From 24b04f8f4cfab105b0bdd671c0c4e326c698344d Mon Sep 17 00:00:00 2001 From: samoht9277 Date: Mon, 9 Dec 2024 18:10:24 -0300 Subject: [PATCH] Added ansible playbooks to update a pre-deployed server. --- Makefile | 7 ++ infra/ansible/aggregator.yaml | 61 ----------- infra/ansible/playbooks/aggregator.yaml | 100 ++++++++++++++++++ .../ansible/playbooks/update/aggregator.yaml | 83 +++++++++++++++ infra/ansible/playbooks/update/go.yaml | 48 +++++++++ .../update/ini/config-aggregator.ini | 14 +++ .../update/ini/config-aggregator.ini.example | 14 +++ .../config-files/config-aggregator.yaml.j2 | 32 ++++++ .../templates/services/aggregator.service.j2 | 15 +++ infra/ansible/stage_inventory.yaml | 6 +- 10 files changed, 316 insertions(+), 64 deletions(-) delete mode 100644 infra/ansible/aggregator.yaml create mode 100644 infra/ansible/playbooks/aggregator.yaml create mode 100644 infra/ansible/playbooks/update/aggregator.yaml create mode 100644 infra/ansible/playbooks/update/go.yaml create mode 100644 infra/ansible/playbooks/update/ini/config-aggregator.ini create mode 100644 infra/ansible/playbooks/update/ini/config-aggregator.ini.example create mode 100644 infra/ansible/playbooks/update/templates/config-files/config-aggregator.yaml.j2 create mode 100644 infra/ansible/playbooks/update/templates/services/aggregator.service.j2 diff --git a/Makefile b/Makefile index 7291a0ae44..23dc9d6b8c 100644 --- a/Makefile +++ b/Makefile @@ -1178,6 +1178,13 @@ ansible_batcher_deploy: ## Deploy the Batcher. Parameters: INVENTORY, KEYSTORE -e "keystore_path=$(KEYSTORE)" +ansible_aggregator_update: + @if [ -z "$(INVENTORY)" ]; then \ + echo "Error: INVENTORY must be set."; \ + exit 1; \ + fi + @ansible-playbook infra/ansible/playbooks/update/aggregator.yaml -i $(INVENTORY) + ansible_operator_create_env: ## Create empty variables files for the Operator deploy @cp -n infra/ansible/playbooks/ini/config-operator.ini.example infra/ansible/playbooks/ini/config-operator.ini @cp -n infra/ansible/playbooks/ini/config-register-operator.ini.example infra/ansible/playbooks/ini/config-register-operator.ini diff --git a/infra/ansible/aggregator.yaml b/infra/ansible/aggregator.yaml deleted file mode 100644 index 76d6b2da81..0000000000 --- a/infra/ansible/aggregator.yaml +++ /dev/null @@ -1,61 +0,0 @@ -- import_playbook: setup.yaml -- import_playbook: go.yaml -- import_playbook: rust.yaml -- import_playbook: eigenlayer-cli.yaml - -- hosts: aggregator - vars: - service: "aggregator" - - tasks: - - name: Update apt and install required system packages - become: true - apt: - pkg: - - pkg-config - - libssl-dev - - gcc - state: latest - update_cache: true - - - name: Create directories for each service if do not exist - become: true - ansible.builtin.file: - path: /home/{{ app_user }}/repos/{{ service }} - state: directory - mode: '0755' - owner: '{{ app_user }}' - group: '{{ app_user }}' - loop: - - aggregator - - - name: Clone Aligned repository - become: true - ansible.builtin.git: - repo: https://github.com/yetanotherco/aligned_layer.git - dest: /home/{{ app_user }}/repos/{{ service }}/aligned_layer - version: v0.10.2 - loop: - - aggregator - - - name: Set permissions for cloned repository - become: true - ansible.builtin.file: - path: /home/{{ app_user }}/repos/{{ service }}/aligned_layer - mode: '0755' - owner: '{{ app_user }}' - group: '{{ app_user }}' - recurse: yes - - - name: Compile all FFIs - become: true - shell: - chdir: /home/{{ app_user }}/repos/aggregator/aligned_layer - cmd: sudo -u {{ app_user }} . /home/{{ app_user }}/.profile && sudo -u {{ app_user }} make build_all_ffi_linux - - - name: Allow access to tcp port 8090 - become: true - ufw: - rule: allow - port: 8090 - proto: tcp diff --git a/infra/ansible/playbooks/aggregator.yaml b/infra/ansible/playbooks/aggregator.yaml new file mode 100644 index 0000000000..fe6e4ae43b --- /dev/null +++ b/infra/ansible/playbooks/aggregator.yaml @@ -0,0 +1,100 @@ +- name: Run setup playbook + ansible.builtin.import_playbook: setup.yaml + vars: + host: aggregator + +- name: Run go playbook + ansible.builtin.import_playbook: go.yaml + vars: + host: aggregator + +- hosts: aggregator + vars: + service: "aggregator" + + tasks: + - name: Update apt and install required system packages + become: true + apt: + pkg: + - pkg-config + - libssl-dev + state: latest + update_cache: true + vars: + ansible_ssh_user: "{{ admin_user }}" + + - name: Create directories for each service if do not exist + file: + path: /home/{{ ansible_user }}/repos/{{ service }} + state: directory + mode: '0755' + owner: '{{ ansible_user }}' + group: '{{ ansible_user }}' + loop: + - aggregator + + - name: Clone Aligned repository + git: + repo: https://github.com/yetanotherco/aligned_layer.git + dest: /home/{{ ansible_user }}/repos/{{ service }}/aligned_layer + version: v0.10.2 + loop: + - aggregator + + - name: Set permissions for cloned repository + file: + path: /home/{{ ansible_user }}/repos/{{ service }}/aligned_layer + mode: '0755' + owner: '{{ ansible_user }}' + group: '{{ ansible_user }}' + recurse: yes + + - name: Build aggregator + shell: + chdir: /home/{{ ansible_user }}/repos/aggregator/aligned_layer/ + cmd: /usr/local/go/bin/go build -o /home/{{ ansible_user }}/repos/aggregator/aligned_layer/build/aligned-aggregator /home/{{ ansible_user }}/repos/aggregator/aligned_layer/aggregator/cmd/main.go + + - name: Upload config file for aggregator + template: + src: config-files/config-aggregator.yaml.j2 + dest: "/home/{{ ansible_user }}/config/config-aggregator.yaml" + vars: + aligned_layer_deployment_config_file_path: "{{ lookup('ini', 'aligned_layer_deployment_config_file_path', file='ini/config-aggregator.ini') }}" + eigen_layer_deployment_config_file_path: "{{ lookup('ini', 'eigen_layer_deployment_config_file_path', file='ini/config-aggregator.ini') }}" + eth_rpc_url: "{{ lookup('ini', 'eth_rpc_url', file='ini/config-aggregator.ini') }}" + eth_rpc_url_fallback: "{{ lookup('ini', 'eth_rpc_url_fallback', file='ini/config-aggregator.ini') }}" + eth_ws_url: "{{ lookup('ini', 'eth_ws_url', file='ini/config-aggregator.ini') }}" + eth_ws_url_fallback: "{{ lookup('ini', 'eth_ws_url_fallback', file='ini/config-aggregator.ini') }}" + ecdsa_private_key_store_password: "{{ lookup('ini', 'ecdsa_private_key_store_password', file='ini/config-aggregator.ini') }}" + bls_private_key_store_password: "{{ lookup('ini', 'bls_private_key_store_password', file='ini/config-aggregator.ini') }}" + enable_metrics: "{{ lookup('ini', 'enable_metrics', file='ini/config-aggregator.ini') }}" + metrics_ip_port_address: "{{ lookup('ini', 'metrics_ip_port_address', file='ini/config-aggregator.ini') }}" + telemetry_ip_port_address: "{{ lookup('ini', 'telemetry_ip_port_address', file='ini/config-aggregator.ini') }}" + + - name: Allow access to tcp port 8090 + become: true + ufw: + rule: allow + port: 8090 + proto: tcp + vars: + ansible_ssh_user: "{{ admin_user }}" + + - name: Create systemd services directory + file: + path: "/home/{{ ansible_user }}/.config/systemd/user/" + state: directory + + - name: Add service to systemd + template: + src: services/aggregator.service.j2 + dest: "/home/{{ ansible_user }}/.config/systemd/user/aggregator.service" + force: no + + - name: Start aggregator service + systemd_service: + name: aggregator + state: started + enabled: true + scope: user diff --git a/infra/ansible/playbooks/update/aggregator.yaml b/infra/ansible/playbooks/update/aggregator.yaml new file mode 100644 index 0000000000..52f38fd35a --- /dev/null +++ b/infra/ansible/playbooks/update/aggregator.yaml @@ -0,0 +1,83 @@ +- name: Run go playbook + ansible.builtin.import_playbook: go.yaml + vars: + host: aggregator + +- hosts: aggregator + vars: + service: "aggregator" + + tasks: + - name: Create directories + file: + path: "{{ item }}" + recurse: yes + state: directory + loop: + - /tmp/aggregator/aligned_layer + - /home/{{ ansible_user }}/repos/aggregator/aligned_layer/build + - /home/{{ ansible_user }}/config + - /home/{{ ansible_user }}/.config/systemd/user + + - name: Clone Aligned repository on /tmp/ + git: + repo: https://github.com/yetanotherco/aligned_layer.git + dest: /tmp/aggregator/aligned_layer/ + version: v0.12.0 + + - name: Set permissions for cloned repository + file: + path: /home/{{ ansible_user }}/repos/{{ service }}/aligned_layer + mode: '0755' + owner: '{{ ansible_user }}' + group: '{{ ansible_user }}' + recurse: yes + + - name: Build aggregator on /tmp/ + shell: + chdir: /tmp/aggregator/aligned_layer/ + cmd: /usr/local/go/bin/go build -o /tmp/aggregator/aligned_layer/build/aligned-aggregator /tmp/aggregator/aligned_layer/aggregator/cmd/main.go + + - name: Move compiled aggregator to user directory + copy: + src: /tmp/aggregator/aligned_layer/build/aligned-aggregator + dest: /home/{{ ansible_user }}/repos/aggregator/aligned_layer/build/aligned-aggregator + remote_src: true + + - name: Remove Aligned repository on /tmp/ + file: + path: /tmp/aggregator/aligned_layer/ + state: absent + + - name: Upload config file for aggregator + template: + src: config-files/config-aggregator.yaml.j2 + dest: "/home/{{ ansible_user }}/config/config-aggregator.yaml" + force: yes + vars: + aligned_layer_deployment_config_file_path: "{{ lookup('ini', 'aligned_layer_deployment_config_file_path', file='ini/config-aggregator.ini') }}" + eigen_layer_deployment_config_file_path: "{{ lookup('ini', 'eigen_layer_deployment_config_file_path', file='ini/config-aggregator.ini') }}" + eth_rpc_url: "{{ lookup('ini', 'eth_rpc_url', file='ini/config-aggregator.ini') }}" + eth_rpc_url_fallback: "{{ lookup('ini', 'eth_rpc_url_fallback', file='ini/config-aggregator.ini') }}" + eth_ws_url: "{{ lookup('ini', 'eth_ws_url', file='ini/config-aggregator.ini') }}" + eth_ws_url_fallback: "{{ lookup('ini', 'eth_ws_url_fallback', file='ini/config-aggregator.ini') }}" + ecdsa_private_key_store_path: "{{ lookup('ini', 'ecdsa_private_key_store_path', file='ini/config-aggregator.ini') }}" + ecdsa_private_key_store_password: "{{ lookup('ini', 'ecdsa_private_key_store_password', file='ini/config-aggregator.ini') }}" + bls_private_key_store_path: "{{ lookup('ini', 'bls_private_key_store_path', file='ini/config-aggregator.ini') }}" + bls_private_key_store_password: "{{ lookup('ini', 'bls_private_key_store_password', file='ini/config-aggregator.ini') }}" + enable_metrics: "{{ lookup('ini', 'enable_metrics', file='ini/config-aggregator.ini') }}" + metrics_ip_port_address: "{{ lookup('ini', 'metrics_ip_port_address', file='ini/config-aggregator.ini') }}" + telemetry_ip_port_address: "{{ lookup('ini', 'telemetry_ip_port_address', file='ini/config-aggregator.ini') }}" + + - name: Add service to systemd + template: + src: services/aggregator.service.j2 + dest: "/home/{{ ansible_user }}/.config/systemd/user/aggregator.service" + force: yes + + - name: Restart aggregator service + systemd_service: + name: aggregator + state: restarted + enabled: true + scope: user diff --git a/infra/ansible/playbooks/update/go.yaml b/infra/ansible/playbooks/update/go.yaml new file mode 100644 index 0000000000..12485aeb02 --- /dev/null +++ b/infra/ansible/playbooks/update/go.yaml @@ -0,0 +1,48 @@ +# https://everythingcoding.in/go-setup-through-ansible/ +- name: Go Setup + hosts: "{{ host }}" + vars: + version: 1.22.2 + + tasks: + - name: check if go is installed + stat: + path: /usr/local/go/bin/go + register: go_exists + + - name: get golang download link + set_fact: + go_download_url: >- + {% if ansible_architecture == 'x86_64' %} + https://go.dev/dl/go{{ version }}.linux-amd64.tar.gz + {% elif ansible_architecture == 'aarch64' %} + https://go.dev/dl/go{{ version }}.linux-arm64.tar.gz + {% endif %} + + - name: download Go tarball + when: not go_exists.stat.exists + get_url: + url: "{{ go_download_url }}" + dest: "/tmp/{{ go_download_url | basename }}" + mode: '0755' + + - name: install Go + when: not go_exists.stat.exists + ansible.builtin.unarchive: + src: "/tmp/{{ go_download_url | basename }}" + dest: /usr/local/ + remote_src: yes + become: yes + vars: + ansible_ssh_user: admin + + - name: update user PATH + when: not go_exists.stat.exists + lineinfile: + path: "/home/{{ ansible_user }}/.bashrc" + line: "{{ item }}" + state: present + with_items: + - 'export PATH=$PATH:/usr/local/go/bin' + - 'export GOPATH=$HOME/go' + - 'export PATH=$PATH:$GOPATH/bin' diff --git a/infra/ansible/playbooks/update/ini/config-aggregator.ini b/infra/ansible/playbooks/update/ini/config-aggregator.ini new file mode 100644 index 0000000000..7816eb596f --- /dev/null +++ b/infra/ansible/playbooks/update/ini/config-aggregator.ini @@ -0,0 +1,14 @@ +[global] +aligned_layer_deployment_config_file_path=/home/dev/repos/aggregator/aligned_layer/contracts/script/output/devnet/alignedlayer_deployment_output.json +eigen_layer_deployment_config_file_path=/home/dev/repos/aggregator/aligned_layer/contracts/script/output/devnet/eigenlayer_deployment_output.json +eth_rpc_url=http://100.71.4.115:8545 +eth_rpc_url_fallback=http://100.71.4.115:8550 +eth_ws_url=ws://100.71.4.115:8546 +eth_ws_url_fallback=ws://100.71.4.115:8551 +ecdsa_private_key_store_path=/home/dev/repos/aggregator/aligned_layer/config-files/anvil.aggregator.ecdsa.key.json +ecdsa_private_key_store_password= +bls_private_key_store_path=/home/dev/repos/aggregator/aligned_layer/config-files/anvil.aggregator.bls.key.json +bls_private_key_store_password= +enable_metrics=true +metrics_ip_port_address=100.106.174.11:9091 +telemetry_ip_port_address=100.96.200.99:4001 diff --git a/infra/ansible/playbooks/update/ini/config-aggregator.ini.example b/infra/ansible/playbooks/update/ini/config-aggregator.ini.example new file mode 100644 index 0000000000..6c01c1c1b3 --- /dev/null +++ b/infra/ansible/playbooks/update/ini/config-aggregator.ini.example @@ -0,0 +1,14 @@ +[global] +aligned_layer_deployment_config_file_path= +eigen_layer_deployment_config_file_path= +eth_rpc_url= +eth_rpc_url_fallback= +eth_ws_url= +eth_ws_url_fallback= +ecdsa_private_key_store_path= +ecdsa_private_key_store_password= +bls_private_key_store_path= +bls_private_key_store_password= +enable_metrics= +metrics_ip_port_address= +telemetry_ip_port_address= diff --git a/infra/ansible/playbooks/update/templates/config-files/config-aggregator.yaml.j2 b/infra/ansible/playbooks/update/templates/config-files/config-aggregator.yaml.j2 new file mode 100644 index 0000000000..49bb8a3c4d --- /dev/null +++ b/infra/ansible/playbooks/update/templates/config-files/config-aggregator.yaml.j2 @@ -0,0 +1,32 @@ +# Common variables for all the services +# 'production' only prints info and above. 'development' also prints debug +environment: "production" +aligned_layer_deployment_config_file_path: "{{ aligned_layer_deployment_config_file_path }}" +eigen_layer_deployment_config_file_path: "{{ eigen_layer_deployment_config_file_path }}" +eth_rpc_url: "{{ eth_rpc_url }}" +eth_rpc_url_fallback: "{{ eth_rpc_url_fallback }}" +eth_ws_url: "{{ eth_ws_url }}" +eth_ws_url_fallback: "{{ eth_ws_url_fallback }}" +eigen_metrics_ip_port_address: "localhost:9090" + +## ECDSA Configurations +ecdsa: + private_key_store_path: "{{ ecdsa_private_key_store_path }}" + private_key_store_password: "{{ ecdsa_private_key_store_password }}" + +## BLS Configurations +bls: + private_key_store_path: "{{ bls_private_key_store_path }}" + private_key_store_password: "{{ bls_private_key_store_password }}" + +## Aggregator Configurations +aggregator: + server_ip_port_address: localhost:8090 + bls_public_key_compendium_address: + avs_service_manager_address: + enable_metrics: {{ enable_metrics }} + metrics_ip_port_address: "{{ metrics_ip_port_address }}" + telemetry_ip_port_address: "{{ telemetry_ip_port_address }}" + garbage_collector_period: 2m #The period of the GC process. Suggested value for Prod: '168h' (7 days) + garbage_collector_tasks_age: 20 #The age of tasks that will be removed by the GC, in blocks. Suggested value for prod: '216000' (30 days) + garbage_collector_tasks_interval: 10 #The interval of queried blocks to get an old batch. Suggested value for prod: '900' (3 hours) diff --git a/infra/ansible/playbooks/update/templates/services/aggregator.service.j2 b/infra/ansible/playbooks/update/templates/services/aggregator.service.j2 new file mode 100644 index 0000000000..eacf82989c --- /dev/null +++ b/infra/ansible/playbooks/update/templates/services/aggregator.service.j2 @@ -0,0 +1,15 @@ +[Unit] +Description=Aggregator +After=network.target + +[Service] +Type=simple +WorkingDirectory=/home/{{ ansible_user }}/repos/aggregator/aligned_layer/aggregator +ExecStart=/home/{{ ansible_user }}/repos/aggregator/aligned_layer/build/aligned-aggregator --config /home/{{ ansible_user }}/config/config-aggregator.yaml +Restart=always +RestartSec=1 +StartLimitBurst=100 +LimitNOFILE=100000 + +[Install] +WantedBy=multi-user.target diff --git a/infra/ansible/stage_inventory.yaml b/infra/ansible/stage_inventory.yaml index 7bf1acac90..292ba06d6d 100644 --- a/infra/ansible/stage_inventory.yaml +++ b/infra/ansible/stage_inventory.yaml @@ -1,9 +1,9 @@ aggregator: hosts: aligned-holesky-aggregator-1: - ansible_host: aligned-ansible - ansible_user: admin - app_user: app + ansible_host: aligned-holesky-stage-2-aggregator + admin_user: admin + ansible_user: dev ansible_python_interpreter: /usr/bin/python3 batcher: hosts: