Skip to content

Commit

Permalink
Host rpc node in ecs (#391)
Browse files Browse the repository at this point in the history
  • Loading branch information
wjrjerome authored Jan 15, 2024
1 parent 3225467 commit d24f187
Show file tree
Hide file tree
Showing 9 changed files with 150 additions and 9 deletions.
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -52,4 +52,5 @@ coverage.txt
go.sum
cicd/devnet/terraform/.terraform*
cicd/devnet/tmp
.env
.env
cicd/devnet/terraform/node-config.json
1 change: 1 addition & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,7 @@ jobs:
echo "Force deploy xdc-$i"
aws ecs update-service --region ap-southeast-2 --cluster devnet-xdcnode-cluster --service ecs-service-xdc$i --force-new-deployment --no-cli-pager;
done
aws ecs update-service --region ap-southeast-1 --cluster devnet-xdcnode-cluster --service ecs-service-rpc1 --force-new-deployment --no-cli-pager;
- stage: (Devnet) Send Deployment Notification
if: branch = dev-upgrade AND type = push AND tag IS blank
Expand Down
2 changes: 1 addition & 1 deletion cicd/devnet/terraform/.env
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ eu_west_1_end=72

# Sydney
ap_southeast_2_start=73
ap_southeast_2_end=110
ap_southeast_2_end=108
23 changes: 20 additions & 3 deletions cicd/devnet/terraform/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ module "us-east-2" {
devnetNodeKeys = local.devnetNodeKeys["us-east-2"]
logLevel = local.logLevel
devnet_xdc_ecs_tasks_execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn

providers = {
aws = aws.us-east-2
}
Expand All @@ -40,7 +39,6 @@ module "eu-west-1" {
devnetNodeKeys = local.devnetNodeKeys["eu-west-1"]
logLevel = local.logLevel
devnet_xdc_ecs_tasks_execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn

providers = {
aws = aws.eu-west-1
}
Expand All @@ -57,8 +55,27 @@ module "ap-southeast-2" {
devnetNodeKeys = local.devnetNodeKeys["ap-southeast-2"]
logLevel = local.logLevel
devnet_xdc_ecs_tasks_execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn

providers = {
aws = aws.ap-southeast-2
}
}

# WARNING: APSE-1 will only be used to host rpc node
# Workaround to avoid conflicts with existing ecs cluster in existing regions
provider "aws" {
alias = "ap-southeast-1"
region = "ap-southeast-1"
}

module "ap-southeast-1-rpc" {
source = "./module/region"
region = "ap-southeast-1"
devnetNodeKeys = local.rpcNodeKeys
enableFixedIp = true
logLevel = local.logLevel
devnet_xdc_ecs_tasks_execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn

providers = {
aws = aws.ap-southeast-1
}
}
8 changes: 5 additions & 3 deletions cicd/devnet/terraform/module/region/ecs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -56,15 +56,17 @@ data "aws_ecs_task_definition" "devnet_ecs_task_definition" {
task_definition = aws_ecs_task_definition.devnet_task_definition_group[each.key].family
}

# ECS cluster
resource "aws_ecs_cluster" "devnet_ecs_cluster" {
name = "devnet-xdcnode-cluster"
tags = {
name = "devnet-xdcnode-cluster"
tags = {
Name = "TfDevnetEcsCluster"
}
}


resource "aws_ecs_service" "devnet_ecs_service" {
for_each = var.devnetNodeKeys
for_each = var.enableFixedIp ? {} : var.devnetNodeKeys
name = "ecs-service-${each.key}"
cluster = aws_ecs_cluster.devnet_ecs_cluster.id
task_definition = "${aws_ecs_task_definition.devnet_task_definition_group[each.key].family}:${max(aws_ecs_task_definition.devnet_task_definition_group[each.key].revision, data.aws_ecs_task_definition.devnet_ecs_task_definition[each.key].revision)}"
Expand Down
8 changes: 8 additions & 0 deletions cicd/devnet/terraform/module/region/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,14 @@ resource "aws_default_security_group" "devnet_xdcnode_security_group" {
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "rpc port"
from_port = 8545
to_port = 8545
protocol = "tcp"
cidr_blocks = ["10.0.0.0/16"]
}

egress {
from_port = 0
to_port = 0
Expand Down
104 changes: 104 additions & 0 deletions cicd/devnet/terraform/module/region/rpc.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
# Allocate an Elastic IP for the NLB
resource "aws_eip" "nlb_eip" {
domain = "vpc"
}


