000"
|
||||||
|
|
||||||
#bootnode
|
|
||||||
bootnode_instance_type: "t2.large"
|
|
||||||
bootnode_instance_name: "bootnode"
|
|
||||||
bootnode_count_instances: "1"
|
|
||||||
bootnode_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-bootnode-security"
|
|
||||||
bootnode_archive: "off"
|
|
||||||
bootnode_orchestrator: "off"
|
|
||||||
|
|
||||||
#netstat
|
|
||||||
netstat_instance_type: "t2.large"
|
|
||||||
netstat_instance_name: "netstat"
|
|
||||||
netstat_count_instances: "1"
|
|
||||||
netstat_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-netstat-security"
|
|
||||||
|
|
||||||
#validator
|
|
||||||
validator_instance_type: "t2.large"
|
|
||||||
validator_instance_name: "validator"
|
|
||||||
validator_count_instances: "1"
|
|
||||||
validator_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-validator-security"
|
|
||||||
validator_archive: "off"
|
|
||||||
|
|
||||||
#moc
|
|
||||||
moc_instance_type: "t2.large"
|
|
||||||
moc_instance_name: "moc"
|
|
||||||
moc_count_instances: "1"
|
|
||||||
moc_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-moc-security"
|
|
||||||
moc_archive: "off"
|
|
||||||
|
|
||||||
#explorer
|
|
||||||
explorer_instance_type: "t2.large"
|
|
||||||
explorer_instance_name: "explorer"
|
|
||||||
explorer_count_instances: "1"
|
|
||||||
explorer_security_group: "{{ MAIN_REPO_FETCH }}-{{ GENESIS_BRANCH }}-explorer-security"
|
|
||||||
|
|
||||||
#restrict network access to instances
|
|
||||||
allow_bootnode_ssh: true
|
|
||||||
allow_bootnode_p2p: true
|
|
||||||
allow_bootnode_rpc: true
|
|
||||||
associate_bootnode_elastic_ip: false
|
|
||||||
|
|
||||||
allow_explorer_ssh: true
|
|
||||||
allow_explorer_p2p: true
|
|
||||||
allow_explorer_http: true
|
|
||||||
|
|
||||||
allow_moc_ssh: true
|
|
||||||
allow_moc_p2p: true
|
|
||||||
|
|
||||||
allow_netstat_ssh: true
|
|
||||||
allow_netstat_http: true
|
|
||||||
|
|
||||||
allow_validator_ssh: true
|
|
||||||
allow_validator_p2p: true
|
|
||||||
associate_validator_elastic_ip: false
|
|
||||||
|
|
||||||
################################################################
|
|
||||||
|
|
|
@ -9,3 +9,13 @@ NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||||
|
|
||||||
NETSTATS_SERVER: "INSERT FULL URL"
|
NETSTATS_SERVER: "INSERT FULL URL"
|
||||||
NETSTATS_SECRET: "INSERT SECRET"
|
NETSTATS_SECRET: "INSERT SECRET"
|
||||||
|
|
||||||
|
username: "bootnode"
|
||||||
|
users:
|
||||||
|
- name: "{{ username }}"
|
||||||
|
home: "/home/{{ username }}"
|
||||||
|
nginx_headers: "on"
|
||||||
|
PROXY_PORT: "8545"
|
||||||
|
|
||||||
|
bootnode_archive: "off"
|
||||||
|
bootnode_orchestrator: "off"
|
|
@ -3,3 +3,12 @@ secret_key: "INSERT SECRET HERE"
|
||||||
awskeypair_name: "keypairname"
|
awskeypair_name: "keypairname"
|
||||||
|
|
||||||
vpc_subnet_id: "subnet-ID-number"
|
vpc_subnet_id: "subnet-ID-number"
|
||||||
|
|
||||||
|
username: "explorer"
|
||||||
|
users:
|
||||||
|
- name: "{{ username }}"
|
||||||
|
home: "/home/{{ username }}"
|
||||||
|
|
||||||
|
nginx_headers: "off"
|
||||||
|
PROXY_PORT: "3000"
|
||||||
|
explorerS_SERVER: "localhost"
|
|
@ -12,3 +12,10 @@ NETSTATS_SECRET: "INSERT SECRET"
|
||||||
|
|
||||||
MOC_KEYPASS: "INSERT HERE"
|
MOC_KEYPASS: "INSERT HERE"
|
||||||
MOC_KEYFILE: 'INSERT HERE'
|
MOC_KEYFILE: 'INSERT HERE'
|
||||||
|
|
||||||
|
username: "moc"
|
||||||
|
users:
|
||||||
|
- name: "{{ username }}"
|
||||||
|
home: "/home/{{ username }}"
|
||||||
|
|
||||||
|
moc_archive: "off"
