From eeb582215bf54a83b0ff06db28bc6cea9f98c693 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 8 Nov 2024 15:30:20 +0700 Subject: [PATCH 01/69] try to add prometheus installation --- bkk07 | 4 +++ host_vars/bkk07.yaml | 25 ++++++++++++++++++ host_vars/ibp-bkk07.yaml | 12 +++++++++ playbooks/install_prometheus.yaml | 9 +++++++ playbooks/proxmox_install_nodes.yaml | 6 +++++ .../templates/https-prometheus.conf.j2 | 26 +++++++++++++++++++ .../files/prometheus.service | 12 ++++++--- 7 files changed, 90 insertions(+), 4 deletions(-) create mode 100644 host_vars/ibp-bkk07.yaml create mode 100644 playbooks/install_prometheus.yaml create mode 100644 roles/setup_install_nginx/templates/https-prometheus.conf.j2 diff --git a/bkk07 b/bkk07 index a316353..27cac7d 100644 --- a/bkk07 +++ b/bkk07 @@ -11,6 +11,10 @@ routers polkadot hydration cumulus +prometheus + +[prometheus] +ibp-bkk07 [proxmox_vms:children] taloswrkr diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 00e7777..8aa6266 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1226,3 +1226,28 @@ lxc_nodes: - from_port: "{{ hostvars['val-kusama-02']['default_p2p_port_wss'] }}" to_host: "{{ hostvars['val-kusama-02']['container_ip'] }}:{{ hostvars['val-kusama-02']['default_p2p_port_wss'] }}" protocol: "tcp" + - host: "ibp-bkk07" + proxmox_config: + vmid: "997" + hostname: "{{ hostvars['ibp-bkk07']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['ibp-bkk07']['netif'] }}" + cores: 1 + memory: 512 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['ibp-bkk07']['default_network'] }} {{ hostvars['ibp-bkk07']['default_node_type'] }}: {{ hostvars['ibp-bkk07']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['ibp-bkk07']['ansible_port'] }}" + to_host: "{{ hostvars['ibp-bkk07']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['ibp-bkk07']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/ibp-bkk07.yaml b/host_vars/ibp-bkk07.yaml new file mode 100644 index 0000000..703670e --- /dev/null +++ b/host_vars/ibp-bkk07.yaml @@ -0,0 +1,12 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.77.97" +ansible_port: 2996 +host_name: "ibp.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "ibp" +pinned_service: False +default_node_type: prometheus + +zabbix_ext_port: 10314 diff --git a/playbooks/install_prometheus.yaml b/playbooks/install_prometheus.yaml new file mode 100644 index 0000000..45bc9de --- /dev/null +++ b/playbooks/install_prometheus.yaml @@ -0,0 +1,9 @@ +# Standards: 0.2 +--- +- name: Install Prometheus + hosts: prometheus + gather_facts: True + roles: + - setup_add_node_role + - setup_install_nginx + - setup_install_prometheus diff --git a/playbooks/proxmox_install_nodes.yaml b/playbooks/proxmox_install_nodes.yaml index 29c599f..1e73bc1 100644 --- a/playbooks/proxmox_install_nodes.yaml +++ b/playbooks/proxmox_install_nodes.yaml @@ -32,6 +32,12 @@ - setup_user_management - setup_log_rotation +- name: Install Prometheus + hosts: prometheus + gather_facts: True + roles: + - setup_install_prometheus + - name: Install Arbitrum services hosts: arbitrum gather_facts: True diff --git a/roles/setup_install_nginx/templates/https-prometheus.conf.j2 b/roles/setup_install_nginx/templates/https-prometheus.conf.j2 new file mode 100644 index 0000000..8fe5dd8 --- /dev/null +++ b/roles/setup_install_nginx/templates/https-prometheus.conf.j2 @@ -0,0 +1,26 @@ +server { + listen 80; + server_name ibp-metrics.rotko.net; + + access_log /var/log/nginx/ibp-metrics.rotko.net_access.log main; + error_log /var/log/nginx/ibp-metrics.rotko.net_error.log; + + + # Define the 404 error page location + error_page 404 /404.html; + location = /404.html { + root /var/www/errors; + internal; + } + + location / { + proxy_bind off; + proxy_connect_timeout 1s; + proxy_pass http://127.0.0.1:9090; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header REMOTE_ADDR $remote_addr; + proxy_intercept_errors on; + } +} diff --git a/roles/setup_install_prometheus/files/prometheus.service b/roles/setup_install_prometheus/files/prometheus.service index 022d566..fe8f464 100644 --- a/roles/setup_install_prometheus/files/prometheus.service +++ b/roles/setup_install_prometheus/files/prometheus.service @@ -6,13 +6,17 @@ User=prometheus Group=prometheus Type=simple + ExecReload=/bin/kill -HUP $MAINPID ExecStart=/usr/local/bin/prometheus \ - --config.file /etc/prometheus/prometheus.yaml \ --storage.tsdb.path /var/lib/prometheus/ \ - --web.console.templates=/etc/prometheus/consoles \ + --storage.tsdb.retention.time 30d \ + --storage.tsdb.retention.size 0 \ + --web.config.file /etc/prometheus/prometheus.yaml \ --web.console.libraries=/etc/prometheus/console_libraries \ - --storage.tsdb.retention.time 60d \ + --web.console.templates=/etc/prometheus/consoles \ + --web.listen-address=127.0.0.1:9090 \ + --web.external-url=https://ibp.rotko.net \ --web.enable-admin-api - ExecReload=/bin/kill -HUP $MAINPID + --config.file /etc/prometheus/prometheus.yaml \ [Install] WantedBy=multi-user.target From 76829a769c9553da21d422bcf2288fbe6b2222f3 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 8 Nov 2024 18:32:44 +0700 Subject: [PATCH 02/69] still trying --- group_vars/prometheus.yaml | 3 + host_vars/bkk07.yaml | 6 +- host_vars/ibp-bkk07.yaml | 1 - playbooks/install_prometheus.yaml | 2 +- .../files/prometheus.service | 62 +++++++++++++----- .../files/prometheus.service.bak | 22 +++++++ .../files/prometheus.yaml.bak | 64 +++++++++++++++++++ .../setup_install_prometheus/tasks/main.yaml | 16 +++++ .../tasks/prometheus-tasks.yaml | 53 +++++++++++---- 9 files changed, 195 insertions(+), 34 deletions(-) create mode 100644 group_vars/prometheus.yaml create mode 100644 roles/setup_install_prometheus/files/prometheus.service.bak create mode 100644 roles/setup_install_prometheus/files/prometheus.yaml.bak diff --git a/group_vars/prometheus.yaml b/group_vars/prometheus.yaml new file mode 100644 index 0000000..dd654a3 --- /dev/null +++ b/group_vars/prometheus.yaml @@ -0,0 +1,3 @@ +--- +prometheus_version: 2.55.1 +default_download_url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-386.tar.gz" diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 8aa6266..88d27cb 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1228,7 +1228,7 @@ lxc_nodes: protocol: "tcp" - host: "ibp-bkk07" proxmox_config: - vmid: "997" + vmid: "996" hostname: "{{ hostvars['ibp-bkk07']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" netif: "{{ hostvars['ibp-bkk07']['netif'] }}" @@ -1236,11 +1236,11 @@ lxc_nodes: memory: 512 swap: 256 password: "{{ default_password }}" - disk: "{{ zfs_storage }}:20" + disk: "{{ zfs_storage }}:66" onboot: True unprivileged: True validate_certs: False - description: "{{ hostvars['ibp-bkk07']['default_network'] }} {{ hostvars['ibp-bkk07']['default_node_type'] }}: {{ hostvars['ibp-bkk07']['host_name'] }}" + description: "{{ hostvars['ibp-bkk07']['host_name'] }}" state: present features: - nesting=1 diff --git a/host_vars/ibp-bkk07.yaml b/host_vars/ibp-bkk07.yaml index 703670e..5db1ebd 100644 --- a/host_vars/ibp-bkk07.yaml +++ b/host_vars/ibp-bkk07.yaml @@ -8,5 +8,4 @@ netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] role: "ibp" pinned_service: False default_node_type: prometheus - zabbix_ext_port: 10314 diff --git a/playbooks/install_prometheus.yaml b/playbooks/install_prometheus.yaml index 45bc9de..302b4a9 100644 --- a/playbooks/install_prometheus.yaml +++ b/playbooks/install_prometheus.yaml @@ -5,5 +5,5 @@ gather_facts: True roles: - setup_add_node_role - - setup_install_nginx - setup_install_prometheus + - setup_install_nginx diff --git a/roles/setup_install_prometheus/files/prometheus.service b/roles/setup_install_prometheus/files/prometheus.service index fe8f464..4440a2e 100644 --- a/roles/setup_install_prometheus/files/prometheus.service +++ b/roles/setup_install_prometheus/files/prometheus.service @@ -1,22 +1,54 @@ +# +# Ansible managed +# + [Unit] - Description=Prometheus Monitoring - Wants=network-online.target - After=network-online.target +Description=Prometheus +After=network-online.target +Requires=local-fs.target +After=local-fs.target + [Service] - User=prometheus - Group=prometheus - Type=simple - ExecReload=/bin/kill -HUP $MAINPID - ExecStart=/usr/local/bin/prometheus \ - --storage.tsdb.path /var/lib/prometheus/ \ - --storage.tsdb.retention.time 30d \ - --storage.tsdb.retention.size 0 \ - --web.config.file /etc/prometheus/prometheus.yaml \ +Type=simple +Environment="GOMAXPROCS=32" +User=prometheus +Group=prometheus +ExecReload=/bin/kill -HUP $MAINPID +ExecStart=/usr/local/bin/prometheus \ + --storage.tsdb.path=/var/lib/prometheus \ + --storage.tsdb.retention.time=30d \ + --storage.tsdb.retention.size=0 \ + --web.config.file=/etc/prometheus/web.yml \ --web.console.libraries=/etc/prometheus/console_libraries \ --web.console.templates=/etc/prometheus/consoles \ --web.listen-address=127.0.0.1:9090 \ --web.external-url=https://ibp.rotko.net \ - --web.enable-admin-api - --config.file /etc/prometheus/prometheus.yaml \ + --config.file=/etc/prometheus/prometheus.yml + + +CapabilityBoundingSet=CAP_SET_UID +LimitNOFILE=65000 +LockPersonality=true +NoNewPrivileges=true +MemoryDenyWriteExecute=true +PrivateDevices=true +PrivateTmp=true +ProtectHome=true +RemoveIPC=true +RestrictSUIDSGID=true +#SystemCallFilter=@signal @timer + +ReadWritePaths=/var/lib/prometheus + +PrivateUsers=true +ProtectControlGroups=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectSystem=strict + + +SyslogIdentifier=prometheus +Restart=always + [Install] - WantedBy=multi-user.target +WantedBy=multi-user.target diff --git a/roles/setup_install_prometheus/files/prometheus.service.bak b/roles/setup_install_prometheus/files/prometheus.service.bak new file mode 100644 index 0000000..fe8f464 --- /dev/null +++ b/roles/setup_install_prometheus/files/prometheus.service.bak @@ -0,0 +1,22 @@ +[Unit] + Description=Prometheus Monitoring + Wants=network-online.target + After=network-online.target +[Service] + User=prometheus + Group=prometheus + Type=simple + ExecReload=/bin/kill -HUP $MAINPID + ExecStart=/usr/local/bin/prometheus \ + --storage.tsdb.path /var/lib/prometheus/ \ + --storage.tsdb.retention.time 30d \ + --storage.tsdb.retention.size 0 \ + --web.config.file /etc/prometheus/prometheus.yaml \ + --web.console.libraries=/etc/prometheus/console_libraries \ + --web.console.templates=/etc/prometheus/consoles \ + --web.listen-address=127.0.0.1:9090 \ + --web.external-url=https://ibp.rotko.net \ + --web.enable-admin-api + --config.file /etc/prometheus/prometheus.yaml \ +[Install] + WantedBy=multi-user.target diff --git a/roles/setup_install_prometheus/files/prometheus.yaml.bak b/roles/setup_install_prometheus/files/prometheus.yaml.bak new file mode 100644 index 0000000..e626e15 --- /dev/null +++ b/roles/setup_install_prometheus/files/prometheus.yaml.bak @@ -0,0 +1,64 @@ +# +# Ansible managed +# +# http://prometheus.io/docs/operating/configuration/ + +global: + scrape_interval: 15s + scrape_timeout: 10s + evaluation_interval: 15s + + external_labels: + member: rotko + +rule_files: + - /etc/prometheus/rules/*.rules + +alerting: + alertmanagers: + - static_configs: + - targets: + - "localhost:9093" # Replace with your Alertmanager address + +scrape_configs: + - job_name: prometheus + metrics_path: /metrics + static_configs: + - targets: + - 127.0.0.1:9090 + - job_name: substrate + metrics_path: /metrics + file_sd_configs: + - files: + - /etc/prometheus/file_sd/node.yml + metric_relabel_configs: + - action: replace + source_labels: + - chain + target_label: chain + regex: westend2 + replacement: westend + - action: replace + source_labels: + - chain + target_label: chain + regex: ksmcc3 + replacement: kusama + - action: replace + source_labels: + - chain + target_label: chain + regex: collectives_polkadot + replacement: collectives-polkadot + - action: replace + source_labels: + - chain + target_label: chain + regex: collectives_westend + replacement: collectives-westend + - action: replace + source_labels: + - chain + target_label: chain + regex: encointer-kusama + replacement: encointer diff --git a/roles/setup_install_prometheus/tasks/main.yaml b/roles/setup_install_prometheus/tasks/main.yaml index 054de7d..aa01c6d 100644 --- a/roles/setup_install_prometheus/tasks/main.yaml +++ b/roles/setup_install_prometheus/tasks/main.yaml @@ -1,11 +1,27 @@ --- # tasks file for prometheus +- name: Ensure prometheus group exists + ansible.builtin.group: + name: prometheus + state: present + +- name: Ensure prometheus user exists + ansible.builtin.user: + name: prometheus + group: prometheus + system: yes + create_home: no + shell: /sbin/nologin + state: present + - name: Check latest version of Prometheus if not define from monitoring ansible.builtin.shell: cmd: | set -o pipefail curl -s https://api.github.com/repos/prometheus/prometheus/releases/latest | grep "tag_name" | awk '{print substr($2, 3, length($2)-4)}' + args: + executable: /bin/bash register: prometheus_latest when: hostvars['monitor']['prometheus_latest_mon'] is not defined diff --git a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml index 6b39392..b959e8d 100644 --- a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml +++ b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml @@ -1,13 +1,34 @@ --- - name: Set default Prometheus download URL as fallback ansible.builtin.set_fact: - prometheus_download_url: "https://example.com/default_prometheus.tar.gz" # Fallback URL + prometheus_download_url: "https://example.com/default_prometheus.tar.gz" # Fallback URL -- name: Attempt to fetch the latest version of Prometheus +# - name: Attempt to fetch the latest version of Prometheus +# ansible.builtin.get_url: +# url: "{{ lookup('url', 'https://api.github.com/repos/prometheus/prometheus/releases/latest', wantlist=True) | default([]) | json_query('[0].assets[?content_type==`application/gzip`].browser_download_url') | first | default(prometheus_download_url) }}" +# dest: "/tmp/prometheus.tar.gz" +# mode: "0755" +# register: download_result +# until: download_result is succeeded +# retries: 3 +# delay: 5 + +# - name: Fetch the latest release information from GitHub +# ansible.builtin.uri: +# url: "https://api.github.com/repos/prometheus/prometheus/releases/latest" +# return_content: yes +# register: github_release_info +# failed_when: github_release_info.status != 200 +# +# - name: Set Prometheus download URL +# ansible.builtin.set_fact: +# prometheus_download_url: "{{ github_release_info.json.assets | selectattr('content_type', '==', 'application/gzip') | map(attribute='browser_download_url') | first | default('https://example.com/default_prometheus.tar.gz') }}" + +- name: Attempt to download the latest Prometheus release ansible.builtin.get_url: - url: "{{ lookup('url', 'https://api.github.com/repos/prometheus/prometheus/releases/latest', wantlist=True) | default([]) | json_query('[0].assets[?content_type==`application/gzip`].browser_download_url') | first | default(prometheus_download_url) }}" + url: "{{ default_download_url }}" dest: "/tmp/prometheus.tar.gz" - mode: '0755' + mode: "0755" register: download_result until: download_result is succeeded retries: 3 @@ -20,12 +41,15 @@ remote_src: yes creates: "/usr/local/bin/prometheus" -- name: Move Prometheus binaries to the desired location +- name: Move Prometheus & Promtool binaries to the desired location ansible.builtin.command: - cmd: "mv /tmp/prometheus-{{ prometheus_version }}/prometheus* /usr/local/bin/" + cmd: "mv /tmp/prometheus-{{ prometheus_version }}.linux-386/prometheus /usr/local/bin/prometheus" creates: "/usr/local/bin/prometheus" - vars: - prometheus_version: "{{ lookup('url', 'https://api.github.com/repos/prometheus/prometheus/releases/latest', wantlist=True) | json_query('[0].tag_name') }}" + +- name: Move Prometheus & Promtool binaries to the desired location + ansible.builtin.command: + cmd: "mv /tmp/prometheus-{{ prometheus_version }}.linux-386/promtool /usr/local/bin/promtool" + creates: "/usr/local/bin/promtool" - name: Ensure Prometheus directories exist ansible.builtin.file: @@ -33,7 +57,7 @@ state: directory owner: prometheus group: prometheus - mode: '0755' + mode: "0755" loop: - /etc/prometheus/ - /var/lib/prometheus/ @@ -46,16 +70,17 @@ - name: Deploy Prometheus configuration ansible.builtin.copy: - src: files/prometheus.yml + src: files/prometheus.yaml dest: /etc/prometheus/prometheus.yml owner: prometheus group: prometheus - mode: '0644' + mode: "0644" - name: Validate Prometheus configuration ansible.builtin.command: - cmd: "promtool check config /etc/prometheus/prometheus.yml" - creates: "/etc/prometheus/prometheus.yml.valid" + cmd: "/usr/local/bin/promtool check config /etc/prometheus/prometheus.yml" + become: true + become_user: prometheus - name: Manage Prometheus service block: @@ -68,7 +93,7 @@ ansible.builtin.template: src: files/prometheus.service dest: /etc/systemd/system/prometheus.service - mode: '0644' + mode: "0644" when: not servicestatus.stat.exists - name: Handle Prometheus service state From 9948f4b814a80f58247a9085706308c7f72d6888 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 8 Nov 2024 18:58:16 +0700 Subject: [PATCH 03/69] feat(setup_install_prometheus): add Prometheus restart handler --- roles/setup_install_prometheus/handlers/main.yaml | 6 ++++++ roles/setup_install_prometheus/tasks/prometheus-tasks.yaml | 4 ++++ 2 files changed, 10 insertions(+) create mode 100644 roles/setup_install_prometheus/handlers/main.yaml diff --git a/roles/setup_install_prometheus/handlers/main.yaml b/roles/setup_install_prometheus/handlers/main.yaml new file mode 100644 index 0000000..777b5c4 --- /dev/null +++ b/roles/setup_install_prometheus/handlers/main.yaml @@ -0,0 +1,6 @@ +--- +- name: Restart Prometheus + ansible.builtin.systemd: + name: prometheus + state: restarted + daemon_reload: yes diff --git a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml index b959e8d..1d9f3f6 100644 --- a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml +++ b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml @@ -75,6 +75,7 @@ owner: prometheus group: prometheus mode: "0644" + notify: Restart Prometheus - name: Validate Prometheus configuration ansible.builtin.command: @@ -102,3 +103,6 @@ daemon_reload: yes enabled: yes state: "{{ 'started' if not servicestatus.stat.exists else 'restarted' }}" + +- name: Flush handlers + meta: flush_handlers From 7a5c6bcba60d6e45e4a74b68c50e5529bb3147fb Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 11 Nov 2024 16:12:00 +0700 Subject: [PATCH 04/69] changing prometheus version and update nginx template --- group_vars/prometheus.yaml | 2 +- .../templates/https-prometheus.conf.j2 | 4 +- .../files/prometheus.yaml | 148 +++++++----------- .../files/prometheus.yaml.bak | 148 +++++++++++------- .../setup_install_prometheus/tasks/main.yaml | 26 +-- .../tasks/prometheus-tasks.yaml | 24 +-- 6 files changed, 178 insertions(+), 174 deletions(-) diff --git a/group_vars/prometheus.yaml b/group_vars/prometheus.yaml index dd654a3..20b4475 100644 --- a/group_vars/prometheus.yaml +++ b/group_vars/prometheus.yaml @@ -1,3 +1,3 @@ --- prometheus_version: 2.55.1 -default_download_url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-386.tar.gz" +default_download_url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-amd64.tar.gz" diff --git a/roles/setup_install_nginx/templates/https-prometheus.conf.j2 b/roles/setup_install_nginx/templates/https-prometheus.conf.j2 index 8fe5dd8..dff9a2d 100644 --- a/roles/setup_install_nginx/templates/https-prometheus.conf.j2 +++ b/roles/setup_install_nginx/templates/https-prometheus.conf.j2 @@ -1,8 +1,8 @@ server { listen 80; - server_name ibp-metrics.rotko.net; + server_name ibp-metrics-2.rotko.net; - access_log /var/log/nginx/ibp-metrics.rotko.net_access.log main; + access_log /var/log/nginx/ibp-metrics.rotko.net_access.log; error_log /var/log/nginx/ibp-metrics.rotko.net_error.log; diff --git a/roles/setup_install_prometheus/files/prometheus.yaml b/roles/setup_install_prometheus/files/prometheus.yaml index 62d3912..e626e15 100644 --- a/roles/setup_install_prometheus/files/prometheus.yaml +++ b/roles/setup_install_prometheus/files/prometheus.yaml @@ -1,102 +1,64 @@ ---- +# +# Ansible managed +# +# http://prometheus.io/docs/operating/configuration/ + global: scrape_interval: 15s + scrape_timeout: 10s evaluation_interval: 15s -scrape_configs: - - job_name: "prometheus" - scrape_interval: 5s - static_configs: - - targets: ["localhost:9090"] - - job_name: "node_exporter" - scrape_interval: 5s - static_configs: - - targets: ["localhost:9100"] - - - job_name: turboflakes - metrics_path: /federate - honor_labels: true - scheme: https - params: - match[]: - - '{job="substrate"}' - static_configs: - - targets: - - ibp-prometheus.turboflakes.io:9095 - - - job_name: amforc - metrics_path: /federate - honor_labels: true - scheme: https - params: - match[]: - - '{job="substrate"}' - static_configs: - - targets: - - ibp-monitor.amforc.com:9090 - - - job_name: "metaspan" - scrape_interval: 15s - honor_labels: true - metrics_path: "/federate" - params: - "match[]": - - '{job="substrate"}' - static_configs: - - targets: - - "195.144.22.130:9090" - - - job_name: "stakeplus" - scrape_interval: 15s - honor_labels: true - metrics_path: "/federate" - params: - "match[]": - - '{job="substrate"}' - static_configs: - - targets: - - "192.96.202.185:59090" - - - job_name: "helikon" - scrape_interval: 15s - honor_labels: true - metrics_path: "/federate" - params: - "match[]": - - '{job="substrate"}' - static_configs: - - targets: - - "82.222.18.146:19300" + external_labels: + member: rotko - - job_name: "gatotech" - scrape_interval: 15s - honor_labels: true - metrics_path: "/federate" - params: - "match[]": - - '{job="substrate"}' - static_configs: - - targets: - - "138.59.133.248:9090" +rule_files: + - /etc/prometheus/rules/*.rules - - job_name: dwellir - metrics_path: /713173e6-ff3f-46ab-b245-b41da8f717d3/federate - honor_labels: true - scheme: https - params: - match[]: - - '{__name__=~"substrate.*"}' - static_configs: - - targets: - - ibp-metrics-ng.dwellir.com +alerting: + alertmanagers: + - static_configs: + - targets: + - "localhost:9093" # Replace with your Alertmanager address - - job_name: rotko - metrics_path: /federate - honor_labels: true - scheme: https - params: - match[]: - - '{__name__=~"substrate.*"}' +scrape_configs: + - job_name: prometheus + metrics_path: /metrics static_configs: - targets: - - ibp-monitor.rotko.net + - 127.0.0.1:9090 + - job_name: substrate + metrics_path: /metrics + file_sd_configs: + - files: + - /etc/prometheus/file_sd/node.yml + metric_relabel_configs: + - action: replace + source_labels: + - chain + target_label: chain + regex: westend2 + replacement: westend + - action: replace + source_labels: + - chain + target_label: chain + regex: ksmcc3 + replacement: kusama + - action: replace + source_labels: + - chain + target_label: chain + regex: collectives_polkadot + replacement: collectives-polkadot + - action: replace + source_labels: + - chain + target_label: chain + regex: collectives_westend + replacement: collectives-westend + - action: replace + source_labels: + - chain + target_label: chain + regex: encointer-kusama + replacement: encointer diff --git a/roles/setup_install_prometheus/files/prometheus.yaml.bak b/roles/setup_install_prometheus/files/prometheus.yaml.bak index e626e15..62d3912 100644 --- a/roles/setup_install_prometheus/files/prometheus.yaml.bak +++ b/roles/setup_install_prometheus/files/prometheus.yaml.bak @@ -1,64 +1,102 @@ -# -# Ansible managed -# -# http://prometheus.io/docs/operating/configuration/ - +--- global: scrape_interval: 15s - scrape_timeout: 10s evaluation_interval: 15s - external_labels: - member: rotko +scrape_configs: + - job_name: "prometheus" + scrape_interval: 5s + static_configs: + - targets: ["localhost:9090"] + - job_name: "node_exporter" + scrape_interval: 5s + static_configs: + - targets: ["localhost:9100"] + + - job_name: turboflakes + metrics_path: /federate + honor_labels: true + scheme: https + params: + match[]: + - '{job="substrate"}' + static_configs: + - targets: + - ibp-prometheus.turboflakes.io:9095 -rule_files: - - /etc/prometheus/rules/*.rules + - job_name: amforc + metrics_path: /federate + honor_labels: true + scheme: https + params: + match[]: + - '{job="substrate"}' + static_configs: + - targets: + - ibp-monitor.amforc.com:9090 -alerting: - alertmanagers: - - static_configs: - - targets: - - "localhost:9093" # Replace with your Alertmanager address + - job_name: "metaspan" + scrape_interval: 15s + honor_labels: true + metrics_path: "/federate" + params: + "match[]": + - '{job="substrate"}' + static_configs: + - targets: + - "195.144.22.130:9090" -scrape_configs: - - job_name: prometheus - metrics_path: /metrics + - job_name: "stakeplus" + scrape_interval: 15s + honor_labels: true + metrics_path: "/federate" + params: + "match[]": + - '{job="substrate"}' + static_configs: + - targets: + - "192.96.202.185:59090" + + - job_name: "helikon" + scrape_interval: 15s + honor_labels: true + metrics_path: "/federate" + params: + "match[]": + - '{job="substrate"}' + static_configs: + - targets: + - "82.222.18.146:19300" + + - job_name: "gatotech" + scrape_interval: 15s + honor_labels: true + metrics_path: "/federate" + params: + "match[]": + - '{job="substrate"}' + static_configs: + - targets: + - "138.59.133.248:9090" + + - job_name: dwellir + metrics_path: /713173e6-ff3f-46ab-b245-b41da8f717d3/federate + honor_labels: true + scheme: https + params: + match[]: + - '{__name__=~"substrate.*"}' + static_configs: + - targets: + - ibp-metrics-ng.dwellir.com + + - job_name: rotko + metrics_path: /federate + honor_labels: true + scheme: https + params: + match[]: + - '{__name__=~"substrate.*"}' static_configs: - targets: - - 127.0.0.1:9090 - - job_name: substrate - metrics_path: /metrics - file_sd_configs: - - files: - - /etc/prometheus/file_sd/node.yml - metric_relabel_configs: - - action: replace - source_labels: - - chain - target_label: chain - regex: westend2 - replacement: westend - - action: replace - source_labels: - - chain - target_label: chain - regex: ksmcc3 - replacement: kusama - - action: replace - source_labels: - - chain - target_label: chain - regex: collectives_polkadot - replacement: collectives-polkadot - - action: replace - source_labels: - - chain - target_label: chain - regex: collectives_westend - replacement: collectives-westend - - action: replace - source_labels: - - chain - target_label: chain - regex: encointer-kusama - replacement: encointer + - ibp-monitor.rotko.net diff --git a/roles/setup_install_prometheus/tasks/main.yaml b/roles/setup_install_prometheus/tasks/main.yaml index aa01c6d..0688bdd 100644 --- a/roles/setup_install_prometheus/tasks/main.yaml +++ b/roles/setup_install_prometheus/tasks/main.yaml @@ -41,19 +41,19 @@ ansible.builtin.import_tasks: "prometheus-tasks.yaml" when: prometheus_latest.stdout != prometheus_installed.stdout -- name: Copy file with owner and permissions - ansible.builtin.copy: - src: files/prometheus.yaml - dest: /etc/prometheus/prometheus.yaml - owner: prometheus - group: prometheus - mode: "0755" - -- name: Check Prometheus configuration - ansible.builtin.command: - cmd: promtool check config /etc/prometheus/prometheus.yaml - register: prometheus_config - when: prometheus_latest.stdout != prometheus_installed.stdout +# - name: Copy file with owner and permissions +# ansible.builtin.copy: +# src: files/prometheus.yaml +# dest: /etc/prometheus/prometheus.yaml +# owner: prometheus +# group: prometheus +# mode: "0755" +# +# - name: Check Prometheus configuration +# ansible.builtin.command: +# cmd: promtool check config /etc/prometheus/prometheus.yaml +# register: prometheus_config +# when: prometheus_latest.stdout != prometheus_installed.stdout - name: Restart service ansible.builtin.systemd: diff --git a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml index 1d9f3f6..6fef70f 100644 --- a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml +++ b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml @@ -39,17 +39,22 @@ src: "/tmp/prometheus.tar.gz" dest: "/tmp" remote_src: yes - creates: "/usr/local/bin/prometheus" -- name: Move Prometheus & Promtool binaries to the desired location - ansible.builtin.command: - cmd: "mv /tmp/prometheus-{{ prometheus_version }}.linux-386/prometheus /usr/local/bin/prometheus" - creates: "/usr/local/bin/prometheus" +- name: Move Prometheus binary to the desired location + ansible.builtin.copy: + src: "/tmp/prometheus-{{ prometheus_version }}.linux-amd64/prometheus" + dest: "/usr/local/bin/prometheus" + mode: "0755" + remote_src: yes + force: yes -- name: Move Prometheus & Promtool binaries to the desired location - ansible.builtin.command: - cmd: "mv /tmp/prometheus-{{ prometheus_version }}.linux-386/promtool /usr/local/bin/promtool" - creates: "/usr/local/bin/promtool" +- name: Move Promtool binary to the desired location + ansible.builtin.copy: + src: "/tmp/prometheus-{{ prometheus_version }}.linux-amd64/promtool" + dest: "/usr/local/bin/promtool" + mode: "0755" + remote_src: yes + force: yes - name: Ensure Prometheus directories exist ansible.builtin.file: @@ -95,7 +100,6 @@ src: files/prometheus.service dest: /etc/systemd/system/prometheus.service mode: "0644" - when: not servicestatus.stat.exists - name: Handle Prometheus service state ansible.builtin.systemd: From 4633b025d7649593cf45102eedef861311899cba Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 12 Nov 2024 13:19:46 +0700 Subject: [PATCH 05/69] trying to make haproxy playbooks --- roles/setup_install_haproxy/defaults/main.yml | 34 +++++++++++ roles/setup_install_haproxy/handlers/main.yml | 3 + roles/setup_install_haproxy/meta/main.yml | 23 ++++++++ .../molecule/default/converge.yml | 22 ++++++++ .../molecule/default/molecule.yml | 21 +++++++ roles/setup_install_haproxy/tasks/main.yml | 44 +++++++++++++++ .../templates_1/haproxy.cfg.j2 | 56 +++++++++++++++++++ 7 files changed, 203 insertions(+) create mode 100644 roles/setup_install_haproxy/defaults/main.yml create mode 100644 roles/setup_install_haproxy/handlers/main.yml create mode 100644 roles/setup_install_haproxy/meta/main.yml create mode 100644 roles/setup_install_haproxy/molecule/default/converge.yml create mode 100644 roles/setup_install_haproxy/molecule/default/molecule.yml create mode 100644 roles/setup_install_haproxy/tasks/main.yml create mode 100644 roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 diff --git a/roles/setup_install_haproxy/defaults/main.yml b/roles/setup_install_haproxy/defaults/main.yml new file mode 100644 index 0000000..d661e9a --- /dev/null +++ b/roles/setup_install_haproxy/defaults/main.yml @@ -0,0 +1,34 @@ +--- +haproxy_socket: /var/lib/haproxy/stats +haproxy_chroot: /var/lib/haproxy +haproxy_user: haproxy +haproxy_group: haproxy + +# Frontend settings. +haproxy_frontend_name: 'hafrontend' +haproxy_frontend_bind_address: '*' +haproxy_frontend_port: 80 +haproxy_frontend_mode: 'http' + +# Backend settings. +haproxy_backend_name: 'habackend' +haproxy_backend_mode: 'http' +haproxy_backend_balance_method: 'roundrobin' +haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' + +# List of backend servers. +haproxy_backend_servers: [] +# - name: app1 +# address: 192.168.0.1:80 +# - name: app2 +# address: 192.168.0.2:80 + +# Extra global vars (see README for example usage). +haproxy_global_vars: [] + +# Default haproxy timeouts +haproxy_connect_timeout: 5000 +haproxy_client_timeout: 50000 +haproxy_server_timeout: 50000 + +haproxy_template: "haproxy.cfg.j2" diff --git a/roles/setup_install_haproxy/handlers/main.yml b/roles/setup_install_haproxy/handlers/main.yml new file mode 100644 index 0000000..2de15f4 --- /dev/null +++ b/roles/setup_install_haproxy/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart haproxy + service: name=haproxy state=restarted diff --git a/roles/setup_install_haproxy/meta/main.yml b/roles/setup_install_haproxy/meta/main.yml new file mode 100644 index 0000000..10e908b --- /dev/null +++ b/roles/setup_install_haproxy/meta/main.yml @@ -0,0 +1,23 @@ +--- +dependencies: [] + +galaxy_info: + role_name: haproxy + author: geerlingguy + description: HAProxy installation and configuration. + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 2.10 + platforms: + - name: Ubuntu + versions: + - precise + - trusty + - xenial + galaxy_tags: + - web + - networking + - cloud + - haproxy + - loadbalancer + - http diff --git a/roles/setup_install_haproxy/molecule/default/converge.yml b/roles/setup_install_haproxy/molecule/default/converge.yml new file mode 100644 index 0000000..8a1de2e --- /dev/null +++ b/roles/setup_install_haproxy/molecule/default/converge.yml @@ -0,0 +1,22 @@ +--- +- name: Converge + hosts: all + become: true + + vars: + haproxy_socket: '' + haproxy_chroot: '' + haproxy_user: root + haproxy_group: root + + haproxy_backend_servers: + - name: app1 + address: 127.0.0.1:8080 + + pre_tasks: + - name: Update apt cache. + apt: update_cache=yes cache_valid_time=600 + when: ansible_os_family == 'Debian' + + roles: + - role: geerlingguy.haproxy diff --git a/roles/setup_install_haproxy/molecule/default/molecule.yml b/roles/setup_install_haproxy/molecule/default/molecule.yml new file mode 100644 index 0000000..3c2f1e5 --- /dev/null +++ b/roles/setup_install_haproxy/molecule/default/molecule.yml @@ -0,0 +1,21 @@ +--- +role_name_check: 1 +dependency: + name: galaxy + options: + ignore-errors: true +driver: + name: docker +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux9}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + cgroupns_mode: host + privileged: true + pre_build_image: true +provisioner: + name: ansible + playbooks: + converge: ${MOLECULE_PLAYBOOK:-converge.yml} diff --git a/roles/setup_install_haproxy/tasks/main.yml b/roles/setup_install_haproxy/tasks/main.yml new file mode 100644 index 0000000..2aba6c3 --- /dev/null +++ b/roles/setup_install_haproxy/tasks/main.yml @@ -0,0 +1,44 @@ +--- +- name: Check if HAProxy is installed + command: dpkg-query -W -f='${Status}' haproxy + register: haproxy_check + failed_when: false + changed_when: false + +- name: Ensure HAProxy is installed. + apt: + name: haproxy + state: present + update_cache: yes + when: + - ansible_os_family == 'Debian' + - haproxy_check.rc != 0 or haproxy_check.stdout.find('install ok installed') == -1 + +- name: Ensure HAProxy is enabled (so init script will start it on Debian). + lineinfile: + dest: /etc/default/haproxy + regexp: "^ENABLED.+$" + line: "ENABLED=1" + state: present + when: ansible_os_family == 'Debian' + +- name: Get HAProxy version. + command: haproxy -v + register: haproxy_version_result + changed_when: false + check_mode: false + +- name: Set HAProxy version. + set_fact: + haproxy_version: '{{ haproxy_version_result.stdout_lines[0] | regex_replace("^HA-?Proxy version (\d+(\.\d+)*).*$", "\1") }}' + +- name: Copy HAProxy configuration in place. + template: + src: "{{ haproxy_template }}" + dest: /etc/haproxy/haproxy.cfg + mode: 0644 + validate: haproxy -f %s -c -q + notify: restart haproxy + +- name: Ensure HAProxy is started and enabled on boot. + service: name=haproxy state=started enabled=yes diff --git a/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 b/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 new file mode 100644 index 0000000..63c088c --- /dev/null +++ b/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 @@ -0,0 +1,56 @@ +global + log /dev/log local0 + log /dev/log local1 notice +{% if haproxy_socket != '' %} + stats socket {{ haproxy_socket }} level admin +{% endif %} +{% if haproxy_chroot != '' %} + chroot {{ haproxy_chroot }} +{% endif %} + user {{ haproxy_user }} + group {{ haproxy_group }} + daemon +{% for global_var in haproxy_global_vars %} + {{ global_var }} +{% endfor %} + +defaults + log global + mode http + option httplog + option dontlognull +{% if haproxy_version is version('1.4', '<=') %} + contimeout {{ haproxy_connect_timeout }} + clitimeout {{ haproxy_client_timeout }} + srvtimeout {{ haproxy_server_timeout }} +{% else %} + timeout connect {{ haproxy_connect_timeout }} + timeout client {{ haproxy_client_timeout }} + timeout server {{ haproxy_server_timeout }} +{% endif %} +{% if ansible_os_family == 'Debian' %} + errorfile 400 /etc/haproxy/errors/400.http + errorfile 403 /etc/haproxy/errors/403.http + errorfile 408 /etc/haproxy/errors/408.http + errorfile 500 /etc/haproxy/errors/500.http + errorfile 502 /etc/haproxy/errors/502.http + errorfile 503 /etc/haproxy/errors/503.http + errorfile 504 /etc/haproxy/errors/504.http +{% endif %} + +frontend {{ haproxy_frontend_name }} + bind {{ haproxy_frontend_bind_address }}:{{ haproxy_frontend_port }} + mode {{ haproxy_frontend_mode }} + default_backend {{ haproxy_backend_name }} + +backend {{ haproxy_backend_name }} + mode {{ haproxy_backend_mode }} + balance {{ haproxy_backend_balance_method }} + option forwardfor +{% if haproxy_backend_httpchk != '' %} + option httpchk {{ haproxy_backend_httpchk }} +{% endif %} + cookie SERVERID insert indirect +{% for backend in haproxy_backend_servers %} + server {{ backend.name }} {{ backend.address }} cookie {{ backend.name }} check +{% endfor %} From 56b1bb61fdbf08ddeb91e7b346532bebf14e475d Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 12 Nov 2024 14:21:59 +0700 Subject: [PATCH 06/69] adding playbooks for haproxy container --- inventory | 1 + playbooks/install_haproxy.yaml | 9 + roles/setup_install_haproxy/defaults/main.yml | 62 +- .../molecule/default/converge.yml | 22 - .../molecule/default/molecule.yml | 21 - roles/setup_install_haproxy/tasks/main.yml | 50 +- .../templates/haproxy.cfg.j2 | 849 ++++++++++++++++-- .../templates_1/haproxy.cfg.j2 | 56 -- 8 files changed, 856 insertions(+), 214 deletions(-) create mode 100644 playbooks/install_haproxy.yaml delete mode 100644 roles/setup_install_haproxy/molecule/default/converge.yml delete mode 100644 roles/setup_install_haproxy/molecule/default/molecule.yml delete mode 100644 roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 diff --git a/inventory b/inventory index 9589aa0..e9e1312 100644 --- a/inventory +++ b/inventory @@ -16,6 +16,7 @@ polkadot ansible matrix ibp +ibp_bkk07 [routers] bkk10 diff --git a/playbooks/install_haproxy.yaml b/playbooks/install_haproxy.yaml new file mode 100644 index 0000000..ffe0b35 --- /dev/null +++ b/playbooks/install_haproxy.yaml @@ -0,0 +1,9 @@ +# Standards: 0.2 +--- +- name: Install Haproxy + hosts: haproxy + gather_facts: True + roles: + - setup_add_node_role + - setup_install_haproxy + - setup_install_nginx diff --git a/roles/setup_install_haproxy/defaults/main.yml b/roles/setup_install_haproxy/defaults/main.yml index d661e9a..451aca9 100644 --- a/roles/setup_install_haproxy/defaults/main.yml +++ b/roles/setup_install_haproxy/defaults/main.yml @@ -1,34 +1,34 @@ --- -haproxy_socket: /var/lib/haproxy/stats -haproxy_chroot: /var/lib/haproxy -haproxy_user: haproxy -haproxy_group: haproxy - -# Frontend settings. -haproxy_frontend_name: 'hafrontend' -haproxy_frontend_bind_address: '*' -haproxy_frontend_port: 80 -haproxy_frontend_mode: 'http' - -# Backend settings. -haproxy_backend_name: 'habackend' -haproxy_backend_mode: 'http' -haproxy_backend_balance_method: 'roundrobin' -haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' - -# List of backend servers. -haproxy_backend_servers: [] -# - name: app1 -# address: 192.168.0.1:80 -# - name: app2 -# address: 192.168.0.2:80 - -# Extra global vars (see README for example usage). -haproxy_global_vars: [] - -# Default haproxy timeouts -haproxy_connect_timeout: 5000 -haproxy_client_timeout: 50000 -haproxy_server_timeout: 50000 +# haproxy_socket: /var/lib/haproxy/stats +# haproxy_chroot: /var/lib/haproxy +# haproxy_user: haproxy +# haproxy_group: haproxy +# +# # Frontend settings. +# haproxy_frontend_name: 'hafrontend' +# haproxy_frontend_bind_address: '*' +# haproxy_frontend_port: 80 +# haproxy_frontend_mode: 'http' +# +# # Backend settings. +# haproxy_backend_name: 'habackend' +# haproxy_backend_mode: 'http' +# haproxy_backend_balance_method: 'roundrobin' +# haproxy_backend_httpchk: 'HEAD / HTTP/1.1\r\nHost:localhost' +# +# # List of backend servers. +# haproxy_backend_servers: [] +# # - name: app1 +# # address: 192.168.0.1:80 +# # - name: app2 +# # address: 192.168.0.2:80 +# +# # Extra global vars (see README for example usage). +# haproxy_global_vars: [] +# +# # Default haproxy timeouts +# haproxy_connect_timeout: 5000 +# haproxy_client_timeout: 50000 +# haproxy_server_timeout: 50000 haproxy_template: "haproxy.cfg.j2" diff --git a/roles/setup_install_haproxy/molecule/default/converge.yml b/roles/setup_install_haproxy/molecule/default/converge.yml deleted file mode 100644 index 8a1de2e..0000000 --- a/roles/setup_install_haproxy/molecule/default/converge.