From 912baccc785da78a77b7f275f7da3a77bf5dc8c2 Mon Sep 17 00:00:00 2001 From: Stefan Date: Mon, 18 May 2026 10:57:07 +0200 Subject: [PATCH 1/3] Scaffold bal-devnet-7 Genesis scheduled for 2026-05-18 17:00 CEST (timestamp 1779116400). - terraform/devnet-7: clone of devnet-6, tfstate key bumped, CIDR 10.38.0.0/16 - ansible/inventories/devnet-7: clone of devnet-6 (without stale inventory.ini and the devnet-6-specific lodestar-nethermind hotfix). Genesis seed, timestamp, client image tags and checkpoint-sync URLs flipped to bal-devnet-7 - kubernetes/devnet-6 -> kubernetes-archive/devnet-6 (ArgoCD stops monitoring) - README: add devnet-7 row --- README.md | 1 + .../devnet-7/group_vars/all/00-defaults.yaml | 67 +++ .../devnet-7/group_vars/all/all.sops.yaml | 191 ++++++++ .../devnet-7/group_vars/all/all.yaml | 428 ++++++++++++++++++ .../devnet-7/group_vars/all/images.yaml | 65 +++ .../devnet-7/group_vars/all/kubernetes.yaml | 5 + .../inventories/devnet-7/group_vars/besu.yaml | 99 ++++ .../devnet-7/group_vars/blobber.yaml | 56 +++ .../devnet-7/group_vars/bootnode.sops.yaml | 158 +++++++ .../devnet-7/group_vars/bootnode.yaml | 189 ++++++++ .../devnet-7/group_vars/dns_server.yaml | 79 ++++ .../devnet-7/group_vars/erigon.yaml | 92 ++++ .../devnet-7/group_vars/ethereum_node.yaml | 76 ++++ .../devnet-7/group_vars/ethrex.yaml | 90 ++++ .../inventories/devnet-7/group_vars/geth.yaml | 90 ++++ .../devnet-7/group_vars/grandine.yaml | 51 +++ .../devnet-7/group_vars/lighthouse.yaml | 57 +++ .../devnet-7/group_vars/lodestar.yaml | 65 +++ .../devnet-7/group_vars/mev_boost.yaml | 18 + .../devnet-7/group_vars/nethermind.yaml | 99 ++++ .../devnet-7/group_vars/nimbus.yaml | 59 +++ .../devnet-7/group_vars/nimbusel.yaml | 92 ++++ .../devnet-7/group_vars/prysm.yaml | 69 +++ .../inventories/devnet-7/group_vars/reth.yaml | 90 ++++ .../inventories/devnet-7/group_vars/teku.yaml | 52 +++ .../devnet-7/group_vars/tx_fuzz_blobs.yaml | 12 + .../devnet-7/group_vars/tx_fuzz_txs.yaml | 11 + .../inventories/devnet-7/group_vars/xatu.yaml | 87 ++++ .../devnet-7/group_vars/xatu_sentry.yaml | 1 + .../inventories/devnet-7/host_vars/localhost | 2 + .../devnet-6/assertoor/.helmignore | 0 .../devnet-6/assertoor/Chart.lock | 0 .../devnet-6/assertoor/Chart.yaml | 0 .../assertoor/charts/assertoor-1.0.0.tgz | Bin .../devnet-6/assertoor/values.yaml | 0 .../devnet-6/checkpointz/.helmignore | 0 .../devnet-6/checkpointz/Chart.lock | 0 .../devnet-6/checkpointz/Chart.yaml | 0 .../checkpointz/charts/checkpointz-0.1.3.tgz | Bin .../devnet-6/checkpointz/values.yaml | 0 .../devnet-6/config/.helmignore | 0 .../devnet-6/config/Chart.yaml | 0 .../config/templates/ingress.config.yaml | 0 .../devnet-6/config/values.yaml | 0 .../devnet-6/dora/.helmignore | 0 .../devnet-6/dora/Chart.lock | 0 .../devnet-6/dora/Chart.yaml | 0 .../devnet-6/dora/charts/dora-1.0.8.tgz | Bin .../devnet-6/dora/endpoints-cl.yaml | 0 .../devnet-6/dora/endpoints-el.yaml | 0 .../devnet-6/dora/values.yaml | 0 .../devnet-6/dugtrio/.helmignore | 0 .../devnet-6/dugtrio/Chart.lock | 0 .../devnet-6/dugtrio/Chart.yaml | 0 .../devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz | Bin .../devnet-6/dugtrio/values.yaml | 0 .../devnet-6/erpc/.helmignore | 0 .../devnet-6/erpc/Chart.lock | 0 .../devnet-6/erpc/Chart.yaml | 0 .../devnet-6/erpc/charts/erpc-0.0.4.tgz | Bin .../devnet-6/erpc/values.yaml | 0 .../devnet-6/faucet/.helmignore | 0 .../devnet-6/faucet/Chart.lock | 0 .../devnet-6/faucet/Chart.yaml | 0 .../faucet/charts/powfaucet-0.0.4.tgz | Bin .../devnet-6/faucet/values.yaml | 0 .../devnet-6/forkmon/.helmignore | 0 .../devnet-6/forkmon/Chart.lock | 0 .../devnet-6/forkmon/Chart.yaml | 0 .../devnet-6/forkmon/charts/forkmon-0.1.5.tgz | Bin .../devnet-6/forkmon/values.yaml | 0 .../devnet-6/forky/.helmignore | 0 .../devnet-6/forky/Chart.lock | 0 .../devnet-6/forky/Chart.yaml | 0 .../devnet-6/forky/charts/forky-0.2.0.tgz | Bin .../devnet-6/forky/values.yaml | 0 .../devnet-6/homepage/.helmignore | 0 .../devnet-6/homepage/Chart.lock | 0 .../devnet-6/homepage/Chart.yaml | 0 .../charts/testnet-homepage-0.2.3.tgz | Bin .../devnet-6/homepage/values.yaml | 0 .../devnet-6/spamoor/.helmignore | 0 .../devnet-6/spamoor/Chart.lock | 0 .../devnet-6/spamoor/Chart.yaml | 0 .../devnet-6/spamoor/charts/spamoor-1.0.0.tgz | Bin .../devnet-6/spamoor/values.yaml | 0 .../devnet-6/syncoor-server/.helmignore | 0 .../devnet-6/syncoor-server/Chart.lock | 0 .../devnet-6/syncoor-server/Chart.yaml | 0 .../charts/syncoor-server-0.0.1.tgz | Bin .../devnet-6/syncoor-server/values.yaml | 0 .../devnet-6/syncoor-web/.helmignore | 0 .../devnet-6/syncoor-web/Chart.lock | 0 .../devnet-6/syncoor-web/Chart.yaml | 0 .../syncoor-web/charts/syncoor-web-0.0.1.tgz | Bin .../devnet-6/syncoor-web/values.yaml | 0 .../devnet-6/tracoor/.helmignore | 0 .../devnet-6/tracoor/Chart.lock | 0 .../devnet-6/tracoor/Chart.yaml | 0 .../tracoor/charts/tracoor-single-0.0.5.tgz | Bin .../devnet-6/tracoor/values.yaml | 0 .../devnet-6/xatu-cannon/.helmignore | 0 .../devnet-6/xatu-cannon/Chart.lock | 0 .../devnet-6/xatu-cannon/Chart.yaml | 0 .../xatu-cannon/charts/xatu-cannon-0.2.2.tgz | Bin .../devnet-6/xatu-cannon/values.yaml | 0 .../devnet-6/xatu-cl-mimicry/.helmignore | 0 .../devnet-6/xatu-cl-mimicry/Chart.lock | 0 .../devnet-6/xatu-cl-mimicry/Chart.yaml | 0 .../charts/xatu-cl-mimicry-0.0.2.tgz | Bin .../devnet-6/xatu-cl-mimicry/values.yaml | 0 .../devnet-6/xatu-mimicry/.helmignore | 0 .../devnet-6/xatu-mimicry/Chart.lock | 0 .../devnet-6/xatu-mimicry/Chart.yaml | 0 .../charts/xatu-mimicry-0.0.7.tgz | Bin .../devnet-6/xatu-mimicry/values.yaml | 0 .../devnet-6/xatu-relay-monitor/.helmignore | 0 .../devnet-6/xatu-relay-monitor/Chart.lock | 0 .../devnet-6/xatu-relay-monitor/Chart.yaml | 0 .../charts/xatu-relay-monitor-0.0.1.tgz | Bin .../devnet-6/xatu-relay-monitor/values.yaml | 0 terraform/devnet-7/ansible_inventory.tmpl | 76 ++++ terraform/devnet-7/cloudflare.tf | 58 +++ terraform/devnet-7/digitalocean.tf | 167 +++++++ terraform/devnet-7/firewall.tf | 330 ++++++++++++++ terraform/devnet-7/hetzner.tf | 173 +++++++ terraform/devnet-7/main.tf | 95 ++++ terraform/devnet-7/nodes.tf | 44 ++ terraform/devnet-7/outputs.tf | 118 +++++ terraform/devnet-7/ssh_config.tmpl | 16 + 130 files changed, 3528 insertions(+) create mode 100644 ansible/inventories/devnet-7/group_vars/all/00-defaults.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/all/all.sops.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/all/all.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/all/images.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/all/kubernetes.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/besu.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/blobber.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/bootnode.sops.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/bootnode.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/dns_server.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/erigon.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/ethereum_node.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/ethrex.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/geth.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/grandine.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/lighthouse.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/lodestar.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/mev_boost.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/nethermind.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/nimbus.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/nimbusel.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/prysm.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/reth.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/teku.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/tx_fuzz_blobs.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/tx_fuzz_txs.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/xatu.yaml create mode 100644 ansible/inventories/devnet-7/group_vars/xatu_sentry.yaml create mode 100644 ansible/inventories/devnet-7/host_vars/localhost rename {kubernetes => kubernetes-archive}/devnet-6/assertoor/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/assertoor/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/assertoor/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/assertoor/charts/assertoor-1.0.0.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/assertoor/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/checkpointz/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/checkpointz/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/checkpointz/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/checkpointz/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/config/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/config/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/config/templates/ingress.config.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/config/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/charts/dora-1.0.8.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/endpoints-cl.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/endpoints-el.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dora/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dugtrio/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dugtrio/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dugtrio/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/dugtrio/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/erpc/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/erpc/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/erpc/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/erpc/charts/erpc-0.0.4.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/erpc/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/faucet/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/faucet/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/faucet/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/faucet/charts/powfaucet-0.0.4.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/faucet/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forkmon/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forkmon/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forkmon/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forkmon/charts/forkmon-0.1.5.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forkmon/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forky/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forky/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forky/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forky/charts/forky-0.2.0.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/forky/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/homepage/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/homepage/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/homepage/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/homepage/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/spamoor/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/spamoor/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/spamoor/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/spamoor/charts/spamoor-1.0.0.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/spamoor/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-server/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-server/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-server/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-server/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-web/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-web/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-web/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/syncoor-web/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/tracoor/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/tracoor/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/tracoor/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/tracoor/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cannon/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cannon/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cannon/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cannon/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cl-mimicry/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cl-mimicry/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cl-mimicry/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-cl-mimicry/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-mimicry/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-mimicry/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-mimicry/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-mimicry/values.