|
|
@ -8,3 +8,12 @@ NODE_FULLNAME: "INSERT NODENAME"
|
||||||
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
NODE_ADMIN_EMAIL: "INSERT@EMAIL"
|
||||||
|
|
||||||
NETSTATS_SECRET: "INSERT SECRET"
|
NETSTATS_SECRET: "INSERT SECRET"
|
||||||
|
|
||||||
|
username: "netstat"
|
||||||
|
users:
|
||||||
|
- name: "{{ username }}"
|
||||||
|
home: "/home/{{ username }}"
|
||||||
|
|
||||||
|
nginx_headers: "off"
|
||||||
|
PROXY_PORT: "3000"
|
||||||
|
NETSTATS_SERVER: "http://localhost:3000"
|
|
@ -13,3 +13,10 @@ NETSTATS_SECRET: "INSERT SECRET"
|
||||||
MINING_KEYFILE: 'INSERT HERE'
|
MINING_KEYFILE: 'INSERT HERE'
|
||||||
MINING_ADDRESS: "INSERT HERE"
|
MINING_ADDRESS: "INSERT HERE"
|
||||||
MINING_KEYPASS: "INSERT HERE"
|
MINING_KEYPASS: "INSERT HERE"
|
||||||
|
|
||||||
|
username: "validator"
|
||||||
|
users:
|
||||||
|
- name: "{{ username }}"
|
||||||
|
home: "/home/{{ username }}"
|
||||||
|
|
||||||
|
validator_archive: "off"
|
|
@ -23,4 +23,4 @@ bootnode
|
||||||
moc
|
moc
|
||||||
netstat
|
netstat
|
||||||
validator
|
validator
|
||||||
explorer
|
explorer
|
86
moc.yml
86
moc.yml
|
@ -1,86 +1,4 @@
|
||||||
---
|
- hosts: moc
|
||||||
- name: Create moc security group
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: Create Security group
|
|
||||||
ec2_group:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
name: "{{ moc_security_group }}"
|
|
||||||
description: "Default security group"
|
|
||||||
region: "{{ region }}"
|
|
||||||
purge_rules_egress: false
|
|
||||||
purge_rules: false
|
|
||||||
rules:
|
|
||||||
- proto: tcp
|
|
||||||
from_port: 22
|
|
||||||
to_port: 22
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
rules_egress:
|
|
||||||
- proto: all
|
|
||||||
from_port: all
|
|
||||||
to_port: all
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
tags: moc
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create moc
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
- device_name: /dev/sda1
|
|
||||||
volume_size: 128
|
|
||||||
delete_on_termination: true
|
|
||||||
tasks:
|
|
||||||
- name: Launch instance
|
|
||||||
ec2:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
key_name: "{{ awskeypair_name }}"
|
|
||||||
instance_tags:
|
|
||||||
Name: "{{ moc_instance_name }}"
|
|
||||||
group: "{{ moc_security_group }}"
|
|
||||||
instance_type: "{{ moc_instance_type }}"
|
|
||||||
image: "{{ image }}"
|
|
||||||
count: "{{ moc_count_instances }}"
|
|
||||||
wait: yes
|
|
||||||
region: "{{ region }}"
|
|
||||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
|
||||||
volumes: "{{ volumes }}"
|
|
||||||
assign_public_ip: yes
|
|
||||||
register: ec2
|
|
||||||
- name: Add new instance to host group
|
|
||||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
- name: Wait for SSH to come up
|
|
||||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
tags: moc
|
|
||||||
|
|
||||||
- name: Installing python
|
|
||||||
hosts: all
|
|
||||||
hosts: launched
|
|
||||||
gather_facts: False
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
become: True
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
tasks:
|
|
||||||
- name: Install python
|
|
||||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
|
||||||
|
|
||||||
- name: Configure instance(s)
|
|
||||||
hosts: launched
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
gather_facts: True
|
|
||||||
roles:
|
roles:
|
||||||
- preconf
|
- moc
|
||||||
tags: preconf
|
|
||||||
tasks:
|
|
||||||
- name: restart machine after setup
|
|
||||||
shell: shutdown -r 1
|
|
86
netstat.yml
86
netstat.yml
|
@ -1,86 +1,4 @@
|
||||||
---
|
- hosts: netstat
|
||||||
- name: Create netstat security group
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: Create Security group
|
|
||||||
ec2_group:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
name: "{{ netstat_security_group }}"
|
|
||||||
description: "Default security group"
|
|
||||||
region: "{{ region }}"
|
|
||||||
purge_rules_egress: false
|
|
||||||
purge_rules: false
|
|
||||||
rules:
|
|
||||||
- proto: tcp
|
|
||||||
from_port: 22
|
|
||||||
to_port: 22
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
rules_egress:
|
|
||||||
- proto: all
|
|
||||||
from_port: all
|
|
||||||
to_port: all
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
tags: netstat
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create netstat
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
- device_name: /dev/sda1
|
|
||||||
volume_size: 128
|
|
||||||
delete_on_termination: true
|
|
||||||
tasks:
|
|
||||||
- name: Launch instance
|
|
||||||
ec2:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
key_name: "{{ awskeypair_name }}"
|
|
||||||
instance_tags:
|
|
||||||
Name: "{{ netstat_instance_name }}"
|
|
||||||
group: "{{ netstat_security_group }}"
|
|
||||||
instance_type: "{{ netstat_instance_type }}"
|
|
||||||
image: "{{ image }}"
|
|
||||||
count: "{{ netstat_count_instances }}"
|
|
||||||
wait: yes
|
|
||||||
region: "{{ region }}"
|
|
||||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
|
||||||
volumes: "{{ volumes }}"
|
|
||||||
assign_public_ip: yes
|
|
||||||
register: ec2
|
|
||||||
- name: Add new instance to host group
|
|
||||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
- name: Wait for SSH to come up
|
|
||||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
tags: netstat
|
|
||||||
|
|
||||||
- name: Installing python
|
|
||||||
hosts: all
|
|
||||||
hosts: launched
|
|
||||||
gather_facts: False
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
become: True
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
tasks:
|
|
||||||
- name: Install python
|
|
||||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
|
||||||
|
|
||||||
- name: Configure instance(s)
|
|
||||||
hosts: launched
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
gather_facts: True
|
|
||||||
roles:
|
roles:
|
||||||
- preconf
|
- netstat
|
||||||
tags: preconf
|
|
||||||
tasks:
|
|
||||||
- name: restart machine after setup
|
|
||||||
shell: shutdown -r 1
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup ufw firewall
|
|
||||||
import_tasks: ufw.yml
|
|
||||||
when: not ansible_bios_version | search("amazon")
|
|
||||||
|
|
||||||
- name: Setup EC2 firewall
|
|
||||||
import_tasks: ec2.yml
|
|
||||||
when: ansible_bios_version | search("amazon")
|
|
|
@ -1,14 +1,5 @@
|
||||||
---
|
---
|
||||||
username: "bootnode"
|
|
||||||
users:
|
|
||||||
- name: "{{ username }}"
|
|
||||||
home: "/home/{{ username }}"
|
|
||||||
nginx_headers: "on"
|
|
||||||
PROXY_PORT: "8545"
|
|
||||||
|
|
||||||
allow_bootnode_ssh: true
|
allow_bootnode_ssh: true
|
||||||
allow_bootnode_p2p: true
|
allow_bootnode_p2p: true
|
||||||
allow_bootnode_rpc: false
|
allow_bootnode_rpc: false
|
||||||
|
|
||||||
bootnode_archive: "off"
|
|
||||||
bootnode_orchestrator: "off"
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
dependencies:
|
||||||
|
- { role: preconf }
|
||||||
|
- { role: usermanager }
|
||||||
|
# - { role: logentries }
|
||||||
|
- { role: nodejs }
|
||||||
|
- { role: poa-logrotate }
|
||||||
|
- { role: poa-parity }
|
||||||
|
- { role: poa-pm2 }
|
||||||
|
- { role: poa-netstats }
|
||||||
|
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
|
||||||
|
- { role: nginx }
|
|
@ -1,29 +1,12 @@
|
||||||
---
|
---
|
||||||
- name: Create directory parity_data/keys/NetworkName
|
|
||||||
file:
|
|
||||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0700
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Create logs directories
|
|
||||||
file:
|
|
||||||
path: "/{{ home }}/logs/old"
|
|
||||||
state: directory
|
|
||||||
mode: 0755
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Download spec.json
|
|
||||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
|
||||||
with_items:
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
||||||
|
|
||||||
- name: Create node.toml
|
- name: Create node.toml
|
||||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||||
with_items:
|
with_items:
|
||||||
- node.toml
|
- node.toml
|
||||||
|
|
||||||
|
- name: Setup ufw firewall
|
||||||
|
import_tasks: ufw.yml
|
||||||
|
when: not ansible_bios_version | search("amazon")
|
||||||
|
|
||||||
#- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
|
#- file: path={{ home }} owner={{ username }} group={{ username }} recurse=yes
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup ufw firewall
|
|
||||||
import_tasks: ufw.yml
|
|
||||||
when: not ansible_bios_version | search("amazon")
|
|
||||||
|
|
||||||
- name: Setup EC2 firewall
|
|
||||||
import_tasks: ec2.yml
|
|
||||||
when: ansible_bios_version | search("amazon")
|
|
|
@ -1,12 +1,5 @@
|
||||||
username: "explorer"
|
-----
|
||||||
users:
|
|
||||||
- name: "{{ username }}"
|
|
||||||
home: "/home/{{ username }}"
|
|
||||||
|
|
||||||
allow_explorer_ssh: true
|
allow_explorer_ssh: true
|
||||||
allow_explorer_p2p: true
|
allow_explorer_p2p: true
|
||||||
allow_explorer_http: true
|
allow_explorer_http: true
|
||||||
|
|
||||||
nginx_headers: "off"
|
|
||||||
PROXY_PORT: "3000"
|
|
||||||
explorerS_SERVER: "localhost"
|
|
|
@ -1,3 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: restart poa-chain-explorer
|
- name: restart poa-chain-explorer
|
||||||
service: name=poa-chain-explorer state=restarted
|
service: name=poa-chain-explorer state=restarted
|
||||||
|
|
||||||
|
- name: restart ufw
|
||||||
|
service: name=ufw state=restarted
|
|
@ -0,0 +1,8 @@
|
||||||
|
dependencies:
|
||||||
|
- { role: preconf }
|
||||||
|
- { role: usermanager }
|
||||||
|
- { role: nodejs }
|
||||||
|
- { role: poa-logrotate }
|
||||||
|
- { role: poa-parity }
|
||||||
|
- { role: poa-pm2 }
|
||||||
|
- { role: nginx }
|
|
@ -1,25 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Create directory parity_data/keys/NetworkName
|
|
||||||
file:
|
|
||||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0700
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Create logs directories
|
|
||||||
file:
|
|
||||||
path: "/{{ home }}/logs/old"
|
|
||||||
state: directory
|
|
||||||
mode: 0755
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Download spec.json
|
|
||||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
|
||||||
with_items:
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
||||||
|
|
||||||
- name: Create node.toml
|
- name: Create node.toml
|
||||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||||
|
@ -60,3 +39,7 @@
|
||||||
|
|
||||||
- name: Ensure poa-chain-explorer is running and enabled to start at boot
|
- name: Ensure poa-chain-explorer is running and enabled to start at boot
|
||||||
service: name=poa-chain-explorer state=started enabled=yes
|
service: name=poa-chain-explorer state=started enabled=yes
|
||||||
|
|
||||||
|
- name: Setup ufw firewall
|
||||||
|
import_tasks: ufw.yml
|
||||||
|
when: not ansible_bios_version | search("amazon")
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
explorer_version: "acee07c"
|
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
- name: restart ufw
|
|
||||||
service: name=ufw state=restarted
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup ufw firewall
|
|
||||||
import_tasks: ufw.yml
|
|
||||||
when: not ansible_bios_version | search("amazon")
|
|
||||||
|
|
||||||
- name: Setup EC2 firewall
|
|
||||||
import_tasks: ec2.yml
|
|
||||||
when: ansible_bios_version | search("amazon")
|
|
|
@ -1,8 +1,4 @@
|
||||||
---
|
---
|
||||||
username: "moc"
|
|
||||||
users:
|
|
||||||
- name: "{{ username }}"
|
|
||||||
home: "/home/{{ username }}"
|
|
||||||
|
|
||||||
allow_moc_ssh: true
|
allow_moc_ssh: true
|
||||||
allow_moc_p2p: true
|
allow_moc_p2p: true
|
|
@ -0,0 +1,8 @@
|
||||||
|
dependencies:
|
||||||
|
- { role: preconf }
|
||||||
|
- { role: usermanager }
|
||||||
|
- { role: nodejs }
|
||||||
|
- { role: poa-logrotate }
|
||||||
|
- { role: poa-parity }
|
||||||
|
- { role: poa-pm2 }
|
||||||
|
- { role: poa-netstats }
|
|
@ -1,25 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Create directory parity_data/keys/NetworkName
|
|
||||||
file:
|
|
||||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0700
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Create logs directories
|
|
||||||
file:
|
|
||||||
path: "/{{ home }}/logs/old"
|
|
||||||
state: directory
|
|
||||||
mode: 0755
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Download spec.json
|
|
||||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
|
||||||
with_items:
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
||||||
|
|
||||||
- name: Create node.toml
|
- name: Create node.toml
|
||||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||||
|
@ -60,3 +39,7 @@
|
||||||
path: "{{ home }}/poa-scripts-moc/distributeTokens"
|
path: "{{ home }}/poa-scripts-moc/distributeTokens"
|
||||||
become: true
|
become: true
|
||||||
become_user: "{{ username }}"
|
become_user: "{{ username }}"
|
||||||
|
|
||||||
|
- name: Setup ufw firewall
|
||||||
|
import_tasks: ufw.yml
|
||||||
|
when: not ansible_bios_version | search("amazon")
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
- name: restart ufw
|
|
||||||
service: name=ufw state=restarted
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup ufw firewall
|
|
||||||
import_tasks: ufw.yml
|
|
||||||
when: not ansible_bios_version | search("amazon")
|
|
||||||
|
|
||||||
- name: Setup EC2 firewall
|
|
||||||
import_tasks: ec2.yml
|
|
||||||
when: ansible_bios_version | search("amazon")
|
|
|
@ -1,12 +1,4 @@
|
||||||
---
|
---
|
||||||
username: "netstat"
|
|
||||||
users:
|
|
||||||
- name: "{{ username }}"
|
|
||||||
home: "/home/{{ username }}"
|
|
||||||
|
|
||||||
allow_netstat_ssh: true
|
allow_netstat_ssh: true
|
||||||
allow_netstat_http: true
|
allow_netstat_http: true
|
||||||
|
|
||||||
nginx_headers: "off"
|
|
||||||
PROXY_PORT: "3000"
|
|
||||||
NETSTATS_SERVER: "http://localhost:3000"
|