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - haproxy_socket: '' - haproxy_chroot: '' - haproxy_user: root - haproxy_group: root - - haproxy_backend_servers: - - name: app1 - address: 127.0.0.1:8080 - - pre_tasks: - - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' - - roles: - - role: geerlingguy.haproxy diff --git a/roles/setup_install_haproxy/molecule/default/molecule.yml b/roles/setup_install_haproxy/molecule/default/molecule.yml deleted file mode 100644 index 3c2f1e5..0000000 --- a/roles/setup_install_haproxy/molecule/default/molecule.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -role_name_check: 1 -dependency: - name: galaxy - options: - ignore-errors: true -driver: - name: docker -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux9}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible - playbooks: - converge: ${MOLECULE_PLAYBOOK:-converge.yml} diff --git a/roles/setup_install_haproxy/tasks/main.yml b/roles/setup_install_haproxy/tasks/main.yml index 2aba6c3..9c64c42 100644 --- a/roles/setup_install_haproxy/tasks/main.yml +++ b/roles/setup_install_haproxy/tasks/main.yml @@ -1,28 +1,44 @@ --- -- name: Check if HAProxy is installed - command: dpkg-query -W -f='${Status}' haproxy - register: haproxy_check - failed_when: false - changed_when: false +- name: Add HAProxy GPG key + ansible.builtin.get_url: + url: https://haproxy.debian.net/bernat.debian.org.gpg + dest: /usr/share/keyrings/haproxy.debian.net.gpg + mode: "0644" -- name: Ensure HAProxy is installed. - apt: - name: haproxy +- name: Add HAProxy repository + ansible.builtin.apt_repository: + repo: deb [signed-by=/usr/share/keyrings/haproxy.debian.net.gpg] http://haproxy.debian.net bookworm-backports-2.9 main state: present + filename: haproxy + +- name: Update apt cache + ansible.builtin.apt: update_cache: yes + +- name: Ensure HAProxy 2.9.* is installed + ansible.builtin.apt: + name: "haproxy=2.9.*" + state: present when: - ansible_os_family == 'Debian' - - haproxy_check.rc != 0 or haproxy_check.stdout.find('install ok installed') == -1 -- name: Ensure HAProxy is enabled (so init script will start it on Debian). - lineinfile: - dest: /etc/default/haproxy - regexp: "^ENABLED.+$" - line: "ENABLED=1" - state: present - when: ansible_os_family == 'Debian' +- name: Get HAProxy version + ansible.builtin.command: haproxy -v + register: haproxy_version_result + changed_when: false + check_mode: false + +- name: Set HAProxy version + ansible.builtin.set_fact: + haproxy_version: '{{ haproxy_version_result.stdout_lines[0] | regex_replace("^HA-?Proxy version (\d+(\.\d+)*).*$", "\1") }}' -- name: Get HAProxy version. +- name: Ensure HAProxy version is 2.9.x + ansible.builtin.assert: + that: + - haproxy_version is version('2.9', '>=') + - haproxy_version is version('2.10', '<') + fail_msg: "Installed HAProxy version ({{ haproxy_version }}) is not in the 2.9.x series" + success_msg: "HAProxy version {{ haproxy_version }} is correctly installed" command: haproxy -v register: haproxy_version_result changed_when: false diff --git a/roles/setup_install_haproxy/templates/haproxy.cfg.j2 b/roles/setup_install_haproxy/templates/haproxy.cfg.j2 index 46fa9fe..ed8a5d8 100644 --- a/roles/setup_install_haproxy/templates/haproxy.cfg.j2 +++ b/roles/setup_install_haproxy/templates/haproxy.cfg.j2 @@ -3,7 +3,7 @@ global log 127.0.0.1 local0 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid - maxconn 250000 + maxconn 500000 user haproxy group haproxy daemon @@ -36,59 +36,332 @@ frontend stats ### # HTTP Frontend configuration ### +frontend http-frontend + bind *:80 + mode http + timeout client 300s -#frontend http-frontend -# bind *:80 -# mode http -# timeout client 300s + acl letsencrypt-acl path_beg -i /.well-known/acme-challenge/ + http-request redirect scheme https if !letsencrypt-acl + use_backend letsencrypt if letsencrypt-acl -# acl is_http ssl_fc -# acl letsencrypt-acl path_beg -i /.well-known/acme-challenge/ -# http-request redirect scheme https if !is_http !letsencrypt-acl -# use_backend letsencrypt if letsencrypt-acl -# default_backend letsencrypt + default_backend html-backend # SSL Frontend frontend ssl-frontend - bind *:443 ssl crt /etc/pki/certs # verify optional - mode http - timeout client 300s - - # Detecting WebSocket Upgrade header - acl wss hdr(Upgrade) -i websocket - - # Relay chains - acl polkadot path_beg -i /polkadot - acl kusama path_beg -i /kusama - acl westend path_beg -i /westend - - # Horizontal chains -# acl westmint path_beg -i /westmint -# acl statemine path_beg -i /statemine -# acl statemint path_beg -i /statemint -# acl encointerKusama path_beg -i /encointer-kusama -# acl bridge-hubKusama path_beg -i /bridge-hub-kusama -# acl bridge-hubPolkadot path_beg -i /bridge-hub-polkadot -# acl bridge-hubWestend path_beg -i /bridge-hub-westend -# acl collectivesWestend path_beg -i /collectives-westend -# acl collectivesPolkadot path_beg -i /collectives-polkadot - - # Polkadot - use_backend polkadot-backend if polkadot -# use_backend statemint-backend if statemint -# use_backend collectivesPolkadot-backend if collectivesPolkadot -# use_backend bridge-hubPolkadot-backend if bridge-hubPolkadot - # Kusama - use_backend kusama-backend if kusama -# use_backend statemine-backend if statemine -# use_backend encointerKusama-wss-backend if encointerKusama wss -# use_backend encointerKusama-rpc-backend if encointerKusama !wss -# use_backend bridge-hubKusama-backend if bridge-hubKusama - # Westend - use_backend westend-backend if westend -# use_backend westmint-backend if westmint -# use_backend collectivesWestend-backend if collectivesWestend -# use_backend bridge-hubWestend-backend if bridge-hubWestend + bind *:443 ssl crt /etc/pki/certs # verify optional + mode http + timeout client 300s + + # Detecting WebSocket Upgrade header + acl wss hdr(Upgrade) -i websocket + + # paras + acl rpc_rotko_net hdr(host) -i rpc.rotko.net + acl sys_rotko_net hdr(host) -i sys.rotko.net + acl up_rotko_net hdr(host) -i up.rotko.net + acl peering_rotko_net hdr(host) -i peering.rotko.net + acl rpc_dotters_network hdr(host) -i rpc.dotters.network + acl rpc_dotters_network hdr(host) -i sys.dotters.network + acl rpc_ibp_network hdr(host) -i rpc.ibp.network + acl rpc_ibp_network hdr(host) -i sys.ibp.network + + # penumbra + acl penumbra_rotko_net hdr(host) -i penumbra.rotko.net + acl status_penumbra_rpc path_beg /status + use_backend status_penumbra_rotko_net_backend if penumbra_rotko_net status_penumbra_rpc + use_backend penumbra_rotko_net_backend if penumbra_rotko_net + + # Polkadot + acl polkadot_dotters hdr(host) -i polkadot.dotters.network + acl polkadot_ibp hdr(host) -i polkadot.ibp.network + + use_backend polkadot-backend if polkadot_dotters or polkadot_ibp + + # Asset Hub Polkadot + acl asset_hub_polkadot_dotters hdr(host) -i asset-hub-polkadot.dotters.network + acl asset_hub_polkadot_ibp hdr(host) -i asset-hub-polkadot.ibp.network + + use_backend statemint-backend if asset_hub_polkadot_dotters or asset_hub_polkadot_ibp + + # Bridge Hub Polkadot + acl bridge_hub_polkadot_dotters hdr(host) -i bridge-hub-polkadot.dotters.network + acl bridge_hub_polkadot_ibp hdr(host) -i bridge-hub-polkadot.ibp.network + + use_backend bridgehubPolkadot-backend if bridge_hub_polkadot_dotters or bridge_hub_polkadot_ibp + + # Coretime Polkadot + acl coretime_polkadot_dotters hdr(host) -i coretime-polkadot.dotters.network + acl coretime_polkadot_ibp hdr(host) -i coretime-polkadot.ibp.network + + use_backend coretimePolkadot-backend if coretime_polkadot_dotters or coretime_polkadot_ibp + + # People Polkadot + acl people_polkadot_dotters hdr(host) -i people-polkadot.dotters.network + acl people_polkadot_ibp hdr(host) -i people-polkadot.ibp.network + + use_backend peoplePolkadot-backend if people_polkadot_dotters or people_polkadot_ibp + + # Collectives Polkadot + acl collectives_polkadot_dotters hdr(host) -i collectives-polkadot.dotters.network + acl collectives_polkadot_ibp hdr(host) -i collectives-polkadot.ibp.network + + use_backend collectivesPolkadot-backend if collectives_polkadot_dotters or collectives_polkadot_ibp + + # Kusama + acl kusama_dotters hdr(host) -i kusama.dotters.network + acl kusama_ibp hdr(host) -i kusama.ibp.network + + use_backend kusama-backend if kusama_dotters or kusama_ibp + + # Asset Hub Kusama + acl asset_hub_kusama_dotters hdr(host) -i asset-hub-kusama.dotters.network + acl asset_hub_kusama_ibp hdr(host) -i asset-hub-kusama.ibp.network + + use_backend statemine-backend if asset_hub_kusama_dotters or asset_hub_kusama_ibp + + # Bridge Hub Kusama + acl bridge_hub_kusama_dotters hdr(host) -i bridge-hub-kusama.dotters.network + acl bridge_hub_kusama_ibp hdr(host) -i bridge-hub-kusama.ibp.network + + use_backend bridgehubKusama-backend if bridge_hub_kusama_dotters or bridge_hub_kusama_ibp + + # Coretime Kusama + acl coretime_kusama_dotters hdr(host) -i coretime-kusama.dotters.network + acl coretime_kusama_ibp hdr(host) -i coretime-kusama.ibp.network + + use_backend coretimeKusama-backend if coretime_kusama_dotters or coretime_kusama_ibp + + # People Kusama + acl people_kusama_dotters hdr(host) -i people-kusama.dotters.network + acl people_kusama_ibp hdr(host) -i people-kusama.ibp.network + + use_backend peopleKusama-backend if people_kusama_dotters or people_kusama_ibp + + # Encointer Kusama + acl encointer_kusama_dotters hdr(host) -i encointer-kusama.dotters.network + acl encointer_kusama_ibp hdr(host) -i encointer-kusama.ibp.network + + use_backend encointerKusama-backend if encointer_kusama_dotters or encointer_kusama_ibp + + # Westend + acl westend_dotters hdr(host) -i westend.dotters.network + acl westend_ibp hdr(host) -i westend.ibp.network + + use_backend westend-backend if westend_dotters or westend_ibp + + # Asset Hub Westend + acl asset_hub_westend_dotters hdr(host) -i asset-hub-westend.dotters.network + acl asset_hub_westend_ibp hdr(host) -i asset-hub-westend.ibp.network + + use_backend westmint-backend if asset_hub_westend_dotters or asset_hub_westend_ibp + + # Bridge Hub Westend + acl bridge_hub_westend_dotters hdr(host) -i bridge-hub-westend.dotters.network + acl bridge_hub_westend_ibp hdr(host) -i bridge-hub-westend.ibp.network + + use_backend bridgehubWestend-backend if bridge_hub_westend_dotters or bridge_hub_westend_ibp + + # Coretime Westend + acl coretime_westend_dotters hdr(host) -i coretime-westend.dotters.network + acl coretime_westend_ibp hdr(host) -i coretime-westend.ibp.network + + use_backend coretimeWestend-backend if coretime_westend_dotters or coretime_westend_ibp + + # People Westend + acl people_westend_dotters hdr(host) -i people-westend.dotters.network + acl people_westend_ibp hdr(host) -i people-westend.ibp.network + + use_backend peopleWestend-backend if people_westend_dotters or people_westend_ibp + + # Collectives Westend + acl collectives_westend_dotters hdr(host) -i collectives-westend.dotters.network + acl collectives_westend_ibp hdr(host) -i collectives-westend.ibp.network + + use_backend collectivesWestend-backend if collectives_westend_dotters or collectives_westend_ibp + + # Paseo + acl paseo_dotters hdr(host) -i paseo.dotters.network + acl paseo_ibp hdr(host) -i paseo.ibp.network + + use_backend paseo-backend if paseo_dotters or paseo_ibp + + # Asset Hub Paseo + acl asset_hub_paseo_dotters hdr(host) -i asset-hub-paseo.dotters.network + acl asset_hub_paseo_ibp hdr(host) -i asset-hub-paseo.ibp.network + + use_backend asset-hub-paseo-backend if asset_hub_paseo_dotters or asset_hub_paseo_ibp + + # Bridge Hub Paseo + acl bridge_hub_paseo_dotters hdr(host) -i bridge-hub-paseo.dotters.network + acl bridge_hub_paseo_ibp hdr(host) -i bridge-hub-paseo.ibp.network + + use_backend bridge-hub-paseo-backend if bridge_hub_paseo_dotters or bridge_hub_paseo_ibp + + # Coretime Paseo + acl coretime_paseo_dotters hdr(host) -i coretime-paseo.dotters.network + acl coretime_paseo_ibp hdr(host) -i coretime-paseo.ibp.network + + use_backend coretime-paseo-backend if coretime_paseo_dotters or coretime_paseo_ibp + + # People Paseo + acl people_paseo_dotters hdr(host) -i people-paseo.dotters.network + acl people_paseo_ibp hdr(host) -i people-paseo.ibp.network + acl people_paseo_rotko hdr(host) -i people-paseo.rpc.rotko.net + + use_backend people-paseo-backend if people_paseo_dotters or people_paseo_ibp or people_paseo_rotko + + # polkarun + acl ibtc_polka_run hdr(host) -i ibtc.polka.run + acl kbtc_polka_run hdr(host) -i kbtc.polka.run + # link to backend + use_backend ibtc-polka-run-backend if ibtc_polka_run + use_backend kbtc-polka-run-backend if kbtc_polka_run + + #hydration + acl hydrationPolkadotDotters hdr(host) -i hydration.paras.dotters.network + acl hydrationPolkadotIBP hdr(host) -i hydration.paras.ibp.network + acl hydradxPolkadotDotters hdr(host) -i hydradx.paras.dotters.network + acl hydradxPolkadotIBP hdr(host) -i hydradx.paras.ibp.network + + # Relay chains + acl polkadot path_beg -i /polkadot + acl kusama path_beg -i /kusama + acl westend path_beg -i /westend + acl paseo path_beg -i /paseo + + # System parachains + acl statemint path_beg -i /statemint + acl assetHubPolkadot path_beg -i /asset-hub-polkadot + acl bridgehubPolkadot path_beg -i /bridgehub-polkadot + acl Bridge-Hub-Polkadot path_beg -i /bridge-hub-polkadot + acl collectivesPolkadot path_beg -i /collectives-polkadot + acl peoplePolkadot path_beg -i /people-polkadot + acl coretimePolkadot path_beg -i /coretime-polkadot + + acl statemine path_beg -i /statemine + acl assetHubKusama path_beg -i /asset-hub-kusama + acl bridgehubKusama path_beg -i /bridgehub-kusama + acl Bridge-Hub-Kusama path_beg -i /bridge-hub-kusama + acl encointerKusama path_beg -i /encointer-kusama + acl peopleKusama path_beg -i /people-kusama + acl coretimeKusama path_beg -i /coretime-kusama + + acl westmint path_beg -i /westmint + acl assetHubWestend path_beg -i /asset-hub-westend + acl bridgehubWestend path_beg -i /bridgehub-westend + acl Bridge-Hub-Westend path_beg -i /bridge-hub-westend + acl collectivesWestend path_beg -i /collectives-westend + acl peopleWestend path_beg -i /people-westend + acl coretimeWestend path_beg -i /coretime-westend + + acl assetHubPaseo path_beg -i /asset-hub-paseo + acl bridgehubPaseo path_beg -i /bridgehub-paseo + acl Bridge-Hub-Paseo path_beg -i /bridge-hub-paseo + #acl collectivesPaseo path_beg -i /collectives-paseo + acl peoplePaseo path_beg -i /people-paseo + acl coretimePaseo path_beg -i /coretime-paseo + + # Parachains + acl hydrationPolkadot path_beg -i /hydration + + # Polkadot + use_backend polkadot-backend if polkadot + use_backend statemint-backend if statemint or assetHubPolkadot + use_backend collectivesPolkadot-backend if collectivesPolkadot + use_backend bridgehubPolkadot-backend if bridgehubPolkadot or Bridge-Hub-Polkadot + use_backend coretimePolkadot-backend if coretimePolkadot + use_backend peoplePolkadot-backend if peoplePolkadot + + # Paras + use_backend hydrationPolkadot-backend if wss hydrationPolkadotDotters or hydrationPolkadotIBP or hydrationPolkadot or hydradxPolkadotDotters or hydradxPolkadotIBP + + # Kusama + use_backend kusama-backend if kusama + use_backend statemine-backend if statemine or assetHubKusama + use_backend encointerKusama-backend if encointerKusama + use_backend bridgehubKusama-backend if bridgehubKusama or Bridge-Hub-Kusama + use_backend coretimeKusama-backend if coretimeKusama + use_backend peopleKusama-backend if peopleKusama + + # Westend + use_backend westend-backend if westend + use_backend westmint-backend if westmint or assetHubWestend + use_backend collectivesWestend-backend if collectivesWestend + use_backend bridgehubWestend-backend if bridgehubWestend or Bridge-Hub-Westend + use_backend coretimeWestend-backend if coretimeWestend + use_backend peopleWestend-backend if peopleWestend + + # Paseo + use_backend paseo-backend if paseo + use_backend asset-hub-paseo-backend if assetHubPaseo + use_backend bridge-hub-paseo-backend if bridgehubPaseo or Bridge-Hub-Paseo + use_backend coretime-paseo-backend if coretimePaseo + use_backend people-paseo-backend if peoplePaseo + + # Check for the hostname to match bkk.rotko.net + acl is_bkk01_rotko_net hdr_end(host) -i bkk01.rotko.net + use_backend bkk01-proxmox-backend if is_bkk01_rotko_net + acl is_bkk02_rotko_net hdr_end(host) -i bkk02.rotko.net + use_backend bkk02-proxmox-backend if is_bkk02_rotko_net + acl is_bkk03_rotko_net hdr_end(host) -i bkk03.rotko.net + use_backend bkk03-proxmox-backend if is_bkk03_rotko_net + acl is_bkk04_rotko_net hdr_end(host) -i bkk04.rotko.net + use_backend bkk04-proxmox-backend if is_bkk04_rotko_net + acl is_bkk06_rotko_net hdr_end(host) -i bkk06.rotko.net + use_backend bkk06-proxmox-backend if is_bkk06_rotko_net + acl is_bkk07_rotko_net hdr_end(host) -i bkk07.rotko.net + use_backend bkk07-proxmox-backend if is_bkk07_rotko_net + acl is_bkk07_kvm_rotko_net hdr_end(host) -i bkk07.kvm.rotko.net + use_backend bkk07-kvm-backend if is_bkk07_kvm_rotko_net + + + # api redirects + acl url_api path_beg /api + + # up + use_backend up_rotko_net_backend if up_rotko_net + #peering + use_backend api_peering_rotko_net_backend if peering_rotko_net url_api + use_backend peering_rotko_net_backend if peering_rotko_net + + # Check for the hostname to match ibp-metrics.rotko.net + acl is_ibp_metrics_rotko_net hdr_end(host) -i ibp-metrics.rotko.net + + # whitelisted IPs for metrics + acl allow_amforc_metrics src 91.90.166.221/24 + + # Use ACLs to allow requests only from the allowed IPs and matching hostname + # use_backend ibp-metrics-backend if is_ibp_metrics_rotko_net allow_amforc_metrics + use_backend ibp-metrics-backend if is_ibp_metrics_rotko_net + + # ibp-monitor.rotko.net + # acl is_ibp_monitor_rotko_net hdr_end(host) -i ibp-monitor.rotko.net + # use_backend ibp-monitor-backend if is_ibp_monitor_rotko_net + + # mikromon.rotko.net + acl is_mikromon_rotko_net hdr_end(host) -i mikromon.rotko.net + use_backend mikrotik-monitoring if is_mikromon_rotko_net + + # ibp.rotko.net + acl is_ibp_rotko_net hdr_end(host) -i ibp.rotko.net + use_backend ibp-monitor-backend if is_ibp_rotko_net + use_backend ibp-monitor-api-backend if is_ibp_rotko_net url_api + + # alerts/watchdog + acl is_watchdog path_beg /watchdog + use_backend watchdog_backend if is_watchdog + acl is_alert path_beg /alert + use_backend alert_backend if is_alert + + # beefy + acl is_beefy hdr_end(host) -i beefy.rotko.net + use_backend beefyapi-backend if is_beefy url_api + use_backend beefyfront-backend if is_beefy + acl is_astrolabe hdr_end(host) -i astrolabe.rotko.net + use_backend astrolabe-backend if is_astrolabe + + default_backend html-backend ### # Polkadot Backend Configurations @@ -97,8 +370,49 @@ frontend ssl-frontend backend polkadot-backend mode http balance leastconn - server polkadot1-rpc 192.168.69.13:9313 check inter 2s maxconn 200 - server polkadot2-rpc 192.168.69.14:9314 check inter 2s maxconn 200 + #server polkadot-bkk03-rpc 192.168.69.13:9313 check inter 2s maxconn 50000 will be deprecated + server polkadot-bkk06-rpc 192.168.76.16:9316 check inter 2s maxconn 50000 + server rpc-polkadot-02-bkk07 192.168.77.12:9312 check inter 2s maxconn 50000 + +backend statemint-backend + mode http + balance leastconn + #server statemint-bkk03-rpc 192.168.69.41:9613 check inter 2s maxconn 50000 # will be deprecated + server statemint-bkk06-rpc 192.168.76.41:9716 check inter 2s maxconn 50000 # for some reason doesnt work 9616 + server rpc-asset-hub-polkadot-01 192.168.111.11:9400 check inter 2s maxconn 50000 + +backend bridgehubPolkadot-backend + mode http + balance leastconn + #server bridgehub-polkadot-bkk03-rpc 192.168.69.44:9643 check inter 2s maxconn 50000# will be deprecated + server bridgehub-polkadot-bkk06-rpc 192.168.76.44:9646 check inter 2s maxconn 50000 + server rpc-bridge-hub-polkadot-01 192.168.111.12:9400 check inter 2s maxconn 50000 + +backend collectivesPolkadot-backend + mode http + balance leastconn + #server collectives-polkadot-bkk03-rpc 192.168.69.47:9673 check inter 2s maxconn 50000# will be deprecated + server collectives-polkadot-bkk06-rpc 192.168.76.47:9676 check inter 2s maxconn 50000 + server rpc-collectives-polkadot-01 192.168.111.13:9400 check inter 2s maxconn 50000 + +backend coretimePolkadot-backend + mode http + balance leastconn + server coretime-polkadot-bkk06-rpc 192.168.176.16:9816 check inter 2s maxconn 50000 + #server coretime-polkadot-bkk07-rpc 192.168.177.16:9817 check inter 2s maxconn 50000 + server coretime-polkadot-bkk07-rpc 192.168.77.16:9400 check inter 2s maxconn 50000 + +backend peoplePolkadot-backend + mode http + balance leastconn + server people-polkadot-bkk06-rpc 192.168.76.18:9846 check inter 2s maxconn 50000 + server people-polkadot-bkk07-rpc 192.168.77.18:9847 check inter 2s maxconn 50000 + +backend hydrationPolkadot-backend + mode http + balance leastconn + server hydration-polkadot-bkk06-rpc 192.168.76.83:9836 check inter 2s maxconn 50000 + server hydration-polkadot-bkk07-rpc 192.168.77.83:9837 check inter 2s maxconn 50000 ### # Kusama Backend Configurations @@ -107,8 +421,40 @@ backend polkadot-backend backend kusama-backend mode http balance leastconn - server kusama1-rpc 192.168.69.23:9323 check inter 2s maxconn 200 - server kusama2-rpc 192.168.69.24:9324 check inter 2s maxconn 200 + server kusama-bkk06-rpc 192.168.76.26:9326 check inter 2s maxconn 50000 + server kusama-bkk07-rpc 192.168.77.22:9322 check inter 2s maxconn 50000 + +backend statemine-backend + mode http + balance leastconn + server statemine-bkk06-rpc 192.168.76.42:9626 check inter 2s maxconn 50000 + server statemine-bkk07-rpc 192.168.121.11:9400 check inter 2s maxconn 50000 + +backend bridgehubKusama-backend + mode http + balance leastconn + server bridgehub-kusama-bkk06-rpc 192.168.76.45:9656 check inter 2s maxconn 50000 + server bridgehub-kusama-bkk07-rpc 192.168.121.12:9400 check inter 2s maxconn 50000 + +backend encointerKusama-backend + mode http + balance leastconn + server encointer-bkk06-rpc 192.168.76.40:9606 check inter 2s maxconn 50000 + server encointer-bkk07-rpc 192.168.121.16:9400 check inter 2s maxconn 50000 + +backend coretimeKusama-backend + mode http + balance leastconn + server coretime-kusama-bkk06-rpc 192.168.76.27:9826 check inter 2s maxconn 50000 + #server coretime-kusama-bkk07-rpc 192.168.77.27:9827 check inter 2s maxconn 50000 #will be deprecated + server rpc-coretime-kusama-bkk07 192.168.122.15:9400 check inter 2s maxconn 50000 + +backend peopleKusama-backend + mode http + balance leastconn + server people-kusama-bkk06-rpc 192.168.76.28:9856 check inter 2s maxconn 50000 + #server people-kusama-bkk07-rpc 192.168.77.28:9857 check inter 2s maxconn 50000 #will be deprecated + server rpc-people-kusama-bkk07 192.168.122.14:9400 check inter 2s maxconn 50000 ### # Westend Backend Configurations @@ -117,24 +463,393 @@ backend kusama-backend backend westend-backend mode http balance leastconn - server westend1-rpc 192.168.69.33:9333 check inter 2s maxconn 200 - server westend2-rpc 192.168.69.34:9334 check inter 2s maxconn 200 + #server westend-bkk03-rpc 192.168.69.33:9333 check inter 2s maxconn 50000 + server westend-bkk06-rpc 192.168.76.36:9336 check inter 2s maxconn 50000 + server westend-bkk07-rpc 192.168.77.32:9332 check inter 2s maxconn 50000 + +backend westmint-backend + mode http + balance leastconn + #server westmint-bkk03-rpc 192.168.69.43:9633 check inter 2s maxconn 50000# will be deprecated + server westmint-bkk06-rpc 192.168.76.43:9636 check inter 2s maxconn 50000 + server rpc-asset-hub-westend-01 192.168.131.11:9400 check inter 2s maxconn 50000 + +backend bridgehubWestend-backend + mode http + balance leastconn + #server bridgehub-westend-bkk03-rpc 192.168.69.46:9663 check inter 2s maxconn 50000# will be deprecated + server bridgehub-westend-bkk06-rpc 192.168.76.48:9666 check inter 2s maxconn 50000 + server rpc-bridge-hub-westend-01 192.168.131.12:9400 check inter 2s maxconn 50000 + +backend collectivesWestend-backend + mode http + balance leastconn + #server collectives-westend-bkk03-rpc 192.168.69.49:9693 check inter 2s maxconn 50000# will be deprecated + server collectives-westend-bkk06-rpc 192.168.76.49:9696 check inter 2s maxconn 50000 + server rpc-collectives-westend-01 192.168.131.13:9400 check inter 2s maxconn 50000 + +backend coretimeWestend-backend + mode http + balance leastconn + server coretime-westend-bkk06-rpc 192.168.76.37:9936 check inter 2s maxconn 50000 + #server coretime-westend-bkk07-rpc 192.168.77.37:9937 check inter 2s maxconn 50000 #will be deprecated + server rpc-coretime-westend-bkk07 192.168.132.15:9400 check inter 2s maxconn 50000 + +backend peopleWestend-backend + mode http + balance leastconn + server people-westend-bkk06-rpc 192.168.76.38:9866 check inter 2s maxconn 50000 + #server people-westend-bkk07-rpc 192.168.77.38:9867 check inter 2s maxconn 50000 #will be deprecated + server rpc-people-westend-bkk07 192.168.132.14:9400 check inter 2s maxconn 50000 + +### +# Paseo Backend Configurations +### + +backend paseo-backend + mode http + balance leastconn +# server paseo-bkk04-rpc 192.168.69.48:9348 check inter 2s maxconn 2000 + server paseo-bkk06-rpc 192.168.76.46:9346 check inter 2s maxconn 2000 + +### +# Paseo Parachain Backend Configurations +### + +backend asset-hub-paseo-backend + mode http + balance leastconn + server asset-hub-paseo-bkk06-rpc 192.168.76.50:9956 check inter 2s maxconn 2000 + server asset-hub-paseo-bkk07-rpc 192.168.77.50:9957 check inter 2s maxconn 2000 + +backend bridge-hub-paseo-backend + mode http + balance leastconn + server bridge-hub-paseo-bkk06-rpc 192.168.76.60:9966 check inter 2s maxconn 2000 + server bridge-hub-paseo-bkk07-rpc 192.168.77.60:9967 check inter 2s maxconn 2000 + +backend coretime-paseo-backend + mode http + balance leastconn + server coretime-paseo-bkk06-rpc 192.168.46.90:9400 check inter 2s maxconn 2000 + server coretime-paseo-bkk07-rpc 192.168.47.90:9400 check inter 2s maxconn 2000 + +backend people-paseo-backend + mode http + balance leastconn + server people-paseo-bkk06-rpc 192.168.46.94:9400 check inter 2s maxconn 2000 + server people-paseo-bkk07-rpc 192.168.47.94:9400 check inter 2s maxconn 2000 + +### +# WSS reverse proxy +### + + ### + # Parachains Frontend + ### + +frontend p2p-para-wss-passthrough + bind *:30435 + mode tcp + tcp-request inspect-delay 2s + tcp-request content accept if { req_ssl_hello_type 1 } + + ### + # Polkadot + ### + acl domain-match-asset-hub-polkadot req_ssl_sni -i asset-hub-polkadot.boot.rotko.net + acl domain-match-bridge-hub-polkadot req_ssl_sni -i bridge-hub-polkadot.boot.rotko.net + acl domain-match-collectives-polkadot req_ssl_sni -i collectives-polkadot.boot.rotko.net + + use_backend asset-hub-polkadot-p2p-wss-backend if domain-match-asset-hub-polkadot + use_backend bridge-hub-polkadot-p2p-wss-backend if domain-match-bridge-hub-polkadot + use_backend collectives-polkadot-p2p-wss-backend if domain-match-collectives-polkadot + + ### + # Kusama + ### + acl domain-match-asset-hub-kusama req_ssl_sni -i asset-hub-kusama.boot.rotko.net + acl domain-match-bridge-hub-kusama req_ssl_sni -i bridge-hub-kusama.boot.rotko.net + acl domain-match-encointer-kusama req_ssl_sni -i encointer-kusama.boot.rotko.net + acl domain-match-people-kusama req_ssl_sni -i people-kusama.boot.rotko.net + acl domain-match-coretime-kusama req_ssl_sni -i coretime-kusama.boot.rotko.net + + use_backend asset-hub-kusama-p2p-wss-backend if domain-match-asset-hub-kusama + use_backend bridge-hub-kusama-p2p-wss-backend if domain-match-bridge-hub-kusama + use_backend encointer-kusama-p2p-wss-backend if domain-match-encointer-kusama + use_backend people-kusama-p2p-wss-backend if domain-match-people-kusama + use_backend coretime-kusama-p2p-wss-backend if domain-match-coretime-kusama + + ### + # Westend + ### + acl domain-match-asset-hub-westend req_ssl_sni -i asset-hub-westend.boot.rotko.net + acl domain-match-bridge-hub-westend req_ssl_sni -i bridge-hub-westend.boot.rotko.net + acl domain-match-collectives-westend req_ssl_sni -i collectives-westend.boot.rotko.net + acl domain-match-people-westend req_ssl_sni -i people-westend.boot.rotko.net + acl domain-match-coretime-westend req_ssl_sni -i coretime-westend.boot.rotko.net + + use_backend asset-hub-westend-p2p-wss-backend if domain-match-asset-hub-westend + use_backend bridge-hub-westend-p2p-wss-backend if domain-match-bridge-hub-westend + use_backend collectives-westend-p2p-wss-backend if domain-match-collectives-westend + use_backend people-westend-p2p-wss-backend if domain-match-people-westend + use_backend coretime-westend-p2p-wss-backend if domain-match-coretime-westend + + ### + # Paseo + ### + + acl domain-match-people-paseo req_ssl_sni -i people-paseo.boot.rotko.net + acl domain-match-coretime-paseo req_ssl_sni -i coretime-paseo.boot.rotko.net + + use_backend people-paseo-p2p-wss-backend if domain-match-people-paseo + use_backend coretime-paseo-p2p-wss-backend if domain-match-coretime-paseo + + ### + # Relaychains Frontend + ### + +frontend p2p-relay-wss-passthrough + bind *:30335 + mode tcp + tcp-request inspect-delay 2s + tcp-request content accept if { req_ssl_hello_type 1 } + + + ### + # Polkadot + ### + acl domain-match-val-polkadot-01 req_ssl_sni -i val-polkadot-01.rotko.net + acl domain-match-val-polkadot-02 req_ssl_sni -i val-polkadot-02.rotko.net + + use_backend val-polkadot-01-p2p-wss-backend if domain-match-val-polkadot-01 + use_backend val-polkadot-02-p2p-wss-backend if domain-match-val-polkadot-02 + + ### + # Kusama + ### + acl domain-match-val-kusama-01 req_ssl_sni -i val-kusama-01.rotko.net + acl domain-match-val-kusama-02 req_ssl_sni -i val-kusama-02.rotko.net + + use_backend val-kusama-01-p2p-wss-backend if domain-match-val-kusama-01 + use_backend val-kusama-02-p2p-wss-backend if domain-match-val-kusama-02 + +### +# Polkadot p2p-wss backend +### + +backend val-polkadot-01-p2p-wss-backend + mode tcp + server container 192.168.69.115:30335 check + +backend val-polkadot-02-p2p-wss-backend + mode tcp + server container 192.168.217.115:30335 check + +backend asset-hub-polkadot-p2p-wss-backend + mode tcp + balance leastconn + server rpc-asset-hub-polkadot-bkk06 192.168.111.11:30435 check + server rpc-asset-hub-polkadot-bkk07 192.168.112.11:30435 check + +backend bridge-hub-polkadot-p2p-wss-backend + mode tcp + balance leastconn + server rpc-bridge-hub-polkadot-bkk06 192.168.111.12:30435 check + server rpc-bridge-hub-polkadot-bkk07 192.168.112.12:30435 check + +backend collectives-polkadot-p2p-wss-backend + mode tcp + balance leastconn + server rpc-collectives-polkadot-bkk06 192.168.111.13:30435 check + server rpc-collectives-polkadot-bkk07 192.168.112.13:30435 check + +### +# Kusama p2p-wss backend +### + +backend val-kusama-01-p2p-wss-backend + mode tcp + server val-kusama-bkk04 192.168.69.125:30335 check + +backend val-kusama-02-p2p-wss-backend + mode tcp + server val-kusama-bkk07 192.168.227.125:30335 check + +backend asset-hub-kusama-p2p-wss-backend + mode tcp + server asset-hub-kusama-bkk07 192.168.121.11:30435 check + +backend bridge-hub-kusama-p2p-wss-backend + mode tcp + server bridge-hub-kusama-bkk07 192.168.121.12:30435 check + +backend people-kusama-p2p-wss-backend + mode tcp + server people-kusama-bkk07 192.168.122.14:30435 check + +backend coretime-kusama-p2p-wss-backend + mode tcp + server coretime-kusama-bkk07 192.168.122.15:30435 check + +backend encointer-kusama-p2p-wss-backend + mode tcp + server encointer-kusama-bkk07 192.168.121.16:30435 check + +### +# Westend p2p-wss backend +### + +backend asset-hub-westend-p2p-wss-backend + mode tcp + balance leastconn + server rpc-asset-hub-westend-bkk06 192.168.131.11:30435 check + server rpc-asset-hub-westend-bkk07 192.168.132.11:30435 check + +backend bridge-hub-westend-p2p-wss-backend + mode tcp + balance leastconn + server rpc-bridge-hub-westend-bkk06 192.168.131.12:30435 check + server rpc-bridge-hub-westend-bkk07 192.168.132.12:30435 check + +backend collectives-westend-p2p-wss-backend + mode tcp + balance leastconn + server rpc-collectives-westend-bkk06 192.168.131.13:30435 check + server rpc-collectives-westend-bkk07 192.168.132.13:30435 check + +backend people-westend-p2p-wss-backend + mode tcp + server rpc-people-westend-bkk07 192.168.132.14:30435 check + +backend coretime-westend-p2p-wss-backend + mode tcp + server rpc-coretime-westend-bkk07 192.168.132.15:30435 check + +### +# Paseo p2p-wss backend +### + +backend people-paseo-p2p-wss-backend + mode tcp + balance leastconn + server rpc-people-paseo-bkk06 192.168.46.94:30435 check + server rpc-people-paseo-bkk07 192.168.47.94:30435 check + +backend coretime-paseo-p2p-wss-backend + mode tcp + balance leastconn + server rpc-coretime-paseo-bkk06 192.168.46.90:30435 check + server rpc-coretime-paseo-bkk07 192.168.47.90:30435 check + ### # MISC Backend Configurations ### +backend bkk01-proxmox-backend + mode http + server bkk01-proxmox 192.168.69.101:8006 ssl verify none + +backend bkk02-proxmox-backend + mode http + server bkk02-proxmox 192.168.69.102:8006 ssl verify none + +backend bkk03-proxmox-backend + mode http + server bkk03-proxmox 192.168.69.103:8006 ssl verify none + +backend bkk04-proxmox-backend + mode http + server bkk04-proxmox 192.168.69.104:8006 ssl verify none + +backend bkk06-proxmox-backend + mode http + server bkk06-proxmox 192.168.76.1:8006 ssl verify none + +backend bkk07-proxmox-backend + mode http + server bkk07-proxmox 192.168.77.1:8006 ssl verify none + +backend bkk07-kvm-backend + mode http + server bkk07-kvm 192.168.77.10:443 ssl verify none + +backend html-backend + mode http + server html_localhost 192.168.69.103:6969 + +backend up_rotko_net_backend + mode http + server up_rotko_net_bkk06 192.168.76.1:16969 + +backend peering_rotko_net_backend + mode http + server peering_rotko_net_bkk06 192.168.69.103:28080 + +backend api_peering_rotko_net_backend + mode http + server api_peering_rotko_net_bkk06 192.168.69.103:28081 + +backend ibp-monitor-backend + mode http + balance leastconn + server ibp-monitor 192.168.69.103:30001 check inter 2s + +backend ibp-monitor-api-backend + mode http + balance leastconn + server ibp-monitor-api 192.168.69.103:30002 check inter 2s + +backend ibp-metrics-backend + mode http + #balance leastconn + server ibp-metrics 192.168.69.97:80 # check inter 2s + #server ibp-metrics 192.168.69.97:9090 # check inter 2s + +backend letsencrypt + mode http + server certbot localhost:8888 + +backend mikrotik-monitoring + mode http + server mikrotik-monitoring localhost:2080 + +backend beefyfront-backend + mode http + server ibp-monitor 192.168.69.103:3636 check inter 2s + +backend astrolabe-backend + mode http + server docker-astrolabe 192.168.69.103:42300 check inter 2s + +backend ibtc-polka-run-backend + mode http + server ibtc-polka-run 192.168.69.103:14011 check inter 2s + +backend kbtc-polka-run-backend + mode http + server kbtc-polka-run 192.168.69.103:14010 check inter 2s + +backend beefyapi-backend + mode http + server ibp-monitor 192.168.69.103:4000 check inter 2s + +backend watchdog_backend + mode http + server watchdog-ibp-bkk06 192.168.76.1:7000 -#backend letsencrypt -# mode http -# balance leastconn -# server letsencrypt 192.168.69.95:80 check inter 2s maxconn 200 +backend alert_backend + mode http + server alert-ibp-bkk06 192.168.76.1:7000 -#backend monitor -# mode http -# balance leastconn -# server monitor 192.168.69.98:80 check inter 2s maxconn 200 +# penumbra +backend penumbra_rotko_net_backend + mode http + option httpchk + server penumbra-web 127.0.0.1:13371 check -#backend ibp -# mode http -# balance leastconn -# server monitor 192.168.69.97:80 check inter 2s maxconn 200 +backend status_penumbra_rotko_net_backend + mode http + option httpchk + http-check send meth GET uri /status + server penumbra-status-1 127.0.0.1:13372 check diff --git a/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 b/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 deleted file mode 100644 index 63c088c..0000000 --- a/roles/setup_install_haproxy/templates_1/haproxy.cfg.j2 +++ /dev/null @@ -1,56 +0,0 @@ -global - log /dev/log local0 - log /dev/log local1 notice -{% if haproxy_socket != '' %} - stats socket {{ haproxy_socket }} level admin -{% endif %} -{% if haproxy_chroot != '' %} - chroot {{ haproxy_chroot }} -{% endif %} - user {{ haproxy_user }} - group {{ haproxy_group }} - daemon -{% for global_var in haproxy_global_vars %} - {{ global_var }} -{% endfor %} - -defaults - log global - mode http - option httplog - option dontlognull -{% if haproxy_version is version('1.4', '<=') %} - contimeout {{ haproxy_connect_timeout }} - clitimeout {{ haproxy_client_timeout }} - srvtimeout {{ haproxy_server_timeout }} -{% else %} - timeout connect {{ haproxy_connect_timeout }} - timeout client {{ haproxy_client_timeout }} - timeout server {{ haproxy_server_timeout }} -{% endif %} -{% if ansible_os_family == 'Debian' %} - errorfile 400 /etc/haproxy/errors/400.http - errorfile 403 /etc/haproxy/errors/403.http - errorfile 408 /etc/haproxy/errors/408.http - errorfile 500 /etc/haproxy/errors/500.http - errorfile 502 /etc/haproxy/errors/502.http - errorfile 503 /etc/haproxy/errors/503.http - errorfile 504 /etc/haproxy/errors/504.http -{% endif %} - -frontend {{ haproxy_frontend_name }} - bind {{ haproxy_frontend_bind_address }}:{{ haproxy_frontend_port }} - mode {{ haproxy_frontend_mode }} - default_backend {{ haproxy_backend_name }} - -backend {{ haproxy_backend_name }} - mode {{ haproxy_backend_mode }} - balance {{ haproxy_backend_balance_method }} - option forwardfor -{% if haproxy_backend_httpchk != '' %} - option httpchk {{ haproxy_backend_httpchk }} -{% endif %} - cookie SERVERID insert indirect -{% for backend in haproxy_backend_servers %} - server {{ backend.name }} {{ backend.address }} cookie {{ backend.name }} check -{% endfor %} From 808aae23d02ae0aec5791e802868e8be10e46249 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 12 Nov 2024 14:25:31 +0700 Subject: [PATCH 07/69] adding haproxy-bkk07 configurations --- host_vars/bkk07.yaml | 25 +++++++++++++++++++++++++ host_vars/haproxy-bkk07.yaml | 11 +++++++++++ 2 files changed, 36 insertions(+) create mode 100644 host_vars/haproxy-bkk07.yaml diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 88d27cb..d66ff72 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1251,3 +1251,28 @@ lxc_nodes: - from_port: "{{ hostvars['ibp-bkk07']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "haproxy-bkk07" + proxmox_config: + vmid: "991" + hostname: "{{ hostvars['haproxy-bkk07']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['haproxy-bkk07']['netif'] }}" + cores: 2 + memory: 4000 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:60" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['haproxy-bkk07']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['haproxy-bkk07']['ansible_port'] }}" + to_host: "{{ hostvars['haproxy-bkk07']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['haproxy-bkk07']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/haproxy-bkk07.yaml b/host_vars/haproxy-bkk07.yaml new file mode 100644 index 0000000..1fbfd1b --- /dev/null +++ b/host_vars/haproxy-bkk07.yaml @@ -0,0 +1,11 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.77.97" +ansible_port: 2991 +host_name: "haproxy container" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: +pinned_service: False +default_node_type: +zabbix_ext_port: 10991 From 99f0226834e0b90fd77dc54ee69517e6405dac29 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 12 Nov 2024 20:11:25 +0700 Subject: [PATCH 08/69] all haproxy&prometheus playbooks need to reviewed again --- bkk07 | 4 ++ group_vars/prometheus.yaml | 2 + host_vars/bkk07.yaml | 2 +- host_vars/haproxy-bkk07.yaml | 4 +- playbooks/install_haproxy.yaml | 1 - playbooks/proxmox_install_nodes.yaml | 6 +++ roles/setup_install_haproxy/tasks/main.yml | 50 ++++++++++------- .../tasks/prometheus-tasks.yaml | 54 +++++++++++++++++++ 8 files changed, 99 insertions(+), 24 deletions(-) diff --git a/bkk07 b/bkk07 index 27cac7d..20ad47c 100644 --- a/bkk07 +++ b/bkk07 @@ -12,10 +12,14 @@ polkadot hydration cumulus prometheus +haproxy [prometheus] ibp-bkk07 +[haproxy] +haproxy-bkk07 + [proxmox_vms:children] taloswrkr talosctl diff --git a/group_vars/prometheus.yaml b/group_vars/prometheus.yaml index 20b4475..b24091a 100644 --- a/group_vars/prometheus.yaml +++ b/group_vars/prometheus.yaml @@ -1,3 +1,5 @@ --- prometheus_version: 2.55.1 default_download_url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-amd64.tar.gz" +alertmanager_version: 0.27.0 +default_alertmanager_download_url: "https://github.com/prometheus/alertmanager/releases/download/v{{ alertmanager_version }}/alertmanager-{{ alertmanager_version }}.linux-amd64.tar.gz" diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index d66ff72..771adb0 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1257,7 +1257,7 @@ lxc_nodes: hostname: "{{ hostvars['haproxy-bkk07']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" netif: "{{ hostvars['haproxy-bkk07']['netif'] }}" - cores: 2 + cores: 8 memory: 4000 swap: 256 password: "{{ default_password }}" diff --git a/host_vars/haproxy-bkk07.yaml b/host_vars/haproxy-bkk07.yaml index 1fbfd1b..ab76d42 100644 --- a/host_vars/haproxy-bkk07.yaml +++ b/host_vars/haproxy-bkk07.yaml @@ -1,8 +1,8 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.97" +container_ip: "192.168.77.91" ansible_port: 2991 -host_name: "haproxy container" +host_name: "haproxy-bkk07" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: diff --git a/playbooks/install_haproxy.yaml b/playbooks/install_haproxy.yaml index ffe0b35..a352739 100644 --- a/playbooks/install_haproxy.yaml +++ b/playbooks/install_haproxy.yaml @@ -6,4 +6,3 @@ roles: - setup_add_node_role - setup_install_haproxy - - setup_install_nginx diff --git a/playbooks/proxmox_install_nodes.yaml b/playbooks/proxmox_install_nodes.yaml index 1e73bc1..68609c8 100644 --- a/playbooks/proxmox_install_nodes.yaml +++ b/playbooks/proxmox_install_nodes.yaml @@ -32,6 +32,12 @@ - setup_user_management - setup_log_rotation +- name: Install Haproxy + hosts: haproxy + gather_facts: True + roles: + - setup_install_haproxy + - name: Install Prometheus hosts: prometheus gather_facts: True diff --git a/roles/setup_install_haproxy/tasks/main.yml b/roles/setup_install_haproxy/tasks/main.yml index 9c64c42..42aed92 100644 --- a/roles/setup_install_haproxy/tasks/main.yml +++ b/roles/setup_install_haproxy/tasks/main.yml @@ -1,13 +1,12 @@ --- - name: Add HAProxy GPG key - ansible.builtin.get_url: + ansible.builtin.apt_key: url: https://haproxy.debian.net/bernat.debian.org.gpg - dest: /usr/share/keyrings/haproxy.debian.net.gpg - mode: "0644" + state: present - name: Add HAProxy repository ansible.builtin.apt_repository: - repo: deb [signed-by=/usr/share/keyrings/haproxy.debian.net.gpg] http://haproxy.debian.net bookworm-backports-2.9 main + repo: deb https://haproxy.debian.net bookworm-backports-2.8 main state: present filename: haproxy @@ -15,9 +14,9 @@ ansible.builtin.apt: update_cache: yes -- name: Ensure HAProxy 2.9.* is installed +- name: Ensure HAProxy 2.8.* is installed ansible.builtin.apt: - name: "haproxy=2.9.*" + name: "haproxy=2.8.*" state: present when: - ansible_os_family == 'Debian' @@ -32,29 +31,40 @@ ansible.builtin.set_fact: haproxy_version: '{{ haproxy_version_result.stdout_lines[0] | regex_replace("^HA-?Proxy version (\d+(\.\d+)*).*$", "\1") }}' -- name: Ensure HAProxy version is 2.9.x +- name: Ensure HAProxy version is 2.8.x ansible.builtin.assert: that: - - haproxy_version is version('2.9', '>=') - - haproxy_version is version('2.10', '<') - fail_msg: "Installed HAProxy version ({{ haproxy_version }}) is not in the 2.9.x series" + - haproxy_version is version('2.8', '>=') + - haproxy_version is version('2.9', '<') + fail_msg: "Installed HAProxy version ({{ haproxy_version }}) is not in the 2.8.x series" success_msg: "HAProxy version {{ haproxy_version }} is correctly installed" - command: haproxy -v - register: haproxy_version_result - changed_when: false - check_mode: false -- name: Set HAProxy version. - set_fact: - haproxy_version: '{{ haproxy_version_result.stdout_lines[0] | regex_replace("^HA-?Proxy version (\d+(\.\d+)*).*$", "\1") }}' +- name: Display HAProxy template content + ansible.builtin.debug: + msg: "{{ lookup('template', haproxy_template) }}" - name: Copy HAProxy configuration in place. - template: + ansible.builtin.template: src: "{{ haproxy_template }}" dest: /etc/haproxy/haproxy.cfg mode: 0644 - validate: haproxy -f %s -c -q - notify: restart haproxy + register: haproxy_config + +- name: Validate HAProxy configuration + ansible.builtin.command: haproxy -c -f /etc/haproxy/haproxy.cfg + register: haproxy_validate + changed_when: false + failed_when: haproxy_validate.rc != 0 + +- name: Display HAProxy validation result + ansible.builtin.debug: + var: haproxy_validate + +- name: Restart HAProxy if configuration is valid + ansible.builtin.service: + name: haproxy + state: restarted + when: haproxy_validate.rc == 0 - name: Ensure HAProxy is started and enabled on boot. service: name=haproxy state=started enabled=yes diff --git a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml index 6fef70f..2456e4a 100644 --- a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml +++ b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml @@ -73,6 +73,47 @@ path: "/tmp/prometheus.tar.gz" state: absent +- name: Download Alertmanager + ansible.builtin.get_url: + url: "{{ default_alertmanager_download_url }}" + dest: "/tmp/alertmanager.tar.gz" + mode: "0644" + register: alertmanager_download + until: alertmanager_download is succeeded + retries: 3 + delay: 5 + +- name: Extract Alertmanager package + ansible.builtin.unarchive: + src: "/tmp/alertmanager.tar.gz" + dest: "/tmp" + remote_src: yes + +- name: Move Alertmanager binary to /bin + ansible.builtin.copy: + src: "/tmp/alertmanager-{{ alertmanager_version }}.linux-amd64/alertmanager" + dest: "/bin/prometheus-alertmanager" + mode: "0755" + remote_src: yes + force: yes + +- name: Remove downloaded and extracted Alertmanager files + ansible.builtin.file: + path: "{{ item }}" + state: absent + loop: + - "/tmp/alertmanager.tar.gz" + - "/tmp/alertmanager-{{ alertmanager_version }}.linux-amd64" + +# - name: Deploy Alertmanager configuration +# ansible.builtin.copy: +# src: files/alertmanager.yml +# dest: /etc/prometheus/alertmanager.yml +# owner: prometheus +# group: prometheus +# mode: "0644" +# notify: Restart Alertmanager + - name: Deploy Prometheus configuration ansible.builtin.copy: src: files/prometheus.yaml @@ -82,6 +123,19 @@ mode: "0644" notify: Restart Prometheus +# - name: Set up Alertmanager service +# ansible.builtin.template: +# src: files/alertmanager.service +# dest: /etc/systemd/system/alertmanager.service +# mode: "0644" + +# - name: Manage Alertmanager service +# ansible.builtin.systemd: +# name: alertmanager +# daemon_reload: yes +# enabled: yes +# state: started + - name: Validate Prometheus configuration ansible.builtin.command: cmd: "/usr/local/bin/promtool check config /etc/prometheus/prometheus.yml" From 7ce5ae40419312d74dfa106faf8d228270846c08 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 14 Nov 2024 13:58:38 +0700 Subject: [PATCH 09/69] fix ports & ip for rpc-kusama-01 --- host_vars/rpc-kusama-01.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/host_vars/rpc-kusama-01.yaml b/host_vars/rpc-kusama-01.yaml index b05528a..5a2e07e 100644 --- a/host_vars/rpc-kusama-01.yaml +++ b/host_vars/rpc-kusama-01.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.21" +container_ip: "192.168.121.10" ansible_port: 2321 -host_name: "rpc-kusama-01.rotko.net" +host_name: "rpc-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "kusama" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_domain_lb: "kusama.rotko.net" default_domain_ibp: "rpc.ibp.network" @@ -18,18 +18,17 @@ default_dotters_repository: "git@github.com:senseless/dotters-ssl" default_network: "kusama" default_node_type: "endpoint" default_pruning: "archive" -default_database: "paritydb" +default_database: "rocksdb" default_syncmode: "full" default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_p2p_port: 32001 +default_bootnode_p2p_port: 32001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9300 default_secure_rpc_port: 42321 -default_prom_port: 7321 +default_prom_port: 7300 zabbix_ext_port: 10321 From 87af808346a80ed18f27b0a4ae07dc18e3b8b01d Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 14 Nov 2024 15:52:53 +0700 Subject: [PATCH 10/69] remove prometheus and haproxy from inventory removed them so it'll not got auto updated --- bkk07 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bkk07 b/bkk07 index 20ad47c..fdca425 100644 --- a/bkk07 +++ b/bkk07 @@ -11,8 +11,7 @@ routers polkadot hydration cumulus -prometheus -haproxy +builder-container [prometheus] ibp-bkk07 @@ -20,6 +19,9 @@ ibp-bkk07 [haproxy] haproxy-bkk07 +[builder-container] +build-node-07 + [proxmox_vms:children] taloswrkr talosctl From 91d2aea15f3d63cd8c200cabefa281875c859af7 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 14 Nov 2024 15:53:42 +0700 Subject: [PATCH 11/69] commented so it'll not auto update haproxy & prometheus --- playbooks/proxmox_install_nodes.yaml | 22 +++++++++++----------- roles/setup_install_haproxy/tasks/main.yml | 17 +++++++++++------ 2 files changed, 22 insertions(+), 17 deletions(-) diff --git a/playbooks/proxmox_install_nodes.yaml b/playbooks/proxmox_install_nodes.yaml index 68609c8..22ce405 100644 --- a/playbooks/proxmox_install_nodes.yaml +++ b/playbooks/proxmox_install_nodes.yaml @@ -32,17 +32,17 @@ - setup_user_management - setup_log_rotation -- name: Install Haproxy - hosts: haproxy - gather_facts: True - roles: - - setup_install_haproxy - -- name: Install Prometheus - hosts: prometheus - gather_facts: True - roles: - - setup_install_prometheus +# - name: Install Haproxy +# hosts: haproxy +# gather_facts: True +# roles: +# - setup_install_haproxy +# +# - name: Install Prometheus +# hosts: prometheus +# gather_facts: True +# roles: +# - setup_install_prometheus - name: Install Arbitrum services hosts: arbitrum diff --git a/roles/setup_install_haproxy/tasks/main.yml b/roles/setup_install_haproxy/tasks/main.yml index 42aed92..03c390f 100644 --- a/roles/setup_install_haproxy/tasks/main.yml +++ b/roles/setup_install_haproxy/tasks/main.yml @@ -18,6 +18,11 @@ ansible.builtin.apt: name: "haproxy=2.8.*" state: present + force: yes + force_apt_get: yes + dpkg_options: "force-confdef,force-confold" + environment: + DEBIAN_FRONTEND: noninteractive when: - ansible_os_family == 'Debian' @@ -43,12 +48,12 @@ ansible.builtin.debug: msg: "{{ lookup('template', haproxy_template) }}" -- name: Copy HAProxy configuration in place. - ansible.builtin.template: - src: "{{ haproxy_template }}" - dest: /etc/haproxy/haproxy.cfg - mode: 0644 - register: haproxy_config +# - name: Copy HAProxy configuration in place. +# ansible.builtin.template: +# src: "{{ haproxy_template }}" +# dest: /etc/haproxy/haproxy.cfg +# mode: 0644 +# register: haproxy_config - name: Validate HAProxy configuration ansible.builtin.command: haproxy -c -f /etc/haproxy/haproxy.cfg From 3d89c3bcdd6481b3073b0cbe6892ebbb561b1179 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 14 Nov 2024 16:10:03 +0700 Subject: [PATCH 12/69] commented out broken ct & adding build-node07 --- host_vars/bkk07.yaml | 375 +++++++++++++++++++---------------- host_vars/build-node-07.yaml | 10 + 2 files changed, 210 insertions(+), 175 deletions(-) create mode 100644 host_vars/build-node-07.yaml diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 771adb0..4caa10b 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -64,41 +64,41 @@ lxc_nodes: # - from_port: "{{ hostvars['rpc-polkadot-02']['default_p2p_port_wss'] }}" # to_host: "{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_p2p_port_wss'] }}" # protocol: "tcp" - - host: "hdx27" - proxmox_config: - vmid: "837" - hostname: "{{ hostvars['hdx27']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['hdx27']['netif'] }}" - cores: 8 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ default_storage }}:20" - mounts: '{"mp0":"{{ default_storage }}:150,mp={{ hostvars["hdx27"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['hdx27']['default_network'] }} {{ hostvars['hdx27']['default_node_type'] }}: {{ hostvars['hdx27']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['hdx27']['ansible_port'] }}" - to_host: "{{ hostvars['hdx27']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['hdx27']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['hdx27']['default_p2p_port'] }}" - to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['hdx27']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['hdx27']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port_wss'] }}" - protocol: "tcp" + # - host: "hdx27" + # proxmox_config: + # vmid: "837" + # hostname: "{{ hostvars['hdx27']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['hdx27']['netif'] }}" + # cores: 8 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ default_storage }}:20" + # mounts: '{"mp0":"{{ default_storage }}:150,mp={{ hostvars["hdx27"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['hdx27']['default_network'] }} {{ hostvars['hdx27']['default_node_type'] }}: {{ hostvars['hdx27']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['hdx27']['ansible_port'] }}" + # to_host: "{{ hostvars['hdx27']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['hdx27']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['hdx27']['default_p2p_port'] }}" + # to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['hdx27']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['hdx27']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port_wss'] }}" + # protocol: "tcp" - host: "pso07" proxmox_config: vmid: "1007" @@ -131,41 +131,41 @@ lxc_nodes: - from_port: "{{ hostvars['pso07']['default_p2p_port_ws'] }}" to_host: "{{ hostvars['pso07']['container_ip'] }}:{{ hostvars['pso07']['default_p2p_port_ws'] }}" protocol: "tcp" - - host: "kcore27" - proxmox_config: - vmid: "827" - hostname: "{{ hostvars['kcore27']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['kcore27']['netif'] }}" - cores: 4 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ default_storage }}:20" - mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["kcore27"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['kcore27']['default_network'] }} {{ hostvars['kcore27']['default_node_type'] }}: {{ hostvars['kcore27']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['kcore27']['ansible_port'] }}" - to_host: "{{ hostvars['kcore27']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['kcore27']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['kcore27']['default_p2p_port'] }}" - to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['kcore27']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['kcore27']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port_wss'] }}" - protocol: "tcp" + # - host: "kcore27" + # proxmox_config: + # vmid: "827" + # hostname: "{{ hostvars['kcore27']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['kcore27']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ default_storage }}:20" + # mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["kcore27"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['kcore27']['default_network'] }} {{ hostvars['kcore27']['default_node_type'] }}: {{ hostvars['kcore27']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['kcore27']['ansible_port'] }}" + # to_host: "{{ hostvars['kcore27']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['kcore27']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['kcore27']['default_p2p_port'] }}" + # to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['kcore27']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['kcore27']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['kcore27']['container_ip'] }}:{{ hostvars['kcore27']['default_p2p_port_wss'] }}" + # protocol: "tcp" # - host: "kppl27" # proxmox_config: # vmid: "857" @@ -201,76 +201,76 @@ lxc_nodes: # - from_port: "{{ hostvars['kppl27']['default_p2p_port_wss'] }}" # to_host: "{{ hostvars['kppl27']['container_ip'] }}:{{ hostvars['kppl27']['default_p2p_port_wss'] }}" # protocol: "tcp" - - host: "wcore27" - proxmox_config: - vmid: "937" - hostname: "{{ hostvars['wcore27']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['wcore27']['netif'] }}" - cores: 4 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ default_storage }}:20" - mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["wcore27"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['wcore27']['default_network'] }} {{ hostvars['wcore27']['default_node_type'] }}: {{ hostvars['wcore27']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['wcore27']['ansible_port'] }}" - to_host: "{{ hostvars['wcore27']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['wcore27']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['wcore27']['default_p2p_port'] }}" - to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['wcore27']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['wcore27']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port_wss'] }}" - protocol: "tcp" - - host: "wppl27" - proxmox_config: - vmid: "867" - hostname: "{{ hostvars['wppl27']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['wppl27']['netif'] }}" - cores: 4 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ default_storage }}:20" - mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["wppl27"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['wppl27']['default_network'] }} {{ hostvars['wppl27']['default_node_type'] }}: {{ hostvars['wppl27']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['wppl27']['ansible_port'] }}" - to_host: "{{ hostvars['wppl27']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['wppl27']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['wppl27']['default_p2p_port'] }}" - to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['wppl27']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['wppl27']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port_wss'] }}" - protocol: "tcp" + # - host: "wcore27" + # proxmox_config: + # vmid: "937" + # hostname: "{{ hostvars['wcore27']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['wcore27']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ default_storage }}:20" + # mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["wcore27"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['wcore27']['default_network'] }} {{ hostvars['wcore27']['default_node_type'] }}: {{ hostvars['wcore27']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['wcore27']['ansible_port'] }}" + # to_host: "{{ hostvars['wcore27']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['wcore27']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['wcore27']['default_p2p_port'] }}" + # to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['wcore27']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['wcore27']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['wcore27']['container_ip'] }}:{{ hostvars['wcore27']['default_p2p_port_wss'] }}" + # protocol: "tcp" + # - host: "wppl27" + # proxmox_config: + # vmid: "867" + # hostname: "{{ hostvars['wppl27']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['wppl27']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ default_storage }}:20" + # mounts: '{"mp0":"{{ default_storage }}:100,mp={{ hostvars["wppl27"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['wppl27']['default_network'] }} {{ hostvars['wppl27']['default_node_type'] }}: {{ hostvars['wppl27']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['wppl27']['ansible_port'] }}" + # to_host: "{{ hostvars['wppl27']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['wppl27']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['wppl27']['default_p2p_port'] }}" + # to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['wppl27']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['wppl27']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['wppl27']['container_ip'] }}:{{ hostvars['wppl27']['default_p2p_port_wss'] }}" + # protocol: "tcp" - host: "rpc-asset-hub-paseo-02" proxmox_config: vmid: "340102" @@ -306,41 +306,41 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-asset-hub-paseo-02']['default_p2p_port_wss'] }}" to_host: "{{ hostvars['rpc-asset-hub-paseo-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-02']['default_p2p_port_wss'] }}" protocol: "tcp" - - host: "mint27" - proxmox_config: - vmid: "617" - hostname: "{{ hostvars['mint27']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['mint27']['netif'] }}" - cores: 4 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ lvm_storage }}:20" - mounts: '{"mp0":"{{ lvm_storage }}:100,mp={{ hostvars["mint27"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['mint27']['default_network'] }} {{ hostvars['mint27']['default_node_type'] }}: {{ hostvars['mint27']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['mint27']['ansible_port'] }}" - to_host: "{{ hostvars['mint27']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['mint27']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['mint27']['default_p2p_port'] }}" - to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['mint27']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['mint27']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port_wss'] }}" - protocol: "tcp" + # - host: "mint27" + # proxmox_config: + # vmid: "617" + # hostname: "{{ hostvars['mint27']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['mint27']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ lvm_storage }}:20" + # mounts: '{"mp0":"{{ lvm_storage }}:100,mp={{ hostvars["mint27"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['mint27']['default_network'] }} {{ hostvars['mint27']['default_node_type'] }}: {{ hostvars['mint27']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['mint27']['ansible_port'] }}" + # to_host: "{{ hostvars['mint27']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['mint27']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['mint27']['default_p2p_port'] }}" + # to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['mint27']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['mint27']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['mint27']['container_ip'] }}:{{ hostvars['mint27']['default_p2p_port_wss'] }}" + # protocol: "tcp" - host: "rpc-people-polkadot-02" proxmox_config: vmid: "310602" @@ -1276,3 +1276,28 @@ lxc_nodes: - from_port: "{{ hostvars['haproxy-bkk07']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "build-node-07" + proxmox_config: + vmid: "977" + hostname: "{{ hostvars['build-node-07']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['build-node-07']['netif'] }}" + cores: 16 + memory: 16384 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:50" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['build-node-07']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['build-node-07']['ansible_port'] }}" + to_host: "{{ hostvars['build-node-07']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['build-node-07']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/build-node-07.yaml b/host_vars/build-node-07.yaml new file mode 100644 index 0000000..5ebaea5 --- /dev/null +++ b/host_vars/build-node-07.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.77.177" +ansible_port: 2917 +host_name: "build-node-07" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +pinned_service: False + +zabbix_ext_port: 10177 From f9a05eb3a2a6f2e7776c7639710575067cc7cd43 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 15 Nov 2024 14:01:51 +0700 Subject: [PATCH 13/69] add buildnode,haproxy,prometheus to inventory --- inventory | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/inventory b/inventory index e9e1312..bdcddcf 100644 --- a/inventory +++ b/inventory @@ -12,6 +12,15 @@ encointer hydration polkadot +[prometheus] +ibp-bkk07 + +[haproxy] +haproxy-bkk07 + +[builder-container] +build-node-07 + [proxmox_nodes] ansible matrix From a8436ccc79027d18b4a71a5228d1cf945d966530 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 15 Nov 2024 16:44:39 +0700 Subject: [PATCH 14/69] adding rpc-polkadot-01 to bkk06 & fix rpc-westend-02 --- bkk06 | 2 ++ host_vars/rpc-polkadot-01.yaml | 19 +++++++++++-------- host_vars/rpc-westend-02.yaml | 6 +++--- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/bkk06 b/bkk06 index d55fd66..21d2899 100644 --- a/bkk06 +++ b/bkk06 @@ -22,6 +22,8 @@ hdx26 [polkadot] dot14 dot26 +rpc-polkadot-01 +rpc-kusama-01 ksm14 ksm26 pso06 diff --git a/host_vars/rpc-polkadot-01.yaml b/host_vars/rpc-polkadot-01.yaml index 1e911c9..500231c 100644 --- a/host_vars/rpc-polkadot-01.yaml +++ b/host_vars/rpc-polkadot-01.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.11" +container_ip: "192.168.111.10" ansible_port: 2311 -host_name: "rpc-polkadot-01.rotko.net" +host_name: "rpc-polkadot-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "polkadot" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_domain_lb: "polkadot.rotko.net" default_domain_ibp: "rpc.ibp.network" @@ -20,15 +20,18 @@ default_node_type: "endpoint" default_pruning: "archive" default_database: "rocksdb" default_syncmode: full -zabbix_ext_port: 10311 - -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -default_p2p_port: 30333 +default_p2p_port: 31001 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 + +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 31001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 + default_rpc_port: 9300 +default_prom_port: 7300 + default_secure_rpc_port: 42311 -default_prom_port: 7311 +zabbix_ext_port: 10311 diff --git a/host_vars/rpc-westend-02.yaml b/host_vars/rpc-westend-02.yaml index d011f2b..10a7daa 100644 --- a/host_vars/rpc-westend-02.yaml +++ b/host_vars/rpc-westend-02.yaml @@ -2,13 +2,13 @@ ansible_host: "160.22.181.181" container_ip: "192.168.77.32" ansible_port: 2332 -host_name: "rpc-westend-02.rotko.net" +host_name: "rpc-westend-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' -role: "westend" +role: "polkadot" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_domain_lb: "westend.rotko.net" default_domain_ibp: "rpc.ibp.network" From 4e4f6917f1ce5c5e19a0d8acb0108889f9e1e084 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 15 Nov 2024 16:48:30 +0700 Subject: [PATCH 15/69] tidying up --- group_vars/all/all.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/group_vars/all/all.yaml b/group_vars/all/all.yaml index a88f670..dee3c15 100644 --- a/group_vars/all/all.yaml +++ b/group_vars/all/all.yaml @@ -157,10 +157,6 @@ proxmox_defaults: pubkey: | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPBgdF5W2e5iMFt1iiLRuRdz7RxJzmj9v30nn9vZTYP user@pc02 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIrOT9g9BblH6u28wAQGmpqA/sH+EiKdhrqrfuDdZu2 hq@rotko.net - # pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIrOT9g9BblH6u28wAQGmpqA/sH+EiKdhrqrfuDdZu2 hq@rotko.net" - # pubkeys: - # - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPBgdF5W2e5iMFt1iiLRuRdz7RxJzmj9v30nn9vZTYP user@pc02" - # - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIrOT9g9BblH6u28wAQGmpqA/sH+EiKdhrqrfuDdZu2 hq@rotko.net" node: "{{ host_name.split('.')[0] }}" timeout: 1200 From 9f9229bc68d17c63804455e6cb8f9de60dd4537d Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 15 Nov 2024 17:01:32 +0700 Subject: [PATCH 16/69] adding rpc-westend-01 to bkk06 --- bkk06 | 2 +- host_vars/bkk06.yaml | 202 ++++++++++++++++------------------ host_vars/rpc-westend-01.yaml | 21 ++-- 3 files changed, 108 insertions(+), 117 deletions(-) diff --git a/bkk06 b/bkk06 index 21d2899..0e89240 100644 --- a/bkk06 +++ b/bkk06 @@ -23,7 +23,7 @@ hdx26 dot14 dot26 rpc-polkadot-01 -rpc-kusama-01 +rpc-westend-01 ksm14 ksm26 pso06 diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index 17bc6f4..c1bc4bc 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1555,113 +1555,101 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-collectives-westend-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-collectives-westend-01']['container_ip'] }}:{{ hostvars['rpc-collectives-westend-01']['default_p2p_port'] }}" protocol: "tcp" -# -# TODO: new relays -# - host: "rpc-polkadot-01" -# proxmox_config: -# vmid: "310001" -# hostname: "{{ hostvars['rpc-polkadot-01']['host_name'] }}" -# ostemplate: "local:vztmpl/{{ default_container_template }}" -# netif: "{{ hostvars['rpc-polkadot-01']['netif'] }}" -# cores: 4 -# memory: 16384 -# swap: 8192 -# password: "{{ default_password }}" -# disk: "{{ zfs_storage }}:20" -# mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-polkadot-01"]["default_database_path"] }}"}' -# onboot: True -# unprivileged: True -# validate_certs: False -# description: "{{ hostvars['rpc-polkadot-01']['default_network'] }} {{ hostvars['rpc-polkadot-01']['default_node_type'] }}: {{ hostvars['rpc-polkadot-01']['host_name'] }}" -# state: present -# features: -# - nesting=1 -# port_forwards: -# - from_port: "{{ hostvars['rpc-polkadot-01']['ansible_port'] }}" -# to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:22" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-polkadot-01']['zabbix_ext_port'] }}" -# to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" -# to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-polkadot-01']['default_p2p_port_ws'] }}" -# to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_p2p_port_ws'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-polkadot-01']['default_p2p_port_wss'] }}" -# to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_p2p_port_wss'] }}" -# protocol: "tcp" -# - host: "rpc-kusama-01" -# proxmox_config: -# vmid: "320001" -# hostname: "{{ hostvars['rpc-kusama-01']['host_name'] }}" -# ostemplate: "local:vztmpl/{{ default_container_template }}" -# netif: "{{ hostvars['rpc-kusama-01']['netif'] }}" -# cores: 4 -# memory: 16384 -# swap: 8192 -# password: "{{ default_password }}" -# disk: "{{ zfs_storage }}:20" -# mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' -# onboot: True -# unprivileged: True -# validate_certs: False -# description: "{{ hostvars['rpc-kusama-01']['default_network'] }} {{ hostvars['rpc-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-kusama-01']['host_name'] }}" -# state: present -# features: -# - nesting=1 -# port_forwards: -# - from_port: "{{ hostvars['rpc-kusama-01']['ansible_port'] }}" -# to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:22" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-kusama-01']['zabbix_ext_port'] }}" -# to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" -# to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" -# to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" -# to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" -# protocol: "tcp" -# - host: "rpc-westend-01" -# proxmox_config: -# vmid: "330001" -# hostname: "{{ hostvars['rpc-westend-01']['host_name'] }}" -# ostemplate: "local:vztmpl/{{ default_container_template }}" -# netif: "{{ hostvars['rpc-westend-01']['netif'] }}" -# cores: 4 -# memory: 16384 -# swap: 8192 -# password: "{{ default_password }}" -# disk: "{{ zfs_storage }}:20" -# mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-westend-01"]["default_database_path"] }}"}' -# onboot: True -# unprivileged: True -# validate_certs: False -# description: "{{ hostvars['rpc-westend-01']['default_network'] }} {{ hostvars['rpc-westend-01']['default_node_type'] }}: {{ hostvars['rpc-westend-01']['host_name'] }}" -# state: present -# features: -# - nesting=1 -# port_forwards: -# - from_port: "{{ hostvars['rpc-westend-01']['ansible_port'] }}" -# to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:22" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-westend-01']['zabbix_ext_port'] }}" -# to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" -# to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port_ws'] }}" -# to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port_ws'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port_wss'] }}" -# to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port_wss'] }}" -# protocol: "tcp" + # + # TODO: new relays + - host: "rpc-polkadot-01" + proxmox_config: + vmid: "31001" + hostname: "{{ hostvars['rpc-polkadot-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-polkadot-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-polkadot-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-polkadot-01']['default_network'] }} {{ hostvars['rpc-polkadot-01']['default_node_type'] }}: {{ hostvars['rpc-polkadot-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-polkadot-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-polkadot-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" + protocol: "tcp" + # - host: "rpc-kusama-01" + # proxmox_config: + # vmid: "320001" + # hostname: "{{ hostvars['rpc-kusama-01']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['rpc-kusama-01']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ zfs_storage }}:20" + # mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['rpc-kusama-01']['default_network'] }} {{ hostvars['rpc-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-kusama-01']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['rpc-kusama-01']['ansible_port'] }}" + # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-kusama-01']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" + # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" + # protocol: "tcp" + - host: "rpc-westend-01" + proxmox_config: + vmid: "33001" + hostname: "{{ hostvars['rpc-westend-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-westend-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-westend-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-westend-01']['default_network'] }} {{ hostvars['rpc-westend-01']['default_node_type'] }}: {{ hostvars['rpc-westend-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-westend-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-westend-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" + protocol: "tcp" # - host: "rpc-paseo-01" # proxmox_config: # vmid: "340001" diff --git a/host_vars/rpc-westend-01.yaml b/host_vars/rpc-westend-01.yaml index b37036c..c1805c0 100644 --- a/host_vars/rpc-westend-01.yaml +++ b/host_vars/rpc-westend-01.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.31" +container_ip: "192.168.131.10" ansible_port: 2331 -host_name: "rpc-westend-01.rotko.net" +host_name: "rpc-westend-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' -role: "westend" +role: "polkadot" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_domain_lb: "westend.rotko.net" default_domain_ibp: "rpc.ibp.network" @@ -20,15 +20,18 @@ default_node_type: "endpoint" default_pruning: "archive" default_database: "rocksdb" default_syncmode: "full" -zabbix_ext_port: 10331 - -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -default_p2p_port: 30333 +default_p2p_port: 33001 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 + +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 33001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 + default_rpc_port: 9300 +default_prom_port: 7300 + default_secure_rpc_port: 42331 -default_prom_port: 7331 +zabbix_ext_port: 10331 From 2c0374b339e249a3cba548b65cdf83df274f71d0 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 18 Nov 2024 12:45:21 +0700 Subject: [PATCH 17/69] adding interbtc for frontend --- bkk07 | 5 ++- host_vars/bkk07.yaml | 89 ++++++++++++++++++++++++++--------------- host_vars/interbtc.yaml | 10 +++++ 3 files changed, 70 insertions(+), 34 deletions(-) create mode 100644 host_vars/interbtc.yaml diff --git a/bkk07 b/bkk07 index fdca425..417b2f7 100644 --- a/bkk07 +++ b/bkk07 @@ -11,7 +11,7 @@ routers polkadot hydration cumulus -builder-container +misc-container [prometheus] ibp-bkk07 @@ -19,8 +19,9 @@ ibp-bkk07 [haproxy] haproxy-bkk07 -[builder-container] +[misc-container] build-node-07 +interbtc [proxmox_vms:children] taloswrkr diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 4caa10b..23a4def 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -99,38 +99,38 @@ lxc_nodes: # - from_port: "{{ hostvars['hdx27']['default_p2p_port_wss'] }}" # to_host: "{{ hostvars['hdx27']['container_ip'] }}:{{ hostvars['hdx27']['default_p2p_port_wss'] }}" # protocol: "tcp" - - host: "pso07" - proxmox_config: - vmid: "1007" - hostname: "{{ hostvars['pso07']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['pso07']['netif'] }}" - cores: 4 - memory: 16384 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ default_storage }}:20" - mounts: '{"mp0":"{{ default_storage }}:200,mp={{ hostvars["pso07"]["default_base_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['pso07']['default_network'] }} {{ hostvars['pso07']['default_node_type'] }}: {{ hostvars['pso07']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['pso07']['ansible_port'] }}" - to_host: "{{ hostvars['pso07']['container_ip'] }}:22" - protocol: "tcp" - - from_port: "{{ hostvars['pso07']['zabbix_ext_port'] }}" - to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - protocol: "tcp" - - from_port: "{{ hostvars['pso07']['default_p2p_port'] }}" - to_host: "{{ hostvars['pso07']['container_ip'] }}:{{ hostvars['pso07']['default_p2p_port'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['pso07']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['pso07']['container_ip'] }}:{{ hostvars['pso07']['default_p2p_port_ws'] }}" - protocol: "tcp" + # - host: "pso07" + # proxmox_config: + # vmid: "1007" + # hostname: "{{ hostvars['pso07']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['pso07']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ default_storage }}:20" + # mounts: '{"mp0":"{{ default_storage }}:200,mp={{ hostvars["pso07"]["default_base_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['pso07']['default_network'] }} {{ hostvars['pso07']['default_node_type'] }}: {{ hostvars['pso07']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['pso07']['ansible_port'] }}" + # to_host: "{{ hostvars['pso07']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['pso07']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['pso07']['default_p2p_port'] }}" + # to_host: "{{ hostvars['pso07']['container_ip'] }}:{{ hostvars['pso07']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['pso07']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['pso07']['container_ip'] }}:{{ hostvars['pso07']['default_p2p_port_ws'] }}" + # protocol: "tcp" # - host: "kcore27" # proxmox_config: # vmid: "827" @@ -1301,3 +1301,28 @@ lxc_nodes: - from_port: "{{ hostvars['build-node-07']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "interbtc" + proxmox_config: + vmid: "992" + hostname: "{{ hostvars['interbtc']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['interbtc']['netif'] }}" + cores: 1 + memory: 4000 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:15" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['interbtc']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['interbtc']['ansible_port'] }}" + to_host: "{{ hostvars['interbtc']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['interbtc']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/interbtc.yaml b/host_vars/interbtc.yaml new file mode 100644 index 0000000..cff71ce --- /dev/null +++ b/host_vars/interbtc.