# Create a Network Load Balancer
resource "aws_lb" "rpc_node_nlb" {
count = var.enableFixedIp ? 1 : 0
name = "rpc-node-nlb"
load_balancer_type = "network"

enable_deletion_protection = false

subnet_mapping {
subnet_id = aws_subnet.devnet_subnet.id
allocation_id = aws_eip.nlb_eip.id
}
}

# Listener and Target Group for the rpc node container
resource "aws_lb_target_group" "rpc_node_tg_8545" {
count = var.enableFixedIp ? 1 : 0
name = "rpc-node-tg"
port = 8545
protocol = "TCP"
vpc_id = aws_vpc.devnet_vpc.id
target_type = "ip"
}

resource "aws_lb_listener" "rpc_node_listener_8545" {
count = var.enableFixedIp ? 1 : 0
load_balancer_arn = aws_lb.rpc_node_nlb[0].arn
port = 8545
protocol = "TCP"

default_action {
type = "forward"
target_group_arn = aws_lb_target_group.rpc_node_tg_8545[0].arn
}
}

resource "aws_ecs_service" "devnet_rpc_node_ecs_service" {
for_each = var.enableFixedIp ? var.devnetNodeKeys : {}
name = "ecs-service-${each.key}"
cluster = aws_ecs_cluster.devnet_ecs_cluster.id
task_definition = "${aws_ecs_task_definition.devnet_task_definition_group[each.key].family}:${max(aws_ecs_task_definition.devnet_task_definition_group[each.key].revision, data.aws_ecs_task_definition.devnet_ecs_task_definition[each.key].revision)}"
launch_type = "FARGATE"
scheduling_strategy = "REPLICA"
desired_count = 1
force_new_deployment = true
deployment_minimum_healthy_percent = 0
deployment_maximum_percent = 100

network_configuration {
subnets = [aws_subnet.devnet_subnet.id]
assign_public_ip = true
security_groups = [
aws_default_security_group.devnet_xdcnode_security_group.id
]
}

deployment_circuit_breaker {
enable = true
rollback = false
}

load_balancer {
target_group_arn = aws_lb_target_group.rpc_node_tg_8545[0].arn
container_name = "tfXdcNode"
container_port = 8545
}

depends_on = [
aws_lb_listener.rpc_node_listener_8545
]

tags = {
Name = "TfDevnetRpcNodeEcsService-${each.key}"
}
}

# Target Group for port 30303
resource "aws_lb_target_group" "rpc_node_tg_30303" {
count = var.enableFixedIp ? 1 : 0
name = "rpc-node-tg-30303"
port = 30303
protocol = "TCP"
vpc_id = aws_vpc.devnet_vpc.id
target_type = "ip"
}

# Listener for port 30303
resource "aws_lb_listener" "rpc_node_listener_30303" {
count = var.enableFixedIp ? 1 : 0
load_balancer_arn = aws_lb.rpc_node_nlb[0].arn
port = 30303
protocol = "TCP"

default_action {
type = "forward"
target_group_arn = aws_lb_target_group.rpc_node_tg_30303[0].arn
}
}
6 changes: 6 additions & 0 deletions cicd/devnet/terraform/module/region/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,10 @@ variable "logLevel" {
variable "devnet_xdc_ecs_tasks_execution_role_arn" {
description = "aws iam role resource arn"
type = string
}

variable "enableFixedIp" {
description = "a flag to indicate whether fixed ip should be associated to the nodes. This is used for RPC node"
type = bool
default = false
}
4 changes: 3 additions & 1 deletion cicd/devnet/terraform/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ locals {
{{Name of the node, in a pattern of 'xdc'+ number. i.e xdc50}}: {
pk: {{Value of the node private key}},
... any other configuration we want to pass.
}
}
Note: No `n` is allowed in the node name
**/
predefinedNodesConfig = jsondecode(data.aws_s3_object.devnet_xdc_node_config.body)
Expand Down Expand Up @@ -39,6 +39,8 @@ locals {
for r in local.regions :
r.name => { for i in local.keyNames[r.name]: i => local.predefinedNodesConfig[i] }
}

rpcNodeKeys = { "rpc1": local.predefinedNodesConfig["rpc1"]} // we hardcode the rpc to a single node for now

s3BucketName = "tf-devnet-bucket"
}

0 comments on commit d24f187

Please sign in to comment.