|
||||||
|
|
|
@ -1,3 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: restart poa-dashboard
|
- name: restart poa-dashboard
|
||||||
service: name=poa-dashboard state=restarted
|
service: name=poa-dashboard state=restarted
|
||||||
|
|
||||||
|
- name: restart ufw
|
||||||
|
service: name=ufw state=restarted
|
|
@ -0,0 +1,6 @@
|
||||||
|
dependencies:
|
||||||
|
- { role: preconf }
|
||||||
|
- { role: usermanager }
|
||||||
|
- { role: nodejs }
|
||||||
|
- { role: poa-logrotate }
|
||||||
|
- { role: nginx }
|
|
@ -1,11 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Create logs directories
|
|
||||||
file:
|
|
||||||
path: "/{{ home }}/logs/old"
|
|
||||||
state: directory
|
|
||||||
mode: 0755
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Clone poanetworks/eth-netstats repo from GitHub
|
- name: Clone poanetworks/eth-netstats repo from GitHub
|
||||||
git:
|
git:
|
||||||
|
@ -50,3 +43,7 @@
|
||||||
|
|
||||||
- name: Ensure poa-dashboard is running and enabled to start at boot
|
- name: Ensure poa-dashboard is running and enabled to start at boot
|
||||||
service: name=poa-dashboard state=started enabled=yes
|
service: name=poa-dashboard state=started enabled=yes
|
||||||
|
|
||||||
|
- name: Setup ufw firewall
|
||||||
|
import_tasks: ufw.yml
|
||||||
|
when: not ansible_bios_version | search("amazon")
|
|
@ -1 +0,0 @@
|
||||||
netstat_version: "cb431d6"
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
- name: Create directory parity_data/keys/NetworkName
|
||||||
|
file:
|
||||||
|
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
||||||
|
state: directory
|
||||||
|
mode: 0700
|
||||||
|
owner: "{{ username }}"
|
||||||
|
group: "{{ username }}"
|
|
@ -0,0 +1,7 @@
|
||||||
|
- name: Create logs directories
|
||||||
|
file:
|
||||||
|
path: "/{{ home }}/logs/old"
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
owner: "{{ username }}"
|
||||||
|
group: "{{ username }}"
|
|
@ -9,3 +9,8 @@
|
||||||
- import_tasks: chrony.yml
|
- import_tasks: chrony.yml
|
||||||
- import_tasks: logrotate.yml
|
- import_tasks: logrotate.yml
|
||||||
- import_tasks: swap.yml
|
- import_tasks: swap.yml
|
||||||
|
- import_tasks: logs.yml
|
||||||
|
- import_tasks: keys.yml
|
||||||
|
when: ‘netstat’ not in ansible_hostname
|
||||||
|
- import_tasks: spec.yml
|
||||||
|
when: ‘netstat’ not in ansible_hostname
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
- name: Download spec.json
|
||||||
|
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
||||||
|
with_items:
|
||||||
|
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
||||||
|
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
- name: restart ufw
|
|
||||||
service: name=ufw state=restarted
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup ufw firewall
|
|
||||||
import_tasks: ufw.yml
|
|
||||||
when: not ansible_bios_version | search("amazon")
|
|
||||||
|
|
||||||
- name: Setup EC2 firewall
|
|
||||||
import_tasks: ec2.yml
|
|
||||||
when: ansible_bios_version | search("amazon")
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
allow_validator_ssh: true
|
||||||
|
allow_validator_p2p: true
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
- name: restart ufw
|
||||||
|
service: name=ufw state=restarted
|
|
@ -0,0 +1,8 @@
|
||||||
|
dependencies:
|
||||||
|
- { role: preconf }
|
||||||
|
- { role: usermanager }
|
||||||
|
- { role: nodejs }
|
||||||
|
- { role: poa-logrotate }
|
||||||
|
- { role: poa-parity }
|