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.77.92" +ansible_port: 2992 +host_name: "inter-btc" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +pinned_service: False + +zabbix_ext_port: 10172 From c0dea63703fcb7808a6d6fcf0e08ae8b8ce65556 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 20 Nov 2024 16:31:01 +0700 Subject: [PATCH 18/69] chore: add new proxy-bkk07 --- bkk07 | 1 + host_vars/bkk07.yaml | 25 +++++++++++++++++++++++++ host_vars/proxy-bkk07.yaml | 9 +++++++++ inventory | 1 + 4 files changed, 36 insertions(+) create mode 100644 host_vars/proxy-bkk07.yaml diff --git a/bkk07 b/bkk07 index 417b2f7..7481a72 100644 --- a/bkk07 +++ b/bkk07 @@ -22,6 +22,7 @@ haproxy-bkk07 [misc-container] build-node-07 interbtc +proxy-bkk07 [proxmox_vms:children] taloswrkr diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 23a4def..fbc8ff1 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1326,3 +1326,28 @@ lxc_nodes: - from_port: "{{ hostvars['interbtc']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "proxy-bkk07" + proxmox_config: + vmid: "992" + hostname: "{{ hostvars['proxy-bkk07']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['proxy-bkk07']['netif'] }}" + cores: 1 + memory: 4000 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:15" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['proxy-bkk07']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['proxy-bkk07']['ansible_port'] }}" + to_host: "{{ hostvars['proxy-bkk07']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['proxy-bkk07']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/proxy-bkk07.yaml b/host_vars/proxy-bkk07.yaml new file mode 100644 index 0000000..b238ebc --- /dev/null +++ b/host_vars/proxy-bkk07.yaml @@ -0,0 +1,9 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.69.254" +ansible_port: 2954 +host_name: "proxy-bkk07" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +pinned_service: False +zabbix_ext_port: 10954 diff --git a/inventory b/inventory index bdcddcf..deb25b6 100644 --- a/inventory +++ b/inventory @@ -86,6 +86,7 @@ rpc-people-polkadot-01 rpc-people-polkadot-02 rpc-people-paseo-02 rpc-people-westend-02 +rpc-people-kusama-02 rpc-coretime-paseo-02 rpc-coretime-polkadot-02 rpc-coretime-westend-02 From 17bc5f9e52d9faf08638adc08bc8e3fad4285f25 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 21 Nov 2024 13:45:49 +0700 Subject: [PATCH 19/69] chore: add --expand flags for nginx when i try to update ct's, they give me errror and needs to include this flags -al --- roles/setup_install_nginx/tasks/main.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/setup_install_nginx/tasks/main.yaml b/roles/setup_install_nginx/tasks/main.yaml index 9b1a161..5359d53 100644 --- a/roles/setup_install_nginx/tasks/main.yaml +++ b/roles/setup_install_nginx/tasks/main.yaml @@ -69,7 +69,7 @@ become: True become_user: root - #NOTE: added --dns-cloudflare-propagation-seconds 60 -al + #NOTE: added --dns-cloudflare-propagation-seconds 60 and --expand flag for multiple domains -al - name: Renew Let's Encrypt certificate using DNS challenge ansible.builtin.command: > certbot certonly --dns-cloudflare @@ -77,6 +77,7 @@ -d {{ default_domain }} {% if default_bootnode_domain is defined and default_bootnode_domain | length > 0 %} -d {{ default_bootnode_domain }} + --expand {% endif %} --non-interactive --agree-tos @@ -121,7 +122,7 @@ - name: Set up Certbot auto-renewal ansible.builtin.cron: name: "Certbot renewal" - job: "certbot renew --quiet --dns-cloudflare --dns-cloudflare-credentials /root/.secrets/certbot/cloudflare.ini --deploy-hook 'systemctl reload nginx'" + job: "certbot renew --quiet --dns-cloudflare --dns-cloudflare-credentials /root/.secrets/certbot/cloudflare.ini --expand --deploy-hook 'systemctl reload nginx'" minute: "0" hour: "3" weekday: "1" From e048d82dff55795cb2f605f1971c779de31b606b Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 21 Nov 2024 16:20:22 +0700 Subject: [PATCH 20/69] chore: removing unused ports rules & fix ports --- host_vars/bkk07.yaml | 56 +----------------------------- host_vars/rpc-people-paseo-01.yaml | 5 +-- 2 files changed, 4 insertions(+), 57 deletions(-) diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index fbc8ff1..a8f4237 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -632,12 +632,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-asset-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-asset-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-asset-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-polkadot-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-bridge-hub-polkadot-02" proxmox_config: vmid: "310202" @@ -667,12 +661,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-bridge-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-polkadot-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-bridge-hub-westend-02" proxmox_config: vmid: "330202" @@ -702,12 +690,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-bridge-hub-westend-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-westend-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-westend-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-westend-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-collectives-polkadot-02" proxmox_config: vmid: "310702" @@ -737,12 +719,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-collectives-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-collectives-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-collectives-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-collectives-polkadot-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-collectives-westend-02" proxmox_config: vmid: "330702" @@ -772,12 +748,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-collectives-westend-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-collectives-westend-02']['container_ip'] }}:{{ hostvars['rpc-collectives-westend-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-collectives-westend-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-collectives-westend-02']['container_ip'] }}:{{ hostvars['rpc-collectives-westend-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-collectives-westend-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-collectives-westend-02']['container_ip'] }}:{{ hostvars['rpc-collectives-westend-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-coretime-polkadot-02" proxmox_config: vmid: "310402" @@ -807,12 +777,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-coretime-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-coretime-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-coretime-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-coretime-polkadot-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "rpc-coretime-westend-02" proxmox_config: vmid: "33052" @@ -993,12 +957,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port_wss'] }}" - protocol: "tcp" # - host: "rpc-bridge-hub-kusama-02" # proxmox_config: # vmid: "320202" @@ -1185,12 +1143,6 @@ lxc_nodes: - from_port: "{{ hostvars['val-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['val-polkadot-02']['container_ip'] }}:{{ hostvars['val-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['val-polkadot-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['val-polkadot-02']['container_ip'] }}:{{ hostvars['val-polkadot-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['val-polkadot-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['val-polkadot-02']['container_ip'] }}:{{ hostvars['val-polkadot-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "val-kusama-02" proxmox_config: vmid: "32022" @@ -1220,12 +1172,6 @@ lxc_nodes: - from_port: "{{ hostvars['val-kusama-02']['default_p2p_port'] }}" to_host: "{{ hostvars['val-kusama-02']['container_ip'] }}:{{ hostvars['val-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - - from_port: "{{ hostvars['val-kusama-02']['default_p2p_port_ws'] }}" - to_host: "{{ hostvars['val-kusama-02']['container_ip'] }}:{{ hostvars['val-kusama-02']['default_p2p_port_ws'] }}" - protocol: "tcp" - - from_port: "{{ hostvars['val-kusama-02']['default_p2p_port_wss'] }}" - to_host: "{{ hostvars['val-kusama-02']['container_ip'] }}:{{ hostvars['val-kusama-02']['default_p2p_port_wss'] }}" - protocol: "tcp" - host: "ibp-bkk07" proxmox_config: vmid: "996" @@ -1328,7 +1274,7 @@ lxc_nodes: protocol: "tcp" - host: "proxy-bkk07" proxmox_config: - vmid: "992" + vmid: "993" hostname: "{{ hostvars['proxy-bkk07']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" netif: "{{ hostvars['proxy-bkk07']['netif'] }}" diff --git a/host_vars/rpc-people-paseo-01.yaml b/host_vars/rpc-people-paseo-01.yaml index 6ca06ec..24facaf 100644 --- a/host_vars/rpc-people-paseo-01.yaml +++ b/host_vars/rpc-people-paseo-01.yaml @@ -22,8 +22,9 @@ zabbix_ext_port: 10966 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -default_p2p_port: 34041 -default_bootnode_p2p_port: 34041 +#dont change p2p port +default_p2p_port: 30433 +default_bootnode_p2p_port: 30433 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9400 From cd4819b95a5b1d25c01f454f336281a0d20367f8 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 21 Nov 2024 19:27:01 +0700 Subject: [PATCH 21/69] chore: interbtc->dockers --- bkk07 | 2 +- host_vars/bkk07.yaml | 14 +++++++------- host_vars/{interbtc.yaml => dockers.yaml} | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) rename host_vars/{interbtc.yaml => dockers.yaml} (93%) diff --git a/bkk07 b/bkk07 index 7481a72..e445dfe 100644 --- a/bkk07 +++ b/bkk07 @@ -21,7 +21,7 @@ haproxy-bkk07 [misc-container] build-node-07 -interbtc +dockers proxy-bkk07 [proxmox_vms:children] diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index a8f4237..8a5d132 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1247,12 +1247,12 @@ lxc_nodes: - from_port: "{{ hostvars['build-node-07']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" - - host: "interbtc" + - host: "dockers" proxmox_config: vmid: "992" - hostname: "{{ hostvars['interbtc']['host_name'] }}" + hostname: "{{ hostvars['dockers']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['interbtc']['netif'] }}" + netif: "{{ hostvars['dockers']['netif'] }}" cores: 1 memory: 4000 swap: 256 @@ -1261,15 +1261,15 @@ lxc_nodes: onboot: True unprivileged: True validate_certs: False - description: "{{ hostvars['interbtc']['host_name'] }}" + description: "{{ hostvars['dockers']['host_name'] }}" state: present features: - nesting=1 port_forwards: - - from_port: "{{ hostvars['interbtc']['ansible_port'] }}" - to_host: "{{ hostvars['interbtc']['container_ip'] }}:{{ ssh_port }}" + - from_port: "{{ hostvars['dockers']['ansible_port'] }}" + to_host: "{{ hostvars['dockers']['container_ip'] }}:{{ ssh_port }}" protocol: "tcp" - - from_port: "{{ hostvars['interbtc']['zabbix_ext_port'] }}" + - from_port: "{{ hostvars['dockers']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" - host: "proxy-bkk07" diff --git a/host_vars/interbtc.yaml b/host_vars/dockers.yaml similarity index 93% rename from host_vars/interbtc.yaml rename to host_vars/dockers.yaml index cff71ce..66f0715 100644 --- a/host_vars/interbtc.yaml +++ b/host_vars/dockers.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.77.92" ansible_port: 2992 -host_name: "inter-btc" +host_name: "dockers" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' pinned_service: False From 6045042c4ad4def02cf6bacdee96e9c2a06d1592 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 25 Nov 2024 17:12:47 +0700 Subject: [PATCH 22/69] chore: update validator templates & add haproxy-bkk06 --- bkk06 | 3 + host_vars/bkk06.yaml | 95 ++++++++++++------- host_vars/haproxy-bkk06.yaml | 11 +++ .../templates/validator.service.j2 | 3 +- 4 files changed, 75 insertions(+), 37 deletions(-) create mode 100644 host_vars/haproxy-bkk06.yaml diff --git a/bkk06 b/bkk06 index 0e89240..cb0b527 100644 --- a/bkk06 +++ b/bkk06 @@ -16,6 +16,9 @@ polkadot [routers] bkk50 +[haproxy] +haproxy-bkk06 + [hydration] hdx26 diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index c1bc4bc..94239d2 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1650,38 +1650,63 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" protocol: "tcp" -# - host: "rpc-paseo-01" -# proxmox_config: -# vmid: "340001" -# hostname: "{{ hostvars['rpc-paseo-01']['host_name'] }}" -# ostemplate: "local:vztmpl/{{ default_container_template }}" -# netif: "{{ hostvars['rpc-paseo-01']['netif'] }}" -# cores: 4 -# memory: 16384 -# swap: 8192 -# password: "{{ default_password }}" -# disk: "{{ zfs_storage }}:20" -# mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' -# onboot: True -# unprivileged: True -# validate_certs: False -# description: "{{ hostvars['rpc-paseo-01']['default_network'] }} {{ hostvars['rpc-paseo-01']['default_node_type'] }}: {{ hostvars['rpc-paseo-01']['host_name'] }}" -# state: present -# features: -# - nesting=1 -# port_forwards: -# - from_port: "{{ hostvars['rpc-paseo-01']['ansible_port'] }}" -# to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:22" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-paseo-01']['zabbix_ext_port'] }}" -# to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" -# to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" -# to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" -# protocol: "tcp" -# - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" -# to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" -# protocol: "tcp" + # - host: "rpc-paseo-01" + # proxmox_config: + # vmid: "340001" + # hostname: "{{ hostvars['rpc-paseo-01']['host_name'] }}" + # ostemplate: "local:vztmpl/{{ default_container_template }}" + # netif: "{{ hostvars['rpc-paseo-01']['netif'] }}" + # cores: 4 + # memory: 16384 + # swap: 8192 + # password: "{{ default_password }}" + # disk: "{{ zfs_storage }}:20" + # mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' + # onboot: True + # unprivileged: True + # validate_certs: False + # description: "{{ hostvars['rpc-paseo-01']['default_network'] }} {{ hostvars['rpc-paseo-01']['default_node_type'] }}: {{ hostvars['rpc-paseo-01']['host_name'] }}" + # state: present + # features: + # - nesting=1 + # port_forwards: + # - from_port: "{{ hostvars['rpc-paseo-01']['ansible_port'] }}" + # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:22" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-paseo-01']['zabbix_ext_port'] }}" + # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" + # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" + # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" + # protocol: "tcp" + # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" + # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" + # protocol: "tcp" + - host: "haproxy-bkk06" + proxmox_config: + vmid: "9916" + hostname: "{{ hostvars['haproxy-bkk06']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['haproxy-bkk06']['netif'] }}" + cores: 8 + memory: 4000 + swap: 256 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:60" + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['haproxy-bkk06']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['haproxy-bkk06']['ansible_port'] }}" + to_host: "{{ hostvars['haproxy-bkk06']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['haproxy-bkk06']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" diff --git a/host_vars/haproxy-bkk06.yaml b/host_vars/haproxy-bkk06.yaml new file mode 100644 index 0000000..5c40fb8 --- /dev/null +++ b/host_vars/haproxy-bkk06.yaml @@ -0,0 +1,11 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.76.91" +ansible_port: 2961 +host_name: "haproxy-bkk06" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: +pinned_service: False +default_node_type: +zabbix_ext_port: 10961 diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index 30658bd..9437a6b 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -28,8 +28,7 @@ ExecStart={{ default_base_path }}/polkadot \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ host_name }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ host_name }}/tcp/{{ default_p2p_port_wss }}/wss \ + --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port_ws }}/ws \ --prometheus-port {{ default_prom_port }} \ --prometheus-external \ --wasm-execution compiled \ From 9415c302fc7521d342eeb81f6d5d27056da8f033 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 27 Nov 2024 18:10:14 +0700 Subject: [PATCH 23/69] chore: added extra flags for validator & endpoint .service templates --- roles/setup_install_cumulus/templates/endpoint.service.j2 | 4 ++++ roles/setup_install_polkadot/templates/endpoint.service.j2 | 4 ++++ roles/setup_install_polkadot/templates/validator.service.j2 | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/roles/setup_install_cumulus/templates/endpoint.service.j2 b/roles/setup_install_cumulus/templates/endpoint.service.j2 index 2968aa0..82854f3 100644 --- a/roles/setup_install_cumulus/templates/endpoint.service.j2 +++ b/roles/setup_install_cumulus/templates/endpoint.service.j2 @@ -39,6 +39,10 @@ ExecStart={{ default_base_path }}/cumulus \ --rpc-external \ --rpc-methods safe \ --rpc-cors all \ + --in-peers 32 \ + --out-peers 16 \ + --no-mdns \ + --no-private-ip \ --allow-private-ipv4 Restart=always diff --git a/roles/setup_install_polkadot/templates/endpoint.service.j2 b/roles/setup_install_polkadot/templates/endpoint.service.j2 index b812dca..cfd272f 100644 --- a/roles/setup_install_polkadot/templates/endpoint.service.j2 +++ b/roles/setup_install_polkadot/templates/endpoint.service.j2 @@ -37,6 +37,10 @@ ExecStart={{ default_base_path }}/polkadot \ --rpc-max-response-size 16 \ --rpc-max-subscriptions-per-connection 1024 \ --rpc-max-connections 10000 \ + --in-peers 32 \ + --out-peers 16 \ + --no-mdns \ + --no-private-ip \ --allow-private-ipv4 Restart=always diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index 9437a6b..5cb19ef 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -35,6 +35,10 @@ ExecStart={{ default_base_path }}/polkadot \ --pruning 1000 \ --workers-path {{ default_auxiliary_binary_path }} \ --db-cache {{ ansible_memtotal_mb // 2 }} \ + --in-peers 32 \ + --out-peers 16 \ + --no-mdns \ + --no-private-ip \ --sync {{ default_syncmode }} [Install] From 2b29eefc41e6d4a58f3fd664e71c0f40d5eb9a35 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 27 Nov 2024 20:12:10 +0700 Subject: [PATCH 24/69] chore: remove --private-ip flag --- roles/setup_install_cumulus/templates/endpoint.service.j2 | 4 +--- roles/setup_install_polkadot/templates/endpoint.service.j2 | 4 +--- roles/setup_install_polkadot/templates/validator.service.j2 | 1 - 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/roles/setup_install_cumulus/templates/endpoint.service.j2 b/roles/setup_install_cumulus/templates/endpoint.service.j2 index 82854f3..2235eff 100644 --- a/roles/setup_install_cumulus/templates/endpoint.service.j2 +++ b/roles/setup_install_cumulus/templates/endpoint.service.j2 @@ -41,9 +41,7 @@ ExecStart={{ default_base_path }}/cumulus \ --rpc-cors all \ --in-peers 32 \ --out-peers 16 \ - --no-mdns \ - --no-private-ip \ - --allow-private-ipv4 + --no-mdns Restart=always RestartSec=120 diff --git a/roles/setup_install_polkadot/templates/endpoint.service.j2 b/roles/setup_install_polkadot/templates/endpoint.service.j2 index cfd272f..17f08e0 100644 --- a/roles/setup_install_polkadot/templates/endpoint.service.j2 +++ b/roles/setup_install_polkadot/templates/endpoint.service.j2 @@ -39,9 +39,7 @@ ExecStart={{ default_base_path }}/polkadot \ --rpc-max-connections 10000 \ --in-peers 32 \ --out-peers 16 \ - --no-mdns \ - --no-private-ip \ - --allow-private-ipv4 + --no-mdns Restart=always RestartSec=120 diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index 5cb19ef..39aef0d 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -38,7 +38,6 @@ ExecStart={{ default_base_path }}/polkadot \ --in-peers 32 \ --out-peers 16 \ --no-mdns \ - --no-private-ip \ --sync {{ default_syncmode }} [Install] From 112557c9e741edc59bca0a33b6a3c72528fd5979 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 28 Nov 2024 13:44:01 +0700 Subject: [PATCH 25/69] chore: parameterized in/out-peers & inpeers for val = 64 --- group_vars/cumulus.yaml | 15 +++++++------ group_vars/polkadot.yaml | 22 +++++++++---------- host_vars/val-kusama-01.yaml | 2 ++ host_vars/val-kusama-02.yaml | 2 ++ host_vars/val-polkadot-01.yaml | 2 ++ host_vars/val-polkadot-02.yaml | 2 ++ .../templates/endpoint.service.j2 | 4 ++-- .../templates/endpoint.service.j2 | 4 ++-- .../templates/validator.service.j2 | 4 ++-- 9 files changed, 32 insertions(+), 25 deletions(-) diff --git a/group_vars/cumulus.yaml b/group_vars/cumulus.yaml index 1bc72f2..f1b24c1 100644 --- a/group_vars/cumulus.yaml +++ b/group_vars/cumulus.yaml @@ -1,12 +1,11 @@ default_base_path: /opt/cumulus -default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ - default_network }}.json +default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ default_network }}.json default_client_version: polkadot-stable2409-2 default_database: paritydb -default_database_path: '{{ default_base_path }}/chains' +default_database_path: "{{ default_base_path }}/chains" default_download_base_url: https://github.com/paritytech/polkadot-sdk/releases/download/ -default_download_url: '{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain' -default_group: '{{ service_users[''cumulus''] }}' +default_download_url: "{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain" +default_group: "{{ service_users['cumulus'] }}" default_log_level: info default_network: asset-hub-polkadot default_node_type: bootnode @@ -16,8 +15,10 @@ default_p2p_port_wss: 30435 default_prom_port: 7400 default_rpc_port: 9400 default_secure_rpc_port: 42400 +default_in_peers: 32 +default_out_peers: 16 default_service: cumulus -default_storage: '{{ default_base_path }}/chains' +default_storage: "{{ default_base_path }}/chains" default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 -default_user: '{{ service_users[''cumulus''] }}' +default_user: "{{ service_users['cumulus'] }}" zabbix_ext_port: 10400 diff --git a/group_vars/polkadot.yaml b/group_vars/polkadot.yaml index 4295056..7788335 100644 --- a/group_vars/polkadot.yaml +++ b/group_vars/polkadot.yaml @@ -1,20 +1,16 @@ default_auxiliary_binary_path: /usr/libexec default_base_path: /opt/polkadot -default_chain_spec: '{{ default_base_path }}/{{ default_network }}.json' -default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/polkadot/node/service/chain-specs/{{ - default_network }}.json +default_chain_spec: "{{ default_base_path }}/{{ default_network }}.json" +default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/polkadot/node/service/chain-specs/{{ default_network }}.json default_client_version: polkadot-stable2409-2 default_database: paritydb default_database_path: /opt/polkadot/chains default_download_base_url: https://github.com/paritytech/polkadot-sdk/releases/download/ -default_download_polkadotSHA256: https://github.com/paritytech/polkadot-sdk/releases/download/{{ - default_client_version }}/polkadot.sha256 -default_download_url: '{{ default_download_base_url }}{{ default_client_version }}/polkadot' -default_download_url_execute: '{{ default_download_base_url }}{{ default_client_version - }}/polkadot-execute-worker' -default_download_url_prepare: '{{ default_download_base_url }}{{ default_client_version - }}/polkadot-prepare-worker' -default_group: '{{ service_users[''polkadot''] }}' +default_download_polkadotSHA256: https://github.com/paritytech/polkadot-sdk/releases/download/{{ default_client_version }}/polkadot.sha256 +default_download_url: "{{ default_download_base_url }}{{ default_client_version }}/polkadot" +default_download_url_execute: "{{ default_download_base_url }}{{ default_client_version }}/polkadot-execute-worker" +default_download_url_prepare: "{{ default_download_base_url }}{{ default_client_version }}/polkadot-prepare-worker" +default_group: "{{ service_users['polkadot'] }}" default_inet_p2p_port: 30333 default_inet_p2p_port_ws: 30334 default_log_level: info @@ -26,9 +22,11 @@ default_p2p_port_wss: 30335 default_prom_port: 7090 default_rpc_para_port: 9955 default_secure_rpc_port: 42100 +default_in_peers: 32 +default_out_peers: 16 default_service: polkadot default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 -default_user: '{{ service_users[''polkadot''] }}' +default_user: "{{ service_users['polkadot'] }}" inet_p2p_port: 30333 inet_p2p_port_ws: 30334 inet_rpc_port: 9944 diff --git a/host_vars/val-kusama-01.yaml b/host_vars/val-kusama-01.yaml index abb5a8e..8d5bf67 100644 --- a/host_vars/val-kusama-01.yaml +++ b/host_vars/val-kusama-01.yaml @@ -19,5 +19,7 @@ default_p2p_port: 33125 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9125 +default_in_peers: 64 +default_out_peers: 16 default_secure_rpc_port: 42125 zabbix_ext_port: 10125 diff --git a/host_vars/val-kusama-02.yaml b/host_vars/val-kusama-02.yaml index d229e46..c71577c 100644 --- a/host_vars/val-kusama-02.yaml +++ b/host_vars/val-kusama-02.yaml @@ -19,5 +19,7 @@ default_p2p_port: 32022 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9300 +default_in_peers: 64 +default_out_peers: 16 default_secure_rpc_port: 42725 zabbix_ext_port: 10725 diff --git a/host_vars/val-polkadot-01.yaml b/host_vars/val-polkadot-01.yaml index 4cf5130..e4b490b 100644 --- a/host_vars/val-polkadot-01.yaml +++ b/host_vars/val-polkadot-01.yaml @@ -19,5 +19,7 @@ default_p2p_port: 33115 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9115 +default_in_peers: 64 +default_out_peers: 16 default_secure_rpc_port: 42115 zabbix_ext_port: 10115 diff --git a/host_vars/val-polkadot-02.yaml b/host_vars/val-polkadot-02.yaml index 958c008..9767474 100644 --- a/host_vars/val-polkadot-02.yaml +++ b/host_vars/val-polkadot-02.yaml @@ -19,5 +19,7 @@ default_p2p_port: 31022 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9300 +default_in_peers: 64 +default_out_peers: 16 default_secure_rpc_port: 42715 zabbix_ext_port: 10715 diff --git a/roles/setup_install_cumulus/templates/endpoint.service.j2 b/roles/setup_install_cumulus/templates/endpoint.service.j2 index 2235eff..a309359 100644 --- a/roles/setup_install_cumulus/templates/endpoint.service.j2 +++ b/roles/setup_install_cumulus/templates/endpoint.service.j2 @@ -39,8 +39,8 @@ ExecStart={{ default_base_path }}/cumulus \ --rpc-external \ --rpc-methods safe \ --rpc-cors all \ - --in-peers 32 \ - --out-peers 16 \ + --in-peers {{ default_in_peers }} \ + --out-peers {{ default_out_peers }} \ --no-mdns Restart=always diff --git a/roles/setup_install_polkadot/templates/endpoint.service.j2 b/roles/setup_install_polkadot/templates/endpoint.service.j2 index 17f08e0..0ca33e8 100644 --- a/roles/setup_install_polkadot/templates/endpoint.service.j2 +++ b/roles/setup_install_polkadot/templates/endpoint.service.j2 @@ -37,8 +37,8 @@ ExecStart={{ default_base_path }}/polkadot \ --rpc-max-response-size 16 \ --rpc-max-subscriptions-per-connection 1024 \ --rpc-max-connections 10000 \ - --in-peers 32 \ - --out-peers 16 \ + --in-peers {{ default_in_peers }} \ + --out-peers {{ default_out_peers }} \ --no-mdns Restart=always diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index 39aef0d..b807495 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -35,8 +35,8 @@ ExecStart={{ default_base_path }}/polkadot \ --pruning 1000 \ --workers-path {{ default_auxiliary_binary_path }} \ --db-cache {{ ansible_memtotal_mb // 2 }} \ - --in-peers 32 \ - --out-peers 16 \ + --in-peers {{ default_in_peers }} \ + --out-peers {{ default_out_peers }} \ --no-mdns \ --sync {{ default_syncmode }} From d171f5c7416fbffe6e08d0a0d82c44fa41fac35e Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 28 Nov 2024 18:52:47 +0700 Subject: [PATCH 26/69] chore: update out-peers =64 for ksm & dot val --- host_vars/val-kusama-01.yaml | 2 +- host_vars/val-kusama-02.yaml | 2 +- host_vars/val-polkadot-01.yaml | 2 +- host_vars/val-polkadot-02.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/host_vars/val-kusama-01.yaml b/host_vars/val-kusama-01.yaml index 8d5bf67..b2db15e 100644 --- a/host_vars/val-kusama-01.yaml +++ b/host_vars/val-kusama-01.yaml @@ -20,6 +20,6 @@ default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9125 default_in_peers: 64 -default_out_peers: 16 +default_out_peers: 64 default_secure_rpc_port: 42125 zabbix_ext_port: 10125 diff --git a/host_vars/val-kusama-02.yaml b/host_vars/val-kusama-02.yaml index c71577c..3e04093 100644 --- a/host_vars/val-kusama-02.yaml +++ b/host_vars/val-kusama-02.yaml @@ -20,6 +20,6 @@ default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9300 default_in_peers: 64 -default_out_peers: 16 +default_out_peers: 64 default_secure_rpc_port: 42725 zabbix_ext_port: 10725 diff --git a/host_vars/val-polkadot-01.yaml b/host_vars/val-polkadot-01.yaml index e4b490b..b9dafcd 100644 --- a/host_vars/val-polkadot-01.yaml +++ b/host_vars/val-polkadot-01.yaml @@ -20,6 +20,6 @@ default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9115 default_in_peers: 64 -default_out_peers: 16 +default_out_peers: 64 default_secure_rpc_port: 42115 zabbix_ext_port: 10115 diff --git a/host_vars/val-polkadot-02.yaml b/host_vars/val-polkadot-02.yaml index 9767474..dac7af8 100644 --- a/host_vars/val-polkadot-02.yaml +++ b/host_vars/val-polkadot-02.yaml @@ -20,6 +20,6 @@ default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 default_rpc_port: 9300 default_in_peers: 64 -default_out_peers: 16 +default_out_peers: 64 default_secure_rpc_port: 42715 zabbix_ext_port: 10715 From 0debac3d396a3cf146dad528d05d57cea95762c7 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 3 Dec 2024 15:15:01 +0700 Subject: [PATCH 27/69] chore: added new configs --- host_vars/rpc-asset-hub-kusama-02.yaml | 26 ++++++++++++++---------- host_vars/rpc-asset-hub-polkadot-01.yaml | 6 +++--- host_vars/rpc-encointer-kusama-02.yaml | 23 +++++++++++++-------- host_vars/rpc-kusama-02.yaml | 13 ++++++------ host_vars/rpc-polkadot-01.yaml | 5 +++++ host_vars/rpc-westend-01.yaml | 5 +++++ 6 files changed, 48 insertions(+), 30 deletions(-) diff --git a/host_vars/rpc-asset-hub-kusama-02.yaml b/host_vars/rpc-asset-hub-kusama-02.yaml index c376b62..5e50041 100644 --- a/host_vars/rpc-asset-hub-kusama-02.yaml +++ b/host_vars/rpc-asset-hub-kusama-02.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.24" -ansible_port: 2624 -host_name: "rpc-asset-hub-kusama-02.rotko.net" +container_ip: "192.168.122.11" +ansible_port: 2622 +host_name: "rpc-asset-hub-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" @@ -16,15 +16,19 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] } default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" +default_p2p_port: 32012 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" - -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_bootnode_p2p_port: 32012 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_rpc_port: 9300 -default_secure_rpc_port: 42624 -default_prom_port: 7624 +transition_bootnode_domain: "mine14.rotko.net" +transition_bootnode_p2p_port: "33524" +transition_bootnode_p2p_port_ws: "34524" +transition_bootnode_p2p_port_wss: "35524" + +default_rpc_port: 9400 +default_prom_port: 7400 + +default_secure_rpc_port: 42622 zabbix_ext_port: 10624 diff --git a/host_vars/rpc-asset-hub-polkadot-01.yaml b/host_vars/rpc-asset-hub-polkadot-01.yaml index 641d379..f1ef8af 100644 --- a/host_vars/rpc-asset-hub-polkadot-01.yaml +++ b/host_vars/rpc-asset-hub-polkadot-01.yaml @@ -19,9 +19,9 @@ zabbix_ext_port: 10611 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "mint14.rotko.net" -transition_bootnode_p2p_port: "33514" -transition_bootnode_p2p_port_ws: "34514" -transition_bootnode_p2p_port_wss: "35514" +transition_bootnode_p2p_port: 33514 +transition_bootnode_p2p_port_ws: 34514 +transition_bootnode_p2p_port_wss: 35514 default_p2p_port: 31011 default_bootnode_p2p_port: 31011 diff --git a/host_vars/rpc-encointer-kusama-02.yaml b/host_vars/rpc-encointer-kusama-02.yaml index 61da48c..7578e03 100644 --- a/host_vars/rpc-encointer-kusama-02.yaml +++ b/host_vars/rpc-encointer-kusama-02.yaml @@ -1,31 +1,36 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.20" +container_ip: "192.168.122.16" ansible_port: 2602 -host_name: "rpc-encointer-kusama-02.rotko.net" +host_name: "rpc-encointer-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "encointer" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" -default_database: paritydb # to be replaced with paritydb +default_database: rocksdb default_syncmode: full + default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +transition_bootnode_domain: "enc14.rotko.net" +transition_bootnode_p2p_port: 33504 +transition_bootnode_p2p_port_ws: 34504 +transition_bootnode_p2p_port_wss: 35504 + +default_p2p_port: 32062 +default_bootnode_p2p_port: 32062 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_rpc_port: 9300 +default_rpc_port: 9400 +default_prom_port: 7400 default_secure_rpc_port: 42602 -default_prom_port: 7602 zabbix_ext_port: 10602 diff --git a/host_vars/rpc-kusama-02.yaml b/host_vars/rpc-kusama-02.yaml index 408fa92..c1785cf 100644 --- a/host_vars/rpc-kusama-02.yaml +++ b/host_vars/rpc-kusama-02.yaml @@ -2,10 +2,10 @@ ansible_host: "160.22.181.181" container_ip: "192.168.77.22" ansible_port: 2322 -host_name: "rpc-kusama-02.rotko.net" +host_name: "rpc-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' -role: "kusama" +role: "polkadot" pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" @@ -23,13 +23,12 @@ default_syncmode: "full" default_p2p_port: 33322 default_p2p_port_ws: 34322 default_p2p_port_wss: 35322 +default_bootnode_p2p_port: 30433 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9322 default_secure_rpc_port: 42322 default_prom_port: 7322 zabbix_ext_port: 10322 -# default_bootnode_domain: "boot-{{ default_network }}.rotko.net" -default_bootnode_domain: "ksm14.rotko.net" -default_bootnode_p2p_port: "{{ default_p2p_port + 10500 }}" -default_bootnode_p2p_port_ws: "{{ default_p2p_port_ws + 10500 }}" -default_bootnode_p2p_port_wss: "{{ default_p2p_port_wss + 10500 }}" +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" diff --git a/host_vars/rpc-polkadot-01.yaml b/host_vars/rpc-polkadot-01.yaml index 500231c..3526b4d 100644 --- a/host_vars/rpc-polkadot-01.yaml +++ b/host_vars/rpc-polkadot-01.yaml @@ -30,6 +30,11 @@ default_bootnode_p2p_port: 31001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 +transition_bootnode_domain: "dot14.rotko.net" +transition_bootnode_p2p_port: 33214 +transition_bootnode_p2p_port_ws: 34214 +transition_bootnode_p2p_port_wss: 35214 + default_rpc_port: 9300 default_prom_port: 7300 diff --git a/host_vars/rpc-westend-01.yaml b/host_vars/rpc-westend-01.yaml index c1805c0..8f03cc4 100644 --- a/host_vars/rpc-westend-01.yaml +++ b/host_vars/rpc-westend-01.yaml @@ -30,6 +30,11 @@ default_bootnode_p2p_port: 33001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 +transition_bootnode_domain: "wnd14.rotko.net" +transition_bootnode_p2p_port: 33234 +transition_bootnode_p2p_port_ws: 34234 +transition_bootnode_p2p_port_wss: 35234 + default_rpc_port: 9300 default_prom_port: 7300 From d3e8d4ab9b9ad0ad158f6554e0a285f5eb14d139 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 3 Dec 2024 15:42:02 +0700 Subject: [PATCH 28/69] chore: added new ct configs --- host_vars/rpc-asset-hub-kusama-01.yaml | 2 +- host_vars/rpc-asset-hub-kusama-02.yaml | 6 +++--- host_vars/rpc-asset-hub-polkadot-01.yaml | 2 +- host_vars/rpc-asset-hub-westend-01.yaml | 10 +++++----- host_vars/rpc-bridge-hub-kusama-02.yaml | 19 ++++++++++--------- host_vars/rpc-bridge-hub-polkadot-01.yaml | 10 +++++----- host_vars/rpc-bridge-hub-westend-01.yaml | 10 +++++----- host_vars/rpc-collectives-polkadot-01.yaml | 8 ++++---- host_vars/rpc-collectives-westend-01.yaml | 8 ++++---- host_vars/rpc-encointer-kusama-01.yaml | 4 ++-- host_vars/rpc-encointer-kusama-02.yaml | 2 +- host_vars/rpc-people-polkadot-02.yaml | 2 +- 12 files changed, 42 insertions(+), 41 deletions(-) diff --git a/host_vars/rpc-asset-hub-kusama-01.yaml b/host_vars/rpc-asset-hub-kusama-01.yaml index 3bf3cae..90d9af8 100644 --- a/host_vars/rpc-asset-hub-kusama-01.yaml +++ b/host_vars/rpc-asset-hub-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-asset-hub-kusama-02.yaml b/host_vars/rpc-asset-hub-kusama-02.yaml index 5e50041..b29d87d 100644 --- a/host_vars/rpc-asset-hub-kusama-02.yaml +++ b/host_vars/rpc-asset-hub-kusama-02.yaml @@ -23,9 +23,9 @@ default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 transition_bootnode_domain: "mine14.rotko.net" -transition_bootnode_p2p_port: "33524" -transition_bootnode_p2p_port_ws: "34524" -transition_bootnode_p2p_port_wss: "35524" +transition_bootnode_p2p_port: 33524 +transition_bootnode_p2p_port_ws: 34524 +transition_bootnode_p2p_port_wss: 35524 default_rpc_port: 9400 default_prom_port: 7400 diff --git a/host_vars/rpc-asset-hub-polkadot-01.yaml b/host_vars/rpc-asset-hub-polkadot-01.yaml index f1ef8af..79f4c4a 100644 --- a/host_vars/rpc-asset-hub-polkadot-01.yaml +++ b/host_vars/rpc-asset-hub-polkadot-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: asset-hub-polkadot -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-asset-hub-westend-01.yaml b/host_vars/rpc-asset-hub-westend-01.yaml index afbe8ba..c3892a9 100644 --- a/host_vars/rpc-asset-hub-westend-01.yaml +++ b/host_vars/rpc-asset-hub-westend-01.yaml @@ -11,18 +11,18 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "wmint14.rotko.net" -transition_bootnode_p2p_port: "33534" -transition_bootnode_p2p_port_ws: "34534" -transition_bootnode_p2p_port_wss: "35534" +transition_bootnode_p2p_port: 33534 +transition_bootnode_p2p_port_ws: 34534 +transition_bootnode_p2p_port_wss: 35534 default_p2p_port: 33011 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 33011 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 diff --git a/host_vars/rpc-bridge-hub-kusama-02.yaml b/host_vars/rpc-bridge-hub-kusama-02.yaml index 14aaf17..2a3470c 100644 --- a/host_vars/rpc-bridge-hub-kusama-02.yaml +++ b/host_vars/rpc-bridge-hub-kusama-02.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.26" +container_ip: "192.168.122.12" ansible_port: 2652 -host_name: "rpc-bridge-hub-kusama-02.rotko.net" +host_name: "rpc-bridge-hub-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" @@ -16,15 +16,16 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] } default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "kbr13.rotko.net" +transition_bootnode_p2p_port: 33553 +transition_bootnode_p2p_port_ws: 34553 +transition_bootnode_p2p_port_wss: 35553 -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_p2p_port: 32022 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 32022 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_rpc_port: 9300 default_secure_rpc_port: 42652 -default_prom_port: 7652 zabbix_ext_port: 10652 diff --git a/host_vars/rpc-bridge-hub-polkadot-01.yaml b/host_vars/rpc-bridge-hub-polkadot-01.yaml index 4b55ee1..a1bb9e7 100644 --- a/host_vars/rpc-bridge-hub-polkadot-01.yaml +++ b/host_vars/rpc-bridge-hub-polkadot-01.yaml @@ -11,19 +11,19 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-polkadot" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" zabbix_ext_port: 10641 -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "pbr13.rotko.net" -transition_bootnode_p2p_port: "33543" -transition_bootnode_p2p_port_ws: "34543" -transition_bootnode_p2p_port_wss: "35543" +transition_bootnode_p2p_port: 33543 +transition_bootnode_p2p_port_ws: 34543 +transition_bootnode_p2p_port_wss: 35543 default_p2p_port: 31021 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 31021 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 diff --git a/host_vars/rpc-bridge-hub-westend-01.yaml b/host_vars/rpc-bridge-hub-westend-01.yaml index 8e1ebf2..7b755e6 100644 --- a/host_vars/rpc-bridge-hub-westend-01.yaml +++ b/host_vars/rpc-bridge-hub-westend-01.yaml @@ -11,19 +11,19 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" zabbix_ext_port: 10661 -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "wbr13.rotko.net" -transition_bootnode_p2p_port: "33563" -transition_bootnode_p2p_port_ws: "34563" -transition_bootnode_p2p_port_wss: "35563" +transition_bootnode_p2p_port: 33563 +transition_bootnode_p2p_port_ws: 34563 +transition_bootnode_p2p_port_wss: 35563 default_p2p_port: 33021 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 33021 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 diff --git a/host_vars/rpc-collectives-polkadot-01.yaml b/host_vars/rpc-collectives-polkadot-01.yaml index f62f7d9..c825fa8 100644 --- a/host_vars/rpc-collectives-polkadot-01.yaml +++ b/host_vars/rpc-collectives-polkadot-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: collectives-polkadot -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" @@ -19,9 +19,9 @@ zabbix_ext_port: 10671 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "pch16.rotko.net" -transition_bootnode_p2p_port: "33576" -transition_bootnode_p2p_port_ws: "34576" -transition_bootnode_p2p_port_wss: "35576" +transition_bootnode_p2p_port: 33576 +transition_bootnode_p2p_port_ws: 34576 +transition_bootnode_p2p_port_wss: 35576 default_p2p_port: 31031 default_bootnode_p2p_port: 31031 diff --git a/host_vars/rpc-collectives-westend-01.yaml b/host_vars/rpc-collectives-westend-01.yaml index 605aace..311188c 100644 --- a/host_vars/rpc-collectives-westend-01.yaml +++ b/host_vars/rpc-collectives-westend-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "collectives-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" @@ -19,9 +19,9 @@ zabbix_ext_port: 10691 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" transition_bootnode_domain: "wch13.rotko.net" -transition_bootnode_p2p_port: "33593" -transition_bootnode_p2p_port_ws: "34593" -transition_bootnode_p2p_port_wss: "35593" +transition_bootnode_p2p_port: 33593 +transition_bootnode_p2p_port_ws: 34593 +transition_bootnode_p2p_port_wss: 35593 default_p2p_port: 33031 default_bootnode_p2p_port: 33031 diff --git a/host_vars/rpc-encointer-kusama-01.yaml b/host_vars/rpc-encointer-kusama-01.yaml index c2a071d..7615fb2 100644 --- a/host_vars/rpc-encointer-kusama-01.yaml +++ b/host_vars/rpc-encointer-kusama-01.yaml @@ -2,13 +2,13 @@ ansible_host: "160.22.181.181" container_ip: "192.168.121.16" ansible_port: 2601 -host_name: "rpc-encointer-kusama-01.rotko.net" +host_name: "rpc-encointer-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "encointer" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" diff --git a/host_vars/rpc-encointer-kusama-02.yaml b/host_vars/rpc-encointer-kusama-02.yaml index 7578e03..fa94792 100644 --- a/host_vars/rpc-encointer-kusama-02.yaml +++ b/host_vars/rpc-encointer-kusama-02.yaml @@ -15,7 +15,7 @@ default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ host default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" -default_database: rocksdb +default_database: paritydb default_syncmode: full default_bootnode_domain: "{{ default_network }}.boot.rotko.net" diff --git a/host_vars/rpc-people-polkadot-02.yaml b/host_vars/rpc-people-polkadot-02.yaml index eb8835a..afc8775 100644 --- a/host_vars/rpc-people-polkadot-02.yaml +++ b/host_vars/rpc-people-polkadot-02.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "people-polkadot" default_chain_spec: "{{ default_base_path }}/people-polkadot.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-polkadot.json" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" From c7303620df47773e0a77bc59acc6ef107c0494b6 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 3 Dec 2024 17:25:18 +0700 Subject: [PATCH 29/69] chore: added new ct configs --- bkk06 | 12 ++ host_vars/bkk06.yaml | 190 +++++++++++++++++++++++++ host_vars/rpc-coretime-kusama-01.yaml | 25 ++-- host_vars/rpc-coretime-westend-01.yaml | 27 ++-- host_vars/rpc-kusama-01.yaml | 16 ++- host_vars/rpc-paseo-01.yaml | 37 +++++ host_vars/rpc-people-kusama-01.yaml | 22 +-- host_vars/rpc-people-westend-01.yaml | 29 ++-- host_vars/val-paseo-01.yaml | 29 ++++ 9 files changed, 333 insertions(+), 54 deletions(-) create mode 100644 host_vars/rpc-paseo-01.yaml create mode 100644 host_vars/val-paseo-01.yaml diff --git a/bkk06 b/bkk06 index cb0b527..27dcaf3 100644 --- a/bkk06 +++ b/bkk06 @@ -27,6 +27,7 @@ dot14 dot26 rpc-polkadot-01 rpc-westend-01 +rpc-paseo-01 ksm14 ksm26 pso06 @@ -52,17 +53,28 @@ pbr13 pbr26 pch16 pch26 + rpc-asset-hub-polkadot-01 rpc-asset-hub-westend-01 rpc-asset-hub-paseo-01 + rpc-bridge-hub-paseo-01 rpc-bridge-hub-polkadot-01 rpc-bridge-hub-westend-01 + rpc-coretime-paseo-01 +rpc-coretime-kusama-01 +rpc-coretime-westend-01 +rpc-coretime-polkadot-01 + rpc-collectives-polkadot-01 rpc-collectives-westend-01 + rpc-people-paseo-01 rpc-people-polkadot-01 +rpc-people-kusama-01 +rpc-people-westend-01 + wbr13 wbr26 wch13 diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index 94239d2..aa032bb 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1710,3 +1710,193 @@ lxc_nodes: - from_port: "{{ hostvars['haproxy-bkk06']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "rpc-coretime-kusama-01" + proxmox_config: + vmid: "32051" + hostname: "{{ hostvars['rpc-coretime-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-coretime-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-coretime-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-coretime-kusama-01']['default_network'] }} {{ hostvars['rpc-coretime-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-coretime-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-coretime-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-coretime-kusama-01']['container_ip'] }}:{{ hostvars['rpc-coretime-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-coretime-kusama-01']['container_ip'] }}:{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-coretime-kusama-01']['container_ip'] }}:{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-coretime-kusama-01']['container_ip'] }}:{{ hostvars['rpc-coretime-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-coretime-westend-01" + proxmox_config: + vmid: "33051" + hostname: "{{ hostvars['rpc-coretime-westend-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-coretime-westend-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-coretime-westend-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-coretime-westend-01']['default_network'] }} {{ hostvars['rpc-coretime-westend-01']['default_node_type'] }}: {{ hostvars['rpc-coretime-westend-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-coretime-westend-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-coretime-westend-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-westend-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-westend-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-coretime-westend-01']['container_ip'] }}:{{ hostvars['rpc-coretime-westend-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-coretime-westend-01']['container_ip'] }}:{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-coretime-westend-01']['container_ip'] }}:{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-coretime-westend-01']['container_ip'] }}:{{ hostvars['rpc-coretime-westend-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-people-kusama-01" + proxmox_config: + vmid: "32041" + hostname: "{{ hostvars['rpc-people-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-people-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-people-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-people-kusama-01']['default_network'] }} {{ hostvars['rpc-people-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-people-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-people-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-people-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-people-kusama-01']['container_ip'] }}:{{ hostvars['rpc-people-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-people-kusama-01']['container_ip'] }}:{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-people-kusama-01']['container_ip'] }}:{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-people-kusama-01']['container_ip'] }}:{{ hostvars['rpc-people-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-people-westend-01" + proxmox_config: + vmid: "33041" + hostname: "{{ hostvars['rpc-people-westend-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-people-westend-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-people-westend-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-people-westend-01']['default_network'] }} {{ hostvars['rpc-people-westend-01']['default_node_type'] }}: {{ hostvars['rpc-people-westend-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-people-westend-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-people-westend-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-westend-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-westend-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-people-westend-01']['container_ip'] }}:{{ hostvars['rpc-people-westend-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-people-westend-01']['container_ip'] }}:{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-people-westend-01']['container_ip'] }}:{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-people-westend-01']['container_ip'] }}:{{ hostvars['rpc-people-westend-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-paseo-01" + proxmox_config: + vmid: "34001" + hostname: "{{ hostvars['rpc-paseo-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-paseo-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:300,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-paseo-01']['default_network'] }} {{ hostvars['rpc-paseo-01']['default_node_type'] }}: {{ hostvars['rpc-paseo-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-paseo-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-paseo-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" diff --git a/host_vars/rpc-coretime-kusama-01.yaml b/host_vars/rpc-coretime-kusama-01.yaml index 6b49ab5..7240cf4 100644 --- a/host_vars/rpc-coretime-kusama-01.yaml +++ b/host_vars/rpc-coretime-kusama-01.yaml @@ -1,30 +1,31 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.121.15" -ansible_port: 2827 -host_name: "rpc-coretime-kusama-01.rotko.net" +ansible_port: 2824 +host_name: "rpc-coretime-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: False -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "coretime-kusama" default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" -default_database: paritydb +default_database: rocksdb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "kcore16.rotko.net" +transition_bootnode_p2p_port: 33726 +transition_bootnode_p2p_port_ws: 34726 +transition_bootnode_p2p_port_wss: 35726 -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_p2p_port: 32051 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 32051 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_rpc_port: 9300 -default_secure_rpc_port: 42827 -default_prom_port: 7827 -zabbix_ext_port: 10827 +default_secure_rpc_port: 42824 +zabbix_ext_port: 10824 diff --git a/host_vars/rpc-coretime-westend-01.yaml b/host_vars/rpc-coretime-westend-01.yaml index ffeb7d2..cd70c70 100644 --- a/host_vars/rpc-coretime-westend-01.yaml +++ b/host_vars/rpc-coretime-westend-01.yaml @@ -1,30 +1,31 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.36" # i changed it to 36 for westend coretime 01 -al # 37 for coretime-westend -ansible_port: 2936 -host_name: "rpc-coretime-westend-01.rotko.net" +container_ip: "192.168.131.15" +ansible_port: 2916 +host_name: "rpc-coretime-westend-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: False -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "coretime-westend" default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" -default_database: paritydb +default_database: rocksdb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "wcore16.rotko.net" +transition_bootnode_p2p_port: 33736 +transition_bootnode_p2p_port_ws: 34736 +transition_bootnode_p2p_port_wss: 35736 -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 -default_rpc_port: 9300 +default_p2p_port: 33051 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 33051 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_secure_rpc_port: 42936 -default_prom_port: 7936 -zabbix_ext_port: 10936 +default_secure_rpc_port: 42916 +zabbix_ext_port: 10916 diff --git a/host_vars/rpc-kusama-01.yaml b/host_vars/rpc-kusama-01.yaml index 5a2e07e..952b47d 100644 --- a/host_vars/rpc-kusama-01.yaml +++ b/host_vars/rpc-kusama-01.yaml @@ -5,7 +5,7 @@ ansible_port: 2321 host_name: "rpc-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' -role: "kusama" +role: "polkadot" pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" @@ -21,14 +21,22 @@ default_pruning: "archive" default_database: "rocksdb" default_syncmode: "full" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" - default_p2p_port: 32001 +default_p2p_port_ws: 30334 +default_p2p_port_wss: 30335 + +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 32001 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 + +transition_bootnode_domain: "ksm14.rotko.net" +transition_bootnode_p2p_port: 33224 +transition_bootnode_p2p_port_ws: 34224 +transition_bootnode_p2p_port_wss: 35224 + default_rpc_port: 9300 +default_prom_port: 7300 default_secure_rpc_port: 42321 -default_prom_port: 7300 zabbix_ext_port: 10321 diff --git a/host_vars/rpc-paseo-01.yaml b/host_vars/rpc-paseo-01.yaml new file mode 100644 index 0000000..0dd37c1 --- /dev/null +++ b/host_vars/rpc-paseo-01.yaml @@ -0,0 +1,37 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.141.10" +ansible_port: 2341 +host_name: "rpc-paseo-01.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "polkadot" +pinned_service: True + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" +default_domain: "{{ host_name }}" +default_domain_lb: "paseo.rotko.net" +default_domain_ibp: "rpc.ibp.network" +default_domain_dotters: "rpc.dotters.network" +default_ibp_repository: "git@github.com:GATOTECH-LTD/ibp-ssl" +default_dotters_repository: "git@github.com:senseless/dotters-ssl" +default_network: "paseo" +default_node_type: "endpoint" +default_pruning: "archive" +default_database: "rocksdb" +default_syncmode: "full" + +default_p2p_port: 34001 +default_p2p_port_ws: 30334 +default_p2p_port_wss: 30335 + +default_rpc_port: 9300 +default_prom_port: 7300 +default_secure_rpc_port: 42341 +zabbix_ext_port: 10341 + +# default_bootnode_domain: "boot-{{ default_network }}.rotko.net" +transition_bootnode_domain: "pso16.rotko.net" +transition_bootnode_p2p_port: 33246 +transition_bootnode_p2p_port_ws: 34246 +transition_bootnode_p2p_port_wss: 35246 diff --git a/host_vars/rpc-people-kusama-01.yaml b/host_vars/rpc-people-kusama-01.yaml index 5882050..058fdda 100644 --- a/host_vars/rpc-people-kusama-01.yaml +++ b/host_vars/rpc-people-kusama-01.yaml @@ -1,33 +1,33 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.77.29" #NOTE: i change for people kusama to 29 & 30 -al # people kusama 28 +container_ip: "192.168.121.14" ansible_port: 2829 -host_name: "rpc-people-kusama-01.rotko.net" +host_name: "rpc-people-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "people-kusama" default_chain_spec: "{{ default_base_path }}/people-kusama.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-kusama.json" default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" -default_database: "paritydb" +default_database: "rocksdb" default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "kppl16.rotko.net" +transition_bootnode_p2p_port: 33756 +transition_bootnode_p2p_port_ws: 34756 +transition_bootnode_p2p_port_wss: 35756 -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_p2p_port: 32041 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 32041 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -#NOTE: this is parachains right? so its 9400 -default_rpc_port: 9400 default_secure_rpc_port: 42829 -default_prom_port: 7829 zabbix_ext_port: 10829 diff --git a/host_vars/rpc-people-westend-01.yaml b/host_vars/rpc-people-westend-01.yaml index 6c204df..d416be5 100644 --- a/host_vars/rpc-people-westend-01.yaml +++ b/host_vars/rpc-people-westend-01.yaml @@ -1,15 +1,14 @@ --- ansible_host: "160.22.181.181" -#WARN: ip still the same with wppl27 -container_ip: "192.168.77.38" # people westend 38 -ansible_port: 2867 -host_name: "wppl27.rotko.net" +container_ip: "192.168.131.14" +ansible_port: 2814 +host_name: "rpc-people-westend-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "people-westend" default_chain_spec: "{{ default_base_path }}/people-westend.json" @@ -17,17 +16,19 @@ default_chain_spec: "{{ default_base_path }}/people-westend.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/fca5044c06c6ce9a0dbdacc54b0f4ad0ce422ddd/cumulus/parachains/chain-specs/people-westend.json" default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" -default_database: "paritydb" +default_database: "rocksdb" default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "wppl16.rotko.net" +transition_bootnode_p2p_port: 33766 +transition_bootnode_p2p_port_ws: 34766 +transition_bootnode_p2p_port_wss: 35766 -default_p2p_port: 30333 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 -default_rpc_port: 9300 +default_p2p_port: 33041 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 33041 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_secure_rpc_port: 42867 -default_prom_port: 7867 -zabbix_ext_port: 10867 + +default_secure_rpc_port: 42814 +zabbix_ext_port: 10814 diff --git a/host_vars/val-paseo-01.yaml b/host_vars/val-paseo-01.yaml new file mode 100644 index 0000000..7b920c4 --- /dev/null +++ b/host_vars/val-paseo-01.yaml @@ -0,0 +1,29 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.241.10" +ansible_port: 2141 +host_name: "val-paseo-01.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "polkadot" +pinned_service: False + +# Variables + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" +default_network: "paseo" +default_chain_spec: "{{ default_base_path }}/paseo.raw.json" +default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/paseo.raw.json" +default_node_type: "validator" +default_pruning: 1000 +default_database: paritydb +default_syncmode: warp + +default_p2p_port: 34004 +default_p2p_port_ws: 30334 +default_p2p_port_wss: 30335 + +default_rpc_port: 9300 +default_prom_port: 7300 +default_secure_rpc_port: 42141 +zabbix_ext_port: 10141 From a09f62219e657297bfd70579883c203fd6ce577f Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 3 Dec 2024 17:42:58 +0700 Subject: [PATCH 30/69] chore: fixing ansiblelater --- group_vars/cumulus.yaml | 1 + group_vars/polkadot.yaml | 1 + roles/setup_install_haproxy/handlers/main.yml | 6 ++++-- roles/setup_install_haproxy/tasks/main.yml | 13 ++++++++----- roles/setup_install_nginx/tasks/main.yaml | 2 +- .../tasks/prometheus-tasks.yaml | 7 +++++-- 6 files changed, 20 insertions(+), 10 deletions(-) diff --git a/group_vars/cumulus.yaml b/group_vars/cumulus.yaml index f1b24c1..6daf234 100644 --- a/group_vars/cumulus.yaml +++ b/group_vars/cumulus.yaml @@ -1,3 +1,4 @@ +--- default_base_path: /opt/cumulus default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ default_network }}.json default_client_version: polkadot-stable2409-2 diff --git a/group_vars/polkadot.yaml b/group_vars/polkadot.yaml index 7788335..6685ce9 100644 --- a/group_vars/polkadot.yaml +++ b/group_vars/polkadot.yaml @@ -1,3 +1,4 @@ +--- default_auxiliary_binary_path: /usr/libexec default_base_path: /opt/polkadot default_chain_spec: "{{ default_base_path }}/{{ default_network }}.json" diff --git a/roles/setup_install_haproxy/handlers/main.yml b/roles/setup_install_haproxy/handlers/main.yml index 2de15f4..e1ac5ca 100644 --- a/roles/setup_install_haproxy/handlers/main.yml +++ b/roles/setup_install_haproxy/handlers/main.yml @@ -1,3 +1,5 @@ --- -- name: restart haproxy - service: name=haproxy state=restarted +- name: Restart HAProxy + ansible.builtin.service: + name: haproxy + state: restarted diff --git a/roles/setup_install_haproxy/tasks/main.yml b/roles/setup_install_haproxy/tasks/main.yml index 03c390f..a9f7549 100644 --- a/roles/setup_install_haproxy/tasks/main.yml +++ b/roles/setup_install_haproxy/tasks/main.yml @@ -29,8 +29,8 @@ - name: Get HAProxy version ansible.builtin.command: haproxy -v register: haproxy_version_result - changed_when: false - check_mode: false + changed_when: False + check_mode: False - name: Set HAProxy version ansible.builtin.set_fact: @@ -58,7 +58,7 @@ - name: Validate HAProxy configuration ansible.builtin.command: haproxy -c -f /etc/haproxy/haproxy.cfg register: haproxy_validate - changed_when: false + changed_when: False failed_when: haproxy_validate.rc != 0 - name: Display HAProxy validation result @@ -71,5 +71,8 @@ state: restarted when: haproxy_validate.rc == 0 -- name: Ensure HAProxy is started and enabled on boot. - service: name=haproxy state=started enabled=yes +- name: Ensure HAProxy is started and enabled on boot + ansible.builtin.service: + name: haproxy + state: started + enabled: True diff --git a/roles/setup_install_nginx/tasks/main.yaml b/roles/setup_install_nginx/tasks/main.yaml index 5359d53..d3b54b6 100644 --- a/roles/setup_install_nginx/tasks/main.yaml +++ b/roles/setup_install_nginx/tasks/main.yaml @@ -83,7 +83,7 @@ --agree-tos --email {{ default_certificate_email }} --deploy-hook "systemctl reload nginx" - --dns-cloudflare-propagation-seconds 60 + --dns-cloudflare-propagation-seconds 300 become: True become_user: root when: days_until_expiration is not defined or days_until_expiration | int < 30 diff --git a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml index 2456e4a..81fb7ee 100644 --- a/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml +++ b/roles/setup_install_prometheus/tasks/prometheus-tasks.yaml @@ -139,8 +139,11 @@ - name: Validate Prometheus configuration ansible.builtin.command: cmd: "/usr/local/bin/promtool check config /etc/prometheus/prometheus.yml" - become: true + become: True become_user: prometheus + changed_when: False + register: prometheus_config_check + failed_when: prometheus_config_check.rc != 0 - name: Manage Prometheus service block: @@ -163,4 +166,4 @@ state: "{{ 'started' if not servicestatus.stat.exists else 'restarted' }}" - name: Flush handlers - meta: flush_handlers + ansible.builtin.meta: flush_handlers From 1377d40d23a02cace38b14624aa8c6473c270aa5 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 4 Dec 2024 14:13:47 +0700 Subject: [PATCH 31/69] chore: remove parameterized inpeers outpeers for validator --- roles/setup_install_polkadot/templates/validator.service.j2 | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index 9b26938..c05b67d 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -39,8 +39,6 @@ ExecStart={{ default_base_path }}/polkadot \ --in-peers 64 \ --workers-path {{ default_auxiliary_binary_path }} \ --db-cache {{ ansible_memtotal_mb // 2 }} \ - --in-peers {{ default_in_peers }} \ - --out-peers {{ default_out_peers }} \ --no-mdns \ --sync {{ default_syncmode }} From ce1881d4eed6a19c1e6fef36d4c5a6950439cae6 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 4 Dec 2024 15:43:48 +0700 Subject: [PATCH 32/69] chore: migrate from the wrong naming ct ->correct one --- bkk07 | 6 +- host_vars/bkk07.yaml | 145 ++++-------------------- host_vars/rpc-asset-hub-kusama-01.yaml | 23 ++-- host_vars/rpc-asset-hub-kusama-02.yaml | 17 +-- host_vars/rpc-bridge-hub-kusama-01.yaml | 22 ++-- host_vars/rpc-bridge-hub-kusama-02.yaml | 12 +- host_vars/rpc-encointer-kusama-01.yaml | 20 ++-- host_vars/rpc-encointer-kusama-02.yaml | 18 +-- 8 files changed, 76 insertions(+), 187 deletions(-) diff --git a/bkk07 b/bkk07 index e445dfe..a3db2e5 100644 --- a/bkk07 +++ b/bkk07 @@ -69,18 +69,18 @@ rpc-coretime-kusama-02 rpc-asset-hub-paseo-02 rpc-asset-hub-polkadot-02 rpc-asset-hub-westend-02 -rpc-asset-hub-kusama-01 +rpc-asset-hub-kusama-02 rpc-bridge-hub-paseo-02 rpc-bridge-hub-polkadot-02 rpc-bridge-hub-westend-02 -rpc-bridge-hub-kusama-01 +rpc-bridge-hub-kusama-02 rpc-collectives-polkadot-02 rpc-collectives-westend-02 [encointer] -rpc-encointer-kusama-01 +rpc-encointer-kusama-02 [services] monitor diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 8a5d132..7699d5b 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -864,70 +864,35 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-people-westend-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-people-westend-02']['container_ip'] }}:{{ hostvars['rpc-people-westend-02']['default_p2p_port'] }}" protocol: "tcp" - - host: "rpc-asset-hub-kusama-01" + - host: "rpc-asset-hub-kusama-02" proxmox_config: vmid: "32011" - hostname: "{{ hostvars['rpc-asset-hub-kusama-01']['host_name'] }}" + hostname: "{{ hostvars['rpc-asset-hub-kusama-02']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['rpc-asset-hub-kusama-01']['netif'] }}" + netif: "{{ hostvars['rpc-asset-hub-kusama-02']['netif'] }}" cores: 4 memory: 16384 swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:250,mp={{ hostvars["rpc-asset-hub-kusama-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:250,mp={{ hostvars["rpc-asset-hub-kusama-02"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False - description: "{{ hostvars['rpc-asset-hub-kusama-01']['default_network'] }} {{ hostvars['rpc-asset-hub-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-asset-hub-kusama-01']['host_name'] }}" + description: "{{ hostvars['rpc-asset-hub-kusama-02']['default_network'] }} {{ hostvars['rpc-asset-hub-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-asset-hub-kusama-02']['host_name'] }}" state: present features: - nesting=1 port_forwards: - - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['ansible_port'] }}" - to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ ssh_port }}" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ ssh_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['zabbix_ext_port'] }}" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['default_p2p_port'] }}" - to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-01']['default_p2p_port'] }}" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - # - host: "rpc-asset-hub-kusama-02" - # proxmox_config: - # vmid: "320102" - # hostname: "{{ hostvars['rpc-asset-hub-kusama-02']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-asset-hub-kusama-02']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-asset-hub-kusama-02"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-asset-hub-kusama-02']['default_network'] }} {{ hostvars['rpc-asset-hub-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-asset-hub-kusama-02']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ ssh_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port_wss'] }}" - # protocol: "tcp" - host: "rpc-bridge-hub-kusama-01" proxmox_config: vmid: "32021" @@ -957,41 +922,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" protocol: "tcp" - # - host: "rpc-bridge-hub-kusama-02" - # proxmox_config: - # vmid: "320202" - # hostname: "{{ hostvars['rpc-bridge-hub-kusama-02']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-bridge-hub-kusama-02']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-bridge-hub-kusama-02"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_network'] }} {{ hostvars['rpc-bridge-hub-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-bridge-hub-kusama-02']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ ssh_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port_wss'] }}" - # protocol: "tcp" - host: "rpc-coretime-kusama-02" proxmox_config: vmid: "32052" @@ -1050,70 +980,35 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-people-kusama-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-people-kusama-02']['container_ip'] }}:{{ hostvars['rpc-people-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - - host: "rpc-encointer-kusama-01" + - host: "rpc-encointer-kusama-02" proxmox_config: vmid: "32061" - hostname: "{{ hostvars['rpc-encointer-kusama-01']['host_name'] }}" + hostname: "{{ hostvars['rpc-encointer-kusama-02']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['rpc-encointer-kusama-01']['netif'] }}" + netif: "{{ hostvars['rpc-encointer-kusama-02']['netif'] }}" cores: 4 memory: 16384 swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-encointer-kusama-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-encointer-kusama-02"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False - description: "{{ hostvars['rpc-encointer-kusama-01']['default_network'] }} {{ hostvars['rpc-encointer-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-encointer-kusama-01']['host_name'] }}" + description: "{{ hostvars['rpc-encointer-kusama-02']['default_network'] }} {{ hostvars['rpc-encointer-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-encointer-kusama-02']['host_name'] }}" state: present features: - nesting=1 port_forwards: - - from_port: "{{ hostvars['rpc-encointer-kusama-01']['ansible_port'] }}" - to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ ssh_port }}" + - from_port: "{{ hostvars['rpc-encointer-kusama-02']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ ssh_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-encointer-kusama-01']['zabbix_ext_port'] }}" + - from_port: "{{ hostvars['rpc-encointer-kusama-02']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-encointer-kusama-01']['default_p2p_port'] }}" - to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-01']['default_p2p_port'] }}" + - from_port: "{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - # - host: "rpc-encointer-kusama-02" - # proxmox_config: - # vmid: "320702" - # hostname: "{{ hostvars['rpc-encointer-kusama-02']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-encointer-kusama-02']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-encointer-kusama-02"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-encointer-kusama-02']['default_network'] }} {{ hostvars['rpc-encointer-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-encointer-kusama-02']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-encointer-kusama-02']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ ssh_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-encointer-kusama-02']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-encointer-kusama-02']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-02']['default_p2p_port_wss'] }}" - # protocol: "tcp" - host: "val-polkadot-02" proxmox_config: vmid: "31022" diff --git a/host_vars/rpc-asset-hub-kusama-01.yaml b/host_vars/rpc-asset-hub-kusama-01.yaml index 90d9af8..35575ac 100644 --- a/host_vars/rpc-asset-hub-kusama-01.yaml +++ b/host_vars/rpc-asset-hub-kusama-01.yaml @@ -1,14 +1,14 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.121.11" -ansible_port: 2623 -host_name: "rpc-asset-hub-kusama-01.rotko.net" +ansible_port: 2622 +host_name: "rpc-asset-hub-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" @@ -16,14 +16,19 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] } default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" - default_p2p_port: 32011 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 32011 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_secure_rpc_port: 42623 -zabbix_ext_port: 10623 +transition_bootnode_domain: "mine14.rotko.net" +transition_bootnode_p2p_port: 33524 +transition_bootnode_p2p_port_ws: 34524 +transition_bootnode_p2p_port_wss: 35524 + +default_rpc_port: 9400 +default_prom_port: 7400 + +default_secure_rpc_port: 42622 +zabbix_ext_port: 10622 diff --git a/host_vars/rpc-asset-hub-kusama-02.yaml b/host_vars/rpc-asset-hub-kusama-02.yaml index b29d87d..f45ad7d 100644 --- a/host_vars/rpc-asset-hub-kusama-02.yaml +++ b/host_vars/rpc-asset-hub-kusama-02.yaml @@ -1,7 +1,7 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.122.11" -ansible_port: 2622 +ansible_port: 2623 host_name: "rpc-asset-hub-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' @@ -16,19 +16,12 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] } default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" -default_p2p_port: 32012 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" + +default_p2p_port: 32012 default_bootnode_p2p_port: 32012 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -transition_bootnode_domain: "mine14.rotko.net" -transition_bootnode_p2p_port: 33524 -transition_bootnode_p2p_port_ws: 34524 -transition_bootnode_p2p_port_wss: 35524 - -default_rpc_port: 9400 -default_prom_port: 7400 - -default_secure_rpc_port: 42622 -zabbix_ext_port: 10624 +default_secure_rpc_port: 42623 +zabbix_ext_port: 10623 diff --git a/host_vars/rpc-bridge-hub-kusama-01.yaml b/host_vars/rpc-bridge-hub-kusama-01.yaml index 362b9b3..19c02e3 100644 --- a/host_vars/rpc-bridge-hub-kusama-01.yaml +++ b/host_vars/rpc-bridge-hub-kusama-01.yaml @@ -1,29 +1,31 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.121.12" -ansible_port: 2651 -host_name: "rpc-bridge-hub-kusama-01.rotko.net" +ansible_port: 2652 +host_name: "rpc-bridge-hub-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" pinned_service: True -default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" -default_database: paritydb # to be replaced with paritydb +default_database: rocksdb default_node_type: "endpoint" -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "kbr13.rotko.net" +transition_bootnode_p2p_port: 33553 +transition_bootnode_p2p_port_ws: 34553 +transition_bootnode_p2p_port_wss: 35553 default_p2p_port: 32021 -default_p2p_port_ws: 30334 -default_p2p_port_wss: 30335 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 32021 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_secure_rpc_port: 42651 -zabbix_ext_port: 10651 +default_secure_rpc_port: 42652 +zabbix_ext_port: 10652 diff --git a/host_vars/rpc-bridge-hub-kusama-02.yaml b/host_vars/rpc-bridge-hub-kusama-02.yaml index 2a3470c..4962a5a 100644 --- a/host_vars/rpc-bridge-hub-kusama-02.yaml +++ b/host_vars/rpc-bridge-hub-kusama-02.yaml @@ -1,7 +1,7 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.122.12" -ansible_port: 2652 +ansible_port: 2651 host_name: "rpc-bridge-hub-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' @@ -16,16 +16,12 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] } default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" -transition_bootnode_domain: "kbr13.rotko.net" -transition_bootnode_p2p_port: 33553 -transition_bootnode_p2p_port_ws: 34553 -transition_bootnode_p2p_port_wss: 35553 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_p2p_port: 32022 -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 32022 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 -default_secure_rpc_port: 42652 -zabbix_ext_port: 10652 +default_secure_rpc_port: 42651 +zabbix_ext_port: 10651 diff --git a/host_vars/rpc-encointer-kusama-01.yaml b/host_vars/rpc-encointer-kusama-01.yaml index 7615fb2..7ea09cc 100644 --- a/host_vars/rpc-encointer-kusama-01.yaml +++ b/host_vars/rpc-encointer-kusama-01.yaml @@ -1,7 +1,7 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.121.16" -ansible_port: 2601 +ansible_port: 2602 host_name: "rpc-encointer-kusama-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' @@ -11,22 +11,26 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" -default_database: paritydb # to be replaced with paritydb +default_database: rocksdb default_syncmode: full + default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +transition_bootnode_domain: "enc14.rotko.net" +transition_bootnode_p2p_port: 33504 +transition_bootnode_p2p_port_ws: 34504 +transition_bootnode_p2p_port_wss: 35504 + default_p2p_port: 32061 -default_p2p_port_ws: 30434 -default_p2p_port_wss: 30435 default_bootnode_p2p_port: 32061 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9400 - -default_secure_rpc_port: 42601 default_prom_port: 7400 -zabbix_ext_port: 10601 + +default_secure_rpc_port: 42602 +zabbix_ext_port: 10602 diff --git a/host_vars/rpc-encointer-kusama-02.yaml b/host_vars/rpc-encointer-kusama-02.yaml index fa94792..c91813e 100644 --- a/host_vars/rpc-encointer-kusama-02.yaml +++ b/host_vars/rpc-encointer-kusama-02.yaml @@ -1,7 +1,7 @@ --- ansible_host: "160.22.181.181" container_ip: "192.168.122.16" -ansible_port: 2602 +ansible_port: 2601 host_name: "rpc-encointer-kusama-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' @@ -11,26 +11,20 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" -default_database: paritydb +default_database: paritydb # to be replaced with paritydb default_syncmode: full - default_bootnode_domain: "{{ default_network }}.boot.rotko.net" -transition_bootnode_domain: "enc14.rotko.net" -transition_bootnode_p2p_port: 33504 -transition_bootnode_p2p_port_ws: 34504 -transition_bootnode_p2p_port_wss: 35504 - default_p2p_port: 32062 default_bootnode_p2p_port: 32062 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9400 -default_prom_port: 7400 -default_secure_rpc_port: 42602 -zabbix_ext_port: 10602 +default_secure_rpc_port: 42601 +default_prom_port: 7400 +zabbix_ext_port: 10601 From 19d9451ab5435eab38905e85f95180495ee670c5 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 4 Dec 2024 15:59:27 +0700 Subject: [PATCH 33/69] chore: add ansible port --- host_vars/val-kusama-03.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/host_vars/val-kusama-03.yaml b/host_vars/val-kusama-03.yaml index 3dc2a11..121198b 100644 --- a/host_vars/val-kusama-03.yaml +++ b/host_vars/val-kusama-03.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.223.10" # 192.168.213.10:32006 # kusama-03 -ansible_port: +ansible_port: 22006 host_name: "val-kusama-03.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' From 87a22a1eeec6f599d605928d9d34a013e029bef3 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 5 Dec 2024 19:49:44 +0700 Subject: [PATCH 34/69] chore: update service.template --- bkk06 | 9 ++++++--- inventory | 4 ++++ .../templates/endpoint.service.j2 | 7 ++++++- roles/setup_install_nginx/tasks/main.yaml | 5 ++++- .../setup_install_polkadot/templates/endpoint.service.j2 | 7 ++++++- 5 files changed, 26 insertions(+), 6 deletions(-) diff --git a/bkk06 b/bkk06 index 27dcaf3..c51cc99 100644 --- a/bkk06 +++ b/bkk06 @@ -28,6 +28,7 @@ dot26 rpc-polkadot-01 rpc-westend-01 rpc-paseo-01 +rpc-kusama-01 ksm14 ksm26 pso06 @@ -47,7 +48,6 @@ kppl16 kppl26 mine14 mine26 -mint14 mint26 pbr13 pbr26 @@ -55,17 +55,19 @@ pch16 pch26 rpc-asset-hub-polkadot-01 +rpc-asset-hub-kusama-01 rpc-asset-hub-westend-01 rpc-asset-hub-paseo-01 -rpc-bridge-hub-paseo-01 rpc-bridge-hub-polkadot-01 +rpc-bridge-hub-kusama-01 rpc-bridge-hub-westend-01 +rpc-bridge-hub-paseo-01 rpc-coretime-paseo-01 +rpc-coretime-polkadot-01 rpc-coretime-kusama-01 rpc-coretime-westend-01 -rpc-coretime-polkadot-01 rpc-collectives-polkadot-01 rpc-collectives-westend-01 @@ -90,6 +92,7 @@ wppl26 rpc-kilt-polkadot-01 [encointer] +rpc-encointer-kusama-01 enc14 enc26 diff --git a/inventory b/inventory index f9cc4d0..776efa7 100644 --- a/inventory +++ b/inventory @@ -79,11 +79,15 @@ rpc-people-paseo-01 rpc-people-polkadot-01 rpc-people-polkadot-02 rpc-people-paseo-02 +rpc-people-westend-01 rpc-people-westend-02 +rpc-people-kusama-01 rpc-people-kusama-02 rpc-coretime-paseo-02 rpc-coretime-polkadot-02 rpc-coretime-westend-02 +rpc-coretime-westend-01 +rpc-coretime-kusama-01 rpc-asset-hub-paseo-02 rpc-asset-hub-polkadot-02 rpc-asset-hub-westend-02 diff --git a/roles/setup_install_encointer/templates/endpoint.service.j2 b/roles/setup_install_encointer/templates/endpoint.service.j2 index 779a673..8f2c8ce 100644 --- a/roles/setup_install_encointer/templates/endpoint.service.j2 +++ b/roles/setup_install_encointer/templates/endpoint.service.j2 @@ -15,10 +15,15 @@ ExecStart={{ default_base_path }}/encointer \ --sync full \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ - --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ + {% if transition_bootnode_domain is defined %}--listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port }} \ + --listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ + {% endif %}--public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port }} \ --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ + {% endif %}{% if transition_bootnode_domain is defined %}--public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port }} \ + --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ + --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_wss }}/wss \ {% endif %}--rpc-port {{ default_rpc_port }} \ --enable-offchain-indexing=true \ --prometheus-port {{ default_prom_port }} \ diff --git a/roles/setup_install_nginx/tasks/main.yaml b/roles/setup_install_nginx/tasks/main.yaml index d3b54b6..117ded8 100644 --- a/roles/setup_install_nginx/tasks/main.yaml +++ b/roles/setup_install_nginx/tasks/main.yaml @@ -79,11 +79,14 @@ -d {{ default_bootnode_domain }} --expand {% endif %} + {% if transition_bootnode_domain is defined and transition_bootnode_domain | length > 0 %} + -d {{ transition_bootnode_domain }} + {% endif %} --non-interactive --agree-tos --email {{ default_certificate_email }} --deploy-hook "systemctl reload nginx" - --dns-cloudflare-propagation-seconds 300 + --dns-cloudflare-propagation-seconds 60 become: True become_user: root when: days_until_expiration is not defined or days_until_expiration | int < 30 diff --git a/roles/setup_install_polkadot/templates/endpoint.service.j2 b/roles/setup_install_polkadot/templates/endpoint.service.j2 index 0ca33e8..afc1bc1 100644 --- a/roles/setup_install_polkadot/templates/endpoint.service.j2 +++ b/roles/setup_install_polkadot/templates/endpoint.service.j2 @@ -17,12 +17,17 @@ ExecStart={{ default_base_path }}/polkadot \ --sync full \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ - --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ + {% if transition_bootnode_domain is defined %}--listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port }} \ + --listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ + {% endif %}--public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port }} \ --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_bootnode_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_bootnode_p2p_port_ws }}/ws \ + {% endif %}{% if transition_bootnode_domain is defined %}--public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port }} \ + --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ + --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_wss }}/wss \ {% endif %}--rpc-port {{ default_rpc_port }} \ --prometheus-port {{ default_prom_port }} \ --prometheus-external \ From 28efdbe0adac7ca2cfd20da52a728522fd8ab414 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 5 Dec 2024 19:52:09 +0700 Subject: [PATCH 35/69] chore: update rpc, rpc-kusama-01 not ready --- host_vars/rpc-asset-hub-kusama-01.yaml | 2 +- host_vars/rpc-asset-hub-kusama-02.yaml | 2 +- host_vars/rpc-bridge-hub-kusama-01.yaml | 2 +- host_vars/rpc-bridge-hub-kusama-02.yaml | 2 +- host_vars/rpc-coretime-kusama-01.yaml | 2 +- host_vars/rpc-encointer-kusama-01.yaml | 2 +- host_vars/rpc-people-kusama-01.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/host_vars/rpc-asset-hub-kusama-01.yaml b/host_vars/rpc-asset-hub-kusama-01.yaml index 35575ac..575c65c 100644 --- a/host_vars/rpc-asset-hub-kusama-01.yaml +++ b/host_vars/rpc-asset-hub-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-asset-hub-kusama-02.yaml b/host_vars/rpc-asset-hub-kusama-02.yaml index f45ad7d..2003bd7 100644 --- a/host_vars/rpc-asset-hub-kusama-02.yaml +++ b/host_vars/rpc-asset-hub-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-kusama-01.yaml b/host_vars/rpc-bridge-hub-kusama-01.yaml index 19c02e3..17eebb7 100644 --- a/host_vars/rpc-bridge-hub-kusama-01.yaml +++ b/host_vars/rpc-bridge-hub-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-kusama-02.yaml b/host_vars/rpc-bridge-hub-kusama-02.yaml index 4962a5a..e81626e 100644 --- a/host_vars/rpc-bridge-hub-kusama-02.yaml +++ b/host_vars/rpc-bridge-hub-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-kusama-01.yaml b/host_vars/rpc-coretime-kusama-01.yaml index 7240cf4..9c93d33 100644 --- a/host_vars/rpc-coretime-kusama-01.yaml +++ b/host_vars/rpc-coretime-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: False default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "coretime-kusama" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-encointer-kusama-01.yaml b/host_vars/rpc-encointer-kusama-01.yaml index 7ea09cc..37a4349 100644 --- a/host_vars/rpc-encointer-kusama-01.yaml +++ b/host_vars/rpc-encointer-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" diff --git a/host_vars/rpc-people-kusama-01.yaml b/host_vars/rpc-people-kusama-01.yaml index 058fdda..6e76a41 100644 --- a/host_vars/rpc-people-kusama-01.yaml +++ b/host_vars/rpc-people-kusama-01.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "people-kusama" default_chain_spec: "{{ default_base_path }}/people-kusama.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-kusama.json" -default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" From 039e91d88d2501550e7bca134a20e1ef3de801a2 Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 6 Dec 2024 21:33:36 +0700 Subject: [PATCH 36/69] chore: update encointer template --- host_vars/rpc-people-paseo-01.yaml | 4 ++-- .../setup_install_encointer/templates/endpoint.service.j2 | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/host_vars/rpc-people-paseo-01.yaml b/host_vars/rpc-people-paseo-01.yaml index 24facaf..83474be 100644 --- a/host_vars/rpc-people-paseo-01.yaml +++ b/host_vars/rpc-people-paseo-01.yaml @@ -23,8 +23,8 @@ zabbix_ext_port: 10966 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" #dont change p2p port -default_p2p_port: 30433 -default_bootnode_p2p_port: 30433 +default_p2p_port: 34041 +default_bootnode_p2p_port: 34041 default_bootnode_p2p_port_ws: 30434 default_bootnode_p2p_port_wss: 30435 default_rpc_port: 9400 diff --git a/roles/setup_install_encointer/templates/endpoint.service.j2 b/roles/setup_install_encointer/templates/endpoint.service.j2 index 8f2c8ce..e04554f 100644 --- a/roles/setup_install_encointer/templates/endpoint.service.j2 +++ b/roles/setup_install_encointer/templates/endpoint.service.j2 @@ -14,13 +14,13 @@ ExecStart={{ default_base_path }}/encointer \ --database {{ default_database }} \ --sync full \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ - --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ + --listen-addr /ip4/0.0.0.0/tcp/{{ default_bootnode_p2p_port_ws }}/ws \ {% if transition_bootnode_domain is defined %}--listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ {% endif %}--public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ - {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ + --public-addr /dns/{{ default_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \ + {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port }} \ + --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \ {% endif %}{% if transition_bootnode_domain is defined %}--public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port }} \ --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_ws }}/ws \ --public-addr /dns/{{ transition_bootnode_domain }}/tcp/{{ transition_bootnode_p2p_port_wss }}/wss \ From 66772740c683e764f1884002845653f2026fe0e7 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 11 Dec 2024 17:58:22 +0700 Subject: [PATCH 37/69] chore: updater paseo relay fallback --- host_vars/rpc-asset-hub-paseo-01.yaml | 2 +- host_vars/rpc-asset-hub-paseo-02.yaml | 2 +- host_vars/rpc-bridge-hub-paseo-01.yaml | 2 +- host_vars/rpc-bridge-hub-paseo-02.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/host_vars/rpc-asset-hub-paseo-01.yaml b/host_vars/rpc-asset-hub-paseo-01.yaml index 965eafe..c2fdf8e 100644 --- a/host_vars/rpc-asset-hub-paseo-01.yaml +++ b/host_vars/rpc-asset-hub-paseo-01.yaml @@ -14,7 +14,7 @@ default_network: "asset-hub-paseo" default_chain_spec: "{{ default_base_path }}/asset-hub-paseo.raw.json" default_chain_spec_dl_url: "https://media.githubusercontent.com/media/paseo-network/paseo-chain-specs/main/ah-paseo-spec.json" default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" -default_relay_rpc_fallback: "ws://{{ hostvars['pso24']['container_ip'] }}:{{ hostvars['pso24']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" default_p2p_port: 33956 diff --git a/host_vars/rpc-asset-hub-paseo-02.yaml b/host_vars/rpc-asset-hub-paseo-02.yaml index db76370..6cd83e5 100644 --- a/host_vars/rpc-asset-hub-paseo-02.yaml +++ b/host_vars/rpc-asset-hub-paseo-02.yaml @@ -14,7 +14,7 @@ default_network: "asset-hub-paseo" default_chain_spec: "{{ default_base_path }}/asset-hub-paseo.raw.json" default_chain_spec_dl_url: "https://media.githubusercontent.com/media/paseo-network/paseo-chain-specs/main/ah-paseo-spec.json" default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" -default_relay_rpc_fallback: "ws://{{ hostvars['pso24']['container_ip'] }}:{{ hostvars['pso24']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" default_p2p_port: 33957 diff --git a/host_vars/rpc-bridge-hub-paseo-01.yaml b/host_vars/rpc-bridge-hub-paseo-01.yaml index df25921..1b4dbe9 100644 --- a/host_vars/rpc-bridge-hub-paseo-01.yaml +++ b/host_vars/rpc-bridge-hub-paseo-01.yaml @@ -14,7 +14,7 @@ default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" -default_relay_rpc_fallback: "ws://{{ hostvars['pso24']['container_ip'] }}:{{ hostvars['pso24']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" default_p2p_port: 33966 diff --git a/host_vars/rpc-bridge-hub-paseo-02.yaml b/host_vars/rpc-bridge-hub-paseo-02.yaml index d267cb1..f9daf38 100644 --- a/host_vars/rpc-bridge-hub-paseo-02.yaml +++ b/host_vars/rpc-bridge-hub-paseo-02.yaml @@ -14,7 +14,7 @@ default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" -default_relay_rpc_fallback: "ws://{{ hostvars['pso24']['container_ip'] }}:{{ hostvars['pso24']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" default_p2p_port: 33967 From 9dee61b5e519cea232ea21e953d38381e82f5f51 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 11 Dec 2024 18:19:34 +0700 Subject: [PATCH 38/69] chore: added new rpc & modified hydration group_vars update hydration download_url & version added rpc-paseo-01, rpc-hydration-polkadot-01 --- bkk06 | 1 + group_vars/hydration.yaml | 13 +- host_vars/bkk06.yaml | 253 ++++++++++++++++------- host_vars/bkk07.yaml | 35 ---- host_vars/rpc-hydration-polkadot-01.yaml | 24 +++ host_vars/rpc-paseo-01.yaml | 2 + 6 files changed, 215 insertions(+), 113 deletions(-) create mode 100644 host_vars/rpc-hydration-polkadot-01.yaml diff --git a/bkk06 b/bkk06 index c51cc99..1c303cf 100644 --- a/bkk06 +++ b/bkk06 @@ -21,6 +21,7 @@ haproxy-bkk06 [hydration] hdx26 +rpc-hydration-polkadot-01 [polkadot] dot14 diff --git a/group_vars/hydration.yaml b/group_vars/hydration.yaml index 3b311df..b189686 100644 --- a/group_vars/hydration.yaml +++ b/group_vars/hydration.yaml @@ -1,12 +1,11 @@ --- default_base_path: /opt/hydration -default_client_version: v28.0.0 +default_client_version: v32.0.0 default_database: paritydb -default_database_path: '{{ default_base_path }}/chains' +default_database_path: "{{ default_base_path }}/chains" default_download_base_url: https://github.com/galacticcouncil/Hydration-node/releases/download/ -default_download_url: '{{ default_download_base_url }}{{ - default_client_version }}/hydration' -default_group: '{{ service_users[''hydration''] }}' +default_download_url: "{{ default_download_base_url }}{{ default_client_version }}/hydradx" +default_group: "{{ service_users['hydration'] }}" default_log_level: info default_network: hydration default_node_type: endpoint @@ -17,7 +16,7 @@ default_prom_port: 7800 default_rpc_port: 9800 default_secure_rpc_port: 42800 default_service: hydration -default_storage: '{{ default_base_path }}/chains' +default_storage: "{{ default_base_path }}/chains" default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 -default_user: '{{ service_users[''hydration''] }}' +default_user: "{{ service_users['hydration'] }}" zabbix_ext_port: 10800 diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index aa032bb..18a3b1f 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1586,41 +1586,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_p2p_port'] }}" protocol: "tcp" - # - host: "rpc-kusama-01" - # proxmox_config: - # vmid: "320001" - # hostname: "{{ hostvars['rpc-kusama-01']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-kusama-01']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-kusama-01']['default_network'] }} {{ hostvars['rpc-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-kusama-01']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-kusama-01']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:22" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-kusama-01']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port_wss'] }}" - # protocol: "tcp" - host: "rpc-westend-01" proxmox_config: vmid: "33001" @@ -1650,41 +1615,6 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_p2p_port'] }}" protocol: "tcp" - # - host: "rpc-paseo-01" - # proxmox_config: - # vmid: "340001" - # hostname: "{{ hostvars['rpc-paseo-01']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-paseo-01']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-paseo-01']['default_network'] }} {{ hostvars['rpc-paseo-01']['default_node_type'] }}: {{ hostvars['rpc-paseo-01']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-paseo-01']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:22" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-paseo-01']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_p2p_port_wss'] }}" - # protocol: "tcp" - host: "haproxy-bkk06" proxmox_config: vmid: "9916" @@ -1873,7 +1803,7 @@ lxc_nodes: swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:300,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False @@ -1900,3 +1830,184 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_wss'] }}" to_host: "{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['transition_bootnode_p2p_port_wss'] }}" protocol: "tcp" + - host: "rpc-kusama-01" + proxmox_config: + vmid: "32001" + hostname: "{{ hostvars['rpc-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-kusama-01']['default_network'] }} {{ hostvars['rpc-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-asset-hub-kusama-01" + proxmox_config: + vmid: "32011" + hostname: "{{ hostvars['rpc-asset-hub-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-asset-hub-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:250,mp={{ hostvars["rpc-asset-hub-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-asset-hub-kusama-01']['default_network'] }} {{ hostvars['rpc-asset-hub-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-asset-hub-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-asset-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-bridge-hub-kusama-01" + proxmox_config: + vmid: "32021" + hostname: "{{ hostvars['rpc-bridge-hub-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-bridge-hub-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-bridge-hub-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_network'] }} {{ hostvars['rpc-bridge-hub-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-bridge-hub-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-encointer-kusama-01" + proxmox_config: + vmid: "32061" + hostname: "{{ hostvars['rpc-encointer-kusama-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-encointer-kusama-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-encointer-kusama-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-encointer-kusama-01']['default_network'] }} {{ hostvars['rpc-encointer-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-encointer-kusama-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-encointer-kusama-01']['container_ip'] }}:{{ hostvars['rpc-encointer-kusama-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" + - host: "rpc-hydration-polkadot-01" + proxmox_config: + vmid: "31261" + hostname: "{{ hostvars['rpc-hydration-polkadot-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-hydration-polkadot-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:150,mp={{ hostvars["rpc-hydration-polkadot-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-hydration-polkadot-01']['default_network'] }} {{ hostvars['rpc-hydration-polkadot-01']['default_node_type'] }}: {{ hostvars['rpc-hydration-polkadot-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-hydration-polkadot-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-hydration-polkadot-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-hydration-polkadot-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-hydration-polkadot-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-hydration-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-hydration-polkadot-01']['default_p2p_port'] }}" + protocol: "tcp" diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 7699d5b..33d96bc 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -29,41 +29,6 @@ port_forwards: protocol: "tcp" lxc_nodes: - # - host: "rpc-polkadot-02" - # proxmox_config: - # vmid: "340202" - # hostname: "{{ hostvars['rpc-polkadot-02']['host_name'] }}" - # ostemplate: "local:vztmpl/{{ default_container_template }}" - # netif: "{{ hostvars['rpc-polkadot-02']['netif'] }}" - # cores: 4 - # memory: 16384 - # swap: 8192 - # password: "{{ default_password }}" - # disk: "{{ zfs_storage }}:20" - # mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-polkadot-02"]["default_database_path"] }}"}' - # onboot: True - # unprivileged: True - # validate_certs: False - # description: "{{ hostvars['rpc-polkadot-02']['default_network'] }} {{ hostvars['rpc-polkadot-02']['default_node_type'] }}: {{ hostvars['rpc-polkadot-02']['host_name'] }}" - # state: present - # features: - # - nesting=1 - # port_forwards: - # - from_port: "{{ hostvars['rpc-polkadot-02']['ansible_port'] }}" - # to_host: "{{ hostvars['rpc-polkadot-02']['container_ip'] }}:22" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-polkadot-02']['zabbix_ext_port'] }}" - # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-polkadot-02']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-polkadot-02']['default_p2p_port_ws'] }}" - # to_host: "{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_p2p_port_ws'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-polkadot-02']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_p2p_port_wss'] }}" - # protocol: "tcp" # - host: "hdx27" # proxmox_config: # vmid: "837" diff --git a/host_vars/rpc-hydration-polkadot-01.yaml b/host_vars/rpc-hydration-polkadot-01.yaml new file mode 100644 index 0000000..6b3a237 --- /dev/null +++ b/host_vars/rpc-hydration-polkadot-01.yaml @@ -0,0 +1,24 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.111.36" +ansible_port: 2838 +host_name: "rpc-hydration-polkadot-01.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "hydration" +pinned_service: True + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_domain: "{{ host_name }}" +default_network: "hydradx" +default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" +default_database: "rocksdb" +default_node_type: "endpoint" +default_p2p_port: 31261 +default_p2p_port_ws: 30434 +default_p2p_port_wss: 30435 +default_rpc_port: 9400 +default_prom_port: 7400 +default_secure_rpc_port: 42838 +zabbix_ext_port: 10838 diff --git a/host_vars/rpc-paseo-01.yaml b/host_vars/rpc-paseo-01.yaml index 0dd37c1..a453399 100644 --- a/host_vars/rpc-paseo-01.yaml +++ b/host_vars/rpc-paseo-01.yaml @@ -16,6 +16,8 @@ default_domain_dotters: "rpc.dotters.network" default_ibp_repository: "git@github.com:GATOTECH-LTD/ibp-ssl" default_dotters_repository: "git@github.com:senseless/dotters-ssl" default_network: "paseo" +#default_chain_spec: "{{ default_base_path }}/paseo.json" +#default_chain_spec_dl_url: "https://media.githubusercontent.com/media/paseo-network/paseo-chain-specs/refs/heads/main/paseo.raw.json?download=true" default_node_type: "endpoint" default_pruning: "archive" default_database: "rocksdb" From 29961fccef889495fc989d614088c25428ff6cb2 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 12 Dec 2024 18:03:17 +0700 Subject: [PATCH 39/69] chore: update relay rpc to rpc-polkadot-01 --- host_vars/rpc-asset-hub-polkadot-02.yaml | 2 +- host_vars/rpc-bridge-hub-polkadot-02.yaml | 2 +- host_vars/rpc-collectives-polkadot-02.yaml | 2 +- host_vars/rpc-coretime-polkadot-02.yaml | 2 +- host_vars/rpc-hydration-polkadot-01.yaml | 2 +- host_vars/rpc-kilt-polkadot-01.yaml | 2 +- host_vars/rpc-people-polkadot-01.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/host_vars/rpc-asset-hub-polkadot-02.yaml b/host_vars/rpc-asset-hub-polkadot-02.yaml index a5a3542..00d2caf 100644 --- a/host_vars/rpc-asset-hub-polkadot-02.yaml +++ b/host_vars/rpc-asset-hub-polkadot-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: asset-hub-polkadot -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-polkadot-02.yaml b/host_vars/rpc-bridge-hub-polkadot-02.yaml index b387f77..2298f37 100644 --- a/host_vars/rpc-bridge-hub-polkadot-02.yaml +++ b/host_vars/rpc-bridge-hub-polkadot-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-polkadot" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-collectives-polkadot-02.yaml b/host_vars/rpc-collectives-polkadot-02.yaml index 5eec2d0..4b49046 100644 --- a/host_vars/rpc-collectives-polkadot-02.yaml +++ b/host_vars/rpc-collectives-polkadot-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: collectives-polkadot -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-polkadot-02.yaml b/host_vars/rpc-coretime-polkadot-02.yaml index af61c6f..fa98e6c 100644 --- a/host_vars/rpc-coretime-polkadot-02.yaml +++ b/host_vars/rpc-coretime-polkadot-02.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "coretime-polkadot" default_chain_spec: "{{ default_base_path }}/coretime-polkadot.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/coretime-polkadot.json" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "paritydb" default_node_type: "endpoint" diff --git a/host_vars/rpc-hydration-polkadot-01.yaml b/host_vars/rpc-hydration-polkadot-01.yaml index 6b3a237..1e8aafe 100644 --- a/host_vars/rpc-hydration-polkadot-01.yaml +++ b/host_vars/rpc-hydration-polkadot-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "hydradx" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-kilt-polkadot-01.yaml b/host_vars/rpc-kilt-polkadot-01.yaml index 5b403f8..58ca991 100644 --- a/host_vars/rpc-kilt-polkadot-01.yaml +++ b/host_vars/rpc-kilt-polkadot-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "kilt" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['dot23']['container_ip'] }}:{{ hostvars['dot23']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-people-polkadot-01.yaml b/host_vars/rpc-people-polkadot-01.yaml index 9864bf9..0893bcf 100644 --- a/host_vars/rpc-people-polkadot-01.yaml +++ b/host_vars/rpc-people-polkadot-01.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "people-polkadot" default_chain_spec: "{{ default_base_path }}/people-polkadot.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-polkadot.json" -default_relay_rpc: "ws://{{ hostvars['dot26']['container_ip'] }}:{{ hostvars['dot26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "paritydb" default_node_type: "endpoint" From 346487556fdd8d67c9c75e819effdb07de5fb2b1 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 12 Dec 2024 19:18:13 +0700 Subject: [PATCH 40/69] chore: update rpc-*-westend-02 relay_rpc --- host_vars/rpc-asset-hub-westend-02.yaml | 2 +- host_vars/rpc-bridge-hub-westend-02.yaml | 2 +- host_vars/rpc-collectives-westend-02.yaml | 2 +- host_vars/rpc-coretime-westend-02.yaml | 2 +- host_vars/rpc-people-westend-02.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/host_vars/rpc-asset-hub-westend-02.yaml b/host_vars/rpc-asset-hub-westend-02.yaml index 690c9cb..adb12d9 100644 --- a/host_vars/rpc-asset-hub-westend-02.yaml +++ b/host_vars/rpc-asset-hub-westend-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "asset-hub-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-westend-02.yaml b/host_vars/rpc-bridge-hub-westend-02.yaml index 6cfa7a1..c29bf55 100644 --- a/host_vars/rpc-bridge-hub-westend-02.yaml +++ b/host_vars/rpc-bridge-hub-westend-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-collectives-westend-02.yaml b/host_vars/rpc-collectives-westend-02.yaml index 4e6f28b..b3fba9d 100644 --- a/host_vars/rpc-collectives-westend-02.yaml +++ b/host_vars/rpc-collectives-westend-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "collectives-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-westend-02.yaml b/host_vars/rpc-coretime-westend-02.yaml index 8228eb5..e9a4031 100644 --- a/host_vars/rpc-coretime-westend-02.yaml +++ b/host_vars/rpc-coretime-westend-02.yaml @@ -11,7 +11,7 @@ pinned_service: False default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "coretime-westend" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-people-westend-02.yaml b/host_vars/rpc-people-westend-02.yaml index cd4ac87..26e64ad 100644 --- a/host_vars/rpc-people-westend-02.yaml +++ b/host_vars/rpc-people-westend-02.yaml @@ -14,7 +14,7 @@ default_network: "people-westend" default_chain_spec: "{{ default_base_path }}/people-westend.json" # default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-westend.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/fca5044c06c6ce9a0dbdacc54b0f4ad0ce422ddd/cumulus/parachains/chain-specs/people-westend.json" -default_relay_rpc: "ws://{{ hostvars['wnd26']['container_ip'] }}:{{ hostvars['wnd26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-westend-01']['container_ip'] }}:{{ hostvars['rpc-westend-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-westend-02']['container_ip'] }}:{{ hostvars['rpc-westend-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" From 226e99ea9c9c4fee948ee5f0f870732288335d0c Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 12 Dec 2024 20:30:33 +0700 Subject: [PATCH 41/69] chore: update paseo rpc relay_rpc's --- host_vars/rpc-asset-hub-paseo-01.yaml | 2 +- host_vars/rpc-asset-hub-paseo-02.yaml | 2 +- host_vars/rpc-bridge-hub-paseo-01.yaml | 2 +- host_vars/rpc-bridge-hub-paseo-02.yaml | 2 +- host_vars/rpc-coretime-paseo-01.yaml | 2 +- host_vars/rpc-coretime-paseo-02.yaml | 2 +- host_vars/rpc-people-paseo-01.yaml | 2 +- host_vars/rpc-people-paseo-02.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/host_vars/rpc-asset-hub-paseo-01.yaml b/host_vars/rpc-asset-hub-paseo-01.yaml index c2fdf8e..cd5aa24 100644 --- a/host_vars/rpc-asset-hub-paseo-01.yaml +++ b/host_vars/rpc-asset-hub-paseo-01.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "asset-hub-paseo" default_chain_spec: "{{ default_base_path }}/asset-hub-paseo.raw.json" default_chain_spec_dl_url: "https://media.githubusercontent.com/media/paseo-network/paseo-chain-specs/main/ah-paseo-spec.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-asset-hub-paseo-02.yaml b/host_vars/rpc-asset-hub-paseo-02.yaml index 6cd83e5..eb01ab5 100644 --- a/host_vars/rpc-asset-hub-paseo-02.yaml +++ b/host_vars/rpc-asset-hub-paseo-02.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "asset-hub-paseo" default_chain_spec: "{{ default_base_path }}/asset-hub-paseo.raw.json" default_chain_spec_dl_url: "https://media.githubusercontent.com/media/paseo-network/paseo-chain-specs/main/ah-paseo-spec.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-paseo-01.yaml b/host_vars/rpc-bridge-hub-paseo-01.yaml index 1b4dbe9..f699326 100644 --- a/host_vars/rpc-bridge-hub-paseo-01.yaml +++ b/host_vars/rpc-bridge-hub-paseo-01.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-paseo-02.yaml b/host_vars/rpc-bridge-hub-paseo-02.yaml index f9daf38..2ef487f 100644 --- a/host_vars/rpc-bridge-hub-paseo-02.yaml +++ b/host_vars/rpc-bridge-hub-paseo-02.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-paseo-01.yaml b/host_vars/rpc-coretime-paseo-01.yaml index 1cd308b..aeb459f 100644 --- a/host_vars/rpc-coretime-paseo-01.yaml +++ b/host_vars/rpc-coretime-paseo-01.yaml @@ -14,7 +14,7 @@ default_network: "coretime-paseo" default_network_pathname: "paseo-coretime" default_chain_spec: "{{ default_base_path }}/coretime-paseo.raw.json" default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-coretime.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-paseo-02.yaml b/host_vars/rpc-coretime-paseo-02.yaml index b35ed74..09c9a7c 100644 --- a/host_vars/rpc-coretime-paseo-02.yaml +++ b/host_vars/rpc-coretime-paseo-02.yaml @@ -14,7 +14,7 @@ default_network: "coretime-paseo" default_network_pathname: "paseo-coretime" default_chain_spec: "{{ default_base_path }}/coretime-paseo.raw.json" default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-coretime.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-people-paseo-01.yaml b/host_vars/rpc-people-paseo-01.yaml index 83474be..437e036 100644 --- a/host_vars/rpc-people-paseo-01.yaml +++ b/host_vars/rpc-people-paseo-01.yaml @@ -14,7 +14,7 @@ default_network: "people-paseo" default_network_pathname: "paseo-people" default_chain_spec: "{{ default_base_path }}/people-paseo.raw.json" default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-people.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-people-paseo-02.yaml b/host_vars/rpc-people-paseo-02.yaml index 83a9def..3a1eec4 100644 --- a/host_vars/rpc-people-paseo-02.yaml +++ b/host_vars/rpc-people-paseo-02.yaml @@ -14,7 +14,7 @@ default_network: "people-paseo" default_network_pathname: "paseo-people" default_chain_spec: "{{ default_base_path }}/people-paseo.raw.json" default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-people.raw.json" -default_relay_rpc: "ws://{{ hostvars['pso26']['container_ip'] }}:{{ hostvars['pso26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" From e62d02c344292a7b9889a2d98292fe715c93c90d Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 13 Dec 2024 15:07:13 +0700 Subject: [PATCH 42/69] chore: update configuration for rpc-relaychain --- host_vars/bkk06.yaml | 4 ++-- inventory | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index 18a3b1f..69ab2a2 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1803,7 +1803,7 @@ lxc_nodes: swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:300,mp={{ hostvars["rpc-paseo-01"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False @@ -1841,7 +1841,7 @@ lxc_nodes: swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:2000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:4000,mp={{ hostvars["rpc-kusama-01"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False diff --git a/inventory b/inventory index 776efa7..91126d5 100644 --- a/inventory +++ b/inventory @@ -110,9 +110,13 @@ hdx26 hdx27 [polkadot] +rpc-polkadot-01 rpc-polkadot-02 +rpc-kusama-01 rpc-kusama-02 +rpc-westend-01 rpc-westend-02 +rpc-paseo-01 rpc-paseo-02 val-polkadot-02 val-kusama-02 From 19157c0d6806399fe6a5a3e6e1016dce215f5cbd Mon Sep 17 00:00:00 2001 From: Al Date: Fri, 13 Dec 2024 20:53:12 +0700 Subject: [PATCH 43/69] chore: updated ports & bkk06 inventory --- bkk06 | 9 --------- host_vars/bkk06.yaml | 6 ------ host_vars/rpc-paseo-01.yaml | 5 +++++ host_vars/rpc-people-polkadot-01.yaml | 17 +++++++---------- host_vars/rpc-polkadot-01.yaml | 4 ++-- 5 files changed, 14 insertions(+), 27 deletions(-) diff --git a/bkk06 b/bkk06 index 1c303cf..8450490 100644 --- a/bkk06 +++ b/bkk06 @@ -24,19 +24,10 @@ hdx26 rpc-hydration-polkadot-01 [polkadot] -dot14 -dot26 rpc-polkadot-01 rpc-westend-01 rpc-paseo-01 rpc-kusama-01 -ksm14 -ksm26 -pso06 -pso16 -pso26 -wnd14 -wnd26 [cumulus] ; rpc diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index 69ab2a2..cef05d2 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -1227,12 +1227,6 @@ lxc_nodes: # - from_port: "{{ hostvars['rpc-people-polkadot-01']['zabbix_ext_port'] }}" # to_host: "{{ hostvars['monitor']['container_ip'] }}:10050" # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-people-polkadot-01']['default_p2p_port'] }}" - # to_host: "{{ hostvars['rpc-people-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-people-polkadot-01']['default_p2p_port'] }}" - # protocol: "tcp" - # - from_port: "{{ hostvars['rpc-people-polkadot-01']['default_p2p_port_wss'] }}" - # to_host: "{{ hostvars['rpc-people-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-people-polkadot-01']['default_p2p_port_wss'] }}" - # protocol: "tcp" # - host: "rpc-bridge-hub-paseo-01" # proxmox_config: # vmid: "340201" diff --git a/host_vars/rpc-paseo-01.yaml b/host_vars/rpc-paseo-01.yaml index a453399..a60824a 100644 --- a/host_vars/rpc-paseo-01.yaml +++ b/host_vars/rpc-paseo-01.yaml @@ -27,6 +27,11 @@ default_p2p_port: 34001 default_p2p_port_ws: 30334 default_p2p_port_wss: 30335 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 34001 +default_bootnode_p2p_port_ws: 30334 +default_bootnode_p2p_port_wss: 30335 + default_rpc_port: 9300 default_prom_port: 7300 default_secure_rpc_port: 42341 diff --git a/host_vars/rpc-people-polkadot-01.yaml b/host_vars/rpc-people-polkadot-01.yaml index 0893bcf..16efba4 100644 --- a/host_vars/rpc-people-polkadot-01.yaml +++ b/host_vars/rpc-people-polkadot-01.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.76.18" ansible_port: 2846 -host_name: "rpc-people-polkadot-01.rotko.net" +host_name: "rpc-people-polkadot-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" @@ -17,16 +17,13 @@ default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ ho default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "paritydb" default_node_type: "endpoint" -default_p2p_port: 33846 -default_p2p_port_ws: 34846 -default_p2p_port_wss: 35846 -default_rpc_port: 9846 +default_p2p_port: 31041 +default_rpc_port: 9400 default_secure_rpc_port: 42846 default_prom_port: 7846 zabbix_ext_port: 10846 -default_bootnode_domain: "boot-{{ default_network }}.rotko.net" -# default_bootnode_domain: ".rotko.net" -default_bootnode_p2p_port: "{{ default_p2p_port + 10500 }}" -default_bootnode_p2p_port_ws: "{{ default_p2p_port_ws + 10500 }}" -default_bootnode_p2p_port_wss: "{{ default_p2p_port_wss + 10500 }}" +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 31041 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 diff --git a/host_vars/rpc-polkadot-01.yaml b/host_vars/rpc-polkadot-01.yaml index 3526b4d..cd1249f 100644 --- a/host_vars/rpc-polkadot-01.yaml +++ b/host_vars/rpc-polkadot-01.yaml @@ -27,8 +27,8 @@ default_p2p_port_wss: 30335 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 31001 -default_bootnode_p2p_port_ws: 30434 -default_bootnode_p2p_port_wss: 30435 +default_bootnode_p2p_port_ws: 30334 +default_bootnode_p2p_port_wss: 30335 transition_bootnode_domain: "dot14.rotko.net" transition_bootnode_p2p_port: 33214 From 3fa73652d4591e22a61a39ec069986ec75c40165 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 16 Dec 2024 13:57:50 +0700 Subject: [PATCH 44/69] chore: change kusama rpc relay_rpc to rpc-kusama-01 --- host_vars/rpc-asset-hub-kusama-01.yaml | 2 +- host_vars/rpc-asset-hub-kusama-02.yaml | 2 +- host_vars/rpc-bridge-hub-kusama-01.yaml | 2 +- host_vars/rpc-bridge-hub-kusama-02.yaml | 2 +- host_vars/rpc-coretime-kusama-01.yaml | 2 +- host_vars/rpc-coretime-kusama-02.yaml | 2 +- host_vars/rpc-encointer-kusama-01.yaml | 2 +- host_vars/rpc-encointer-kusama-02.yaml | 2 +- host_vars/rpc-people-kusama-01.yaml | 2 +- host_vars/rpc-people-kusama-02.yaml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/host_vars/rpc-asset-hub-kusama-01.yaml b/host_vars/rpc-asset-hub-kusama-01.yaml index 575c65c..35575ac 100644 --- a/host_vars/rpc-asset-hub-kusama-01.yaml +++ b/host_vars/rpc-asset-hub-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-asset-hub-kusama-02.yaml b/host_vars/rpc-asset-hub-kusama-02.yaml index 2003bd7..f45ad7d 100644 --- a/host_vars/rpc-asset-hub-kusama-02.yaml +++ b/host_vars/rpc-asset-hub-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "asset-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-kusama-01.yaml b/host_vars/rpc-bridge-hub-kusama-01.yaml index 17eebb7..19c02e3 100644 --- a/host_vars/rpc-bridge-hub-kusama-01.yaml +++ b/host_vars/rpc-bridge-hub-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-bridge-hub-kusama-02.yaml b/host_vars/rpc-bridge-hub-kusama-02.yaml index e81626e..4962a5a 100644 --- a/host_vars/rpc-bridge-hub-kusama-02.yaml +++ b/host_vars/rpc-bridge-hub-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "bridge-hub-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: paritydb # to be replaced with paritydb default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-kusama-01.yaml b/host_vars/rpc-coretime-kusama-01.yaml index 9c93d33..7240cf4 100644 --- a/host_vars/rpc-coretime-kusama-01.yaml +++ b/host_vars/rpc-coretime-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: False default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: "coretime-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-coretime-kusama-02.yaml b/host_vars/rpc-coretime-kusama-02.yaml index d72a973..7043331 100644 --- a/host_vars/rpc-coretime-kusama-02.yaml +++ b/host_vars/rpc-coretime-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: False default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" default_network: "coretime-kusama" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" diff --git a/host_vars/rpc-encointer-kusama-01.yaml b/host_vars/rpc-encointer-kusama-01.yaml index 37a4349..7ea09cc 100644 --- a/host_vars/rpc-encointer-kusama-01.yaml +++ b/host_vars/rpc-encointer-kusama-01.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" diff --git a/host_vars/rpc-encointer-kusama-02.yaml b/host_vars/rpc-encointer-kusama-02.yaml index c91813e..75d677e 100644 --- a/host_vars/rpc-encointer-kusama-02.yaml +++ b/host_vars/rpc-encointer-kusama-02.yaml @@ -11,7 +11,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }}" default_domain: "{{ host_name }}" default_network: encointer-kusama -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_node_type: "endpoint" default_pruning: "archive" diff --git a/host_vars/rpc-people-kusama-01.yaml b/host_vars/rpc-people-kusama-01.yaml index 6e76a41..058fdda 100644 --- a/host_vars/rpc-people-kusama-01.yaml +++ b/host_vars/rpc-people-kusama-01.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "people-kusama" default_chain_spec: "{{ default_base_path }}/people-kusama.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-kusama.json" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" diff --git a/host_vars/rpc-people-kusama-02.yaml b/host_vars/rpc-people-kusama-02.yaml index 0e2dffd..80e071c 100644 --- a/host_vars/rpc-people-kusama-02.yaml +++ b/host_vars/rpc-people-kusama-02.yaml @@ -13,7 +13,7 @@ default_domain: "{{ host_name }}" default_network: "people-kusama" default_chain_spec: "{{ default_base_path }}/people-kusama.json" default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/people-kusama.json" -default_relay_rpc: "ws://{{ hostvars['ksm26']['container_ip'] }}:{{ hostvars['ksm26']['default_rpc_port'] }}" +default_relay_rpc: "ws://{{ hostvars['rpc-kusama-01']['container_ip'] }}:{{ hostvars['rpc-kusama-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-kusama-02']['container_ip'] }}:{{ hostvars['rpc-kusama-02']['default_rpc_port'] }}" default_database: rocksdb default_node_type: "endpoint" From 04f7672fc47f39209ae00cd8d51588cbaa3d87e0 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 16 Dec 2024 14:07:48 +0700 Subject: [PATCH 45/69] chore: update inventory --- inventory | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/inventory b/inventory index 91126d5..e57e936 100644 --- a/inventory +++ b/inventory @@ -67,40 +67,45 @@ wppl27 mint27 rpc-kilt-polkadot-01 rpc-asset-hub-polkadot-01 +rpc-asset-hub-polkadot-02 rpc-asset-hub-westend-01 +rpc-asset-hub-westend-02 +rpc-asset-hub-kusama-01 +rpc-asset-hub-kusama-02 rpc-asset-hub-paseo-01 +rpc-asset-hub-paseo-02 rpc-bridge-hub-paseo-01 +rpc-bridge-hub-paseo-02 rpc-bridge-hub-polkadot-01 +rpc-bridge-hub-polkadot-02 rpc-bridge-hub-westend-01 +rpc-bridge-hub-westend-02 +rpc-bridge-hub-kusama-01 +rpc-bridge-hub-kusama-02 rpc-coretime-paseo-01 +rpc-coretime-paseo-02 +rpc-coretime-polkadot-01 +rpc-coretime-polkadot-02 +rpc-coretime-westend-02 +rpc-coretime-westend-01 +rpc-coretime-kusama-01 +rpc-coretime-kusama-02 rpc-collectives-polkadot-01 +rpc-collectives-polkadot-02 rpc-collectives-westend-01 +rpc-collectives-westend-02 rpc-people-paseo-01 +rpc-people-paseo-02 rpc-people-polkadot-01 rpc-people-polkadot-02 -rpc-people-paseo-02 rpc-people-westend-01 rpc-people-westend-02 rpc-people-kusama-01 rpc-people-kusama-02 -rpc-coretime-paseo-02 -rpc-coretime-polkadot-02 -rpc-coretime-westend-02 -rpc-coretime-westend-01 -rpc-coretime-kusama-01 -rpc-asset-hub-paseo-02 -rpc-asset-hub-polkadot-02 -rpc-asset-hub-westend-02 -rpc-asset-hub-kusama-01 -rpc-bridge-hub-paseo-02 -rpc-bridge-hub-polkadot-02 -rpc-bridge-hub-westend-02 -rpc-bridge-hub-kusama-01 -rpc-collectives-polkadot-02 -rpc-collectives-westend-02 [encointer] rpc-encointer-kusama-01 +rpc-encointer-kusama-02 enc14 enc24 enc26 From 0988d577b808033c72bbdf45b1de65acdce6f8d8 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 16 Dec 2024 14:52:57 +0700 Subject: [PATCH 46/69] chore: update ports --- host_vars/rpc-kusama-01.yaml | 4 ++-- host_vars/rpc-westend-01.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/host_vars/rpc-kusama-01.yaml b/host_vars/rpc-kusama-01.yaml index 952b47d..b35858c 100644 --- a/host_vars/rpc-kusama-01.yaml +++ b/host_vars/rpc-kusama-01.yaml @@ -27,8 +27,8 @@ default_p2p_port_wss: 30335 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 32001 -default_bootnode_p2p_port_ws: 30434 -default_bootnode_p2p_port_wss: 30435 +default_bootnode_p2p_port_ws: 30334 +default_bootnode_p2p_port_wss: 30335 transition_bootnode_domain: "ksm14.rotko.net" transition_bootnode_p2p_port: 33224 diff --git a/host_vars/rpc-westend-01.yaml b/host_vars/rpc-westend-01.yaml index 8f03cc4..7066ae9 100644 --- a/host_vars/rpc-westend-01.yaml +++ b/host_vars/rpc-westend-01.yaml @@ -27,8 +27,8 @@ default_p2p_port_wss: 30335 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" default_bootnode_p2p_port: 33001 -default_bootnode_p2p_port_ws: 30434 -default_bootnode_p2p_port_wss: 30435 +default_bootnode_p2p_port_ws: 30334 +default_bootnode_p2p_port_wss: 30335 transition_bootnode_domain: "wnd14.rotko.net" transition_bootnode_p2p_port: 33234 From 5ca7c8a53ec090f348eb3856f8d2521416395fa1 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 16 Dec 2024 16:36:56 +0700 Subject: [PATCH 47/69] chore: update bridge-hub-paseo chain-specs and -01 ports --- host_vars/rpc-bridge-hub-paseo-01.yaml | 17 +++++++++-------- host_vars/rpc-bridge-hub-paseo-02.yaml | 3 ++- roles/setup_install_nginx/tasks/main.yaml | 1 - 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/host_vars/rpc-bridge-hub-paseo-01.yaml b/host_vars/rpc-bridge-hub-paseo-01.yaml index f699326..7b8edc5 100644 --- a/host_vars/rpc-bridge-hub-paseo-01.yaml +++ b/host_vars/rpc-bridge-hub-paseo-01.yaml @@ -12,20 +12,21 @@ default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ defau default_domain: "{{ host_name }}" default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" -default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" +#make sure the chain-spec dl url is working +default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-bridge-hub.raw.json" default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" -default_p2p_port: 33966 -default_p2p_port_ws: 34966 -default_p2p_port_wss: 35966 +default_p2p_port: 34021 +default_p2p_port_ws: 30434 +default_p2p_port_wss: 30435 default_rpc_port: 9966 default_secure_rpc_port: 42966 default_prom_port: 7966 zabbix_ext_port: 10966 -default_bootnode_domain: "boot-{{ default_network }}.rotko.net" -default_bootnode_p2p_port: "{{ default_p2p_port + 10500 }}" -default_bootnode_p2p_port_ws: "{{ default_p2p_port_ws + 10500 }}" -default_bootnode_p2p_port_wss: "{{ default_p2p_port_wss + 10500 }}" +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 34021 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 diff --git a/host_vars/rpc-bridge-hub-paseo-02.yaml b/host_vars/rpc-bridge-hub-paseo-02.yaml index 2ef487f..c68f40d 100644 --- a/host_vars/rpc-bridge-hub-paseo-02.yaml +++ b/host_vars/rpc-bridge-hub-paseo-02.yaml @@ -12,7 +12,8 @@ default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ defau default_domain: "{{ host_name }}" default_network: "bridge-hub-paseo" default_chain_spec: "{{ default_base_path }}/bridge-hub-paseo.raw.json" -default_chain_spec_dl_url: "https://raw.githubusercontent.com/paseo-network/runtimes/main/chain-specs/bridge-hub-paseo.raw.json" +#make sure the chain-spec dl url is working +default_chain_spec_dl_url: "https://github.com/paseo-network/paseo-chain-specs/raw/refs/heads/main/paseo-bridge-hub.raw.json" default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostvars['rpc-paseo-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" diff --git a/roles/setup_install_nginx/tasks/main.yaml b/roles/setup_install_nginx/tasks/main.yaml index 117ded8..4d56221 100644 --- a/roles/setup_install_nginx/tasks/main.yaml +++ b/roles/setup_install_nginx/tasks/main.yaml @@ -77,7 +77,6 @@ -d {{ default_domain }} {% if default_bootnode_domain is defined and default_bootnode_domain | length > 0 %} -d {{ default_bootnode_domain }} - --expand {% endif %} {% if transition_bootnode_domain is defined and transition_bootnode_domain | length > 0 %} -d {{ transition_bootnode_domain }} From 89aa49efe233eed43ccc09a09f8183db7eb19b47 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 16 Dec 2024 22:27:17 +0700 Subject: [PATCH 48/69] chore: update & add ct configs --- host_vars/rpc-asset-hub-paseo-01.yaml | 18 ++++++++------- host_vars/rpc-bridge-hub-paseo-01.yaml | 2 +- host_vars/rpc-coretime-polkadot-01.yaml | 30 +++++++++++++++++++++++++ 3 files changed, 41 insertions(+), 9 deletions(-) create mode 100644 host_vars/rpc-coretime-polkadot-01.yaml diff --git a/host_vars/rpc-asset-hub-paseo-01.yaml b/host_vars/rpc-asset-hub-paseo-01.yaml index cd5aa24..8e12c8f 100644 --- a/host_vars/rpc-asset-hub-paseo-01.yaml +++ b/host_vars/rpc-asset-hub-paseo-01.yaml @@ -17,16 +17,18 @@ default_relay_rpc: "ws://{{ hostvars['rpc-paseo-01']['container_ip'] }}:{{ hostv default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }}:{{ hostvars['rpc-paseo-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" -default_p2p_port: 33956 -default_p2p_port_ws: 34956 -default_p2p_port_wss: 35956 +default_p2p_port: 34011 default_rpc_port: 9956 default_secure_rpc_port: 42956 default_prom_port: 7956 zabbix_ext_port: 10956 -# default_bootnode_domain: "{{ default_network }}.boot.rotko.net" #TODO: Change to this -default_bootnode_domain: "pmint16.rotko.net" -default_bootnode_p2p_port: 33946 -default_bootnode_p2p_port_ws: 34946 -default_bootnode_p2p_port_wss: 35946 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" #TODO: Change to this +default_bootnode_p2p_port: 34011 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 + +transition_bootnode_domain: "pmint16.rotko.net" +transition_bootnode_p2p_port: 33946 +transition_bootnode_p2p_port_ws: 34946 +transition_bootnode_p2p_port_wss: 35946 diff --git a/host_vars/rpc-bridge-hub-paseo-01.yaml b/host_vars/rpc-bridge-hub-paseo-01.yaml index 7b8edc5..5b23145 100644 --- a/host_vars/rpc-bridge-hub-paseo-01.yaml +++ b/host_vars/rpc-bridge-hub-paseo-01.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.76.60" ansible_port: 2966 -host_name: "rpc-bridge-hub-paseo-01.rotko.net" +host_name: "rpc-bridge-hub-paseo-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" diff --git a/host_vars/rpc-coretime-polkadot-01.yaml b/host_vars/rpc-coretime-polkadot-01.yaml new file mode 100644 index 0000000..481d33a --- /dev/null +++ b/host_vars/rpc-coretime-polkadot-01.yaml @@ -0,0 +1,30 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.176.16" +ansible_port: 2816 +host_name: "rpc-coretime-polkadot-01.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "cumulus" +pinned_service: True + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_domain: "{{ host_name }}" +default_network: "coretime-polkadot" +default_chain_spec: "{{ default_base_path }}/coretime-polkadot.json" +default_chain_spec_dl_url: "https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/coretime-polkadot.json" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" +default_database: rocksdb +default_node_type: "endpoint" +zabbix_ext_port: 10816 + +default_p2p_port: 31051 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_p2p_port: 31051 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 + +default_secure_rpc_port: 42816 +default_rpc_port: 9816 +default_prom_port: 7816 From a2f69dc6fa13c44d0a65e7fcf56eac238e0b09d4 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 17 Dec 2024 22:16:12 +0700 Subject: [PATCH 49/69] chore: update polkadot version and validator template --- group_vars/polkadot.yaml | 2 +- roles/setup_install_polkadot/templates/validator.service.j2 | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/group_vars/polkadot.yaml b/group_vars/polkadot.yaml index 6685ce9..7a6f642 100644 --- a/group_vars/polkadot.yaml +++ b/group_vars/polkadot.yaml @@ -3,7 +3,7 @@ default_auxiliary_binary_path: /usr/libexec default_base_path: /opt/polkadot default_chain_spec: "{{ default_base_path }}/{{ default_network }}.json" default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/polkadot/node/service/chain-specs/{{ default_network }}.json -default_client_version: polkadot-stable2409-2 +default_client_version: polkadot-stable2412 default_database: paritydb default_database_path: /opt/polkadot/chains default_download_base_url: https://github.com/paritytech/polkadot-sdk/releases/download/ diff --git a/roles/setup_install_polkadot/templates/validator.service.j2 b/roles/setup_install_polkadot/templates/validator.service.j2 index c05b67d..9b59193 100644 --- a/roles/setup_install_polkadot/templates/validator.service.j2 +++ b/roles/setup_install_polkadot/templates/validator.service.j2 @@ -33,7 +33,6 @@ ExecStart={{ default_base_path }}/polkadot \ --prometheus-external \ --wasm-execution compiled \ --pruning 1000 \ - --no-mdns \ --no-private-ip \ --out-peers 64 \ --in-peers 64 \ From a2b15f4b16d600d68390a9abf171ef3305a28426 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 17 Dec 2024 15:16:33 +0000 Subject: [PATCH 50/69] Update Polkadot and Cumulus versions --- group_vars/cumulus.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/group_vars/cumulus.yaml b/group_vars/cumulus.yaml index 6daf234..acb8238 100644 --- a/group_vars/cumulus.yaml +++ b/group_vars/cumulus.yaml @@ -1,25 +1,25 @@ ---- default_base_path: /opt/cumulus -default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ default_network }}.json -default_client_version: polkadot-stable2409-2 +default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ + default_network }}.json +default_client_version: polkadot-stable2412 default_database: paritydb -default_database_path: "{{ default_base_path }}/chains" +default_database_path: '{{ default_base_path }}/chains' default_download_base_url: https://github.com/paritytech/polkadot-sdk/releases/download/ -default_download_url: "{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain" -default_group: "{{ service_users['cumulus'] }}" +default_download_url: '{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain' +default_group: '{{ service_users[''cumulus''] }}' +default_in_peers: 32 default_log_level: info default_network: asset-hub-polkadot default_node_type: bootnode +default_out_peers: 16 default_p2p_port: 30433 default_p2p_port_ws: 30434 default_p2p_port_wss: 30435 default_prom_port: 7400 default_rpc_port: 9400 default_secure_rpc_port: 42400 -default_in_peers: 32 -default_out_peers: 16 default_service: cumulus -default_storage: "{{ default_base_path }}/chains" +default_storage: '{{ default_base_path }}/chains' default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 -default_user: "{{ service_users['cumulus'] }}" +default_user: '{{ service_users[''cumulus''] }}' zabbix_ext_port: 10400 From a61bae1e000af853c2319fc35911a31ffcff3b3a Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 19 Dec 2024 22:23:42 +0700 Subject: [PATCH 51/69] chore: change asset-hub-paseo-01 to zfs --- host_vars/bkk06.yaml | 38 +++++++++++++++++++++++ host_vars/rpc-asset-hub-paseo-01.yaml | 14 ++++----- roles/setup_install_nginx/tasks/main.yaml | 3 +- 3 files changed, 47 insertions(+), 8 deletions(-) diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index cef05d2..cc0e96d 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -2005,3 +2005,41 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-hydration-polkadot-01']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-hydration-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-hydration-polkadot-01']['default_p2p_port'] }}" protocol: "tcp" + - host: "rpc-asset-hub-paseo-01" + proxmox_config: + vmid: "34011" + hostname: "{{ hostvars['rpc-asset-hub-paseo-01']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-asset-hub-paseo-01']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:150,mp={{ hostvars["rpc-asset-hub-paseo-01"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-asset-hub-paseo-01']['default_network'] }} {{ hostvars['rpc-asset-hub-paseo-01']['default_node_type'] }}: {{ hostvars['rpc-asset-hub-paseo-01']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['default_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port'] }}" + to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_ws'] }}" + to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_ws'] }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" + to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" + protocol: "tcp" diff --git a/host_vars/rpc-asset-hub-paseo-01.yaml b/host_vars/rpc-asset-hub-paseo-01.yaml index 8e12c8f..4d41849 100644 --- a/host_vars/rpc-asset-hub-paseo-01.yaml +++ b/host_vars/rpc-asset-hub-paseo-01.yaml @@ -1,8 +1,8 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.76.50" -ansible_port: 2956 -host_name: "rpc-asset-hub-paseo-01.rotko.net" +container_ip: "192.168.141.11" +ansible_port: 2958 +host_name: "rpc-asset-hub-paseo-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "cumulus" @@ -18,10 +18,10 @@ default_relay_rpc_fallback: "ws://{{ hostvars['rpc-paseo-02']['container_ip'] }} default_database: "rocksdb" default_node_type: "endpoint" default_p2p_port: 34011 -default_rpc_port: 9956 -default_secure_rpc_port: 42956 -default_prom_port: 7956 -zabbix_ext_port: 10956 +default_rpc_port: 9400 +default_secure_rpc_port: 42958 +default_prom_port: 7400 +zabbix_ext_port: 10958 default_bootnode_domain: "{{ default_network }}.boot.rotko.net" #TODO: Change to this default_bootnode_p2p_port: 34011 diff --git a/roles/setup_install_nginx/tasks/main.yaml b/roles/setup_install_nginx/tasks/main.yaml index 4d56221..b84e983 100644 --- a/roles/setup_install_nginx/tasks/main.yaml +++ b/roles/setup_install_nginx/tasks/main.yaml @@ -85,7 +85,8 @@ --agree-tos --email {{ default_certificate_email }} --deploy-hook "systemctl reload nginx" - --dns-cloudflare-propagation-seconds 60 + --dns-cloudflare-propagation-seconds 120 + --expand become: True become_user: root when: days_until_expiration is not defined or days_until_expiration | int < 30 From 9ae6d1b8b4f2d8564177026e46a912284181a509 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 23 Dec 2024 16:56:12 +0700 Subject: [PATCH 52/69] chore: update val-polkadot-03 name --- host_vars/val-polkadot-03.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/host_vars/val-polkadot-03.yaml b/host_vars/val-polkadot-03.yaml index 088f25a..176ddfb 100644 --- a/host_vars/val-polkadot-03.yaml +++ b/host_vars/val-polkadot-03.yaml @@ -11,7 +11,7 @@ pinned_service: True default_network: polkadot default_node_type: "validator" # default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" -default_telemetry_name: "Rotko Networks - ksm03 Validator" +default_telemetry_name: "Rotko Networks - dot03 Validator" default_pruning: 1000 default_database: paritydb default_syncmode: warp From 0fb7eb1da1f51239c73abce4a14f9637bd99e3c2 Mon Sep 17 00:00:00 2001 From: Al Date: Mon, 23 Dec 2024 20:39:24 +0700 Subject: [PATCH 53/69] feat: added basic template for penumbra & cometbft download_url --- bkk06 | 30 ------------------- bkk07 | 8 +++++ group_vars/penumbra.yaml | 5 ++-- roles/setup_install_penumbra/tasks/main.yaml | 16 +++++++++- .../templates/cometbft.service.j2 | 12 ++++++++ .../templates/validator.service.j2 | 27 +++++++++++++++++ 6 files changed, 65 insertions(+), 33 deletions(-) create mode 100644 roles/setup_install_penumbra/templates/cometbft.service.j2 create mode 100644 roles/setup_install_penumbra/templates/validator.service.j2 diff --git a/bkk06 b/bkk06 index 8450490..b4ca438 100644 --- a/bkk06 +++ b/bkk06 @@ -31,55 +31,25 @@ rpc-kusama-01 [cumulus] ; rpc -boot-asset-hub-paseo -kbr13 -kbr26 -kcore16 -kcore26 -kppl16 -kppl26 -mine14 -mine26 -mint26 -pbr13 -pbr26 -pch16 -pch26 - rpc-asset-hub-polkadot-01 rpc-asset-hub-kusama-01 rpc-asset-hub-westend-01 rpc-asset-hub-paseo-01 - rpc-bridge-hub-polkadot-01 rpc-bridge-hub-kusama-01 rpc-bridge-hub-westend-01 rpc-bridge-hub-paseo-01 - rpc-coretime-paseo-01 rpc-coretime-polkadot-01 rpc-coretime-kusama-01 rpc-coretime-westend-01 - rpc-collectives-polkadot-01 rpc-collectives-westend-01 - rpc-people-paseo-01 rpc-people-polkadot-01 rpc-people-kusama-01 rpc-people-westend-01 -wbr13 -wbr26 -wch13 -wch26 -wcore16 -wcore26 -wmint14 -wmint26 -wppl16 -wppl26 - [kilt] rpc-kilt-polkadot-01 diff --git a/bkk07 b/bkk07 index a3db2e5..bfb6f97 100644 --- a/bkk07 +++ b/bkk07 @@ -94,6 +94,14 @@ bkk07 bkk07 [referrence_nodes] +rpc-kusama-02 +rpc-paseo-02 +rpc-polkadot-02 +rpc-westend-02 +rpc-kusama-01 +rpc-paseo-01 +rpc-polkadot-01 +rpc-westend-01 dot14 ksm14 wnd14 diff --git a/group_vars/penumbra.yaml b/group_vars/penumbra.yaml index 0811af2..1b3e598 100644 --- a/group_vars/penumbra.yaml +++ b/group_vars/penumbra.yaml @@ -1,13 +1,14 @@ --- # penumbra version -penumbra_version: "0.73.1" +penumbra_version: "0.81.0" penumbra_chain_id: "" +cometbft_version: "0.37.14" # dl locations penumbra_download_pcli_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pcli-installer.sh" penumbra_download_pd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pd-installer.sh" penumbra_download_pclientd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pclientd-installer.sh" - +cometbft_download_url: "https://github.com/cometbft/cometbft/releases/download/v{{ cometbft_version }}/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" default_git_repo: "https://github.com/penumbra-zone/penumbra" # service/user diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 63d9a0c..4756c94 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -23,7 +23,7 @@ path: "{{ item }}" owner: "{{ default_user }}" group: "{{ default_user }}" - mode: '0750' + mode: "0750" state: directory loop: - "{{ default_base_path }}" @@ -61,3 +61,17 @@ args: warn: False executable: /bin/bash + +- name: Download and install cometbft + ansible.builtin.get_url: + url: "{{ cometbft_download_url }}" + dest: "{{ default_home_path }}" + mode: "u+r+x" + owner: "{{ default_user }}" + group: "{{ default_user }}" + when: ansible_local['noderole']['node']['version'] != default_client_version + +- name: Generate network config + ansible.builtin.command: + cmd: "./polkadot key generate-node-key --file {{ default_base_path }}/chains/{{ default_chains_name }}/network/secret_ed25519" + chdir: "{{ default_base_path }}" diff --git a/roles/setup_install_penumbra/templates/cometbft.service.j2 b/roles/setup_install_penumbra/templates/cometbft.service.j2 new file mode 100644 index 0000000..b4fc533 --- /dev/null +++ b/roles/setup_install_penumbra/templates/cometbft.service.j2 @@ -0,0 +1,12 @@ +[Unit] +Description=CometBFT for Penumbra + +[Service] +ExecStart={{ default_home_path }}/cometbft start --home /home/penumbra/.penumbra/network_data/node0/cometbft +Restart=no +User=penumbra +# Raise filehandle limit for RPC and P2P connections. +LimitNOFILE=65536 + +[Install] +WantedBy=default.target diff --git a/roles/setup_install_penumbra/templates/validator.service.j2 b/roles/setup_install_penumbra/templates/validator.service.j2 new file mode 100644 index 0000000..08ba61e --- /dev/null +++ b/roles/setup_install_penumbra/templates/validator.service.j2 @@ -0,0 +1,27 @@ +[Unit] +Description=Penumbra pd +Wants=cometbft.service + +[Service] +# Support binding to 443/TCP for HTTPS. +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE + +ExecStart={{ default_home_path }}/pd start +# Consider adding an HTTPS URL if you have DNS set up: +# ExecStart=/usr/local/bin/pd start --grpc-auto-https www.example.com + +# Disable automatic restart, since governance votes can intentionally halt the chain. +# If you're running a validator, you should configure uptime monitoring. +Restart=no + +# Assumes that the `penumbra` user exists. +User=penumbra + +# Raise filehandle limit for tower-abci. +LimitNOFILE=65536 +# Consider configuring logrotate if using debug logs +# Environment=RUST_LOG=info,pd=debug,penumbra=debug,jmt=debug + +[Install] +WantedBy=default.target From 8b0a2e6d8c125b5c155092dead5dbb90cc6bfa6a Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 15:31:37 +0700 Subject: [PATCH 54/69] feat: improve penumbra playbooks & fix linting --- group_vars/cumulus.yaml | 14 ++- group_vars/penumbra.yaml | 6 +- .../setup_install_penumbra/handlers/main.yaml | 29 ++++- roles/setup_install_penumbra/tasks/main.yaml | 116 ++++++++++++++++-- .../templates/cometbft.service.j2 | 2 +- .../{validator.service.j2 => pd.service.j2} | 4 +- 6 files changed, 147 insertions(+), 24 deletions(-) rename roles/setup_install_penumbra/templates/{validator.service.j2 => pd.service.j2} (86%) diff --git a/group_vars/cumulus.yaml b/group_vars/cumulus.yaml index acb8238..d870cf4 100644 --- a/group_vars/cumulus.yaml +++ b/group_vars/cumulus.yaml @@ -1,12 +1,14 @@ +--- default_base_path: /opt/cumulus -default_chain_spec_dl_url: https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ +default_chain_spec_dl_url: + https://raw.githubusercontent.com/paritytech/polkadot-sdk/master/cumulus/parachains/chain-specs/{{ default_network }}.json default_client_version: polkadot-stable2412 default_database: paritydb -default_database_path: '{{ default_base_path }}/chains' +default_database_path: "{{ default_base_path }}/chains" default_download_base_url: https://github.com/paritytech/polkadot-sdk/releases/download/ -default_download_url: '{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain' -default_group: '{{ service_users[''cumulus''] }}' +default_download_url: "{{ default_download_base_url }}{{ default_client_version }}/polkadot-parachain" +default_group: "{{ service_users['cumulus'] }}" default_in_peers: 32 default_log_level: info default_network: asset-hub-polkadot @@ -19,7 +21,7 @@ default_prom_port: 7400 default_rpc_port: 9400 default_secure_rpc_port: 42400 default_service: cumulus -default_storage: '{{ default_base_path }}/chains' +default_storage: "{{ default_base_path }}/chains" default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 -default_user: '{{ service_users[''cumulus''] }}' +default_user: "{{ service_users['cumulus'] }}" zabbix_ext_port: 10400 diff --git a/group_vars/penumbra.yaml b/group_vars/penumbra.yaml index 1b3e598..4056e95 100644 --- a/group_vars/penumbra.yaml +++ b/group_vars/penumbra.yaml @@ -3,13 +3,15 @@ penumbra_version: "0.81.0" penumbra_chain_id: "" cometbft_version: "0.37.14" +polkachu_version: "2665270" # dl locations +default_git_repo: "https://github.com/penumbra-zone/penumbra" penumbra_download_pcli_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pcli-installer.sh" penumbra_download_pd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pd-installer.sh" penumbra_download_pclientd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pclientd-installer.sh" cometbft_download_url: "https://github.com/cometbft/cometbft/releases/download/v{{ cometbft_version }}/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" -default_git_repo: "https://github.com/penumbra-zone/penumbra" +polkachu_download_url: "wget -O penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" # service/user penumbra_service: "penumbra" @@ -22,6 +24,8 @@ default_storage_path: "{{ default_home_path }}/data" default_config_path: "{{ default_home_path }}/config" default_log_path: "{{ default_home_path }}/logs" default_script_path: "{{ default_home_path }}/scripts" +default_database_path: "{{ default_home_path }}/network_data" +default_installation_path: "/home/{{ default_user }}/.cargo/bin" default_network: "penumbra" default_node_type: "validator" diff --git a/roles/setup_install_penumbra/handlers/main.yaml b/roles/setup_install_penumbra/handlers/main.yaml index 252518d..5992033 100644 --- a/roles/setup_install_penumbra/handlers/main.yaml +++ b/roles/setup_install_penumbra/handlers/main.yaml @@ -1,17 +1,42 @@ --- - name: Stop Penumbra ansible.builtin.systemd: - name: pclientd + name: pd state: stopped enabled: True +- name: Stop Cometbft + ansible.builtin.systemd: + name: cometbft + state: stopped + enabled: True + +- name: Symlink cometbft & pd service to systemd + ansible.builtin.file: + src: "{{ default_home_path }}/{{ item }}.service" + dest: "/etc/systemd/system/{{ item }}.service" + state: link + force: True + owner: "root" + group: "root" + mode: "0644" + loop: + - pd + - cometbft + - name: Systemd daemon-reload ansible.builtin.systemd: daemon_reload: True +- name: Start Cometbft + ansible.builtin.systemd: + name: cometbft + state: started + enabled: True + - name: Start Penumbra ansible.builtin.systemd: - name: pclientd + name: pd state: started enabled: True diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 4756c94..5122f88 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -34,44 +34,136 @@ - name: Download and install pcli ansible.builtin.shell: - cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ default_client_version }}/pcli-installer.sh | sh" + cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pcli-installer.sh | sh" become: True become_user: "{{ default_user }}" - when: ansible_local['noderole']['node']['version'] != default_client_version + when: ansible_local['noderole']['node']['version'] != penumbra_version args: warn: False executable: /bin/bash - name: Download and install pd ansible.builtin.shell: - cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ default_client_version }}/pd-installer.sh | sh" + cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pd-installer.sh | sh" become: True become_user: "{{ default_user }}" - when: ansible_local['noderole']['node']['version'] != default_client_version + when: ansible_local['noderole']['node']['version'] != penumbra_version args: warn: False executable: /bin/bash - name: Download and install pclientd ansible.builtin.shell: - cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ default_client_version }}/pclientd-installer.sh | sh" + cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pclientd-installer.sh | sh" become: True become_user: "{{ default_user }}" - when: ansible_local['noderole']['node']['version'] != default_client_version + when: ansible_local['noderole']['node']['version'] != penumbra_version args: warn: False executable: /bin/bash -- name: Download and install cometbft +- name: Download cometbft ansible.builtin.get_url: url: "{{ cometbft_download_url }}" dest: "{{ default_home_path }}" mode: "u+r+x" owner: "{{ default_user }}" group: "{{ default_user }}" - when: ansible_local['noderole']['node']['version'] != default_client_version + when: ansible_local['noderole']['node']['version'] != cometbft_version -- name: Generate network config - ansible.builtin.command: - cmd: "./polkadot key generate-node-key --file {{ default_base_path }}/chains/{{ default_chains_name }}/network/secret_ed25519" - chdir: "{{ default_base_path }}" +- name: Unpack cometbft + ansible.builtin.unarchive: + src: "{{ default_home_path }}/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" + dest: "{{ default_home_path }}" + remote_src: True + owner: "{{ default_user }}" + group: "{{ default_user }}" + mode: "u+r+x" + when: ansible_local['noderole']['node']['version'] != cometbft_version + +- name: Create soft links for penumbra binaries + ansible.builtin.file: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + state: link + owner: "{{ default_user }}" + group: "{{ default_user }}" + loop: + - src: "{{ default_installation_path }}/pd" + dest: "{{ default_home_path }}/pd" + - src: "{{ default_installation_path }}/pcli" + dest: "{{ default_home_path }}/pcli" + - src: "{{ default_installation_path }}/pclientd" + dest: "{{ default_home_path }}/pclientd" + +- name: Install lz4 package + ansible.builtin.package: + name: lz4 + state: present + become: True + become_user: root + +- name: Check if cometbft directory exists + ansible.builtin.stat: + path: "{{ default_database_path }}/node0/cometbft" + register: cometbft_dir + +- name: Create node0 directory if it doesn't exist + ansible.builtin.file: + path: "{{ default_database_path }}/node0" + state: directory + mode: "0750" + owner: "{{ default_user }}" + group: "{{ default_user }}" + when: not cometbft_dir.stat.exists + +- name: Download Polkachu Cometbft snapshot + ansible.builtin.get_url: + url: "{{ polkachu_download_url }}" + dest: "{{ default_database_path }}/node0/" + mode: "u+r+x" + owner: "{{ default_user }}" + group: "{{ default_user }}" + when: not cometbft_dir.stat.exists + +- name: Extract and decompress Polkachu snapshot + ansible.builtin.shell: + cmd: "set -o pipefail && lz4 -c -d {{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4 | tar -x -C {{ default_database_path }}/node0/" + args: + executable: /bin/bash + creates: "{{ default_database_path }}/node0/cometbft" + become: true + become_user: "{{ default_user }}" + when: not cometbft_dir.stat.exists + +- name: Remove lz4 archive after decompression + ansible.builtin.file: + path: "{{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4" + state: absent + when: not cometbft_dir.stat.exists + +- name: Copy Cometbft & pd service templates + ansible.builtin.template: + src: "{{ item }}.service.j2" + dest: "{{ default_home_path }}/{{ item }}.service" + owner: "{{ default_user }}" + group: "{{ default_user }}" + mode: "0640" + loop: + - pd + - cometbft + +- name: Flush handlers after service copy + ansible.builtin.meta: flush_handlers + +- name: Ensure cometbft service is running + ansible.builtin.systemd: + name: cometbft + state: started + enabled: True + +- name: Ensure pd service is running + ansible.builtin.systemd: + name: pd + state: started + enabled: True diff --git a/roles/setup_install_penumbra/templates/cometbft.service.j2 b/roles/setup_install_penumbra/templates/cometbft.service.j2 index b4fc533..2683465 100644 --- a/roles/setup_install_penumbra/templates/cometbft.service.j2 +++ b/roles/setup_install_penumbra/templates/cometbft.service.j2 @@ -2,7 +2,7 @@ Description=CometBFT for Penumbra [Service] -ExecStart={{ default_home_path }}/cometbft start --home /home/penumbra/.penumbra/network_data/node0/cometbft +ExecStart={{ default_home_path }}/cometbft start --home {{ default_database_path }}/node0/cometbft Restart=no User=penumbra # Raise filehandle limit for RPC and P2P connections. diff --git a/roles/setup_install_penumbra/templates/validator.service.j2 b/roles/setup_install_penumbra/templates/pd.service.j2 similarity index 86% rename from roles/setup_install_penumbra/templates/validator.service.j2 rename to roles/setup_install_penumbra/templates/pd.service.j2 index 08ba61e..f36772b 100644 --- a/roles/setup_install_penumbra/templates/validator.service.j2 +++ b/roles/setup_install_penumbra/templates/pd.service.j2 @@ -1,5 +1,5 @@ [Unit] -Description=Penumbra pd +Description=Penumbra Node Wants=cometbft.service [Service] @@ -7,7 +7,7 @@ Wants=cometbft.service CapabilityBoundingSet=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE -ExecStart={{ default_home_path }}/pd start +ExecStart={{ default_home_path }}/pd start --home {{ default_database_path }}/node0/pd # Consider adding an HTTPS URL if you have DNS set up: # ExecStart=/usr/local/bin/pd start --grpc-auto-https www.example.com From 4b676c259cf523608bd49dc41efa0a99b25b945b Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 15:40:09 +0700 Subject: [PATCH 55/69] chore: fix for ansiblelint & ansiblelater --- roles/setup_install_penumbra/tasks/main.yaml | 2 +- roles/setup_install_prometheus/files/prometheus.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 5122f88..f179b02 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -132,7 +132,7 @@ args: executable: /bin/bash creates: "{{ default_database_path }}/node0/cometbft" - become: true + become: True become_user: "{{ default_user }}" when: not cometbft_dir.stat.exists diff --git a/roles/setup_install_prometheus/files/prometheus.yaml b/roles/setup_install_prometheus/files/prometheus.yaml index e626e15..9f0f6c3 100644 --- a/roles/setup_install_prometheus/files/prometheus.yaml +++ b/roles/setup_install_prometheus/files/prometheus.yaml @@ -1,3 +1,4 @@ +--- # # Ansible managed # From 28e50d5dc8106895ead2e706c224deed8dde7e79 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 17:17:08 +0700 Subject: [PATCH 56/69] chore: update penumbra playbook & polkachu version --- group_vars/penumbra.yaml | 2 +- roles/setup_install_penumbra/tasks/main.yaml | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/group_vars/penumbra.yaml b/group_vars/penumbra.yaml index 4056e95..895351e 100644 --- a/group_vars/penumbra.yaml +++ b/group_vars/penumbra.yaml @@ -3,7 +3,7 @@ penumbra_version: "0.81.0" penumbra_chain_id: "" cometbft_version: "0.37.14" -polkachu_version: "2665270" +polkachu_version: "2681688" # dl locations default_git_repo: "https://github.com/penumbra-zone/penumbra" diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index f179b02..041f193 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -142,6 +142,26 @@ state: absent when: not cometbft_dir.stat.exists +- name: Download Polkachu's Penumbra address book + ansible.builtin.get_url: + url: "https://snapshots.polkachu.com/addrbook/penumbra/addrbook.json" + dest: "{{ default_database_path }}/node0/cometbft/config/addrbook.json" + mode: "0640" + owner: "{{ default_user }}" + group: "{{ default_user }}" + force: true + when: not cometbft_dir.stat.exists + +- name: Download Polkachu's Penumbra genesis file + ansible.builtin.get_url: + url: "https://snapshots.polkachu.com/genesis/penumbra/genesis.json" + dest: "{{ default_database_path }}/node0/cometbft/config/genesis.json" + mode: "0640" + owner: "{{ default_user }}" + group: "{{ default_user }}" + force: true + when: not cometbft_dir.stat.exists + - name: Copy Cometbft & pd service templates ansible.builtin.template: src: "{{ item }}.service.j2" From 2e372d2b1a236b3ce87d50763ca4d692697f755d Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 17:17:37 +0700 Subject: [PATCH 57/69] chore: fix lint --- roles/setup_install_penumbra/tasks/main.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 041f193..8b8a787 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -149,7 +149,7 @@ mode: "0640" owner: "{{ default_user }}" group: "{{ default_user }}" - force: true + force: True when: not cometbft_dir.stat.exists - name: Download Polkachu's Penumbra genesis file @@ -159,7 +159,7 @@ mode: "0640" owner: "{{ default_user }}" group: "{{ default_user }}" - force: true + force: True when: not cometbft_dir.stat.exists - name: Copy Cometbft & pd service templates From 8d0e89ed691b0ea85d01cc26e0944b9b852bb7e0 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 18:47:14 +0700 Subject: [PATCH 58/69] chore: added penumbra02 & slight adjustment for systemd service --- bkk07 | 4 ++++ host_vars/penumbra02.yaml | 19 +++++++++++++++++++ .../templates/cometbft.service.j2 | 2 +- .../{pd.service.j2 => validator.service.j2} | 2 +- 4 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 host_vars/penumbra02.yaml rename roles/setup_install_penumbra/templates/{pd.service.j2 => validator.service.j2} (92%) diff --git a/bkk07 b/bkk07 index bfb6f97..1e7541f 100644 --- a/bkk07 +++ b/bkk07 @@ -11,6 +11,7 @@ routers polkadot hydration cumulus +penumbra misc-container [prometheus] @@ -41,6 +42,9 @@ bkk50 [hydration] hdx27 +[penumbra] +penumbra02 + [polkadot] rpc-polkadot-02 rpc-kusama-02 diff --git a/host_vars/penumbra02.yaml b/host_vars/penumbra02.yaml new file mode 100644 index 0000000..aeebce4 --- /dev/null +++ b/host_vars/penumbra02.yaml @@ -0,0 +1,19 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.177.82" +ansible_port: 2482 +host_name: "penumbra02.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/8,bridge={{ default_nat_device }}"}' +role: "penumbra" +pinned_service: True + +default_network: "penumbra" +default_node_type: "validator" +default_p2p_port: 33691 +default_p2p_port_ws: 34691 +default_p2p_port_wss: 35691 +default_rpc_port: 9691 +default_secure_rpc_port: 42691 +default_prom_port: 7691 +zabbix_ext_port: 10691 diff --git a/roles/setup_install_penumbra/templates/cometbft.service.j2 b/roles/setup_install_penumbra/templates/cometbft.service.j2 index 2683465..fe7adfe 100644 --- a/roles/setup_install_penumbra/templates/cometbft.service.j2 +++ b/roles/setup_install_penumbra/templates/cometbft.service.j2 @@ -1,5 +1,5 @@ [Unit] -Description=CometBFT for Penumbra +Description={{ host_name.split('.')[0] }} - cometbft service [Service] ExecStart={{ default_home_path }}/cometbft start --home {{ default_database_path }}/node0/cometbft diff --git a/roles/setup_install_penumbra/templates/pd.service.j2 b/roles/setup_install_penumbra/templates/validator.service.j2 similarity index 92% rename from roles/setup_install_penumbra/templates/pd.service.j2 rename to roles/setup_install_penumbra/templates/validator.service.j2 index f36772b..9db019f 100644 --- a/roles/setup_install_penumbra/templates/pd.service.j2 +++ b/roles/setup_install_penumbra/templates/validator.service.j2 @@ -1,5 +1,5 @@ [Unit] -Description=Penumbra Node +Description={{ host_name.split('.')[0] }} validator - Penumbra service Wants=cometbft.service [Service] From b5f2ad0ebadd354a8915c6decfc106be1184451f Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 19:48:22 +0700 Subject: [PATCH 59/69] feat: update penumbra configuration and services --- host_vars/penumbra02.yaml | 21 ++++++++++++------- playbooks/penumbra.yaml | 10 +++++++++ playbooks/proxmox_install_nodes.yaml | 7 +++++++ .../templates/cometbft.service.j2 | 10 ++++++++- .../templates/validator.service.j2 | 7 ++++++- 5 files changed, 45 insertions(+), 10 deletions(-) create mode 100644 playbooks/penumbra.yaml diff --git a/host_vars/penumbra02.yaml b/host_vars/penumbra02.yaml index aeebce4..612cd8d 100644 --- a/host_vars/penumbra02.yaml +++ b/host_vars/penumbra02.yaml @@ -1,6 +1,6 @@ --- ansible_host: "160.22.181.181" -container_ip: "192.168.177.82" +container_ip: "192.168.77.82" ansible_port: 2482 host_name: "penumbra02.ct.rotko.net" host_timezone: "Asia/Bangkok" @@ -10,10 +10,15 @@ pinned_service: True default_network: "penumbra" default_node_type: "validator" -default_p2p_port: 33691 -default_p2p_port_ws: 34691 -default_p2p_port_wss: 35691 -default_rpc_port: 9691 -default_secure_rpc_port: 42691 -default_prom_port: 7691 -zabbix_ext_port: 10691 +default_penumbra_metric_port: 9600 +default_cometbft_p2p_port: 26682 +default_cometbft_rpc_port: 26657 +default_acbi_port: 26658 +default_cometbft_database: "goleveldb" +# default_p2p_port: 33691 +# default_p2p_port_ws: 34691 +# default_p2p_port_wss: 35691 +# default_rpc_port: 9691 +# default_secure_rpc_port: 42691 +# default_prom_port: 7691 +# zabbix_ext_port: 10691 diff --git a/playbooks/penumbra.yaml b/playbooks/penumbra.yaml new file mode 100644 index 0000000..2f62296 --- /dev/null +++ b/playbooks/penumbra.yaml @@ -0,0 +1,10 @@ +# Standards: 0.2 +--- +- name: Default tools and configurations + hosts: penumbra + gather_facts: True + roles: + - setup_add_node_role + - setup_install_rust + - setup_install_penumbra + - setup_install_nginx diff --git a/playbooks/proxmox_install_nodes.yaml b/playbooks/proxmox_install_nodes.yaml index 22ce405..7e73811 100644 --- a/playbooks/proxmox_install_nodes.yaml +++ b/playbooks/proxmox_install_nodes.yaml @@ -44,6 +44,13 @@ # roles: # - setup_install_prometheus +- name: Install Penumbra services + hosts: penumbra + gather_facts: True + roles: + - setup_install_penumbra + - setup_install_nginx + - name: Install Arbitrum services hosts: arbitrum gather_facts: True diff --git a/roles/setup_install_penumbra/templates/cometbft.service.j2 b/roles/setup_install_penumbra/templates/cometbft.service.j2 index fe7adfe..c58d58c 100644 --- a/roles/setup_install_penumbra/templates/cometbft.service.j2 +++ b/roles/setup_install_penumbra/templates/cometbft.service.j2 @@ -2,7 +2,15 @@ Description={{ host_name.split('.')