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-relay-monitor/.helmignore (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-relay-monitor/Chart.lock (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-relay-monitor/Chart.yaml (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz (100%) rename {kubernetes => kubernetes-archive}/devnet-6/xatu-relay-monitor/values.yaml (100%) create mode 100644 terraform/devnet-7/ansible_inventory.tmpl create mode 100644 terraform/devnet-7/cloudflare.tf create mode 100644 terraform/devnet-7/digitalocean.tf create mode 100644 terraform/devnet-7/firewall.tf create mode 100644 terraform/devnet-7/hetzner.tf create mode 100644 terraform/devnet-7/main.tf create mode 100644 terraform/devnet-7/nodes.tf create mode 100644 terraform/devnet-7/outputs.tf create mode 100644 terraform/devnet-7/ssh_config.tmpl diff --git a/README.md b/README.md index 225cf2f..c4e6520 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ Status | Network (spec) | Links | Ansible Offline | [devnet-0](https://bal-devnet-0.ethpandaops.io) ([spec](https://notes.ethereum.org/@ethpandaops/bal-devnet-0)) | [Network config](network-configs/devnet-0) / [Inventory](https://bootnode-1.devnet-0.ethpandaops.io/meta/api/v1/inventory.json) / [Validator ranges](https://bootnode-1.devnet-0.ethpandaops.io/meta/api/v1/validator-ranges.json) | [🔗](ansible/inventories/devnet-0) | [🔗](terraform/devnet-0) | [🔗](kubernetes/devnet-0) Offline | [devnet-1](https://bal-devnet-1.ethpandaops.io) ([spec](https://notes.ethereum.org/@ethpandaops/bal-devnet-1)) | [Network config](network-configs/devnet-1) / [Inventory](https://bootnode-1.devnet-1.ethpandaops.io/meta/api/v1/inventory.json) / [Validator ranges](https://bootnode-1.devnet-1.ethpandaops.io/meta/api/v1/validator-ranges.json) | [🔗](ansible/inventories/devnet-1) | [🔗](terraform/devnet-1) | [🔗](kubernetes/devnet-1) In preparation | [devnet-2](https://bal-devnet-2.ethpandaops.io) ([spec](https://notes.ethereum.org/@ethpandaops/bal-devnet-2)) | [Network config](network-configs/devnet-2) / [Inventory](https://bootnode-2.devnet-2.ethpandaops.io/meta/api/v1/inventory.json) / [Validator ranges](https://bootnode-2.devnet-2.ethpandaops.io/meta/api/v1/validator-ranges.json) | [🔗](ansible/inventories/devnet-2) | [🔗](terraform/devnet-2) | [🔗](kubernetes/devnet-2) + In preparation | [devnet-7](https://bal-devnet-7.ethpandaops.io) ([spec](https://notes.ethereum.org/@ethpandaops/bal-devnet-7)) | [Network config](network-configs/devnet-7) / [Inventory](https://bootnode-1.devnet-7.ethpandaops.io/meta/api/v1/inventory.json) / [Validator ranges](https://bootnode-1.devnet-7.ethpandaops.io/meta/api/v1/validator-ranges.json) | [🔗](ansible/inventories/devnet-7) | [🔗](terraform/devnet-7) | [🔗](kubernetes/devnet-7) # Development ## Version management for tools diff --git a/ansible/inventories/devnet-7/group_vars/all/00-defaults.yaml b/ansible/inventories/devnet-7/group_vars/all/00-defaults.yaml new file mode 100644 index 0000000..0f0a893 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/all/00-defaults.yaml @@ -0,0 +1,67 @@ +ansible_user: devops +ansible_python_interpreter: /usr/bin/python3 +# Template name refers to the name of the devnet without number +# Generally refer to the first word of the repository name +# e.g. peerdas, or pectra +devnet_name: bal + +# IPv6 Specific configuration +global_ipv6_enabled: true +global_ipv6_subnet_ranges: + hetzner: "64" + digitalocean: "124" + +###################################################### +## +## Role specific overwrites +## +###################################################### + +# role: ethpandaops.general.bootstrap +bootstrap_user: root +bootstrap_default_user_authorized_keys_github: + - barnabasbusa + - parithosh + - samcm + - savid + - skylenet + - pk910 + - mattevans + - qu0b + +# role: robertdebock.fail2ban +fail2ban_loglevel: INFO +fail2ban_logtarget: /var/log/fail2ban.log +fail2ban_maxretry: 10 +fail2ban_bantime: 600 +fail2ban_ignoreips: + - "127.0.0.1/8 ::1" + - "{{ lookup('ansible.builtin.url', 'http://ifconfig.me/ip', split_lines=False) }}/32" # Avoid banning ourself + +# role: ethpandaops.general.docker_network +docker_network_name: shared +docker_network_enable_ipv6: "{{ global_ipv6_enabled }}" +docker_network_ipam_config: >- + {{ global_ipv6_enabled | default(false) | ternary( + [ { 'subnet': ansible_default_ipv6.address | default('::1') | ansible.utils.ipsubnet(global_ipv6_subnet_ranges[hostvars[inventory_hostname]['cloud']]) } ] + , []) + }} + +docker_networks_shared: + - name: "{{ docker_network_name }}" + +# role: geerlingguy.docker +docker_users: + - devops +docker_daemon_options: + "log-driver": "json-file" + "log-opts": + "max-size": "500m" + "max-file": "8" + "registry-mirrors": ["https://docker-cache.ethquokkaops.io"] + +# role: ethpandaops.general.prometheus +prometheus_container_networks: "{{ docker_networks_shared }}" + +# role: ethpandaops.general.ethereum_node +ethereum_node_images_always_pull: true diff --git a/ansible/inventories/devnet-7/group_vars/all/all.sops.yaml b/ansible/inventories/devnet-7/group_vars/all/all.sops.yaml new file mode 100644 index 0000000..e2f3b5e --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/all/all.sops.yaml @@ -0,0 +1,191 @@ +secret_zerossl: + ACME_EAB_KID: ENC[AES256_GCM,data:UAbtTHRnXHispR1iQr/5eQMV7JMk5g==,iv:WkDvniP4a1cjpRTQqT0MnJo9UkIp+iwJ3NPSTb8sFsU=,tag:yXavQCYBVJsPHwmm2WbwSg==,type:str] + ACME_EAB_HMAC_KEY: ENC[AES256_GCM,data:V7U8TluhY0y550IjMfubUgHSFCdxqS109TwWjSGx818J2So5zrTJR0TWzRl1bH4/9MyqCpEtTLHzLlL0j7I4XzgNvrm8qjpeNw3yRa94eyWH5EJT8VI=,iv:Evd5W8ORLtUa3sSl6XeaqY69p0FAmpiFmjXDlP+XbUY=,tag:A34c1/jnfKSFjuDf/2stYA==,type:str] +secret_prometheus_remote_write: + username: ENC[AES256_GCM,data:KyA0ZB+XP14C2BDU,iv:GLsHLKVv/YzZGosM04O18z0NtWPlUb6RR4gG/rJNl8Q=,tag:7umBWY6XAb2/0lsbbLhh6A==,type:str] + password: ENC[AES256_GCM,data:a/bRDo4IDf9bZtyWlyN4pg4NZnN/fiJvS+wGHQBjiq8m0c89,iv:7X8Gp/499mjcPxud6HQpgwYKRVtxQKCuB4ARvdNnVps=,tag:6Qw9qQsd6rAfmUUHLovB4Q==,type:str] +secret_loki: + endpoint: ENC[AES256_GCM,data:fgNKy2JFJ+eWraqSN8mmrMD2qua/od9Ai4KkWt0BaqJuJeNbkisVERcjZXL/OFZK0eJqNVzQh+w=,iv:3hdFH0Y+33EXpCMoEhQHMj1cwxn2EMFOdPj2YwJZAhg=,tag:H6KbRsCGIC0axq4qFfP++A==,type:str] + username: ENC[AES256_GCM,data:v/NuzOutTUf30kbF,iv:1l8aH0bHx4l/a3xs5hBysVduXrVbHDDdLAEPKRDIwJQ=,tag:w55Jpj6BhZ0SDER36rQJCg==,type:str] + password: ENC[AES256_GCM,data:3IHj1IeAbELlnYjHRjd1xMzbwx4xMop3L2tREA26oKoAqxY+,iv:tYnWHSc8CmUjASLvn71NRbhVXGBXIHhg5I1rRH9Ydbg=,tag:lHKU1hcEdne9lsPqwQxWfw==,type:str] +secret_nginx_shared_basic_auth: + name: ENC[AES256_GCM,data:O7L3,iv:DiOGlqfOfrDlt7X4OGY27OYlkDDEHguv+kg1zRhBek0=,tag:KuOX20lI/iYZOORFraiISw==,type:str] + password: ENC[AES256_GCM,data:HyMDeoK5s6JDfsJ7j5Gg,iv:yvC4WWOOJvVeegWl0uj2P8yxcfBgNrvYSm5xUB5qux8=,tag:XoZbXpvLtUJPVoEaV3ltsg==,type:str] +secret_ethstats: ENC[AES256_GCM,data:vO/gY2iluciwksE=,iv:WHYxXgQ2LdLGMKxvagmT3UhmQl/dRucpyhYzZxHvLHc=,tag:NX4Lkg6SPPusRx/zHGn00w==,type:str] +secret_bootnodoor_seed: ENC[AES256_GCM,data:foxsQyfqq9txuSs3gNQ6igSQ2TI97p8pHfLLwVeEsm4gjZesrK7tLfJtOvECqm4tWpW+Kplz7CTJmb2F/9BonQ==,iv:jvFq037FgIk8LTVmu8g+IfqwbRdHFCi7hQdUMYQL7eo=,tag:Fjuozdn7Xql5xlbRMaRDRw==,type:str] +secret_genesis_mnemonic: ENC[AES256_GCM,data:zRxUC65Kt1b8DM4QPyEJ/u0Uhp2ftMcJVtacbXRrOCUGm+gy0n+VH199hVxvviouJQkbv5FiJYiFjwjJ/yFX5ajPgOqanjRpBfEfwwD2Drtafaw/mWT7pSILHlo7oI18+bGIWjXve5mpUSuAC7jiaufDVROvSa6bcew0Ogbp5pzbFJBFFim3LFjyC1uSRO7JbRoK4cUl1CxnaCUaC/3GKz4l/fIe,iv:EaQilsQbnswzCqkWSK9G/R3wwmMRDwWZDjdZQ1fUZRk=,tag:2kWU1BNG/B82qzmNxmwIjQ==,type:str] +secret_mev_coinbase_secret_key: ENC[AES256_GCM,data:TYLALYjoxOyyrpPoJ/gBvXO2vMdbbFqrI0gyZAJ7MHgI7SMmb7qTfDzakHmOASZ5ezJXfOMWqy0zBqQwymLhzA==,iv:MNJfTjd3pfAW9tR8WUEcp5BOcjjBTQFRoAN+NkC+VAA=,tag:dlR3sMxJb9he8xZn3FcD6w==,type:str] +secret_mev_builder_tx_signing_key: ENC[AES256_GCM,data:Tr01nA3sls3AhttJga/ndK+nMjZSiyMIE3zafwsEZjZt9aETG+zEnkcAK5y9P1aq2N1UZ/KMOF0BPNbgCtOddw==,iv:tBmNG6Esy/3HFCiNZIggEb2Xlgc5MEwS4mVgQpcuSyc=,tag:2mfyvSzaMvCqeIFQGV7NMA==,type:str] +secret_mev_optimistic_relay_secret_key: ENC[AES256_GCM,data:S+hUZla9PQRe22mOoT4qy839Slvej86L2SduROkh3JlMDlnQDtAODv1nRI48JaXT2pBrr5cK7zYSaFICuU6+3w==,iv:9LupHVxZ+DMqY4ZAV8tGcjUuXSvjW8aroJ6HG8psauk=,tag:acL6x1VMrbh0XbXtrQk++g==,type:str] +secret_mev_relay_secret_key: ENC[AES256_GCM,data:jnk2Bp3kMu4XBAfe3cJ8iJ061Lq2UDoE5OLiGss1kmmh1W9x/7PVDRH/y6ysL2kS8vbIlTNPtsK8oRQk7MMXLQ==,iv:2QmzoczmbyFyB4UnmvoZDeAEXjIzXnFBY+acmVA6Ins=,tag:RwjvzIB8l2V5F912IAicvQ==,type:str] +secret_mev_flood_private_key: ENC[AES256_GCM,data:LYJDMo2JUMH5TnRJ/DiTpeF+u5oKTRJzpLwNte1QA84e8JNtKlehUDH5XX+rzoyOI3edHm4gwZ5oIeziY1STJA==,iv:1qNfUVqJ9eebRmA4Ly59KFR9WmaQ8eelSvNLJAWCJ10=,tag:2YTI3l+1z9sO2Gr7Csd4aw==,type:str] +secret_mev_flood_user_key: ENC[AES256_GCM,data:KKnBt1BEnBR/Cl9B7FljzV3kJOW9Gmp7DJ46xc1EkUZmWn1f8F4QLhgsyK34FKBKSCmDMCQoctwirAKTG/Vlsw==,iv:efkOBcrGeGJwT91SR+2wFI/fpnWASQeqjH3MJSIQBAA=,tag:1f+bkUNLh8kMsxO5qNQo+Q==,type:str] +secret_xatu_sentry: + server_address: ENC[AES256_GCM,data:XzLdQ+6JRMe77fQJUJC8pGsVCKB6L4JuQfyTBb84hW9UXrHJ3umII0yQeg==,iv:ITMxKGxTVHDVPYhphwfRtt++DSMrwP5jOPD+/3q8Oig=,tag:cUjDFe+1uFv+tPAPYVnSZQ==,type:str] + user: ENC[AES256_GCM,data:H/ee8GvkSYtyTzY=,iv:Jjhtt5V0LXcNdS5PjBmYMDLJndPZUd4HPn2pSw4BM34=,tag:vo08KX4A2ic4IqpcBRHRZg==,type:str] + password: ENC[AES256_GCM,data:6bR/AjXadfHRZyBGlFcgiBnUQMc2xTjFcpgFZg6vxw==,iv:r6FsNBMe6nPCoQ7NuUzSljgKgdvp540kkOD+ApPSmdM=,tag:Df0RYt75FlB2NFakqViJ2g==,type:str] + event_ingester_auth: ENC[AES256_GCM,data:xD1uqYrRdB+TU7Fqbs+fENWiInVD1HOdVjxppQHhh7jRl+dU9HlJpD60nswd611EyHbWheTnlY1lRMO6Damz0ut9,iv:bKNxaPz+Xj5bIidQlaJrQXaDtT/I0lfBBY3zFfvMCAg=,tag:G1qOLehH6Wm9aI6a2ShqCQ==,type:str] + coordinator_secret: ENC[AES256_GCM,data:f4y7Ck0Z2zpOo8bHuS/w7Bhk6/6+DIvFXctMhjaMBYWLiwEY,iv:gQG7HBaDQPz0huJH2fq4y8HOGN3JwceJET/spgL5GXk=,tag:2guBo0MRKOMKOhpyjYL0VA==,type:str] +secret_cert_encryption_psk: ENC[AES256_GCM,data:WXK5OSHqbAPXxWRwxDV4vSkWLd+KBMJMZuEPFUKE,iv:w45No4rBDjT+kGooIoHGikjJQjwWQ9dyNBzL/NBo7XE=,tag:9Unr8yDbWpCOINcCW/frSg==,type:str] +secret_dora_api_key: ENC[AES256_GCM,data:RGBJ+xkv1WscCVO/Rd9/XZdOZatYCtSAKm/8yKVkwVr+fu0EB9LY7EG8fkw=,iv:YkgdX3hW+P53br6/uiNmmq4/qAyQ0/QrXSPgOjaMbVY=,tag:b/B9OBzYyWfJ5NemKpv2eQ==,type:str] +tx_fuzz_blobs_privkey: ENC[AES256_GCM,data:lYDYBAfPdtgovoGtmz7c4lUfiqxr2N0Sp1dkMWn115+TJYBzfpsMdfBl88PfAibFfHwhMhKwpvKTyHSeUzX2xw==,iv:qTk22/lpJyWFycayBupQp0sBaw2E2oq7peWypQh+0Ic=,tag:JhQPq8s3ueLEfL2FJGH+wA==,type:str] +tx_fuzz_txs_privkey: ENC[AES256_GCM,data:5oacWB7naaDLkIihcBK8E2AKPk9OWLz0AJ7ZLKmpTQkstF/idYkjm6GzmaX0LVGxND0DlUO/fcydtY+UFVQoyw==,iv:gHO+ttqzJCbRBCUvmlsTVNQK6vpnGXamIag63HS/fas=,tag:Ub7xqXrx9tYU2ytk/XtJCQ==,type:str] +goomy_private_key: ENC[AES256_GCM,data:cpKpCZPZOZ/oA4zSFJaIutD/H5SUOHLBS/qyKL+5ZOMOvaDVmI3zY3GiQl149LB3tya6Rg2rEQSABxR1fz8c5w==,iv:Ibm4sLvU+tNk7EqaSPs/2CRLU1yLlNDgSWjR+uNPrvQ=,tag:sOvyhcNsNv2Zj/7waeZBBA==,type:str] +nethermind_seq_api_key: ENC[AES256_GCM,data:C6dHJX02l+m0zVYH691GUyKZgRs=,iv:tNCA6W6hJm1PybTE2piAhfUjDKCqQWeN2FQfgiayJC0=,tag:VZiwt+DgR+nfWXdzZjGnxw==,type:str] +nethermind_seq_server: ENC[AES256_GCM,data:wEIM2pUqK+I3rf42maFTr05r8cOJWjnpPQ==,iv:2Iu5nQAjRmxqkOF2Pueup+Kiwd34sfTxWY8aFv0pea0=,tag:VrfL6pUITsKJPgSue/XXJw==,type:str] +nethermind_push_gateway: ENC[AES256_GCM,data:ScReyCHKHx2/8Yo3epSAsb3MykmlIrGkUegaV5+21aboPCgU+VbUOBfvqaTWpcQN3OjXH+euQj1bHL1etGk1qvjzm2sp/P9oqbHRU827nbejkk5SKEeC4q79U7QyQTbUJ1Z9paX1sYZysMDUf2LUb9r/wHhB7bknQYKnHBAg0Li7qw5T5o1yatJoDqfahe4R1Q==,iv:WuQDvBvS2zjEB805HYkq5TQ/H8baF23vyMP9JbdqCao=,tag:jTOnfh2+ZmWIXQBzIpIVCQ==,type:str] +tysm_secret_key: ENC[AES256_GCM,data:MuvclVLaNVZ+7vRumg==,iv:XGBLMISj2wL7MQznXnVggjudiaw6Ff4i3wGt37/EKqA=,tag:ib5t0B5qa1FD6Ff8xYIFwQ==,type:str] +tempo_grpc_url: ENC[AES256_GCM,data:ltAVTGgrqhUBXdAZe7D1HvdXK72YIORL/x4DYHgX911s+X8IZM9/guRqE1I/ZYSzNrQX0qON3/TrNSjpG1BUpkK9M0SLzqE4EKhaOOQonJRLunnufZVrZIDhXSMaGQhZcjsHQCV8,iv:4mzqA4Ck1g91+tST5oTSnTepikjOCWKJrV04Rsp/8Ts=,tag:MgjQUb+lR1SIU2d8KpvOew==,type:str] +sops: + lastmodified: "2026-02-06T12:18:46Z" + mac: ENC[AES256_GCM,data:AWD5pyXa3qUR84rW2xYec9taLrVAB11+zhKwZUTPeCywfpt68K8jWIuhQCmDKxZGFwbjiOQCupH66eNtO84wRwb7IO2WDcki5DWY8p4eZwXsYrvG4UQAK4UMorcimgmc1FPLd8cxPLhK15Q/sE/xqMV0ITXQ45WXSliUcL8uAOk=,iv:FfdIvgjECwQMldYZH2/21TMRRmINNb1kZhYGZ0OcnGU=,tag:KfRAGAQ9ApQaXCqmeZSyeQ==,type:str] + pgp: + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA32GcoRiZf6pAQ/9EUOq1+k25M79pGwL3rK0e1wpqzHkfZ+DRTcy630aIR5A + wGHo8dRH9QSWl+skGHYkcJ7uB4V9TcFrK/9MTjhtK1KvRXCMLSsLs2iHizSJyAfN + DqU8/fy+1H3sbE/sEBrmNDvD4my12tkECDtfJMqSn1e0lStjYACwDfPAjbmHMhL6 + kogTYIRtlnQhuYxJkiev8xHu1e9UX94fCLPjQqJmHKCsTQWgmHYXmVqxBT+NjwGt + rYCwVtyN0mb72BdZD/zLpmFz7s7PX0INkLVRVIuIN6iRWr4W/bwcrMW4FX8cqQs7 + ZeC2XWvblCYI7OqQK9R8Bcii1fupYN0LIYGw5rCdO1RyS4eSpm1xmOOpCpQ6yrOR + ZnT/JSSjG8TNJzEfZVSIhtml0P/aiJSB8jT9O/vDzkfjvfmCVDCdcPRyA9EMLLuH + hHBffoFSmn1cFE66PN7ywhh3GsJ17ZfUUip3eIVc9HPp6hUxHfH4nZQbWHbv107u + koGOclPlFy082z2FKrndAau54Hz0umd+MeIWdcjGNhF48PGoIDOcTBDloRFO/u2y + LsFQZJh/pSaZMMt0sGyPp27WNRfTvC+fbVZbft5XkvB4G97ydKA2FvkCfddvZ1iY + uCZix7QuCq6pAq/YRlwIqHakusLFEfXY198mQ1Q8cjUMMjhurRZhOeW32w2bsSrS + XAH28FMYEuYtrxynvC+dpf//hTV6bnpBdZC9VJWdrdvi19Keh3OFk073L7P/vY3v + vGiJADYH2PJybWiDR1Xl/Rn/f3E5JO69qbLGLD+6Inu9Bat7wM/A8PsEBgl4 + =73d4 + -----END PGP MESSAGE----- + fp: 80DB2B4EF6CA4D9829C280605636BC0E08138A24 + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA87Wber4r4dGARAAoFBHUdJeIDldTrb7CzAIaqa8AfqvyjwzxG6JlNnftFut + HmoU6v62L4+6FUsbxwJ+4jUlwjPHnYsiVj1kpWjLNgISSTj69pNiAlI5Ayn6/IhH + TNxXtrzQXQdGNiRqE1KY6ddm8Xbsg9Gr7Owdw10wLXrXhiwqArQ+JuJcsL1vb0HU + Um8q6IhZm7Yu3uJX2zbO4wi2xuotsUatL6Uoc5/0fdit7VmqSJpMVBOOJcT7GKaU + 8j7/04BKwwk57AI59Kk77LW4TCdybZBAkFtbAQIXDnbgak1rSDc+D1xwIrS5qZWP + RsU46U9nrDb/b90KpF7EYqP+61EK3OpHAc8y8BqzrNnshxAALJ3XU40PzxaW5pEe + 9ZEvSFQPGFs3rw6cnb+k3DvIwIJM4ESfmrijoJmB4UJf/em+lj+4QDcQlDHdxqgd + f5fmyYpefTMazYFK5DQX2+2uTaKZ/PmLRb9heX3G2p5ndJaq3Pva83jyIcgJVZKq + PGHK63xDhTdhmvXvC8E/RadlcR7WFoKP0YYjWMDLO7KxZTl5foizgdYFkrHbcxik + HMXn/llwcLP3A3OlCrpKFGqNfyDKTAYJsjw+tDK6ojCMyF2h4ZAPfQfI7XaGdQ9p + Tmju3by2UiQIKm/bkwi5NtkyrOvyq5i+g19XeQyxyqA2ZjLTqn7SXWYRbifQhK7S + UQESI6Pvf/bTDI+L1T/TD1Pcmc5EsN6dJ+z6P5zv86yIQ0fuL020aXVR0js1tgOz + y21SDKYoLr8F0DHdyV56wtXqObeAtnyxrf3d6d27J2gryA== + =0jRC + -----END PGP MESSAGE----- + fp: 69F66EEA7AE36CCB77DDB8CA1BC39532FB4A2DBD + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4hw3nPn82LyAQ//ftF7kHJIAT7LzO1k9gRj9EiEMnrUYcH4j/XRm9ChiFKI + Sv9IxfbN7w9bO8/KGPM6MRa6mlnb/sDhP+bEDNp18DvZNWMT/oHTGhkXTl/WojDL + TlL61ew/cFEBn2cCbrzifl3Qn61Z0bLPHJg9tla6h1Yp/6fCx4Xq8xgzxrKexb14 + hir1zDYsgurGPHXCfXkTUQ5qqnvomZ6Le0OcY5n4Q+Qac02ZWHPsD3aOvTjH4JH9 + /jUNNYignLyuIfGKccwqoce8rUBBArR59T3G5y0urOWnlioB95xq6y5QBcf4aFmb + 7BM78CIcaGCxj55uB932dBN/GOEipx5enDY9QUpky3DS4gQ71bQgE5ImOlp3Itsm + zPiexUUQ4ceUXFcnPKFUErA7cy1x9hWoh+tVEDXe8AJv0N/muvLmqqkFswYM2wnA + DbCn7Oo3O3F4bqy/r566Gz7Y/p2jvzSMFKA+bQcR3R40F4um2oO0W9kXRcWBmvPQ + gl2Nqdcvk/MkOvwAH+7QAiJJU9DXpFZa2KvPINhQVOUCrMCJHGKxoKbLHC24DCui + 4H76pk8ZDjRkbJ+i63fSdPlFokYtrJZXvYmw+R2UlCgULL8wfSPptAywaLHoEUFi + k+DCzvmAwWRIYiyU1N4HHGqVdHb0o+IvnaRx2zCgv4AqGL8hdROqCIIQ4HdWphvS + UQF9dNF2PlnmGjMeC3lgiwYWM9YyV2Ivlxe+mpgLPpjFPRyudP0IzpE7Lh6LMb6O + NbJQlM45RQC9p2FjO8isVOS9xyCJENtIGXMcJOOExhlcXg== + =cVX/ + -----END PGP MESSAGE----- + fp: D1002590180DE371BCB455EAEFCD4ACD0B4D3F6E + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAw01qfIBwY0JAQ/8CoVpqbBkvEjYsrQ/jB0TfOT2s0jhsKbqY+FJKCt1ytZi + 77mpwehlrKrkv/GbEupUBp8RH4Zo0AxJMXYn+W8E7mv1ClL2zbySK4nXYMemq9UU + C7Oc986szvWbgRziHvYwUnvzrHfBsCFm8uUwpkvX1iaGJdjTp+UpD2WRhUjToiOH + adUiQoMKyXoUMPOgjJwKn/q11G092SElPG70wA13DDa2qDyDj+ZDQyl0l2mMxOiS + 3QKkhfjmRjYbF5FuomTFpJYrFkJdN0sZo/eSL3opBqU58BuBLfEWvbR5m4AsL1yN + rmcVbb93Bfw219hIYYPgTTjqmudIWlBYg+yElzZNH8cZMGl+f26wUbjEalij61H6 + HTOsq5g5ewmlSJZ4fR+ETB+bbtdtC50GbkswiRWLEsQZJuxcJAU/uGN3d2NHgVB8 + x45aCzjYz1Q1D+AsBb+J9QfzWJfWLRQQGg0wOgpdH7Qz4cIa52wx/cMGJocSpCXP + EZl3le/Bf2L2AS878lk/CXu870nXR77RHxGJZ1R1dE5wPHMkP2km5hwjwaaCxxTF + Z7HufI/t7uTEIzdZvM7xzzAndyQhI3pJEPiI13J8alIelInASj91ITrIu1rdCX/3 + m73+QJYCCCC1hVTCjJ6ABw7l/zsFU5FyxYjLHdud375Kx4RtdFdn/EZT3sCNKIDS + UQHNGWWnc2peKqssWUtUJZ+pyTFpTdJvz5tiLT9pmchfag+T713fxPISHgfHkr6g + EkFOE9o/8jOMPkdODNrmBbqpKoivDC5GPs2XeaSHQfCUdQ== + =y40L + -----END PGP MESSAGE----- + fp: B9F81F327CF5346860E85269D7AF98F214C59E4E + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQEMAwDFOgk9tOQ+AQf+I1xDS5PRktrEHbhp98bDNKo2m+kxc3Ez0M2XVdEAtcQa + 1O+RpaseuUiNWe77oYC4bklyVlfQ1uQ94kcNlNVghdZ8QluOEPoo+bK+2s7GBNWX + fk+wOErqOhLLlk46zBzBxIjHzT7j8Bv+O8NxLx3JPuY4EnoQvoh1DsggwxLGD4Vf + IAaWH4YbdsfQsFW0bnMbXjHIwqn2rQt9YW+fvk9rdkWUW3wDA3xBwRfSwuQcrwTw + 3FcUnMbFdviwgn+/sjUjLxZMvGdf1WEKRaWZOWDbVfdHHEx1Md8uZUnDqh7BKIlz + X+qLIPno+YNc/k+h6Dy29vQgzEOraB6ge94p4sBIdNJcAcQrD6e3ZSKU88313A4X + da0lrOjri8QQIR6lTZL/P61UmLeevs1jfqPcTfJTL0C8aWcqDnke4N16uH3VJKMY + fzqbgWzIFu5Tzn7423CU4yM6Vlj1nnL56zNwE1o= + =BTAl + -----END PGP MESSAGE----- + fp: 0600D41E1313E31016F7C55BF597BC0C5F22D1A2 + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAz4a8AV36xppAQ//dGFkAfbTnVu9JFjsKezlXSE02sL8uq+XrJyhIS0cyLEi + nOfK+xviNO/UdQqY2ScQzxYMszEcn/4yUb1b9KbGOlyhYYW9SagqnhRWa2+molz9 + kw6ZRlzXMOlYDlrTz70R9Fov4sbAkbrSoutVxjBbHngnxlD0nz+vyxznsm7nMGS7 + jwkL0jRFF+VGIImICH7BWZ2MpgoTV+wj7R4AGkA1bP/bKGzT1khyS6VEAeeiohwm + KNLjSW++hR4q/kr4acmtVPbyt3FF5jtSVtDZ8PQ5OyEkeEKtdmRa6e2nSLuUqxkS + bAs/+X8slxEljfBPPxPBLar7A/2GR3Ope/xl67vxIbk7p8yvjJCqmDsqs1eo/w0p + bRIM0SyyBth0lHI8r+UpY9qaNcWzLzwlvUUCTTr8z3MEGVT0D50fQlJ2+glsyjJB + Q4C1ZVFDQ4TaBBbkkdAUu0eeQ3k4tX4kG9YvOPcqDk2xMms5bZVRuRuy8Q/1bptH + FwSEvWfu2cUmim4pWAalikjeyvCcJlXVPZ89weTCg051tyPPe6pp0ypbze829hFe + ZYqOxv6e1h7iLLTtV3goT0YmiAbNyWgECxeKhVTxQykWtvFpEiy9shazzXru4EVW + sfEvnR9lmalRgyxg4F2Y3ePxsGScnASGlLG/RRa9fgKz92GBoX14DCP0Ja1i4kDS + XAEvS7IhCpvhINWiEramt+h4HsNUGRY6BaruUb2M8nwI50znQzrH0NqZuCDHtKOe + sFaF8LjVNs9yJ2YJxgO1UrMyFNcmH7yl+Dwb8mB32kMwjR3YNERVgsL5n8hX + =yXMu + -----END PGP MESSAGE----- + fp: 29C50D01122FDE78E257482DAA497EB2610A8435 + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxYzhHRfYJYtAQ//dONyNG4DzXh9PSxolkZrt/YWdxL61DbkV7TGxv/mcyhk + riSk/AQxQV1vi2MwQcAltpnSU17a+/OZX9XjkTiv3vuVl99xGPGSmqW6c2ru6qP5 + RZ7l3dO8LECg8eghwo3+jWOicQcVNMg/63HB3HFEHtbJ0KoEDy+fCrUpZWDaOK5Z + dkXHkDNtBBk/M+dcQVEB0Oa3BvW7xxONGHex9lpkKcWMFChUL73kMczUSDhFj7ft + DqAPwiYDGrSVG7PVSI5OMQi+uyot09xS6dyL5HNTaHOyWrUQ8dxEjiZL/v4qLo30 + uxx/z/KK4k2CelZYuGoRz8Yd0YLCDXn9iLuHdIn/9qxJuMtdl2/9ldcw7ITWkVkM + GTNWGyP1z3f8+UNEx0GQWhOsm+fMbfHUqJ7lAg1JuUzzDiUJ6CF99LRMGfELjywc + /OzVc82CNXSD+2mH/hBcypOT/sPh0UAoBzjLTn+WRSdNxxNjTDe8KQMlNL8D2VmT + 5Wt/5/mzVaoYtMgMVr1l29EP23dVJ1Ot3tPbdOPwRjNHJtL7zvGrr7O4oKgyfVRK + jUfJPSly5+ZVs87huYRVtcW4RC4jc0F6Vn8EzDLqtofKY7UDY6++wd+ZlbOBC/+F + ObYC2z1GuCgXaJBUBxj+3nkNRlW07U5wkTgZpIhThcijfhreCikWD3RRYed+m+3S + XAE7n6ehdwxZUJlleI8BVWm74YU/mr6zrUIb6DITdYwleYA6jy8b96n0a/TvUIr8 + caKBsfs3n5nU/pQ9hgdyNGxaCLktCBQ5c0wcfbDlh9UWDBSYvpxAZzr301Ma + =st3i + -----END PGP MESSAGE----- + fp: 9BE537027CB7467923E240FF2AED09371C121F91 + - created_at: "2025-10-27T13:19:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DjS7VXZx9i8YSAQdAJgebaxmlao6v8KnMOqguzQ67Bp3TbF8zVU6ebijrTEow + 5d6MEkkIerZW2ZezHLK1mNqLzaykkFzD2e9yOA3AB+l6uAx2Hz0Ua8+n0pfeVbse + 1GYBCQIQT9pgd2tv/rbjj7P2R71z8OGoxAfgnV7+y+c/YDimYNVDO7QN8zw0UQXS + gU5UnaQb8EdDxnl1dEvs5KJgjabExbCWCpeXCjIrg9dAVY3ubN4H+ysJd/NejSm9 + 14J1jpX2Wzk= + =hGen + -----END PGP MESSAGE----- + fp: F93098C3D8ED15D0924A6DDAEB4E93A88660C55B + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/ansible/inventories/devnet-7/group_vars/all/all.yaml b/ansible/inventories/devnet-7/group_vars/all/all.yaml new file mode 100644 index 0000000..b290c2a --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/all/all.yaml @@ -0,0 +1,428 @@ +# ░██████╗░██╗░░░░░░█████╗░██████╗░░█████╗░██╗░░░░░ ██╗░░░██╗░█████╗░██████╗░░██████╗ +# ██╔════╝░██║░░░░░██╔══██╗██╔══██╗██╔══██╗██║░░░░░ ██║░░░██║██╔══██╗██╔══██╗██╔════╝ +# ██║░░██╗░██║░░░░░██║░░██║██████╦╝███████║██║░░░░░ ╚██╗░██╔╝███████║██████╔╝╚█████╗░ +# ██║░░╚██╗██║░░░░░██║░░██║██╔══██╗██╔══██║██║░░░░░ ░╚████╔╝░██╔══██║██╔══██╗░╚═══██╗ +# ╚██████╔╝███████╗╚█████╔╝██████╦╝██║░░██║███████╗ ░░╚██╔╝░░██║░░██║██║░░██║██████╔╝ +# ░╚═════╝░╚══════╝░╚════╝░╚═════╝░╚═╝░░╚═╝╚══════╝ ░░░╚═╝░░░╚═╝░░╚═╝╚═╝░░╚═╝╚═════╝░ + +domain: ethpandaops.io +network_subdomain: "{{ ethereum_network_name }}.{{ domain }}" +network_server_subdomain: "srv.{{ network_subdomain }}" +server_fqdn: "{{ inventory_hostname }}.{{ network_server_subdomain }}" +network_iteration: "{{ ethereum_network_name.split('-')[1:] | join('-') }}" + +ethereum_network_id: >- + {{ (lookup('file', eth_testnet_config_local_dir_src + '/genesis.json') | from_json).config.chainId }} +ethereum_network_deposit_contract: >- + {{ lookup('file', eth_testnet_config_local_dir_src + '/deposit_contract.txt') }} +ethereum_network_deposit_contract_block: >- + {{ lookup('file', eth_testnet_config_local_dir_src + '/deposit_contract_block.txt') }} + +ethereum_node_rpc_prefix: "rpc-" # prefix for rpc URLs +ethereum_node_beacon_prefix: "bn-" # prefix for beacon URLs +ethereum_node_rcp_hostname: "{{ ethereum_node_rpc_prefix }}{{ server_fqdn }}" +ethereum_node_beacon_hostname: "{{ ethereum_node_beacon_prefix }}{{ server_fqdn }}" + +primary_bootnode: bootnode-1 + +### Checkpoint sync specific for Ansible & Kubernetes +checkpoint_sync_node: "{{ primary_bootnode }}" +ethereum_node_cl_checkpoint_sync_enabled: false + +checkpoint_sync_url: https://beacon.{{ ethereum_network_name }}.{{ domain }} +#checkpoint_sync_url: https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}{{ checkpoint_sync_node }}.{{ ethereum_network_name }}.{{ domain }} +checkpoint_sync_url_kube: https://@{{ ethereum_node_beacon_prefix }}{{ checkpoint_sync_node }}.{{ ethereum_network_name }}.{{ domain }} + +# ██████╗░░█████╗░██╗░░░░░███████╗ ██╗░░░██╗░█████╗░██████╗░░██████╗ +# ██╔══██╗██╔══██╗██║░░░░░██╔════╝ ██║░░░██║██╔══██╗██╔══██╗██╔════╝ +# ██████╔╝██║░░██║██║░░░░░█████╗░░ ╚██╗░██╔╝███████║██████╔╝╚█████╗░ +# ██╔══██╗██║░░██║██║░░░░░██╔══╝░░ ░╚████╔╝░██╔══██║██╔══██╗░╚═══██╗ +# ██║░░██║╚█████╔╝███████╗███████╗ ░░╚██╔╝░░██║░░██║██║░░██║██████╔╝ +# ╚═╝░░╚═╝░╚════╝░╚══════╝╚══════╝ ░░░╚═╝░░░╚═╝░░╚═╝╚═╝░░╚═╝╚═════╝░ + +# role: ethpandaops.general.ethereum_genesis +ethereum_genesis_generator_container_image: "{{ default_tooling_images.ethereum_genesis_generator }}" +ethereum_genesis_generator_version: "{{ ethereum_genesis_generator_container_image.split(':')[-1] }}" +ethereum_genesis_network_seed: "bal-devnet-7" +ethereum_genesis_chain_id: "70{{ 99999999 | random(start=10000000, seed=ethereum_genesis_network_seed) }}" +ethereum_genesis_fork_version_suffix: "{{ 999999 | random(start=100000, seed=ethereum_genesis_network_seed) }}" +ethereum_genesis_generator_output_dir: "../network-configs/{{ network_iteration }}" +ethereum_genesis_timestamp: 1779116400 # 2026-05-18 15:00:00 UTC (17:00 CEST) +ethereum_genesis_timedelay: 30 +ethereum_genesis_timestamp_relative_cmd: + Linux: "date +%s -d '+45 minutes'" + Darwin: "date -v +45M +%s" +shadowfork_height: 0 +ethereum_genesis_mnemonic: "{{ secret_genesis_mnemonic }}" +ethereum_genesis_generator_config_files: + cl/config.yaml: "{{ lookup('ansible.builtin.url', 'https://raw.githubusercontent.com/ethpandaops/ethereum-genesis-generator/v{{ethereum_genesis_generator_version}}/config-example/cl/config.yaml', split_lines=false) }}" # noqa yaml[line-length] + cl/mnemonics.yaml: "{{ lookup('ansible.builtin.url', 'https://raw.githubusercontent.com/ethpandaops/ethereum-genesis-generator/v{{ethereum_genesis_generator_version}}/config-example/cl/mnemonics.yaml', split_lines=false) }}" # noqa yaml[line-length] + el/genesis-config.yaml: "{{ lookup('ansible.builtin.url', 'https://raw.githubusercontent.com/ethpandaops/ethereum-genesis-generator/v{{ethereum_genesis_generator_version}}/config-example/el/genesis-config.yaml', split_lines=false) }}" # noqa yaml[line-length] + values.env: |- + export CHAIN_ID="{{ ethereum_genesis_chain_id }}" + export EL_AND_CL_MNEMONIC="{{ ethereum_genesis_mnemonic }}" + export NUMBER_OF_VALIDATORS=1200 + export GENESIS_FORK_VERSION="0x10{{ ethereum_genesis_fork_version_suffix }}" + export ALTAIR_FORK_VERSION="0x20{{ ethereum_genesis_fork_version_suffix }}" + export BELLATRIX_FORK_VERSION="0x30{{ ethereum_genesis_fork_version_suffix }}" + export CAPELLA_FORK_VERSION="0x40{{ ethereum_genesis_fork_version_suffix }}" + export DENEB_FORK_VERSION="0x50{{ ethereum_genesis_fork_version_suffix }}" + export ELECTRA_FORK_VERSION="0x60{{ ethereum_genesis_fork_version_suffix }}" + export FULU_FORK_VERSION="0x70{{ ethereum_genesis_fork_version_suffix }}" + export FULU_FORK_EPOCH=0 + export BPO_1_EPOCH=0 + export BPO_1_MAX_BLOBS=15 + export BPO_1_TARGET_BLOBS=10 + export BPO_2_EPOCH=0 + export BPO_2_MAX_BLOBS=21 + export BPO_2_TARGET_BLOBS=14 + export GLOAS_FORK_VERSION="0x80{{ ethereum_genesis_fork_version_suffix }}" + export GLOAS_FORK_EPOCH=10 + export GENESIS_TIMESTAMP={{ ethereum_genesis_timestamp }} + export GENESIS_DELAY={{ ethereum_genesis_timedelay }} + export GENESIS_GASLIMIT=100000000 + export WITHDRAWAL_TYPE=0x02 + export EL_PREMINE_ADDRS='{"0x9a97ee9d32a0d68406e32b34c92afb81ce2bc467": {"balance": "100000ETH"}, "0x107781Bc6FA8f66B843f4216fd6D5862D3aa4fcd": {"balance": "100000ETH"}}' + +ethereum_genesis_validator_keys_output_dir: "{{ ansible_inventory_sources[0] | dirname }}/files/validator_keys" +ethereum_genesis_validator_bls_change_execution_address: "{{ ethereum_node_cl_validator_fee_recipient }}" +ethereum_genesis_validator_keyranges: >- + {%- set ns = namespace() -%} + {%- set ns.ethereum_genesis_validator_keyranges = {} -%} + {%- for host in groups['all'] -%} + {%- if hostvars[host].validator_start is defined and hostvars[host].validator_end is defined -%} + {%- set v = {'start':hostvars[host].validator_start, 'end': hostvars[host].validator_end } -%} + {%- set _ = ns.ethereum_genesis_validator_keyranges.update({host: v}) -%} + {%- endif -%} + {%- endfor -%} + {{ ns.ethereum_genesis_validator_keyranges }} + +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_plain: + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDbboxOo0jyL3DNxqZ6UTEnZPEzPDPnujEYaClqNWSLWkphczHKAnJPkrwbAWB4JbJKjsAJ5kn53f10KPnUyZvJ5Jn8Rpf7RM7+56MYaBg84gVoA2KeIYxUa7h8neY7J61Galp0c6cOK+hp1lPsoiBSdCW/Rtbv6ALCcVe+4+uCW5FRoJcNRJfGRLRnjh1pw57HQw9O55mf319s4rVUq4umznQ0CciEx3rVMtXf4xjIZDZAhNpGaBh8AtHauaMZCOGociAIquYYqoSQnnmnOBiduRa5OkvGZomgybNQivlYboDeF6sQ71KVzRXSI+mxCYbSp246lqSdQtQsjFA54NYl/qWgAql0uqCqsZidW+XBjquyItRl2Rfzzy5Fk/gMOAJXHQYp4POfgFbqtxjWpfnuOKqW/1IGWcIt2g016effUqGgj/oePX0g+duFdszSKK773rJBySgafFF6XWNqagrLmE4LUGC+6P3oxzYTSFGeUVA21OayL+K40XPpJti5zns= # devops-eth2-shared" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDWh9NW66VD4BPKETNyZeZrGN1f7G6dkihW3eAc7cbJPFQGIpnWc2tGq5o13vWW+SoCh16nkYM2oak+PJQxXYTiQnrMJSmSFd7E0DmdcoKadGJEnfosrH++aOZf/eVLe5q3E9NQFVSdOPo1MCRRTuZxPkuMxS6QikW3otWrA3F2vFgmYyki3Cy8huQzHKUZGicividYcUSFTydR2L0oWUNve3FyqMQQQPnfaJ1RvrkeGtdhRSAxa6L0jzgRK7fjpUyhKOofr7kCKARGELRRiB9QikRAoHU2/D/2jtJjKlTCJxArzXyDF2IcQCco+5Oe9x4c7Xch32dbscJSmjaAvsxRnu7GEFCS7b6kKGvwcoq5vJzvp3RBBR7Mosxv6pcM/q7Z4RhXOFVFFiPVl1dqkqSPkUrHwg8LtWOxC+GAl36vxhHLdDEV/RhbSAzO6SfYEWYGH1w7u4oiy2XAT2cNCO0j0tSHS5chX+d7TzwAbBE2HuPL84GVGHZG875hmiE+Dok= # github-actions-ci" +bootstrap_default_user_authorized_keys_github_all: + - barnabasbusa + - parithosh + - samcm + - savid + - skylenet + - pk910 + - mattevans + - qu0b + +bootstrap_default_user_authorized_keys_github: > + {{ + (bootstrap_default_user_authorized_keys_github_all | default([])) + + (bootstrap_default_user_authorized_keys_github_team_el | default([])) + + (bootstrap_default_user_authorized_keys_github_team_cl | default([])) + }} + +node_exporter_container_image: "{{ default_tooling_images.node_exporter }}" +prometheus_container_image: "{{ default_tooling_images.prometheus }}" +vector_container_image: "{{ default_tooling_images.vector }}" +json_rpc_snooper_container_image: "{{ default_tooling_images.json_rpc_snooper }}" + +# role: ethpandaops.general.ethereum_node +ethereum_node_images_always_pull: true +ethereum_node_metrics_exporter_enabled: true +ethereum_node_xatu_sentry_enabled: true +ethereum_node_cl_validator_enabled: "{{ validator_start is defined and validator_end is defined }}" +ethereum_node_cl_validator_fee_recipient: "0xf97e180c050e5Ab072211Ad2C213Eb5AEE4DF134" +ethereum_node_cl_ports_p2p_tcp: 9000 +ethereum_node_cl_ports_p2p_udp: 9000 +ethereum_node_cl_ports_http_beacon: 5052 +ethereum_node_cl_ports_metrics: 5054 +ethereum_node_el_ports_p2p_tcp: 30303 +ethereum_node_el_ports_p2p_udp: 30303 +ethereum_node_el_ports_http_rpc: 8545 +ethereum_node_el_ports_ws_rpc: 8546 +ethereum_node_el_ports_engine: 8551 +ethereum_node_el_ports_metrics: 6060 +ethereum_node_ipv6_enabled: true +ethereum_node_skip_cleanup: true +docker_watchtower_container_image: "{{ default_tooling_images.docker_watchtower }}" +ethereum_node_docker_watchtower_enabled: true +ethereum_node_docker_watchtower_containers_list: + - execution + - beacon + - validator + - xatu-sentry + - external-block-builder +docker_watchtower_container_additional_args: + - --interval=900 + - --stop-timeout=300s + - --include-restarting +ethereum_node_json_rpc_snooper_engine_enabled: true +ethereum_node_json_rpc_snooper_engine_name: "snooper-engine" +ethereum_node_json_rpc_snooper_engine_port: 8561 +ethereum_node_json_rpc_snooper_engine_public_port: 8961 +ethereum_node_json_rpc_snooper_engine_container_env: + SNOOPER_API_PORT: "{{ ethereum_node_json_rpc_snooper_engine_public_port | quote }}" + SNOOPER_API_AUTH: "{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}" + +# role: ethpandaops.general.generate_kubernetes_config +gen_kubernetes_config_ethereum_node: + el: geth + cl: lodestar + value: "001" + +gen_kubernetes_config_dora_execution_snooper_port: 8961 +gen_kubernetes_config_dora_frontend_rainbowkit_id: "15fe4ab4d5c0bcb6f0dc7c398301ff0e" +gen_kubernetes_config_dora_execution_endpoints_url: "https://raw.githubusercontent.com/ethpandaops/bal-devnets/refs/heads/master/kubernetes/{{ network_iteration }}/dora/endpoints-el.yaml" +gen_kubernetes_config_dora_consensus_endpoints_url: "https://raw.githubusercontent.com/ethpandaops/bal-devnets/refs/heads/master/kubernetes/{{ network_iteration }}/dora/endpoints-cl.yaml" +gen_kubernetes_config_dora_api_secret: "{{ secret_dora_api_key }}" +gen_kubernetes_config_dora_execution_indexer_enabled: true + +# role: ethpandaops.general.xatu_sentry +xatu_sentry_container_image: "{{ default_tooling_images.xatu_sentry }}" +xatu_sentry_config_name: "{{ ethereum_network_name }}-{{ inventory_hostname }}" +xatu_sentry_config_server_address: "{{ secret_xatu_sentry.server_address }}" +xatu_sentry_config_server_auth_user: "{{ secret_xatu_sentry.user }}" +xatu_sentry_config_server_auth_password: "{{ secret_xatu_sentry.password }}" +xatu_sentry_config_network_name_override: "{{ ethereum_network_name }}" + +# role: ethpandaops.general.ethereum_metrics_exporter +ethereum_metrics_exporter_container_image: "{{ default_tooling_images.ethereum_metrics_exporter }}" +ethereum_metrics_exporter_container_user: root +ethereum_metrics_exporter_container_volumes: + - "{{ ethereum_metrics_exporter_dir_config }}:/config:ro" + - /var/run/docker.sock:/var/run/docker.sock:ro + - /data:/data:ro +ethereum_metrics_exporter_config: | + consensus: + enabled: true + url: "{{ ethereum_metrics_exporter_cl_endpoint }}" + name: "consensus-client" + execution: + enabled: true + url: "{{ ethereum_metrics_exporter_el_endpoint }}" + name: "execution-client" + modules: + - "eth" + - "net" + - "web3" + - "txpool" + docker: + enabled: true + endpoint: "unix:///var/run/docker.sock" + interval: "10s" + containers: + - name: "execution" + type: "execution" + filesystem: + enabled: true + volumes: + - name: "*" + monitor: true + - path: "/execution-auth.jwt" + monitor: false + - path: "/network-config" + monitor: false + - name: "beacon" + type: "consensus" + filesystem: + enabled: true + volumes: + - name: "*" + monitor: true + - path: "/execution-auth.jwt" + monitor: false + - path: "/network-config" + monitor: false + +# role: eth_testnet_config +eth_testnet_config_dir: /data/ethereum-network-config/metadata +eth_testnet_config_local_dir_enabled: true +eth_testnet_config_local_dir_src: "{{ ethereum_genesis_generator_output_dir }}/metadata/" + +# role: gen_basic_auth_nginx +gen_basic_auth_nginx_name: "{{ secret_nginx_shared_basic_auth.name }}" +gen_basic_auth_nginx_password: "{{ secret_nginx_shared_basic_auth.password }}" +docker_nginx_proxy_container_image: "{{ default_tooling_images.nginx_proxy }}" +docker_nginx_proxy_docker_gen_container_image: "{{ default_tooling_images.nginx_proxy_gen }}" +docker_nginx_proxy_acme_companion_container_image: "{{ default_tooling_images.nginx_proxy_acme }}" + +# role: ethpandaops.general.docker_nginx_proxy +docker_nginx_proxy_container_name: nginx-proxy +docker_nginx_proxy_default_email: "certs@{{ domain }}" +docker_nginx_proxy_docker_gen_container_name: nginx-proxy-gen +docker_nginx_proxy_docker_gen_container_env: + RESOLVERS: "1.1.1.1" +docker_nginx_proxy_acme_companion_enabled: false +docker_nginx_proxy_acme_companion_container_name: nginx-proxy-acme +docker_nginx_proxy_acme_companion_container_env: + DEFAULT_EMAIL: "{{ docker_nginx_proxy_default_email }}" + NGINX_PROXY_CONTAINER: "{{ docker_nginx_proxy_container_name }}" + NGINX_DOCKER_GEN_CONTAINER: "{{ docker_nginx_proxy_docker_gen_container_name }}" + ACME_CA_URI: https://acme.zerossl.com/v2/DV90 + ACME_EAB_KID: "{{ secret_zerossl.ACME_EAB_KID }}" + ACME_EAB_HMAC_KEY: "{{ secret_zerossl.ACME_EAB_HMAC_KEY }}" +docker_nginx_proxy_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_docker_gen_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_acme_companion_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_acme_monitor_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_acme_monitor_enabled: false +docker_nginx_proxy_datadir: /opt/nginx-proxy +docker_nginx_proxy_container_volumes: + - "{{ docker_nginx_proxy_datadir }}/conf:/etc/nginx/conf.d" + - "{{ docker_nginx_proxy_datadir }}/vhost:/etc/nginx/vhost.d" + - "{{ docker_nginx_proxy_datadir }}/certs:/etc/nginx/certs:ro" + - html:/usr/share/nginx/html + - "{{ docker_nginx_proxy_datadir }}/htpasswd:/etc/nginx/htpasswd:ro" +docker_nginx_proxy_cert_loader_container_image: "{{ default_tooling_images.nginx_proxy_cert_loader }}" +docker_nginx_proxy_cert_linker_container_image: "{{ default_tooling_images.nginx_proxy_cert_linker }}" +docker_nginx_proxy_cert_loader_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_cert_linker_container_networks: "{{ docker_networks_shared }}" +docker_nginx_proxy_wildcard_cert: "{{ network_server_subdomain }}" +docker_nginx_proxy_wildcard_cert_url: "http://cert.{{ network_server_subdomain }}/{{ network_server_subdomain }}-latest.tar.enc" +docker_nginx_proxy_wildcard_cert_psk: "{{ secret_cert_encryption_psk }}" + +# role: ethpandaops.general.otelcol_contrib +otlp_endpoint: "https://otlp.analytics.production.platform.ethpandaops.io" +otlp_deployment_env: production + +otelcol_contrib_container_networks: "{{ docker_networks_shared }}" + +# role: ethpandaops.general.vector +clickhouse_logs_enabled: false +clickhouse_logs_endpoint: "https://logs-ingest.analytics.production.platform.ethpandaops.io" +vector_container_networks: "{{ docker_networks_shared }}" +vector_config: | + [sources.in] + type = "docker_logs" + exclude_containers = [ + "{{ vector_container_name }}", + "otelcol", + "ethereum-metrics-exporter", + "nginx-proxy", + "node_exporter", + "prometheus", + "snooper-", + ] + + [sinks.loki] + type = "loki" + inputs = ["in"] + out_of_order_action = "accept" + labels.forwarder = "vector" + labels.instance = "{{ inventory_hostname }}" + labels.network = "{{ ethereum_network_name }}" + labels.testnet = "{{ ethereum_network_name }}" + labels.ingress_user = "{{ secret_loki.username }}" + labels.container_name = "{{ '{{ container_name }}' }}" + {%- if ethereum_node_el is defined +%} + labels.ethereum_el = "{{ ethereum_node_el }}" + {%- endif +%} + {%- if ethereum_node_cl is defined +%} + labels.ethereum_cl = "{{ ethereum_node_cl }}" + {%- endif +%} + encoding.codec = "json" + endpoint = "{{ secret_loki.endpoint }}" + auth.strategy = "basic" + auth.user = "{{ secret_loki.username }}" + auth.password = "{{ secret_loki.password }}" + {%- if clickhouse_logs_enabled | default(false) +%} + + [transforms.clickhouse_shape] + type = "remap" + inputs = ["in"] + source = ''' + .IngressUser = "{{ secret_loki.username }}" + .Namespace = "" + .Pod = "" + .Container = string(.container_name) ?? "" + .Node = "{{ inventory_hostname }}" + .Stream = string(.stream) ?? "" + .Message = string(.message) ?? "" + .Timestamp = .timestamp + del(.container_name); del(.container_id); del(.container_created_at) + del(.image); del(.host); del(.label); del(.source_type) + del(.stream); del(.message); del(.timestamp) + ''' + + [sinks.clickhouse_logs] + type = "http" + inputs = ["clickhouse_shape"] + uri = "{{ clickhouse_logs_endpoint }}" + method = "post" + encoding.codec = "json" + auth.strategy = "basic" + auth.user = "{{ secret_loki.username }}" + auth.password = "{{ secret_loki.password }}" + batch.max_events = 5000 + batch.timeout_secs = 3 + {%- endif +%} +otelcol_contrib_config: | + extensions: + basicauth/client: + client_auth: + username: {{ secret_loki.username }} + password: {{ secret_loki.password }} + + receivers: + filelog: + include: [/var/lib/docker/containers/*/*-json.log] + include_file_path: true + start_at: end + operators: + - type: container + format: docker + add_metadata_from_filepath: true + - type: filter + expr: 'attributes["container.name"] != nil and attributes["container.name"] matches "^(otelcol|ethereum-metrics-exporter|nginx-proxy|node_exporter|prometheus|snooper-.