||||||
|
- { role: poa-pm2 }
|
||||||
|
- { role: poa-netstats }
|
|
@ -1,25 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: Create directory parity_data/keys/NetworkName
|
|
||||||
file:
|
|
||||||
path: "{{ home }}/parity_data/keys/{{ GENESIS_NETWORK_NAME }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0700
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Create logs directories
|
|
||||||
file:
|
|
||||||
path: "/{{ home }}/logs/old"
|
|
||||||
state: directory
|
|
||||||
mode: 0755
|
|
||||||
owner: "{{ username }}"
|
|
||||||
group: "{{ username }}"
|
|
||||||
|
|
||||||
- name: Download spec.json
|
|
||||||
get_url: url={{ item }} dest={{ home }}/ mode=0644
|
|
||||||
with_items:
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/spec.json"
|
|
||||||
- "https://raw.githubusercontent.com/{{ MAIN_REPO_FETCH }}/poa-chain-spec/{{ GENESIS_BRANCH }}/bootnodes.txt"
|
|
||||||
|
|
||||||
- name: Create node.toml
|
- name: Create node.toml
|
||||||
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
template: src={{ item }}.j2 dest={{ home }}/node.toml owner=root group=root mode=0644
|
||||||
|
|
103
site.yml
103
site.yml
|
@ -1,84 +1,19 @@
|
||||||
---
|
- name: Bootnode deployment
|
||||||
- hosts: all
|
import_playbook: bootnode.yml
|
||||||
user: ubuntu
|
tags: bootnode
|
||||||
become: True
|
|
||||||
# user: root
|
- name: Explorer deployment
|
||||||
roles:
|
import_playbook: explorer.yml
|
||||||
- preconf
|
tags: explorer
|
||||||
tags: preconf
|
|
||||||
|
- name: Moc deployment
|
||||||
- hosts: bootnode
|
import_playbook: moc.yml
|
||||||
become: True
|
tags: moc
|
||||||
roles:
|
|
||||||
- usermanager
|
- name: Netstat deployment
|
||||||
# - logentries
|
import_playbook: netstat.yml
|
||||||
- nodejs
|
tags: netstat
|
||||||
- bootnode
|
|
||||||
- poa-logrotate
|
- name: Validator deployment
|
||||||
- poa-parity
|
import_playbook: validator.yml
|
||||||
- poa-pm2
|
tags: validator
|
||||||
- poa-netstats
|
|
||||||
- { role: poa-orchestrator, when: "(bootnode_orchestrator or 'off') == 'on'" }
|
|
||||||
- nginx
|
|
||||||
- bootnode-access
|
|
||||||
tags:
|
|
||||||
- bootnode
|
|
||||||
|
|
||||||
- hosts: validator
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
username: "validator"
|
|
||||||
users:
|
|
||||||
- name: "validator"
|
|
||||||
home: "/home/validator"
|
|
||||||
roles:
|
|
||||||
- usermanager
|
|
||||||
- nodejs
|
|
||||||
- poa-logrotate
|
|
||||||
- poa-parity
|
|
||||||
- poa-pm2
|
|
||||||
- poa-netstats
|
|
||||||
- validator
|
|
||||||
- validator-access
|
|
||||||
tags:
|
|
||||||
- validator
|
|
||||||
|
|
||||||
- hosts: netstat
|
|
||||||
become: True
|
|
||||||
roles:
|
|
||||||
- usermanager
|
|
||||||
- nodejs
|
|
||||||
- poa-logrotate
|
|
||||||
- netstat
|
|
||||||
- nginx
|
|
||||||
- netstat-access
|
|
||||||
tags:
|
|
||||||
- netstat
|
|
||||||
|
|
||||||
- hosts: explorer
|
|
||||||
become: True
|
|
||||||
roles:
|
|
||||||
- usermanager
|
|
||||||
- nodejs
|
|
||||||
- poa-logrotate
|
|
||||||
- poa-parity
|
|
||||||
- poa-pm2
|
|
||||||
- explorer
|
|
||||||
- nginx
|
|
||||||
- explorer-access
|
|
||||||
tags:
|
|
||||||
- explorer
|
|
||||||
|
|
||||||
- hosts: moc
|
|
||||||
become: True
|
|
||||||
roles:
|
|
||||||
- usermanager
|
|
||||||
- nodejs
|
|
||||||
- poa-logrotate
|
|
||||||
- poa-parity
|
|
||||||
- poa-pm2
|
|
||||||
- poa-netstats
|
|
||||||
- moc
|
|
||||||
- moc-access
|
|
||||||
tags:
|
|
||||||
- moc
|
|
||||||
|