[0] }} - cometbft service [Service] -ExecStart={{ default_home_path }}/cometbft start --home {{ default_database_path }}/node0/cometbft +ExecStart={{ default_home_path }}/cometbft start \ + --moniker "{{ host_name }}" \ + --home {{ default_database_path }}/node0/cometbft \ + --p2p.laddr "tcp://0.0.0.0:{{ default_cometbft_p2p_port }}" \ + --p2p.external-address "{{ ansible_host }}:{{ default_cometbft_p2p_port }}" \ + --rpc.laddr "tcp://127.0.0.1:{{ default_cometbft_rpc_port }}" \ + --proxy_app tcp://127.0.0.1:{{ default_acbi_port }} \ + --db_backend {{ default_cometbft_database }} + Restart=no User=penumbra # Raise filehandle limit for RPC and P2P connections. diff --git a/roles/setup_install_penumbra/templates/validator.service.j2 b/roles/setup_install_penumbra/templates/validator.service.j2 index 9db019f..1da32f1 100644 --- a/roles/setup_install_penumbra/templates/validator.service.j2 +++ b/roles/setup_install_penumbra/templates/validator.service.j2 @@ -7,7 +7,12 @@ Wants=cometbft.service CapabilityBoundingSet=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE -ExecStart={{ default_home_path }}/pd start --home {{ default_database_path }}/node0/pd +ExecStart={{ default_home_path }}/pd start \ + --home {{ default_database_path }}/node0/pd \ + --metrics-bind 0.0.0.0:{{ default_penumbra_metric_port }} \ + --cometbft-addr http://127.0.0.1:{{ default_cometbft_rpc_port }} \ + --abci-bind 127.0.0.1:{{ default_acbi_port }} + # Consider adding an HTTPS URL if you have DNS set up: # ExecStart=/usr/local/bin/pd start --grpc-auto-https www.example.com From 3abe3288c8f359f641d2670a0b6bf2fbca80c177 Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 20:01:34 +0700 Subject: [PATCH 60/69] fix: update penumbra container name --- bkk07 | 2 +- host_vars/bkk06.yaml | 26 +++++++++++++++++++ .../{penumbra02.yaml => penumbra-02.yaml} | 2 +- 3 files changed, 28 insertions(+), 2 deletions(-) rename host_vars/{penumbra02.yaml => penumbra-02.yaml} (94%) diff --git a/bkk07 b/bkk07 index 1e7541f..e585fc3 100644 --- a/bkk07 +++ b/bkk07 @@ -43,7 +43,7 @@ bkk50 hdx27 [penumbra] -penumbra02 +penumbra-02 [polkadot] rpc-polkadot-02 diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index cc0e96d..78cca09 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -2043,3 +2043,29 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" protocol: "tcp" + - host: "penumbra-02" + proxmox_config: + vmid: "1102" + hostname: "{{ hostvars['penumbra-02']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['penumbra-02']['netif'] }}" + cores: 4 + memory: 8192 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["penumbra-02"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['penumbra-02']['default_network'] }} {{ hostvars['penumbra-02']['default_node_type'] }}: {{ hostvars['penumbra-02']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['penumbra-02']['ansible_port'] }}" + to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" + to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" + protocol: "tcp" diff --git a/host_vars/penumbra02.yaml b/host_vars/penumbra-02.yaml similarity index 94% rename from host_vars/penumbra02.yaml rename to host_vars/penumbra-02.yaml index 612cd8d..e0054e3 100644 --- a/host_vars/penumbra02.yaml +++ b/host_vars/penumbra-02.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.77.82" ansible_port: 2482 -host_name: "penumbra02.ct.rotko.net" +host_name: "penumbra-02.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/8,bridge={{ default_nat_device }}"}' role: "penumbra" From 92c81362854192f811fe4d0af5b7db8fd197dddb Mon Sep 17 00:00:00 2001 From: Al Date: Tue, 24 Dec 2024 21:40:20 +0700 Subject: [PATCH 61/69] chore: debugging playbooks --- group_vars/all/all.yaml | 1 + group_vars/penumbra.yaml | 5 +- host_vars/bkk06.yaml | 26 ----------- host_vars/bkk07.yaml | 48 +++++++++++++++----- roles/setup_install_penumbra/tasks/main.yaml | 26 +++++++---- 5 files changed, 57 insertions(+), 49 deletions(-) diff --git a/group_vars/all/all.yaml b/group_vars/all/all.yaml index ca0a153..cf93f86 100644 --- a/group_vars/all/all.yaml +++ b/group_vars/all/all.yaml @@ -182,3 +182,4 @@ service_users: unique: "unique" polimec: "polimec" ajuna: "ajuna" + penumbra: "penumbra" diff --git a/group_vars/penumbra.yaml b/group_vars/penumbra.yaml index 895351e..b796cf9 100644 --- a/group_vars/penumbra.yaml +++ b/group_vars/penumbra.yaml @@ -14,8 +14,9 @@ cometbft_download_url: "https://github.com/cometbft/cometbft/releases/download/v polkachu_download_url: "wget -O penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" # service/user -penumbra_service: "penumbra" -penumbra_user: "{{ service_users['penumbra'] }}" +default_service: "penumbra" +default_user: "{{ service_users['penumbra'] }}" +default_group: "{{ service_users['penumbra'] }}" # paths default_home_path: "/opt/penumbra" diff --git a/host_vars/bkk06.yaml b/host_vars/bkk06.yaml index 78cca09..cc0e96d 100644 --- a/host_vars/bkk06.yaml +++ b/host_vars/bkk06.yaml @@ -2043,29 +2043,3 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" to_host: "{{ hostvars['rpc-asset-hub-paseo-01']['container_ip'] }}:{{ hostvars['rpc-asset-hub-paseo-01']['transition_bootnode_p2p_port_wss'] }}" protocol: "tcp" - - host: "penumbra-02" - proxmox_config: - vmid: "1102" - hostname: "{{ hostvars['penumbra-02']['host_name'] }}" - ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['penumbra-02']['netif'] }}" - cores: 4 - memory: 8192 - swap: 8192 - password: "{{ default_password }}" - disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["penumbra-02"]["default_database_path"] }}"}' - onboot: True - unprivileged: True - validate_certs: False - description: "{{ hostvars['penumbra-02']['default_network'] }} {{ hostvars['penumbra-02']['default_node_type'] }}: {{ hostvars['penumbra-02']['host_name'] }}" - state: present - features: - - nesting=1 - port_forwards: - - from_port: "{{ hostvars['penumbra-02']['ansible_port'] }}" - to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ ssh_port }}" - protocol: "tcp" - - from_port: "{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" - to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" - protocol: "tcp" diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 33d96bc..eea1603 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -858,34 +858,34 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-asset-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-asset-hub-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - - host: "rpc-bridge-hub-kusama-01" + - host: "rpc-bridge-hub-kusama-02" proxmox_config: - vmid: "32021" - hostname: "{{ hostvars['rpc-bridge-hub-kusama-01']['host_name'] }}" + vmid: "32022" + hostname: "{{ hostvars['rpc-bridge-hub-kusama-02']['host_name'] }}" ostemplate: "local:vztmpl/{{ default_container_template }}" - netif: "{{ hostvars['rpc-bridge-hub-kusama-01']['netif'] }}" + netif: "{{ hostvars['rpc-bridge-hub-kusama-02']['netif'] }}" cores: 4 memory: 16384 swap: 8192 password: "{{ default_password }}" disk: "{{ zfs_storage }}:20" - mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-bridge-hub-kusama-01"]["default_database_path"] }}"}' + mounts: '{"mp0":"{{ zfs_storage }}:100,mp={{ hostvars["rpc-bridge-hub-kusama-02"]["default_database_path"] }}"}' onboot: True unprivileged: True validate_certs: False - description: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_network'] }} {{ hostvars['rpc-bridge-hub-kusama-01']['default_node_type'] }}: {{ hostvars['rpc-bridge-hub-kusama-01']['host_name'] }}" + description: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_network'] }} {{ hostvars['rpc-bridge-hub-kusama-02']['default_node_type'] }}: {{ hostvars['rpc-bridge-hub-kusama-02']['host_name'] }}" state: present features: - nesting=1 port_forwards: - - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['ansible_port'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ ssh_port }}" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ ssh_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['zabbix_ext_port'] }}" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" - - from_port: "{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" - to_host: "{{ hostvars['rpc-bridge-hub-kusama-01']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-01']['default_p2p_port'] }}" + - from_port: "{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-bridge-hub-kusama-02']['container_ip'] }}:{{ hostvars['rpc-bridge-hub-kusama-02']['default_p2p_port'] }}" protocol: "tcp" - host: "rpc-coretime-kusama-02" proxmox_config: @@ -1157,3 +1157,29 @@ lxc_nodes: - from_port: "{{ hostvars['proxy-bkk07']['zabbix_ext_port'] }}" to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" protocol: "tcp" + - host: "penumbra-02" + proxmox_config: + vmid: "1102" + hostname: "{{ hostvars['penumbra-02']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['penumbra-02']['netif'] }}" + cores: 4 + memory: 8192 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["penumbra-02"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['penumbra-02']['default_network'] }} {{ hostvars['penumbra-02']['default_node_type'] }}: {{ hostvars['penumbra-02']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['penumbra-02']['ansible_port'] }}" + to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" + to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" + protocol: "tcp" diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 8b8a787..2957c43 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -12,7 +12,7 @@ create_home: False group: "{{ default_user }}" groups: [] - home: "{{ default_base_path }}" + home: "{{ default_home_path }}" name: "{{ default_user }}" shell: "/sbin/nologin" state: present @@ -26,7 +26,7 @@ mode: "0750" state: directory loop: - - "{{ default_base_path }}" + - "{{ default_home_path }}" - "{{ default_database_path }}" - name: Gather facts @@ -39,7 +39,6 @@ become_user: "{{ default_user }}" when: ansible_local['noderole']['node']['version'] != penumbra_version args: - warn: False executable: /bin/bash - name: Download and install pd @@ -49,7 +48,6 @@ become_user: "{{ default_user }}" when: ansible_local['noderole']['node']['version'] != penumbra_version args: - warn: False executable: /bin/bash - name: Download and install pclientd @@ -59,13 +57,21 @@ become_user: "{{ default_user }}" when: ansible_local['noderole']['node']['version'] != penumbra_version args: - warn: False executable: /bin/bash +- name: Ensure tmp directory exists + ansible.builtin.file: + path: "{{ default_home_path }}/tmp" + state: directory + mode: "0750" + owner: "{{ default_user }}" + group: "{{ default_user }}" + when: ansible_local['noderole']['node']['version'] != cometbft_version + - name: Download cometbft ansible.builtin.get_url: url: "{{ cometbft_download_url }}" - dest: "{{ default_home_path }}" + dest: "{{ default_home_path }}/tmp" mode: "u+r+x" owner: "{{ default_user }}" group: "{{ default_user }}" @@ -73,7 +79,7 @@ - name: Unpack cometbft ansible.builtin.unarchive: - src: "{{ default_home_path }}/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" + src: "{{ default_home_path }}/tmp/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" dest: "{{ default_home_path }}" remote_src: True owner: "{{ default_user }}" @@ -89,11 +95,11 @@ owner: "{{ default_user }}" group: "{{ default_user }}" loop: - - src: "{{ default_installation_path }}/pd" + - src: "{{ default_home_path }}/.cargo/bin/pd" dest: "{{ default_home_path }}/pd" - - src: "{{ default_installation_path }}/pcli" + - src: "{{ default_home_path }}/.cargo/bin/pcli" dest: "{{ default_home_path }}/pcli" - - src: "{{ default_installation_path }}/pclientd" + - src: "{{ default_home_path }}/.cargo/bin/pclientd" dest: "{{ default_home_path }}/pclientd" - name: Install lz4 package From 491f98b03c30c9a20ad0c7aac625ddbeb9c63596 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 25 Dec 2024 16:29:15 +0700 Subject: [PATCH 62/69] refactor: update Penumbra service configuration --- bkk07 | 1 - group_vars/penumbra.yaml | 2 +- .../setup_install_penumbra/handlers/main.yaml | 54 +++++++++---- roles/setup_install_penumbra/tasks/main.yaml | 77 +++++++++++++++---- 4 files changed, 101 insertions(+), 33 deletions(-) diff --git a/bkk07 b/bkk07 index e585fc3..1a1df80 100644 --- a/bkk07 +++ b/bkk07 @@ -12,7 +12,6 @@ polkadot hydration cumulus penumbra -misc-container [prometheus] ibp-bkk07 diff --git a/group_vars/penumbra.yaml b/group_vars/penumbra.yaml index b796cf9..8e0096c 100644 --- a/group_vars/penumbra.yaml +++ b/group_vars/penumbra.yaml @@ -11,7 +11,7 @@ penumbra_download_pcli_url: "https://github.com/penumbra-zone/penumbra/releases/ penumbra_download_pd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pd-installer.sh" penumbra_download_pclientd_url: "https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pclientd-installer.sh" cometbft_download_url: "https://github.com/cometbft/cometbft/releases/download/v{{ cometbft_version }}/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" -polkachu_download_url: "wget -O penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" +#polkachu_download_cmd: "wget -O penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" # service/user default_service: "penumbra" diff --git a/roles/setup_install_penumbra/handlers/main.yaml b/roles/setup_install_penumbra/handlers/main.yaml index 5992033..5f35aec 100644 --- a/roles/setup_install_penumbra/handlers/main.yaml +++ b/roles/setup_install_penumbra/handlers/main.yaml @@ -1,17 +1,5 @@ --- -- name: Stop Penumbra - ansible.builtin.systemd: - name: pd - state: stopped - enabled: True - -- name: Stop Cometbft - ansible.builtin.systemd: - name: cometbft - state: stopped - enabled: True - -- name: Symlink cometbft & pd service to systemd +- name: Symlink cometbft & validator service to systemd ansible.builtin.file: src: "{{ default_home_path }}/{{ item }}.service" dest: "/etc/systemd/system/{{ item }}.service" @@ -21,9 +9,21 @@ group: "root" mode: "0644" loop: - - pd + - validator - cometbft +- name: Stop Penumbra + ansible.builtin.systemd: + name: validator + state: stopped + enabled: True + +- name: Stop Cometbft + ansible.builtin.systemd: + name: cometbft + state: stopped + enabled: True + - name: Systemd daemon-reload ansible.builtin.systemd: daemon_reload: True @@ -36,9 +36,33 @@ - name: Start Penumbra ansible.builtin.systemd: - name: pd + name: validator state: started enabled: True +- name: Add type of service fact + ansible.builtin.lineinfile: + path: /etc/ansible/facts.d/noderole.fact + regexp: "^type=" + line: "type={{ default_node_type }}" + create: True + mode: "0644" + +- name: Add Penumbra service version + ansible.builtin.lineinfile: + path: /etc/ansible/facts.d/noderole.fact + regexp: "^version=" + line: "version={{ penumbra_version }}" + create: True + mode: "0644" + +- name: Add Service Pinned Status + ansible.builtin.lineinfile: + path: /etc/ansible/facts.d/noderole.fact + regexp: "^pinned=" + line: "pinned=False" + create: True + mode: "0644" + - name: Flush Handlers ansible.builtin.meta: flush_handlers diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 2957c43..4ae2db5 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -80,14 +80,14 @@ - name: Unpack cometbft ansible.builtin.unarchive: src: "{{ default_home_path }}/tmp/cometbft_{{ cometbft_version }}_linux_amd64.tar.gz" - dest: "{{ default_home_path }}" + dest: "{{ default_home_path }}/tmp" remote_src: True owner: "{{ default_user }}" group: "{{ default_user }}" mode: "u+r+x" when: ansible_local['noderole']['node']['version'] != cometbft_version -- name: Create soft links for penumbra binaries +- name: Create soft links for penumbra & cometbft binaries ansible.builtin.file: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -101,6 +101,8 @@ dest: "{{ default_home_path }}/pcli" - src: "{{ default_home_path }}/.cargo/bin/pclientd" dest: "{{ default_home_path }}/pclientd" + - src: "{{ default_home_path }}/tmp/cometbft" + dest: "{{ default_home_path }}/cometbft" - name: Install lz4 package ansible.builtin.package: @@ -124,13 +126,14 @@ when: not cometbft_dir.stat.exists - name: Download Polkachu Cometbft snapshot - ansible.builtin.get_url: - url: "{{ polkachu_download_url }}" - dest: "{{ default_database_path }}/node0/" - mode: "u+r+x" - owner: "{{ default_user }}" - group: "{{ default_user }}" + ansible.builtin.shell: + cmd: "wget -O {{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" + become: True + become_user: "{{ default_user }}" when: not cometbft_dir.stat.exists + # when: ansible_local['noderole']['node']['version'] != penumbra_version + args: + executable: /bin/bash - name: Extract and decompress Polkachu snapshot ansible.builtin.shell: @@ -142,11 +145,19 @@ become_user: "{{ default_user }}" when: not cometbft_dir.stat.exists -- name: Remove lz4 archive after decompression +# NOTE: i still commented this out cause its58GB file and still for experimenting in case something wrong +# - name: Remove lz4 archive after decompression +# ansible.builtin.file: +# path: "{{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4" +# state: absent +# when: not cometbft_dir.stat.exists +- name: Ensure cometbft config directory exists ansible.builtin.file: - path: "{{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4" - state: absent - when: not cometbft_dir.stat.exists + path: "{{ default_database_path }}/node0/cometbft/config" + state: directory + mode: "0750" + owner: "{{ default_user }}" + group: "{{ default_user }}" - name: Download Polkachu's Penumbra address book ansible.builtin.get_url: @@ -168,15 +179,49 @@ force: True when: not cometbft_dir.stat.exists -- name: Copy Cometbft & pd service templates +- name: Ensure proper ownership of cometbft and pd directories + ansible.builtin.file: + path: "{{ default_database_path }}/node0/{{ item }}" + state: directory + owner: "{{ default_user }}" + group: "{{ default_user }}" + mode: "0750" + recurse: true + loop: + - cometbft + - pd + +- name: Flush handlers after service copy + ansible.builtin.meta: flush_handlers + +- name: Copy Cometbft & validator service templates ansible.builtin.template: src: "{{ item }}.service.j2" dest: "{{ default_home_path }}/{{ item }}.service" owner: "{{ default_user }}" group: "{{ default_user }}" mode: "0640" + when: default_node_type in ["validator", "bootnode", "endpoint"] loop: - - pd + - validator + - cometbft + notify: + - Symlink cometbft & validator service to systemd + - Systemd daemon-reload + - Start Cometbft + - Start Penumbra + +- name: Symlink cometbft & validator service to systemd + ansible.builtin.file: + src: "{{ default_home_path }}/{{ item }}.service" + dest: "/etc/systemd/system/{{ item }}.service" + state: link + force: True + owner: "root" + group: "root" + mode: "0644" + loop: + - validator - cometbft - name: Flush handlers after service copy @@ -188,8 +233,8 @@ state: started enabled: True -- name: Ensure pd service is running +- name: Ensure validator service is running ansible.builtin.systemd: - name: pd + name: validator state: started enabled: True From 4ad69b55f01716857271dd401ee080188b87a80d Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 25 Dec 2024 16:38:15 +0700 Subject: [PATCH 63/69] chore: fix ansiblelater --- roles/setup_install_penumbra/tasks/main.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 4ae2db5..84354b6 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -186,14 +186,11 @@ owner: "{{ default_user }}" group: "{{ default_user }}" mode: "0750" - recurse: true + recurse: True loop: - cometbft - pd -- name: Flush handlers after service copy - ansible.builtin.meta: flush_handlers - - name: Copy Cometbft & validator service templates ansible.builtin.template: src: "{{ item }}.service.j2" @@ -207,6 +204,8 @@ - cometbft notify: - Symlink cometbft & validator service to systemd + - Stop Cometbft + - Stop Penumbra - Systemd daemon-reload - Start Cometbft - Start Penumbra @@ -224,7 +223,7 @@ - validator - cometbft -- name: Flush handlers after service copy +- name: Flush handlers to execute pending handler tasks ansible.builtin.meta: flush_handlers - name: Ensure cometbft service is running From 2d64b4a385eb658f6172a0a016a265c1380488a0 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 25 Dec 2024 17:08:32 +0700 Subject: [PATCH 64/69] chore: improve the playbook pls check it again --- roles/setup_install_penumbra/tasks/main.yaml | 34 ++++++++++++-------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 84354b6..28ec857 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -32,6 +32,10 @@ - name: Gather facts ansible.builtin.setup: +- name: Set version fact + ansible.builtin.set_fact: + needs_update: "{{ ansible_local['noderole']['node']['version'] != penumbra_version }}" + - name: Download and install pcli ansible.builtin.shell: cmd: "set -o pipefail && curl --proto '=https' --tlsv1.2 -LsSf https://github.com/penumbra-zone/penumbra/releases/download/v{{ penumbra_version }}/pcli-installer.sh | sh" @@ -103,6 +107,10 @@ dest: "{{ default_home_path }}/pclientd" - src: "{{ default_home_path }}/tmp/cometbft" dest: "{{ default_home_path }}/cometbft" + notify: + - Add type of service fact + - Add Penumbra service version + - Add Service Pinned Status - name: Install lz4 package ansible.builtin.package: @@ -203,25 +211,25 @@ - validator - cometbft notify: - - Symlink cometbft & validator service to systemd - Stop Cometbft - Stop Penumbra + - Symlink cometbft & validator service to systemd - Systemd daemon-reload - Start Cometbft - Start Penumbra -- name: Symlink cometbft & validator service to systemd - ansible.builtin.file: - src: "{{ default_home_path }}/{{ item }}.service" - dest: "/etc/systemd/system/{{ item }}.service" - state: link - force: True - owner: "root" - group: "root" - mode: "0644" - loop: - - validator - - cometbft +# - name: Symlink cometbft & validator service to systemd +# ansible.builtin.file: +# src: "{{ default_home_path }}/{{ item }}.service" +# dest: "/etc/systemd/system/{{ item }}.service" +# state: link +# force: True +# owner: "root" +# group: "root" +# mode: "0644" +# loop: +# - validator +# - cometbft - name: Flush handlers to execute pending handler tasks ansible.builtin.meta: flush_handlers From b459cb9f0be93378dfdbf653cf39b91f7fa4c94b Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 25 Dec 2024 17:28:07 +0700 Subject: [PATCH 65/69] chore: improve methods to download polkachu playbook --- roles/setup_install_penumbra/tasks/main.yaml | 25 +++++++++++++++----- 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/roles/setup_install_penumbra/tasks/main.yaml b/roles/setup_install_penumbra/tasks/main.yaml index 28ec857..558038b 100644 --- a/roles/setup_install_penumbra/tasks/main.yaml +++ b/roles/setup_install_penumbra/tasks/main.yaml @@ -133,15 +133,28 @@ group: "{{ default_user }}" when: not cometbft_dir.stat.exists + #NOTE: i dont know if this will work, but the wget cmd that commented out below will be working - name: Download Polkachu Cometbft snapshot - ansible.builtin.shell: - cmd: "wget -O {{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" - become: True + ansible.builtin.get_url: + url: "https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4" + dest: "{{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4" + owner: "{{ default_user }}" + group: "{{ default_user }}" + mode: "0640" + force: true + become: true become_user: "{{ default_user }}" when: not cometbft_dir.stat.exists - # when: ansible_local['noderole']['node']['version'] != penumbra_version - args: - executable: /bin/bash + +# - name: Download Polkachu Cometbft snapshot +# ansible.builtin.shell: +# cmd: "wget -O {{ default_database_path }}/node0/penumbra_{{ polkachu_version }}.tar.lz4 https://snapshots.polkachu.com/snapshots/penumbra/penumbra_{{ polkachu_version }}.tar.lz4 --inet4-only" +# become: True +# become_user: "{{ default_user }}" +# when: not cometbft_dir.stat.exists +# # when: ansible_local['noderole']['node']['version'] != penumbra_version +# args: +# executable: /bin/bash - name: Extract and decompress Polkachu snapshot ansible.builtin.shell: From 4bfaf27ebe8924064a2f50398231ad81df2b1ae1 Mon Sep 17 00:00:00 2001 From: Al Date: Wed, 25 Dec 2024 21:44:33 +0700 Subject: [PATCH 66/69] chore: fix kilt playbooks & the host_vars --- group_vars/kilt.yaml | 2 +- host_vars/rpc-kilt-polkadot-01.yaml | 2 +- roles/setup_install_kilt/tasks/main.yaml | 25 +++++++++++++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/group_vars/kilt.yaml b/group_vars/kilt.yaml index d7bbf48..e13328a 100644 --- a/group_vars/kilt.yaml +++ b/group_vars/kilt.yaml @@ -2,7 +2,7 @@ default_base_path: /opt/kilt default_src_path: "{{ default_base_path }}/src" # kilt version -default_client_version: 1.14.3 +default_client_version: 1.14.5 # database default_database: rocksdb default_database_path: "{{ default_base_path }}/chains" diff --git a/host_vars/rpc-kilt-polkadot-01.yaml b/host_vars/rpc-kilt-polkadot-01.yaml index 58ca991..f0a042a 100644 --- a/host_vars/rpc-kilt-polkadot-01.yaml +++ b/host_vars/rpc-kilt-polkadot-01.yaml @@ -10,7 +10,7 @@ pinned_service: True default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" default_domain: "{{ host_name }}" -default_network: "kilt" +default_network: "spiritnet" default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" default_relay_rpc_fallback: "ws://{{ hostvars['dot23']['container_ip'] }}:{{ hostvars['dot23']['default_rpc_port'] }}" default_database: "rocksdb" diff --git a/roles/setup_install_kilt/tasks/main.yaml b/roles/setup_install_kilt/tasks/main.yaml index a73d797..c1a3e38 100644 --- a/roles/setup_install_kilt/tasks/main.yaml +++ b/roles/setup_install_kilt/tasks/main.yaml @@ -88,10 +88,33 @@ - ansible_local['noderole']['node']['version'] != default_client_version - not kilt_binary.stat.exists +- name: Install protobuf compiler and dependencies + ansible.builtin.package: + name: + - protobuf-compiler + - libprotobuf-dev + state: present + become: true + become_user: root + when: + - ansible_local['noderole']['node']['pinned'] != "True" + - ansible_local['noderole']['node']['version'] != default_client_version + - not kilt_binary.stat.exists + +- name: Install libclang and related dependencies + ansible.builtin.package: + name: + - libclang-dev + - clang + - llvm-dev + state: present + become: true + become_user: root + #NOTE: take look at it -al - name: Build client from source as root ansible.builtin.command: - cmd: cargo build --release + cmd: cargo build --release -p kilt-parachain chdir: "{{ default_base_path }}/kilt-node-{{ default_client_version }}" become: True # Build as root become_user: root From 22f1c7e4db8713189a193198acdc580fefae20b1 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 26 Dec 2024 13:50:31 +0700 Subject: [PATCH 67/69] chore: add host_vars rpc-kilt-polkadot-02 --- bkk07 | 4 ++++ group_vars/kilt.yaml | 5 ++--- host_vars/bkk07.yaml | 26 ++++++++++++++++++++++++++ host_vars/rpc-kilt-polkadot-01.yaml | 5 +++-- host_vars/rpc-kilt-polkadot-02.yaml | 19 +++++++++++++++++++ 5 files changed, 54 insertions(+), 5 deletions(-) create mode 100644 host_vars/rpc-kilt-polkadot-02.yaml diff --git a/bkk07 b/bkk07 index 1a1df80..01f1671 100644 --- a/bkk07 +++ b/bkk07 @@ -12,6 +12,7 @@ polkadot hydration cumulus penumbra +kilt [prometheus] ibp-bkk07 @@ -41,6 +42,9 @@ bkk50 [hydration] hdx27 +[kilt] +rpc-kilt-polkadot-02 + [penumbra] penumbra-02 diff --git a/group_vars/kilt.yaml b/group_vars/kilt.yaml index e13328a..3cf06e1 100644 --- a/group_vars/kilt.yaml +++ b/group_vars/kilt.yaml @@ -17,9 +17,8 @@ default_service: kilt default_storage: "{{ default_base_path }}/chains" default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 default_user: "{{ service_users['kilt'] }}" -default_p2p_port: 33400 -default_p2p_port_ws: 34400 -default_p2p_port_wss: 35400 +default_p2p_port_ws: 30434 +default_p2p_port_wss: 30435 default_prom_port: 7400 default_rpc_port: 9400 default_secure_rpc_port: 42400 diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index eea1603..87af84d 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1183,3 +1183,29 @@ lxc_nodes: - from_port: "{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" to_host: "{{ hostvars['penumbra-02']['container_ip'] }}:{{ hostvars['penumbra-02']['default_cometbft_p2p_port'] }}" protocol: "tcp" + - host: "rpc-kilt-polkadot-02" + proxmox_config: + vmid: "31242" + hostname: "{{ hostvars['rpc-kilt-polkadot-02']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-kilt-polkadot-02']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:200,mp={{ hostvars["rpc-kilt-polkadot-02"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-kilt-polkadot-02']['default_network'] }} {{ hostvars['rpc-kilt-polkadot-02']['default_node_type'] }}: {{ hostvars['rpc-kilt-polkadot-02']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-kilt-polkadot-02']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-kilt-polkadot-02']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-kilt-polkadot-02']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-kilt-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-kilt-polkadot-02']['default_p2p_port'] }}" + protocol: "tcp" diff --git a/host_vars/rpc-kilt-polkadot-01.yaml b/host_vars/rpc-kilt-polkadot-01.yaml index f0a042a..492df7e 100644 --- a/host_vars/rpc-kilt-polkadot-01.yaml +++ b/host_vars/rpc-kilt-polkadot-01.yaml @@ -2,7 +2,7 @@ ansible_host: "160.22.181.181" container_ip: "192.168.86.86" ansible_port: 3866 -host_name: "rpc-kilt-polkadot-01.rotko.net" +host_name: "rpc-kilt-polkadot-01.ct.rotko.net" host_timezone: "Asia/Bangkok" netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' role: "kilt" @@ -12,7 +12,8 @@ default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ defau default_domain: "{{ host_name }}" default_network: "spiritnet" default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" -default_relay_rpc_fallback: "ws://{{ hostvars['dot23']['container_ip'] }}:{{ hostvars['dot23']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" default_database: "rocksdb" default_node_type: "endpoint" zabbix_ext_port: 10836 +default_p2p_port: 31241 diff --git a/host_vars/rpc-kilt-polkadot-02.yaml b/host_vars/rpc-kilt-polkadot-02.yaml new file mode 100644 index 0000000..d845e52 --- /dev/null +++ b/host_vars/rpc-kilt-polkadot-02.yaml @@ -0,0 +1,19 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.112.34" +ansible_port: 3834 +host_name: "rpc-kilt-polkadot-02.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "kilt" +pinned_service: True + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_domain: "{{ host_name }}" +default_network: "spiritnet" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" +default_database: "rocksdb" +default_node_type: "endpoint" +zabbix_ext_port: 10834 +default_p2p_port: 31242 From 35713efccc1b1def036e77db88f0dba340cc1392 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 26 Dec 2024 19:25:47 +0700 Subject: [PATCH 68/69] chore: update endpoint templates & kilt/hydration configs --- bkk07 | 2 +- group_vars/hydration.yaml | 11 +++---- group_vars/kilt.yaml | 2 ++ host_vars/bkk07.yaml | 29 +++++++++++++++++++ host_vars/rpc-hydration-polkadot-01.yaml | 1 + host_vars/rpc-hydration-polkadot-02.yaml | 25 ++++++++++++++++ host_vars/rpc-kilt-polkadot-01.yaml | 1 + host_vars/rpc-kilt-polkadot-02.yaml | 1 + inventory | 7 ++++- .../templates/endpoint.service.j2 | 4 ++- .../templates/endpoint.service.j2 | 7 ++--- 11 files changed, 78 insertions(+), 12 deletions(-) create mode 100644 host_vars/rpc-hydration-polkadot-02.yaml diff --git a/bkk07 b/bkk07 index 01f1671..061edc0 100644 --- a/bkk07 +++ b/bkk07 @@ -11,7 +11,6 @@ routers polkadot hydration cumulus -penumbra kilt [prometheus] @@ -40,6 +39,7 @@ talosctl0701 bkk50 [hydration] +rpc-hydration-polkadot-02 hdx27 [kilt] diff --git a/group_vars/hydration.yaml b/group_vars/hydration.yaml index b189686..c7f0daa 100644 --- a/group_vars/hydration.yaml +++ b/group_vars/hydration.yaml @@ -9,11 +9,12 @@ default_group: "{{ service_users['hydration'] }}" default_log_level: info default_network: hydration default_node_type: endpoint -default_p2p_port: 33800 -default_p2p_port_ws: 34800 -default_p2p_port_wss: 35800 -default_prom_port: 7800 -default_rpc_port: 9800 +default_p2p_port_ws: 30434 +default_p2p_port_wss: 30435 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 +default_prom_port: 7400 +default_rpc_port: 9400 default_secure_rpc_port: 42800 default_service: hydration default_storage: "{{ default_base_path }}/chains" diff --git a/group_vars/kilt.yaml b/group_vars/kilt.yaml index 3cf06e1..6d48f7d 100644 --- a/group_vars/kilt.yaml +++ b/group_vars/kilt.yaml @@ -19,6 +19,8 @@ default_telemetry_url: wss://telemetry-backend.w3f.community/submit/ 1 default_user: "{{ service_users['kilt'] }}" default_p2p_port_ws: 30434 default_p2p_port_wss: 30435 +default_bootnode_p2p_port_ws: 30434 +default_bootnode_p2p_port_wss: 30435 default_prom_port: 7400 default_rpc_port: 9400 default_secure_rpc_port: 42400 diff --git a/host_vars/bkk07.yaml b/host_vars/bkk07.yaml index 87af84d..f6b8a30 100644 --- a/host_vars/bkk07.yaml +++ b/host_vars/bkk07.yaml @@ -1209,3 +1209,32 @@ lxc_nodes: - from_port: "{{ hostvars['rpc-kilt-polkadot-02']['default_p2p_port'] }}" to_host: "{{ hostvars['rpc-kilt-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-kilt-polkadot-02']['default_p2p_port'] }}" protocol: "tcp" + - host: "rpc-hydration-polkadot-02" + proxmox_config: + vmid: "31262" + hostname: "{{ hostvars['rpc-hydration-polkadot-02']['host_name'] }}" + ostemplate: "local:vztmpl/{{ default_container_template }}" + netif: "{{ hostvars['rpc-hydration-polkadot-02']['netif'] }}" + cores: 4 + memory: 16384 + swap: 8192 + password: "{{ default_password }}" + disk: "{{ zfs_storage }}:20" + mounts: '{"mp0":"{{ zfs_storage }}:150,mp={{ hostvars["rpc-hydration-polkadot-02"]["default_database_path"] }}"}' + onboot: True + unprivileged: True + validate_certs: False + description: "{{ hostvars['rpc-hydration-polkadot-02']['default_network'] }} {{ hostvars['rpc-hydration-polkadot-02']['default_node_type'] }}: {{ hostvars['rpc-hydration-polkadot-02']['host_name'] }}" + state: present + features: + - nesting=1 + port_forwards: + - from_port: "{{ hostvars['rpc-hydration-polkadot-02']['ansible_port'] }}" + to_host: "{{ hostvars['rpc-hydration-polkadot-02']['container_ip'] }}:{{ ssh_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-hydration-polkadot-02']['zabbix_ext_port'] }}" + to_host: "{{ hostvars['monitor']['container_ip'] }}:{{ zabbix_port }}" + protocol: "tcp" + - from_port: "{{ hostvars['rpc-hydration-polkadot-02']['default_p2p_port'] }}" + to_host: "{{ hostvars['rpc-hydration-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-hydration-polkadot-02']['default_p2p_port'] }}" + protocol: "tcp" diff --git a/host_vars/rpc-hydration-polkadot-01.yaml b/host_vars/rpc-hydration-polkadot-01.yaml index 1e8aafe..5139fb2 100644 --- a/host_vars/rpc-hydration-polkadot-01.yaml +++ b/host_vars/rpc-hydration-polkadot-01.yaml @@ -22,3 +22,4 @@ default_rpc_port: 9400 default_prom_port: 7400 default_secure_rpc_port: 42838 zabbix_ext_port: 10838 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" diff --git a/host_vars/rpc-hydration-polkadot-02.yaml b/host_vars/rpc-hydration-polkadot-02.yaml new file mode 100644 index 0000000..e55174a --- /dev/null +++ b/host_vars/rpc-hydration-polkadot-02.yaml @@ -0,0 +1,25 @@ +--- +ansible_host: "160.22.181.181" +container_ip: "192.168.112.36" +ansible_port: 3136 +host_name: "rpc-hydration-polkadot-02.ct.rotko.net" +host_timezone: "Asia/Bangkok" +netif: '{"net0":"name=eth0,gw={{ default_nat_network_forward_cidr.split("/")[0] }},ip={{ default_host_ip }}/16,bridge={{ default_nat_device }}"}' +role: "hydration" +pinned_service: True + +default_telemetry_name: "Rotko Networks - {{ host_name.split('.')[0] }} {{ default_node_type | capitalize }}" +default_domain: "{{ host_name }}" +default_network: "hydradx" +default_relay_rpc: "ws://{{ hostvars['rpc-polkadot-01']['container_ip'] }}:{{ hostvars['rpc-polkadot-01']['default_rpc_port'] }}" +default_relay_rpc_fallback: "ws://{{ hostvars['rpc-polkadot-02']['container_ip'] }}:{{ hostvars['rpc-polkadot-02']['default_rpc_port'] }}" +default_database: "rocksdb" +default_node_type: "endpoint" +default_p2p_port: 31262 +default_p2p_port_ws: 30434 +default_p2p_port_wss: 30435 +default_rpc_port: 9400 +default_prom_port: 7400 +default_secure_rpc_port: 42136 +zabbix_ext_port: 10136 +default_bootnode_domain: "{{ default_network }}.boot.rotko.net" diff --git a/host_vars/rpc-kilt-polkadot-01.yaml b/host_vars/rpc-kilt-polkadot-01.yaml index 492df7e..244100f 100644 --- a/host_vars/rpc-kilt-polkadot-01.yaml +++ b/host_vars/rpc-kilt-polkadot-01.yaml @@ -17,3 +17,4 @@ default_database: "rocksdb" default_node_type: "endpoint" zabbix_ext_port: 10836 default_p2p_port: 31241 +default_bootnode_domain: "kilt.boot.rotko.net" diff --git a/host_vars/rpc-kilt-polkadot-02.yaml b/host_vars/rpc-kilt-polkadot-02.yaml index d845e52..a99f97a 100644 --- a/host_vars/rpc-kilt-polkadot-02.yaml +++ b/host_vars/rpc-kilt-polkadot-02.yaml @@ -17,3 +17,4 @@ default_database: "rocksdb" default_node_type: "endpoint" zabbix_ext_port: 10834 default_p2p_port: 31242 +default_bootnode_domain: "kilt.boot.rotko.net" diff --git a/inventory b/inventory index e57e936..f9f015b 100644 --- a/inventory +++ b/inventory @@ -32,6 +32,10 @@ bkk10 bkk20 bkk50 +[kilt] +rpc-kilt-polkadot-01 +rpc-kilt-polkadot-02 + [cumulus] mint14 pbr13 @@ -65,7 +69,6 @@ kcore27 kppl27 wppl27 mint27 -rpc-kilt-polkadot-01 rpc-asset-hub-polkadot-01 rpc-asset-hub-polkadot-02 rpc-asset-hub-westend-01 @@ -111,6 +114,8 @@ enc24 enc26 [hydration] +rpc-hydration-polkadot-01 +rpc-hydration-polkadot-02 hdx26 hdx27 diff --git a/roles/setup_install_hydration/templates/endpoint.service.j2 b/roles/setup_install_hydration/templates/endpoint.service.j2 index 38fa770..a2f8def 100644 --- a/roles/setup_install_hydration/templates/endpoint.service.j2 +++ b/roles/setup_install_hydration/templates/endpoint.service.j2 @@ -28,7 +28,9 @@ ExecStart={{ default_base_path }}/hydration \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ - --rpc-port {{ default_rpc_port }} \ + {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port }} \ + --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \ + {% endif %}--rpc-port {{ default_rpc_port }} \ --prometheus-port {{ default_prom_port }} \ --prometheus-external \ --relay-chain-rpc-urls {{ default_relay_rpc }} {{ default_relay_rpc_fallback }} \ diff --git a/roles/setup_install_kilt/templates/endpoint.service.j2 b/roles/setup_install_kilt/templates/endpoint.service.j2 index 5a10046..50b3f93 100644 --- a/roles/setup_install_kilt/templates/endpoint.service.j2 +++ b/roles/setup_install_kilt/templates/endpoint.service.j2 @@ -23,12 +23,11 @@ ExecStart={{ default_base_path }}/kilt \ --sync full \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ - --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port }} \ - --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ - --rpc-port {{ default_rpc_port }} \ + {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port }} \ + --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \ + {% endif %}--rpc-port {{ default_rpc_port }} \ --prometheus-port {{ default_prom_port }} \ --prometheus-external \ --relay-chain-rpc-urls {{ default_relay_rpc }} {{ default_relay_rpc_fallback }} \ From 5e03968cfae888fbcd63d9f4b0c54920db433113 Mon Sep 17 00:00:00 2001 From: Al Date: Thu, 26 Dec 2024 19:48:20 +0700 Subject: [PATCH 69/69] chore: update hydration configs --- host_vars/rpc-hydration-polkadot-01.yaml | 2 +- host_vars/rpc-hydration-polkadot-02.yaml | 2 +- roles/setup_install_hydration/templates/endpoint.service.j2 | 3 --- 3 files changed, 2 insertions(+), 5 deletions(-) diff --git a/host_vars/rpc-hydration-polkadot-01.yaml b/host_vars/rpc-hydration-polkadot-01.yaml index 5139fb2..32886e1 100644 --- a/host_vars/rpc-hydration-polkadot-01.yaml +++ b/host_vars/rpc-hydration-polkadot-01.yaml @@ -22,4 +22,4 @@ default_rpc_port: 9400 default_prom_port: 7400 default_secure_rpc_port: 42838 zabbix_ext_port: 10838 -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_domain: "hydration.boot.rotko.net" diff --git a/host_vars/rpc-hydration-polkadot-02.yaml b/host_vars/rpc-hydration-polkadot-02.yaml index e55174a..0d7db71 100644 --- a/host_vars/rpc-hydration-polkadot-02.yaml +++ b/host_vars/rpc-hydration-polkadot-02.yaml @@ -22,4 +22,4 @@ default_rpc_port: 9400 default_prom_port: 7400 default_secure_rpc_port: 42136 zabbix_ext_port: 10136 -default_bootnode_domain: "{{ default_network }}.boot.rotko.net" +default_bootnode_domain: "hydration.boot.rotko.net" diff --git a/roles/setup_install_hydration/templates/endpoint.service.j2 b/roles/setup_install_hydration/templates/endpoint.service.j2 index a2f8def..9012606 100644 --- a/roles/setup_install_hydration/templates/endpoint.service.j2 +++ b/roles/setup_install_hydration/templates/endpoint.service.j2 @@ -23,10 +23,7 @@ ExecStart={{ default_base_path }}/hydration \ --sync full \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port }} \ --listen-addr /ip4/0.0.0.0/tcp/{{ default_p2p_port_ws }}/ws \ - --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port }} \ - --public-addr /ip4/{{ ansible_host }}/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port }} \ - --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_ws }}/ws \ --public-addr /dns/{{ default_domain }}/tcp/{{ default_p2p_port_wss }}/wss \ {% if default_bootnode_domain is defined %}--public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_p2p_port }} \ --public-addr /dns/{{ default_bootnode_domain }}/tcp/{{ default_bootnode_p2p_port_wss }}/wss \