*)$"' + - type: json_parser + if: 'body matches "^\\s*\\{"' + on_error: send + severity: + parse_from: attributes.level + overwrite_text: true + mapping: + fatal4: [emergency, emerg] + fatal3: [alert] + fatal2: [critical, crit] + fatal: [panic] + + otlp: + protocols: + grpc: {endpoint: "[::]:4317"} + http: {endpoint: "[::]:4318"} + + processors: + resource: + attributes: + - {key: deployment.environment, value: "{{ otlp_deployment_env }}", action: upsert} + - {key: network, value: "{{ ethereum_network_name }}", action: upsert} + - {key: ingress_user, value: "{{ secret_loki.username }}", action: upsert} + - {key: host.name, value: "{{ inventory_hostname }}", action: upsert} + + transform/service_name: + log_statements: + - context: resource + statements: + - set(attributes["service.name"], attributes["container.name"]) where attributes["container.name"] != nil + + batch: + send_batch_size: 500 + timeout: 5s + + exporters: + otlphttp/staging: + endpoint: "{{ otlp_endpoint }}" + auth: + authenticator: basicauth/client + + otlp/tempo: + endpoint: "{{ tempo_grpc_url | regex_replace('^grpcs?://', '') }}" + + service: + extensions: [basicauth/client] + pipelines: + logs: + receivers: [filelog, otlp] + processors: [resource, transform/service_name, batch] + exporters: [otlphttp/staging] + traces: + receivers: [otlp] + processors: [resource, batch] + exporters: [otlphttp/staging, otlp/tempo] diff --git a/ansible/inventories/devnet-7/group_vars/all/images.yaml b/ansible/inventories/devnet-7/group_vars/all/images.yaml new file mode 100644 index 0000000..9da8d4b --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/all/images.yaml @@ -0,0 +1,65 @@ +default_ethereum_client_images: + ### Consensus layer clients + lighthouse: ethpandaops/lighthouse:bal-devnet-7 + lodestar: ethpandaops/lodestar:bal-devnet-7 + nimbus: statusim/nimbus-eth2:multiarch-latest + prysm: ethpandaops/prysm-beacon-chain:bal-devnet-7 + prysm_validator: ethpandaops/prysm-validator:bal-devnet-7 + teku: consensys/teku:latest + grandine: ethpandaops/grandine:develop + ### Execution layer clients + besu: ethpandaops/besu:bal-devnet-7 + geth: ethpandaops/geth:bal-devnet-7 + erigon: ethpandaops/erigon:bal-devnet-7 + nethermind: ethpandaops/nethermind:bal-devnet-7 + reth: ethpandaops/reth:bal-devnet-7 + nimbusel: ethpandaops/nimbus-eth1:bal-devnet-7 + ethrex: ethpandaops/ethrex:bal-devnet-7 + +default_tooling_images: + mev_boost: ethpandaops/mev-boost:develop + mev_builder: ethpandaops/reth-rbuilder:develop + mev_relay: ethpandaops/mev-boost-relay:main + xatu_sentry: ethpandaops/xatu:latest + xatu_cannon: ethpandaops/xatu:latest + xatu_mimicry: ethpandaops/xatu:latest + xatu_cl_mimicry: ethpandaops/xatu:latest + xatu_relay_monitor: ethpandaops/xatu:latest + ethereum_metrics_exporter: ethpandaops/ethereum-metrics-exporter:latest + tx_fuzz: ethpandaops/tx-fuzz:latest + forkmon: skylenet/nodemonitor:darkmode + forky: ethpandaops/forky:latest + fauceth: skylenet/fauceth:fix_fee_estimation + powfaucet: pk910/powfaucet:v2-stable + homepage: ethpandaops/ethereum-testnet-homepage:latest + checkpointz: ethpandaops/checkpointz:bals-debian-latest + blockscout: blockscout/blockscout:latest + blockscout_frontend: docker.ethquokkaops.io/gh/blockscout/frontend:latest + beacon_metrics_gazer: dapplion/beacon-metrics-gazer:latest + eth_fauceth: chainflag/eth-faucet:latest + blobscan: blossomlabs/blobscan:latest + blobscan_indexer: blossomlabs/blobscan-indexer:latest + dora: ethpandaops/dora:eip7928-support-latest + dugtrio: ethpandaops/dugtrio:latest + ethereum_genesis_generator: ethpandaops/ethereum-genesis-generator:6.0.2 + tracoor: ethpandaops/tracoor:latest + ncli: status-im/nimbus-eth2:unstable + lcli: ethpandaops/lighthouse:unstable + zcli: electra + assertoor: ethpandaops/assertoor:qu0b-gloas-bals-v2 + erpc: docker.ethquokkaops.io/gh/erpc/erpc:0.0.49 + prometheus: prom/prometheus:v2.40.7 + node_exporter: prom/node-exporter:v1.5.0 + cl_bootnode: protolambda/eth2-bootnode:cleanup + json_rpc_snooper: ethpandaops/rpc-snooper:latest + nginx_proxy: nginx:alpine + nginx_proxy_gen: nginxproxy/docker-gen + nginx_proxy_acme: nginxproxy/acme-companion + nginx_proxy_cert_loader: ethpandaops/debian-docker:latest + nginx_proxy_cert_linker: nginxproxy/docker-gen + vector: timberio/vector:0.46.1-alpine + spamoor: ethpandaops/spamoor:master-latest + blobber: ethpandaops/blobber:latest + syncoor_web: docker.ethquokkaops.io/gh/ethpandaops/syncoor-web:master + syncoor_server: docker.ethquokkaops.io/gh/ethpandaops/syncoor:master + docker_watchtower: docker.ethquokkaops.io/gh/nicholas-fedor/watchtower:latest diff --git a/ansible/inventories/devnet-7/group_vars/all/kubernetes.yaml b/ansible/inventories/devnet-7/group_vars/all/kubernetes.yaml new file mode 100644 index 0000000..03f4841 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/all/kubernetes.yaml @@ -0,0 +1,5 @@ +# Kubernetes config generation overrides +# role: ethpandaops.general.generate_kubernetes_config + +gen_kubernetes_config_disabled_services: + - blockscout diff --git a/ansible/inventories/devnet-7/group_vars/besu.yaml b/ansible/inventories/devnet-7/group_vars/besu.yaml new file mode 100644 index 0000000..4df6bca --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/besu.yaml @@ -0,0 +1,99 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - garyschulte + - jflo + - fab-10 + - matkt + - Gabriel-Trintinalia + - siladu + - pinges + - jframe + - ahamlat + - macfarla + - daniellehrner + - kkaur01 + - joshuafernandes + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: besu +# role: ethpandaops.general.besu +besu_container_name: execution +besu_container_image: "{{ default_ethereum_client_images.besu }}" +besu_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" + BESU_OPTS: "-Xmx8g -XX:+ExitOnOutOfMemoryError -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/heap-%p.hprof" +besu_container_volumes: + - "{{ besu_datadir }}:/data" + - "{{ besu_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +besu_container_command_extra_args: + - --genesis-file=/network-config/besu.json + - --rpc-http-api=ADMIN,DEBUG,ETH,MINER,NET,TXPOOL,WEB3 + - --sync-mode=FULL + - --data-storage-format=BONSAI + - --bonsai-limit-trie-logs-enabled=false + - --bonsai-historical-block-limit=100000000 + - --bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --target-gas-limit=200000000 +besu_container_pull: true +besu_container_security_opts: + - "seccomp=unconfined" + +prometheus_config: | + global: + scrape_interval: 12s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/metrics" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/blobber.yaml b/ansible/inventories/devnet-7/group_vars/blobber.yaml new file mode 100644 index 0000000..3afaf04 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/blobber.yaml @@ -0,0 +1,56 @@ +blobber_container_image: "{{ default_tooling_images.blobber }}" + +blobber_log_level: trace + +ethereum_node_blobber_enabled: true + +# Storage configs +blobber_datadir: /data/blobber +blobber_validator_local_key_folder: "{{ ansible_inventory_sources[0] | dirname }}/files/validator_keys/{{ inventory_hostname }}" +blobber_validator_remote_key_folder: "{{ blobber_datadir }}/validators" + +blobber_container_volumes: + - "{{ blobber_datadir }}:/data" + +# Blobber specific configs +blobber_beacon_api: "beacon:5052" +#blobber_slot_actions: {"name": "equivocating_blob_sidecars", "broadcast_blobs_first": true} +#blobber_slot_actions: {"name": "conflicting_blobs"} +blobber_slot_actions: {"name": "blob_gossip_delay", "delay_milliseconds": 1500} +blobber_slot_action_frequency: 1 + +blobber_container_ports: + - "{{ blobber_p2p_port }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port }}:{{ blobber_p2p_port }}/udp" + - "{{ blobber_p2p_port + 1 }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port + 1 }}:{{ blobber_p2p_port }}/udp" + - "{{ blobber_p2p_port + 2 }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port + 2 }}:{{ blobber_p2p_port }}/udp" + - "{{ blobber_p2p_port + 3 }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port + 3 }}:{{ blobber_p2p_port }}/udp" + - "{{ blobber_p2p_port + 4 }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port + 4 }}:{{ blobber_p2p_port }}/udp" + - "{{ blobber_p2p_port + 5 }}:{{ blobber_p2p_port }}" + - "{{ blobber_p2p_port + 5 }}:{{ blobber_p2p_port }}/udp" + - "127.0.0.1:{{ blobber_api_listen_port }}:{{ blobber_api_listen_port }}" + +# - "--cl=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}lighthouse-geth-1.{{ network_server_subdomain }}" +# - "--cl=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}lighthouse-besu-1.{{ network_server_subdomain }}" +# - "--cl=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}lighthouse-erigon-1.{{ network_server_subdomain }}" +# - "--cl=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}lighthouse-nethermind-1.{{ network_server_subdomain }}" +# - "--cl=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_beacon_prefix }}lighthouse-reth-1.{{ network_server_subdomain }}" +blobber_container_command: + - "--cl={{ blobber_beacon_api }}" + - "--beacon-port-start={{ blobber_p2p_port }}" + - "--log-level={{ blobber_log_level }}" + - "--external-ip=0.0.0.0" + - "--slot-action={{ blobber_slot_actions | to_json }}" + - "--slot-action-frequency={{ blobber_slot_action_frequency }}" + - "--validator-key-folder=/data/validators" + - "--validator-proxy-port-start={{ blobber_api_listen_port }}" + - "--enable-unsafe-mode" + +blobber_container_command_extra_args: [] + +# Default image pull policy +blobber_container_pull: false diff --git a/ansible/inventories/devnet-7/group_vars/bootnode.sops.yaml b/ansible/inventories/devnet-7/group_vars/bootnode.sops.yaml new file mode 100644 index 0000000..cd4ba32 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/bootnode.sops.yaml @@ -0,0 +1,158 @@ +cl_bootnode_privkey: ENC[AES256_GCM,data:ywhGk8vFMF6ishOKGWMfSn0IxJttDiSBqaHgserxIamQvRMzJPcmMvAStVfMZB7XBHGyiWLy9vvDFhhQzBiocg==,iv:iEHtpLwDBPbJ3Ny/ZZLf+jX2nWunP21VhgU5D6fiSyQ=,tag:d2jUPi/+szwu4fkG1UuYKA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2025-01-31T05:18:36Z" + mac: ENC[AES256_GCM,data:OvHF2KM4DeBqRrBC2bhcpCrUbW2mwIvt+6+nwXld/qoDhgTxT8DBXGAfFY9wE172uElnV6O2bHGfgwCVX121Jg6d1rYzvcXrXuLaaTqLCTjy3xAkE0GrjJpXDAzhghsY95NU+n3u5Rz+49SffK/sR/dqRyNsASsW64eTzdMvXng=,iv:5di/nwLQieMrIxn6IEOP1UcJjick+X1l0kLka2e/72w=,tag:7jfPRLfWT2WiwllOfvxtEA==,type:str] + pgp: + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA32GcoRiZf6pARAAjH+IB4Omi4oRDCts8pOiPZpqGLhtexR36+2Wbgf850w5 + iHfN3I1jp/x+LhMkHF7OTjsUVCf27Q+NlAy5kv/Ptgf8Ks52N1rLzway5g+ssRWB + 7BwrRdNWvrBPVrQ3tXgHJlUyY4GfpkVFTHBZ0SP4g9VL1Ym7fK7n850XzbeNGJRx + LVXKrL8BqFa6Yunc4QP8megBAZTFLktUBPwZfSycs6aZKixRDiad/cb4JWXk2wl/ + byiFcYb1GynJbcLxjRdPqbkAk9EeDObXIatudLtNKB/iHnGst0KozBOwNHXD0v5N + 9kjJ++FlMHy205cMkUQj/ZVZgUgPhg2EOUvtUNOh160PIDqoDVQAcdKahjvgSF4h + sM0FPEigOu4qUncv9ckPjiyzT/vQPH3ZwDri1OMeOtpsBIx64kPZkx7w6Z60RaNQ + E9qa8tc/h4Co2NftEY9z6au5n9QN8J+b8z46DCbCKvfMRXffcUNZc9AcqeQ0add3 + I3xzdynbuQKbLLj2MRrBatrv+x1goEddXGXDfDaKmrYQJomsppYHuf2WOcamRLaW + Fx3FkMNnbcTzsGJQHHvRglOWacMeeSedQb55WePZUPO8P4im+vkihhqOX9J7Pufq + h7LNhub+IACZ02Tqrc8x53SsWSw9BDE67PpAPfhIopUrosUdy/dKRxYVWHFlpLjS + UQGmHup2nSh0C32VGJa5RdpFW6vTsgigKLS8nxULQMJ/9hxLrfpIRXLlVMxK89wk + bE5b1RsyNJ6UNXy5vI4gDmXpyXd7H5/QRDxPzLrf4WiipA== + =tx9b + -----END PGP MESSAGE----- + fp: 80DB2B4EF6CA4D9829C280605636BC0E08138A24 + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA87Wber4r4dGAQ//T+tC6M6C2NaDxpjRdsB2/+6bj9YhUIFL4EhDgasNYybW + ewY3/zTwfcVdWaz7hNup6NaYqkGlVTGLGEeGLD8LsKN1QXSQD+jrkVO3kbJ8juZf + hABQbOplI/x5IFz63qvid1A16xuxURCclo6GjL/Z8tpLjU/QYx5Y+jI7sXXeymxC + m9sg79pYBMyKyF4WoSJ7ftrIkwE93rEGJPjTQ76kismwV/RNf3dWIiypSLC6xdXD + d9DfCzN26iYK1GCONqYRDgOnHkvpFWvxXaUw6vmNm7uUUzRn/9x1mUJixL6GoY+9 + vTp6Qw4v534QjRAwG1G4lpv2GzliyKV6QI7AvhVoup3BzQBHnIUf7P3so0Ug33qK + cw2YvaNZosEuFFjaHUl+8Q+FIYXSc/ctG61eCeraqNnzToBzsb2P6uk2UDspy0Dk + lKTsqCyvW5GIPhVgAa8zBY24IEB85QfqWOdifZioRDbvl3x+IBozcTHwv8BxCoxm + p1VejU7lTlaEKt8QiQgi/ox1SRAQaMtICaG4uGBdLqb9fQxfolBZbNPfOlSSsTCn + DepMfCG31l2tuQQVUTo821fqsmQR9/zG3pzM3qgz+C8BPzovR6zronVASPoSNLvP + Pgk1S9N5/skbQ4jSqBiVyoyddkmEgHXlRsENueaj4Mobzoi9PX0PLjDAx911k+HS + UQHcYCMo6RecBliX4xFJ+Eu7h75QVgTe0o0ZeJnIzng9qfSX9qbpz5q7l1JtsWPV + 5P3tIxwWRrOoUhM35DGJNYsshFXx/jVZLQRB9hxxkJGekg== + =P8j2 + -----END PGP MESSAGE----- + fp: 69F66EEA7AE36CCB77DDB8CA1BC39532FB4A2DBD + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4hw3nPn82LyAQ/+KXu4QcH7jEK0FOIkpPgFAKAxgTr7iodgHnyMF2orvyT4 + Kns5IKt9REOgbhZ6fKx07lcf3HUPe3rMPJ13Xy2dG8lRc3ucul/L7q2OR7+9vOVt + EC+AIokjSzEkyDtIvWXFArP20qmEyThcMWJWY531VTdrXtv2RhyH3hBwBFWpweMr + B3N5WCVcr90retI3k0dCgbiz7CK4tlUortc8fTQJtwo3FGbO3spojFMqf4DkU4ag + PGEhsWHPY6RyoxBQCFR2yWGWuV7ZSpF3KoKQBDYlXzSpBG82N96OppbqDl59P3KN + LGKSRIsvq4UNR+dge9jtOdkealEVfo4VSjDAfOx8ceUAUn6MAGSAvyK3xqd5AFc4 + rBTMavg2rNqfrJsHuSlnVstqi+WOd+c6JnEZHwyqHPGxUHzjUOjpO/u1cmkJk4+J + KhbeZwNlNsHpA0V3olYgZHOmyCya6y9IOhB5HJrNzKYbUwzIaEXygc1/AMvzNDye + d/xUI0p3BHglra8tC3FUStsO5WJnplc41YlcteQrWaI/lsh4FQFMhpBBRTYyXMDC + JZGGcS+VejZGh55kmMfVjc9jy1S6WcOQrYFk58ZYcW4M2/6xHVnI9u0RVI8pDNLb + sdiDF+NMMmpZfx7Bu51K4tzoW2zZeoYgkY7sf3feDEsQ1Fa8m1GzAqpmnnOaknDS + UQEZG9MTHeZNdAYIHpcX72L702w0VLx+w9WJSbt/HBYpdDPdfiHe4r1SWhlWBDHo + obhPTmQyl9BP77gRvv7YaVnbd1OzHyugVY9mXcPexKV76A== + =bvyI + -----END PGP MESSAGE----- + fp: D1002590180DE371BCB455EAEFCD4ACD0B4D3F6E + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAw01qfIBwY0JAQ/+JlPvzxbn8hp8QXmtxy18SsKYXxBQ4VAXpOsOgsKkqPXD + sGjeJtVGPal0u3avizQzuua+4wOD+3FLHM4Pyo0sgpIm5LG50shyerIC2qVnChBB + boxsy/qeYk7XYq7zgXAhoo9PE5rQX2jC+AZ28QOfP7K6g1yewJqLVuyS3uUt2HoI + r+EBHrict4RPd6klAhPNN+z813+kGP/ySkoqfkObFz25qorXk9YGqoQW+tfX5XCg + Ows2iX+/0m/u5SX30fTVnzbBnxabDerTQj5XPycdhWVR+YBeDIsTd1PxCk+xKrqr + CP4lXEcXkbuiOD8bCZ0Nfias9F/G4sYMYD4y+LMKe3yNcQ5VP5+JYCiBucl8OdTc + r75PxyciQZy6a8sctXQtG3HOuPNvDVi+OSIyFQ09HHYCC4y0j6yfW7YYP5Tv6vMm + yXy0lT/tc4IIEfFxHBQyNWNN6xZlHW0TBe+s0RQ2cnbAdKk9imfnhRF6+3KF0nsJ + WYXk5yShxxW3S1ujm4C+LZFv6bAZz1RN7krNFbeaMNZJkx6Yf9sVzZIOdcxik0oN + LDvnTuxXRLEBBGEgOBIbvVQHQGDZzdHmbaXlpKnnV3iEL9sjXl+qBVXIwzp+D5Nc + UM3WbuDs6LIr+O6XWqMZrhz+HSH2dKi8If72+DkCB+8HNZWNYLiWe8sqA/kEzt3S + UQGPRo12reWMKimS7gmCZSFmCkhAxzvbYdJP8ToTmxFKbCTxsItLnHoCbSD4S94W + tnwa5hhxezaxP1uvGFUfwvHPXMma9ChbFnZL1l2wuFaVUg== + =nxty + -----END PGP MESSAGE----- + fp: B9F81F327CF5346860E85269D7AF98F214C59E4E + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQEMAwDFOgk9tOQ+AQf/S3r7EsW1J1wcBKkrWws4xazvLUrkOPV7Pev4quKpSHG2 + d9pr45IFFW3zgqjqBpUzCzo+a9wXM2/IzHYe44wQSHmmhzXijmFARZ0TXMgtiAg+ + EJUdwrbhglemA0s1WPlRyGIBdVvkfUWFpb9EGMqsB9gqGo/JNmTyUiG3+47e8iUf + JTp2RbmdCSvDY78QiDF7r31Tw4Rrn+ep4FTMyUw/XY7539mz4D6/6pX01Tb7tGxV + V8yzYchD9kg3R3Jwgq2UcU9f9yGDa9epmo0qDfwb+ECpv1SsS41VSkGk9/KDTjr0 + 8LuhrsUg8S4ZCHVfEuOrs+s1RBq2tJU+esKXB9/sJNJRAWqYRPTSIy4Ytq7zT0DO + dATxseHf3gAhP9eBlKyBDvFcNPDp+Lhs7akJndrRm/8n/s3GvEJJAej3ur9ETOTI + 4BYMwVrwQkwtwGmrZXT+iXh1 + =sklM + -----END PGP MESSAGE----- + fp: 0600D41E1313E31016F7C55BF597BC0C5F22D1A2 + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAz4a8AV36xppARAAhikgDq91xe/hHoTK+nJjxjPe7HnabWcvaYSElOTcJdT4 + R2z8fgJJ8SRn+XSFIZZbufPChxhAga5L+KlO3d+9ifvHttDZ/wKPitMfUne1M9mX + SR+NcK1tKJn5iQJ9Bxx50l7u/ZFTnvDHfis37NDQnrU3osEQmefc+zc/YHfDtXYb + LU3HVqlSzciNpKLrJtYi1Y6l8BFgnnzxMyfUAn7gL16K6xh4wUxUOvesiQPltXRQ + bkEGvAakdOg6x9LBN8w9o2d0mV1/WADPKjPgyF2Rrgv7gU0ZpU2qracvUaIvCqfG + vg5Tj34NZAqc1Gaa7Y1tuRyijLJPT2FR0EH3Qd9SBvEeyAMjgQ1wbPuvwVioNpqg + sjXKALKL2O1RIPT2FTcbsPHUMlUyWU5J4HZ5sbTeZGDcYt9Izk7C1wJMvH1922iC + FUobJ52hAkUr05ensTqp36nbvU/7MIFiOB7uO4ro12UV90SyIPDZgjXBZYzAER8B + ggX56/zzjQyUzfA8z2NWzSj21WY45d3e+rXKU7MIlmvlqG21jyIN7nizzCQkQxIm + 8kwEAuPJHS2nDbewA2dgWF4uTCPq9BH1QWYD4az4bxtuuF56O2C/zIN6m90UmLoU + U840pAg4jq7EWiDSr9Y8Bop2E3rXnY8bKHvoj8ouLH2CE3M6ozC08qxORKCg20LS + UQGLDqG3LoDHmupHH5OBw7GdWg4mhnfn1fXW/3mvXeC6+lY43BGxHBeJV6MIXFDn + winRBpyrrOpf7JyDa6evUuhrYzckgiatZjLYPKUqXdyVuQ== + =QKuz + -----END PGP MESSAGE----- + fp: 29C50D01122FDE78E257482DAA497EB2610A8435 + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxYzhHRfYJYtAQ/5AXwnZoyGM43yGkK1zVhO9JBz3B/ZhOHtReRbQCHoET6P + Mi9KuzuDWbXLq90z0dKMY1vDTJCHOThsQiqiR4LVJCiFHuDdgCpkVBGA+aoA8QgZ + DdynxVKXbaIQRC3Cc1rDe/lFDfsMeibebsCgxX3rWytho75DvkPVgKqakCk6qZJp + Z3wD0MH7DWps1A+fB+Q+W+n6uZFxIJ8OtPVdSU4H7FZ42WkxZZ3xxygJsVYzUdT2 + 7qWqArs3K7HRTO2Tx0kssGUo0IYTvrYwWSJjDyqQCe5hATzqY7ailzttiWNtM7Tl + XCkwb+QpvAkTFVwFdI+meZEVgme//+ZM+5slTg2ACALG+diwzDwca5EQtKheMdN5 + BBrQuh08Mnz5QJA3mLtvRFpYeogaTb82EaoXvm+BlydUKrdL+kuuK9AoeF2CvYuy + or1zc2nrfeTCRWRtWlfeJxdBkNMkxnVFwnhik5jvQmCnKZdZboWZIiTO5ABeRpCz + peh7dwLIK92GPLHWYsvKjGsINuDxawpX4iOCJSgg1JlzDp/Qim5hjCaTcrfUXXOl + WNK5gUt56Ij8Uk0GEmRhECgmKEuByLEpOKYeG0nLBopkNxKWd8RUvK8GCx+nlb+s + 7KmlrzvpqqLpXFJ5u0PjiRiw0dOJhSahwK+yROE8qQh3nVsJlnWDnjvcfh1g2BnS + UQH8UO8RDIVvocBWXnNYXAoSbv2UVE10HxphyAmMmgXB4Su2M4yXajMg6TlWtkZq + tHX+uD/SdA44VImJmsdE4AwP+yODWSYgj98ziSLWAKTPBA== + =Gc8d + -----END PGP MESSAGE----- + fp: 9BE537027CB7467923E240FF2AED09371C121F91 + - created_at: "2025-09-16T09:19:21Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DjS7VXZx9i8YSAQdA+QaCeWae6exqCLoTbViPC5MHCVuc5FHuJBfgKpTDzBcw + z666dWfo9PmP7os82CM0gvMSEwoKihm0z8Khux3yGGQFXgQlTavPCsmnEOBtqntH + 1FsBCQIQq8ASFMaLcLuUJQi4Jn7B4LJJt692Venh5ajhah5uOet0IHLxaTsYxpTL + VDFruyur7UAz73in3NcDKQsdsVly/1YvAqUDUNQZCR46JD1a6inxBvNSy8nn + =kExY + -----END PGP MESSAGE----- + fp: F93098C3D8ED15D0924A6DDAEB4E93A88660C55B + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/ansible/inventories/devnet-7/group_vars/bootnode.yaml b/ansible/inventories/devnet-7/group_vars/bootnode.yaml new file mode 100644 index 0000000..acc5d47 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/bootnode.yaml @@ -0,0 +1,189 @@ +ethereum_cl_bootnode: "{{ hostvars[primary_bootnode]['bootnodoor_fact_enr'] }}" +ethereum_el_bootnode: "{{ hostvars[primary_bootnode]['bootnodoor_fact_enode'] }}" + + +# role: ethpandaops.general.bootnodoor +bootnodoor_privkey: >- + {{ + (secret_bootnodoor_seed ~ ':' ~ ethereum_genesis_chain_id|string) + | hash('sha256') + }} +bootnodoor_set_facts: true +bootnodoor_el_enabled: true +bootnodoor_cl_enabled: true + +bootnodoor_container_name: "bootnodoor" +bootnodoor_container_image: "ethpandaops/bootnodoor:master" +bootnodoor_container_networks: "{{ docker_networks_shared }}" +bootnodoor_p2p_port: 9010 +bootnodoor_ui_port: 8004 +bootnodoor_enr_ip: "{{ ansible_host }}" + +bootnodoor_el_config: /network-config/genesis.json +bootnodoor_el_genesis_hash: /network-config/deposit_contract_block_hash.txt +bootnodoor_cl_config: /network-config/config.yaml +bootnodoor_cl_gvr: /network-config/genesis_validators_root.txt +bootnodoor_container_volumes_extra: + - "{{ eth_testnet_config_dir }}:/network-config:ro" + +bootnodoor_container_command_extra_args: [] +bootnodoor_container_env: + VIRTUAL_HOST: >- + {{ ('bootnodoor.' ~ network_server_subdomain ~ ',') if inventory_hostname == primary_bootnode else '' }}bootnodoor-{{ server_fqdn }} + VIRTUAL_PORT: "{{ bootnodoor_ui_port | string }}" + LETSENCRYPT_HOST: >- + {{ ('bootnodoor.' ~ network_server_subdomain ~ ',') if inventory_hostname == primary_bootnode else '' }}bootnodoor-{{ server_fqdn }} + +# role: ethereum_inventory_web +eth_inventory_web_container_networks: "{{ docker_networks_shared }}" +eth_inventory_web_container_env: + VIRTUAL_HOST: "{{ server_fqdn }}" + VIRTUAL_PORT: "80" + VIRTUAL_PATH: "/meta/api" + VIRTUAL_DEST: "/" + LETSENCRYPT_HOST: "{{ server_fqdn }}" + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: geth +ethereum_node_cl: lodestar +ethereum_node_cl_validator_enabled: false + +# role: ethpandaops.general.lodestar +lodestar_container_name: beacon +lodestar_container_image: "{{ default_ethereum_client_images.lodestar }}" +lodestar_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" + +lodestar_container_volumes: + - "{{ lodestar_datadir }}:/data" + - "{{ lodestar_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" + +lodestar_container_command_extra_args: + - --paramsFile=/network-config/config.yaml + - --genesisStateFile=/network-config/genesis.ssz + - --persistNetworkIdentity + - --rest.namespace="*" + - --nat=true + - --logLevel=debug + - --serveHistoricalState + - --network.connectToDiscv5Bootnodes + - >- + --bootnodes={{ + ( + ( + groups['bootnode'] + | map('extract', hostvars, ['ethereum_node_fact_cl_enr']) + | select('defined') + | list + ) + + + ( + groups['bootnode'] + | map('extract', hostvars, ['bootnodoor_fact_enr']) + | select('defined') + | list + ) + ) + | join(',') + }} + +# role: ethpandaops.general.geth +geth_container_name: execution +geth_container_image: "{{ default_ethereum_client_images.geth }}" +geth_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" +geth_container_command_extra_args: + - --http.api=eth,net,web3,debug,admin,txpool,trace + - --http.vhosts=* + - --networkid={{ ethereum_network_id }} + - --syncmode=full + - --gcmode=archive + - --history.state=0 + - --miner.gaslimit=200000000 + - >- + --bootnodes={{ + ( + ( + groups['bootnode'] + | map('extract', hostvars, ['ethereum_node_fact_el_enode']) + | select('defined') + | list + ) + + + ( + groups['bootnode'] + | map('extract', hostvars, ['bootnodoor_fact_enode']) + | select('defined') + | list + ) + ) + | join(',') + }} +geth_init_custom_network: true +geth_init_custom_network_genesis_file: "{{ eth_testnet_config_dir }}/genesis.json" +geth_container_pull: true + +geth_init_custom_network_container_command: + - --datadir=/data + - init + - /genesis.json + +# role: ethpandaops.general.prometheus +prometheus_remote_push_url: https://victoriametrics.ethdevops.io/insert/0/prometheus/api/v1/write +prometheus_remote_write_username: "{{ secret_prometheus_remote_write.username }}" +prometheus_remote_write_password: "{{ secret_prometheus_remote_write.password }}" +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/dns_server.yaml b/ansible/inventories/devnet-7/group_vars/dns_server.yaml new file mode 100644 index 0000000..040997f --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/dns_server.yaml @@ -0,0 +1,79 @@ +# role: ethpandaops.general.dns_server +dns_server_disable_systemd_resolved: true +dns_server_is_master: "{{ inventory_hostname == primary_bootnode }}" +dns_server_acme_zone: "{{ network_server_subdomain }}" + +# One or more master IPs (for slaves to pull from / accept NOTIFY from) +dns_server_master: "{{ ([hostvars[primary_bootnode].ansible_host] + if (groups.get('bootnode') is defined and primary_bootnode in groups['bootnode']) + else []) | list }}" + +# All slave IPs (for master's also-notify / allow-transfer) +dns_server_slave: "{{ (groups.get('bootnode', []) | difference([primary_bootnode])) + | map('extract', hostvars, 'ansible_host') + | list }}" + +dns_server_zones: + - zone: "{{ network_server_subdomain }}" + content: | + $TTL 120 + @ IN SOA {{ server_fqdn }}. zonemaster.{{ domain }}. ( + 00000000000000 ; Serial + 2H ; Refresh + 1H ; Retry + 1W ; Expire + 5m ) ; NX (TTL Negativ Cache) + IN NS {{ server_fqdn }}. + {# extra NS for each secondary, if their FQDNs are known #} + {% for h in groups['bootnode'] | sort if h != primary_bootnode %} + {% if hostvars[h].server_fqdn is defined %} + IN NS {{ hostvars[h].server_fqdn }}. + {% endif %} + {% endfor %} + + ; certificates + cert IN A {{ hostvars[primary_bootnode]['ansible_host'] }} + + ; bootnodoor (primary) + bootnodoor IN A {{ hostvars[primary_bootnode]['ansible_host'] }} + + ; bootnodes + {% for host in groups['bootnode'] | sort %} + {{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {{ ethereum_node_rpc_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {{ ethereum_node_beacon_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + bootnodoor-{{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {% if hostvars[host]['ipv6'] is defined %} + {{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {{ ethereum_node_rpc_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {{ ethereum_node_beacon_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {% endif %} + {% endfor %} + + ; ethereum_nodes + {% for host in groups['ethereum_node'] | sort %} + {{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {{ ethereum_node_rpc_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {{ ethereum_node_beacon_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN A {{ hostvars[host]['ansible_host'] }} + {% if hostvars[host]['ipv6'] is defined %} + {{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {{ ethereum_node_rpc_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {{ ethereum_node_beacon_prefix }}{{ hostvars[host]['inventory_hostname'] }} IN AAAA {{ hostvars[host]['ipv6'] }} + {% endif %} + {% endfor %} + +# role: ethpandaops.general.wildcard_cert_issuer +wildcard_cert_issuer_enabled: "{{ inventory_hostname == primary_bootnode }}" +wildcard_cert_issuer_base_domain: "{{ network_server_subdomain }}" +wildcard_cert_issuer_acme_directory: "https://acme.zerossl.com/v2/DV90" +wildcard_cert_issuer_acme_eab_kid: "{{ secret_zerossl.ACME_EAB_KID }}" +wildcard_cert_issuer_acme_eab_hmac_key: "{{ secret_zerossl.ACME_EAB_HMAC_KEY }}" +wildcard_cert_issuer_email: "ssl@ethpandaops.io" +wildcard_cert_issuer_publish_port: 8080 +wildcard_cert_issuer_publish_psk: "{{ secret_cert_encryption_psk }}" +wildcard_cert_issuer_container_env: + VIRTUAL_HOST: "cert.