|
105
validator.yml
105
validator.yml
|
@ -1,105 +1,4 @@
|
||||||
---
|
- hosts: validator
|
||||||
- name: Create validator security group
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: Create Security group
|
|
||||||
ec2_group:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
name: "{{ validator_security_group }}"
|
|
||||||
description: "Default security group"
|
|
||||||
region: "{{ region }}"
|
|
||||||
purge_rules_egress: false
|
|
||||||
purge_rules: false
|
|
||||||
rules:
|
|
||||||
- proto: tcp
|
|
||||||
from_port: 22
|
|
||||||
to_port: 22
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
rules_egress:
|
|
||||||
- proto: all
|
|
||||||
from_port: all
|
|
||||||
to_port: all
|
|
||||||
cidr_ip: 0.0.0.0/0
|
|
||||||
tags: validator
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create validator
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
- device_name: /dev/sda1
|
|
||||||
volume_size: 128
|
|
||||||
delete_on_termination: true
|
|
||||||
tasks:
|
|
||||||
- name: Launch instance
|
|
||||||
ec2:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
key_name: "{{ awskeypair_name }}"
|
|
||||||
instance_tags:
|
|
||||||
Name: "{{ validator_instance_name }}"
|
|
||||||
group: "{{ validator_security_group }}"
|
|
||||||
instance_type: "{{ validator_instance_type }}"
|
|
||||||
image: "{{ image }}"
|
|
||||||
count: "{{ validator_count_instances }}"
|
|
||||||
wait: yes
|
|
||||||
region: "{{ region }}"
|
|
||||||
vpc_subnet_id: "{{ vpc_subnet_id }}"
|
|
||||||
volumes: "{{ volumes }}"
|
|
||||||
assign_public_ip: yes
|
|
||||||
register: ec2
|
|
||||||
- name: Add new instance to host group
|
|
||||||
add_host: hostname={{ item.public_ip }} groupname=launched
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
- name: Wait for SSH to come up
|
|
||||||
wait_for: host={{ item.public_ip }} port=22 delay=90 timeout=320 state=started
|
|
||||||
with_items: "{{ ec2.instances }}"
|
|
||||||
tags: validator
|
|
||||||
|
|
||||||
- name: Installing python
|
|
||||||
hosts: all
|
|
||||||
hosts: launched
|
|
||||||
gather_facts: False
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
become: True
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
tasks:
|
|
||||||
- name: Install python
|
|
||||||
raw: test -e /usr/bin/python || (sudo apt -y update && sudo apt install -y python-minimal)
|
|
||||||
|
|
||||||
- name: Configure instance(s)
|
|
||||||
hosts: launched
|
|
||||||
user: ubuntu
|
|
||||||
become: True
|
|
||||||
vars:
|
|
||||||
ansible_ssh_port: 22
|
|
||||||
gather_facts: True
|
|
||||||
roles:
|
roles:
|
||||||
- preconf
|
- validator
|
||||||
tags: preconf
|
|
||||||
tasks:
|
|
||||||
- name: restart machine after setup
|
|
||||||
shell: shutdown -r 1
|
|
||||||
|
|
||||||
- name: Create validator elastic ip
|
|
||||||
hosts: localhost
|
|
||||||
gather_facts: False
|
|
||||||
tasks:
|
|
||||||
- name: associate elastic ip for validator
|
|
||||||
ec2_eip:
|
|
||||||
ec2_access_key: "{{ access_key }}"
|
|
||||||
ec2_secret_key: "{{ secret_key }}"
|
|
||||||
region: "{{ region }}"
|
|
||||||
reuse_existing_ip_allowed: yes
|
|
||||||
state: present
|
|
||||||
in_vpc: yes
|
|
||||||
device_id: "{{ ec2.instance_ids[0] }}"
|
|
||||||
register: instance_elastic_ip
|
|
||||||
when: associate_validator_elastic_ip == true
|
|
||||||
|
|
||||||
- debug: var=instance_elastic_ip.public_ip
|
|
||||||
when: associate_validator_elastic_ip == true
|
|
Loading…
Reference in New Issue