{{ network_server_subdomain }}" + VIRTUAL_PORT: "8080" + HTTPS_METHOD: "nohttps" +wildcard_cert_issuer_container_networks: "{{ docker_networks_shared }}" +wildcard_cert_issuer_rfc2136_server: "172.17.0.1" # dns container runs on host network diff --git a/ansible/inventories/devnet-7/group_vars/erigon.yaml b/ansible/inventories/devnet-7/group_vars/erigon.yaml new file mode 100644 index 0000000..d6000f6 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/erigon.yaml @@ -0,0 +1,92 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - Giulio2002 + - yperbasis + - taratorio + - shohamc1 + - mh0lt + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: erigon + +# Disable IPv6 for erigon: the ansible role appends a second --nat=extip: +# which overrides the IPv4 --nat, causing erigon to only advertise its IPv6 address. +# This results in poor peering since bootnodes and most peers use IPv4 enodes. +erigon_ipv6_enabled: false + +# role: ethpandaops.general.erigon +erigon_container_name: execution +erigon_container_image: "{{ default_ethereum_client_images.erigon }}" +erigon_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" +erigon_container_command_extra_args: + - --http.api=eth,erigon,engine,web3,net,debug,trace,txpool,admin + - --http.vhosts=* + - --ws + - --prune.mode=archive + - --networkid={{ ethereum_network_id }} + - --db.size.limit=500GB + - --bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --miner.gaslimit=200000000 + - --discovery.v4 +erigon_init_custom_network: true +erigon_init_custom_network_genesis_file: "{{ eth_testnet_config_dir }}/genesis.json" + +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/debug/metrics/prometheus" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/ethereum_node.yaml b/ansible/inventories/devnet-7/group_vars/ethereum_node.yaml new file mode 100644 index 0000000..ccaf99d --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/ethereum_node.yaml @@ -0,0 +1,76 @@ +ethereum_cl_bootnodes: >- + {{ + ( + [hostvars[primary_bootnode]['bootnodoor_fact_enr'] | default(None)] + + [hostvars[primary_bootnode]['ethereum_node_fact_cl_enr'] | default(None)] + + [hostvars['lighthouse-geth-super-1']['ethereum_node_fact_cl_enr'] | default(None)] + + [hostvars['lighthouse-nethermind-super-1']['ethereum_node_fact_cl_enr'] | default(None)] + ) | select('string') | list + }} + +ethereum_el_bootnodes: >- + {{ + ( + [hostvars[primary_bootnode]['bootnodoor_fact_enode'] | default(None)] + + [hostvars[primary_bootnode]['ethereum_node_fact_el_enode'] | default(None)] + + [hostvars['lighthouse-geth-super-1']['ethereum_node_fact_el_enode'] | default(None)] + + [hostvars['lighthouse-nethermind-super-1']['ethereum_node_fact_el_enode'] | default(None)] + ) | select('string') | list + }} + +ethereum_node_xatu_sentry_enabled: true + +# role: ethpandaops.general.prometheus +prometheus_remote_push_url: https://victoriametrics-public.analytics.production.platform.ethpandaops.io/insert/1/prometheus +prometheus_remote_write_username: "{{ secret_prometheus_remote_write.username }}" +prometheus_remote_write_password: "{{ secret_prometheus_remote_write.password }}" +prometheus_config: | + global: + scrape_interval: 12s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/ethrex.yaml b/ansible/inventories/devnet-7/group_vars/ethrex.yaml new file mode 100644 index 0000000..3a9fe05 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/ethrex.yaml @@ -0,0 +1,90 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - arkenan + - ilitteri + - edg-l + - iovoid + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: ethrex + +# role: ethpandaops.general.ethereum_node_fact_discovery +# ethrex stores nodekey in chain-specific subdir: /data/chain-/node.key +ethereum_node_fact_discovery_el_key_cmd: + ethrex: xxd -p -c32 {{ ethrex_datadir | default('/data/ethrex') }}/chain-{{ ethereum_network_id | trim }}/node.key +# role: ethpandaops.general.ethrex +ethrex_container_name: execution +ethrex_container_image: "{{ default_ethereum_client_images.ethrex }}" +ethrex_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" + RUST_LOG: "info" +ethrex_container_volumes: + - "{{ ethrex_datadir }}:/data" + - "{{ ethrex_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +ethrex_container_command_extra_args: + - --network=/network-config/genesis.json + - --bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --builder.gas-limit=200000000 + - --syncmode=full + - --p2p.lookup-interval=1000 + - --p2p.discv5=false + +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/metrics" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/geth.yaml b/ansible/inventories/devnet-7/group_vars/geth.yaml new file mode 100644 index 0000000..f567e46 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/geth.yaml @@ -0,0 +1,90 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - mariusVanDerWijden + - lightclient + - rjl493456442 + - jwasinger + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: geth + +# role: ethpandaops.general.geth +geth_container_name: execution +geth_container_image: "{{ default_ethereum_client_images.geth }}" +geth_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" +geth_container_command_extra_args: + - --http.api=eth,net,web3,debug,admin,txpool,trace + - --http.vhosts=* + - --networkid={{ ethereum_network_id }} + - --syncmode=full + - --history.state=0 + - --gcmode=archive + - --bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --miner.gaslimit=200000000 +geth_init_custom_network: true +geth_init_custom_network_genesis_file: "{{ eth_testnet_config_dir }}/genesis.json" +geth_init_custom_network_container_command: + - --datadir=/data + - init + - /genesis.json +geth_container_pull: true + +prometheus_config: | + global: + scrape_interval: 12s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/debug/metrics/prometheus" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/grandine.yaml b/ansible/inventories/devnet-7/group_vars/grandine.yaml new file mode 100644 index 0000000..5613d5b --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/grandine.yaml @@ -0,0 +1,51 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - sauliusgrigaitis + - tumas + - povi + - hangleang + +# role: geerlingguy.docker +docker_daemon_options: + "log-driver": "json-file" + "log-opts": + "max-size": "500m" + "max-file": "40" + +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/teku-keys/" + dest: "{{ grandine_validator_datadir }}/keys/" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/teku-secrets/" + dest: "{{ grandine_validator_datadir }}/secrets/" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/change_operations.json" + dest: "{{ grandine_validator_datadir }}/change_operations.json" + owner: grandine + group: grandine +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: grandine + +# role: ethpandaops.general.grandine +grandine_container_name: beacon +grandine_container_image: "{{ default_ethereum_client_images.grandine }}" +grandine_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" + GRANDINE_LOG: "fork_choice_control=debug,p2p=debug" +grandine_container_volumes: + - "{{ grandine_datadir }}:/data" + - "{{ grandine_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +grandine_container_command_extra_args: + - --configuration-directory=/network-config/ + - --boot-nodes={{ ethereum_cl_bootnodes | join(',') }} + - --graffiti={{ ansible_hostname }} + - --features=LogHttpRequests + +grandine_validator_container_volumes: + - "{{ grandine_validator_datadir }}:/validator-data" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +grandine_validator_datadir: /data/grandine-validator diff --git a/ansible/inventories/devnet-7/group_vars/lighthouse.yaml b/ansible/inventories/devnet-7/group_vars/lighthouse.yaml new file mode 100644 index 0000000..a6274c7 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/lighthouse.yaml @@ -0,0 +1,57 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - AgeManning + - ethdreamer + - paulhauner + - pawanjay176 + - michaelsproul + - antondlr + - realbigsean + - jimmygchen + - dapplion + - lodekeeper +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/keys/" + dest: "{{ lighthouse_validator_datadir }}/keys/" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname + }}/secrets/" + dest: "{{ lighthouse_validator_datadir }}/secrets/" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname + }}/change_operations.json" + dest: "{{ lighthouse_validator_datadir }}/change_operations.json" + owner: lighthouse + group: lighthouse + +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: lighthouse + +# role: ethpandaops.general.lighthouse +lighthouse_container_name: beacon +lighthouse_validator_container_name: validator +lighthouse_container_image: "{{ default_ethereum_client_images.lighthouse }}" +lighthouse_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" +lighthouse_container_volumes: + - "{{ lighthouse_datadir }}:/data" + - "{{ lighthouse_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +lighthouse_container_command_extra_args: + - --testnet-dir=/network-config + - --boot-nodes={{ ethereum_cl_bootnodes | join(',') }} + - --reconstruct-historic-states + - --debug-level=debug + - --checkpoint-sync-url=https://checkpoint-sync.bal-devnet-7.ethpandaops.io/ + +lighthouse_validator_container_volumes: + - "{{ lighthouse_validator_datadir }}:/validator-data" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +lighthouse_validator_container_command_extra_args: + - --testnet-dir=/network-config + - --graffiti={{ ansible_hostname }} +lighthouse_validator_datadir: /data/lighthouse-validator +lighthouse_container_pull: true diff --git a/ansible/inventories/devnet-7/group_vars/lodestar.yaml b/ansible/inventories/devnet-7/group_vars/lodestar.yaml new file mode 100644 index 0000000..ab37501 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/lodestar.yaml @@ -0,0 +1,65 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - wemeetagain + - twoeths + - g11tech + - philknows + - nazarhussain + - nflaig + - matthewkeil + - ensi321 + - lodekeeper + +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/keys/" + dest: "{{ lodestar_validator_datadir }}/keys/" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname + }}/secrets/" + dest: "{{ lodestar_validator_datadir }}/secrets/" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname + }}/change_operations.json" + dest: "{{ lodestar_validator_datadir }}/change_operations.json" + owner: lodestar + group: lodestar + +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: lodestar + +# role: ethpandaops.general.lodestar +lodestar_container_name: beacon +lodestar_validator_container_name: validator +lodestar_container_image: "{{ default_ethereum_client_images.lodestar }}" +lodestar_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" +lodestar_container_volumes: + - "{{ lodestar_datadir }}:/data" + - "{{ lodestar_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +lodestar_container_command_extra_args: + - --paramsFile=/network-config/config.yaml + - --genesisStateFile=/network-config/genesis.ssz + - --persistNetworkIdentity + - --rest.namespace="*" + - --nat=true + - --serveHistoricalState + - --bootnodes={{ ethereum_cl_bootnodes | join(',') }} + - --logLevel=debug + - --network.connectToDiscv5Bootnodes + #- --checkpointSyncUrl=https://checkpoint-sync.bal-devnet-7.ethpandaops.io + #- --forceCheckpointSync +lodestar_validator_container_volumes: + - "{{ lodestar_validator_datadir }}:/validator-data" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +lodestar_validator_container_command_extra_args: + - --paramsFile=/network-config/config.yaml + - --graffiti={{ ansible_hostname }} +lodestar_validator_datadir: /data/lodestar-validator +lodestar_container_pull: true + +lodestar_mev_boost_enabled: false +ethereum_node_cl_validator_enabled: true diff --git a/ansible/inventories/devnet-7/group_vars/mev_boost.yaml b/ansible/inventories/devnet-7/group_vars/mev_boost.yaml new file mode 100644 index 0000000..e59ad06 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/mev_boost.yaml @@ -0,0 +1,18 @@ +mev_boost_container_image: "{{ default_tooling_images.mev_boost }}" + +mev_boost_container_env: + GENESIS_FORK_VERSION: "0x10{{ ethereum_genesis_fork_version_suffix }}" + ALTAIR_FORK_VERSION: "0x20{{ ethereum_genesis_fork_version_suffix }}" + BELLATRIX_FORK_VERSION: "0x30{{ ethereum_genesis_fork_version_suffix }}" + CAPELLA_FORK_VERSION: "0x40{{ ethereum_genesis_fork_version_suffix }}" + DENEB_FORK_VERSION: "0x50{{ ethereum_genesis_fork_version_suffix }}" + ELECTRA_FORK_VERSION: "0x60{{ ethereum_genesis_fork_version_suffix }}" + FULU_FORK_VERSION: "0x70{{ ethereum_genesis_fork_version_suffix }}" + SKIP_RELAY_SIGNATURE_CHECK: "1" + +mev_boost_container_command: + - -addr=0.0.0.0:{{ mev_boost_server_port }} + - -relay-check + - -relays=http://0xa55c1285d84ba83a5ad26420cd5ad3091e49c55a813eee651cd467db38a8c8e63192f47955e9376f6b42f6d190571cb5@mev-relay-1.{{ network_server_subdomain }}:9062 + +ethereum_node_mev_boost_enabled: false diff --git a/ansible/inventories/devnet-7/group_vars/nethermind.yaml b/ansible/inventories/devnet-7/group_vars/nethermind.yaml new file mode 100644 index 0000000..5c97f97 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/nethermind.yaml @@ -0,0 +1,99 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - MarekM25 + - kamilchodola + - LukaszRozmej + - marcindsobczak + - asdacap + - rubo + - smartprogrammer93 + - cbermudez97 + - flcl42 + - stdevMac + - benaadams + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: nethermind +# role: ethpandaops.general.nethermind +nethermind_container_name: execution +nethermind_container_image: "{{ default_ethereum_client_images.nethermind }}" +nethermind_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" +nethermind_container_entrypoint: + - /nethermind/nethermind +nethermind_container_volumes: + - "{{ nethermind_datadir }}:/data" + - "{{ nethermind_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +nethermind_container_command_extra_args: + - --Init.ChainSpecPath=/network-config/chainspec.json + - --JsonRpc.EnabledModules=Eth,Subscribe,Trace,TxPool,Web3,Personal,Proof,Net,Parity,Health,Rpc,Debug,Admin + - --Pruning.Mode=None + - --config=none + - --log=INFO + - --Seq.MinLevel=Info + - --Seq.ServerUrl={{ nethermind_seq_server }} + - --Seq.ApiKey={{ nethermind_seq_api_key }} + - --Metrics.PushGatewayUrl={{ nethermind_push_gateway }} + - --Discovery.Bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --Blocks.TargetBlockGasLimit=200000000 +nethermind_container_pull: true + +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/metrics" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/nimbus.yaml b/ansible/inventories/devnet-7/group_vars/nimbus.yaml new file mode 100644 index 0000000..a69d5fb --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/nimbus.yaml @@ -0,0 +1,59 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - zah + - tersec + - etan-status + - arnetheduck + - chirag-parmar + - agnxsh + - tomi-3-0 + +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/nimbus-keys/" + dest: "{{ nimbus_validator_datadir }}/keys/" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/secrets/" + dest: "{{ nimbus_validator_datadir }}/secrets/" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/change_operations.json" + dest: "{{ nimbus_validator_datadir }}/change_operations.json" + owner: nimbus + group: nimbus + +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: nimbus + +# Checkpointsync +nimbus_checkpoint_autoremove_enabled: true +nimbus_checkpoint_container_command_extra_args: + - --trusted-node-url={{ checkpoint_sync_url }} + - --network=/network-config + - --backfill=false +# role: ethpandaops.general.nimbus +nimbus_container_name: beacon +nimbus_container_image: "{{ default_ethereum_client_images.nimbus }}" +nimbus_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" +nimbus_container_volumes: + - "{{ nimbus_datadir }}:/data" + - "{{ nimbus_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +nimbus_container_command_extra_args: >- + {{ nimbus_container_command_extra_simple_args + nimbus_container_command_extra_bootnode_args }} +nimbus_container_command_extra_simple_args: + - --network=/network-config + - --validator-monitor-auto=false + - --doppelganger-detection=off + - --log-level=INFO + - --light-client-data-serve=false + - --graffiti={{ ansible_hostname }} +nimbus_container_command_extra_bootnode_args: >- + {{ ethereum_cl_bootnodes | map('regex_replace', '^', '--bootstrap-node=') | list }} + +nimbus_validator_datadir: /data/nimbus-validator +nimbus_container_validator_volumes: + - "{{ nimbus_validator_datadir }}:/validator-data" +nimbus_container_pull: true diff --git a/ansible/inventories/devnet-7/group_vars/nimbusel.yaml b/ansible/inventories/devnet-7/group_vars/nimbusel.yaml new file mode 100644 index 0000000..0a30cc5 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/nimbusel.yaml @@ -0,0 +1,92 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - tersec + - jangko + - advaita-saha + - mjfh + - bhartnett + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: nimbusel +# role: ethpandaops.general.nimbusel +nimbusel_container_name: execution +nimbusel_container_image: "{{ default_ethereum_client_images.nimbusel }}" +nimbusel_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" + +nimbusel_container_volumes: + - "{{ nimbusel_datadir }}:/data" + - "{{ nimbusel_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +nimbusel_container_command_extra_args: + - --network=/network-config/genesis.json + - --bootstrap-node={{ ethereum_el_bootnodes | join(',') }} + - --rpc-api=admin,eth,debug + - --ws-api=admin,eth,debug + - --gas-limit=200000000 + +# Override role default --log-level=INFO with DEBUG (requested by nimbus-el team) +nimbusel_container_command: >- + {{ + (nimbusel_container_command_default | map('regex_replace', '^--log-level=INFO$', '--log-level=DEBUG') | list) + + (nimbusel_container_command_v6 if nimbusel_ipv6_enabled and ansible_default_ipv6.address is defined else []) + }} + +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/metrics" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/prysm.yaml b/ansible/inventories/devnet-7/group_vars/prysm.yaml new file mode 100644 index 0000000..f9b6ede --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/prysm.yaml @@ -0,0 +1,69 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - kasey + - terencechain + - potuz + - nisdas + - prestonvanloon + - rkapka + - nalepae + - james-prysm + +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/prysm_wallet_pass.txt" + dest: "{{ prysm_validator_datadir }}/wallet_pass.txt" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/prysm/direct/accounts/all-accounts.keystore.json" + dest: "{{ prysm_validator_datadir }}/wallet/direct/accounts/all-accounts.keystore.json" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/prysm/keymanageropts.json" + dest: "{{ prysm_validator_datadir }}/wallet/direct/keymanageropts.json" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/change_operations.json" + dest: "{{ prysm_validator_datadir }}/change_operations.json" + owner: prysm + group: prysm + +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: prysm +prysm_container_tty: true +prysm_pprof_enabled: true +prysm_validator_container_tty: true +# role: ethpandaops.general.prysm +prysm_container_name: beacon +prysm_validator_container_name: validator +prysm_container_image: "{{ default_ethereum_client_images.prysm }}" +prysm_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" +prysm_container_volumes: + - "{{ prysm_datadir }}:/data" + - "{{ prysm_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +prysm_container_entrypoint: + - /app/cmd/beacon-chain/beacon-chain +prysm_container_command_extra_args: >- + {{ prysm_container_command_extra_simple_args + prysm_container_command_extra_bootnode_args }} +prysm_container_command_extra_simple_args: + - --grpc-gateway-corsdomain=* + - --chain-config-file=/network-config/config.yaml + - --genesis-state=/network-config/genesis.ssz + - --contract-deployment-block={{ ethereum_network_deposit_contract_block }} + - --min-sync-peers=1 + - --enable-debug-rpc-endpoints + - --verbosity=debug + - --subscribe-all-subnets +prysm_container_command_extra_bootnode_args: >- + {{ ethereum_cl_bootnodes | map('regex_replace', '^', '--bootstrap-node=') | list }} + +prysm_validator_container_image: "{{ default_ethereum_client_images.prysm_validator }}" +prysm_validator_container_volumes: + - "{{ prysm_validator_datadir }}:/validator-data" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +prysm_validator_container_entrypoint: + - /app/cmd/validator/validator +prysm_validator_container_command_extra_args: + - --chain-config-file=/network-config/config.yaml + - --graffiti={{ ansible_hostname }} +prysm_validator_datadir: /data/prysm-validator diff --git a/ansible/inventories/devnet-7/group_vars/reth.yaml b/ansible/inventories/devnet-7/group_vars/reth.yaml new file mode 100644 index 0000000..9122c7d --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/reth.yaml @@ -0,0 +1,90 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_el: + - gakonst + - onbjerg + - klkvr + - shekhirin + - rkrasiuk + - mattsse + - jenpaff + - emmajam + - rjected + - mediocregopher + +# role: ethpandaops.general.ethereum_node +ethereum_node_el: reth +# role: ethpandaops.general.reth +reth_container_name: execution +reth_container_image: "{{ default_ethereum_client_images.reth }}" +reth_container_env: + VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" + RUST_BACKTRACE: "full" + RUST_LOG: "info,engine::tree::payload_processor=trace" +reth_container_volumes: + - "{{ reth_datadir }}:/data" + - "{{ reth_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +reth_container_command_extra_args: + - --chain=/network-config/genesis.json + - --http.api=trace,rpc,eth,net,debug,web3,admin,txpool + - --bootnodes={{ ethereum_el_bootnodes | join(',') }} + - --builder.gaslimit=200000000 + - --log.file.filter=debug,engine::tree::payload_processor::prewarm=trace +prometheus_config: | + global: + scrape_interval: 30s + evaluation_interval: 30s + scrape_timeout: 10s + external_labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + ip_address: "{{ ansible_host }}" + network: "{{ ethereum_network_name }}" + testnet: "{{ ethereum_network_name }}" + execution_client: "{{ ethereum_node_el }}" + consensus_client: "{{ ethereum_node_cl }}" + supernode: "{{ ethereum_node_cl_supernode_enabled | bool | default(false) }}" + remote_write: + - queue_config: + batch_send_deadline: 5s + max_backoff: 500ms + max_samples_per_send: 500 + min_backoff: 50ms + max_shards: 100 + url: {{ prometheus_remote_push_url }} + remote_timeout: 10s + basic_auth: + username: {{ prometheus_remote_write_username }} + password: {{ prometheus_remote_write_password }} + scrape_configs: + - job_name: "prometheus" + metrics_path: "/metrics" + static_configs: + - targets: ["localhost:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "node" + metrics_path: "/metrics" + static_configs: + - targets: ["172.17.0.1:9100"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "exporter" + metrics_path: "/metrics" + static_configs: + - targets: ["ethereum-metrics-exporter:9090"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "consensus_node" + metrics_path: "/metrics" + static_configs: + - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" + - job_name: "execution" + metrics_path: "/metrics" + static_configs: + - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"] + labels: + instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}" diff --git a/ansible/inventories/devnet-7/group_vars/teku.yaml b/ansible/inventories/devnet-7/group_vars/teku.yaml new file mode 100644 index 0000000..c2155e6 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/teku.yaml @@ -0,0 +1,52 @@ +# role: ethpandaops.general.bootstrap +bootstrap_default_user_authorized_keys_github_team_cl: + - tbenr + - rolfyone + - siladu + - lucassaldanha + - StefanBratanov + - zilm13 + - mehdi-aouadi + +# role: validator_keys +validator_keys_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/teku-keys/" + dest: "{{ teku_validator_datadir }}/keys/" + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/teku-secrets/" + dest: "{{ teku_validator_datadir }}/secrets/" + +validator_bls_sync_files: + - src: "{{ inventory_dir }}/files/validator_keys/{{ inventory_hostname }}/change_operations.json" + dest: "{{ teku_validator_datadir }}/change_operations.json" + owner: teku + group: teku +# role: ethpandaops.general.ethereum_node +ethereum_node_cl: teku + +# role: ethpandaops.general.teku +teku_container_name: beacon +teku_container_image: "{{ default_ethereum_client_images.teku }}" +teku_container_env: + VIRTUAL_HOST: "{{ ethereum_node_beacon_hostname }}" + VIRTUAL_PORT: "{{ ethereum_node_cl_ports_http_beacon | string }}" + LETSENCRYPT_HOST: "{{ ethereum_node_beacon_hostname }}" +teku_container_volumes: + - "{{ teku_datadir }}:/data" + - "{{ teku_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +teku_container_command_extra_args: + - --network=/network-config/config.yaml + - --genesis-state=/network-config/genesis.ssz + - --p2p-discovery-bootnodes={{ ethereum_cl_bootnodes | join(',') }} + - --p2p-peer-upper-bound=100 + - --data-storage-non-canonical-blocks-enabled=true + - --data-storage-mode=PRUNE + - --validators-graffiti={{ ansible_hostname }} + - --logging=info + - --Xlog-include-p2p-warnings-enabled + - --metrics-block-timing-tracking-enabled + - --ignore-weak-subjectivity-period-enabled + - --rest-api-docs-enabled +teku_validator_container_volumes: + - "{{ teku_validator_datadir }}:/validator-data" +teku_validator_datadir: /data/teku-validator diff --git a/ansible/inventories/devnet-7/group_vars/tx_fuzz_blobs.yaml b/ansible/inventories/devnet-7/group_vars/tx_fuzz_blobs.yaml new file mode 100644 index 0000000..623d9ed --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/tx_fuzz_blobs.yaml @@ -0,0 +1,12 @@ +tx_fuzz_blobs_container_image: "{{ default_tooling_images.tx_fuzz }}" +tx_fuzz_blobs_container_name: tx_fuzz_blobs + + +tx_fuzz_blobs_container_command: + - blobs + - --no-al + - --rpc=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_rpc_prefix }}{{ primary_bootnode }}.{{ network_server_subdomain }} + - --sk={{ tx_fuzz_blobs_privkey }} + - --txcount=10 + +tx_fuzz_container_networks: "{{ docker_networks_shared }}" diff --git a/ansible/inventories/devnet-7/group_vars/tx_fuzz_txs.yaml b/ansible/inventories/devnet-7/group_vars/tx_fuzz_txs.yaml new file mode 100644 index 0000000..8ac3515 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/tx_fuzz_txs.yaml @@ -0,0 +1,11 @@ +tx_fuzz_container_image: "{{ default_tooling_images.tx_fuzz }}" +tx_fuzz_container_name: tx_fuzz_txs + +tx_fuzz_container_command: + - spam + - --no-al + - --rpc=https://{{ secret_nginx_shared_basic_auth.name }}:{{ secret_nginx_shared_basic_auth.password }}@{{ ethereum_node_rpc_prefix }}{{ primary_bootnode }}.{{ network_server_subdomain }} + - --sk={{ tx_fuzz_txs_privkey }} + + +tx_fuzz_container_networks: "{{ docker_networks_shared }}" diff --git a/ansible/inventories/devnet-7/group_vars/xatu.yaml b/ansible/inventories/devnet-7/group_vars/xatu.yaml new file mode 100644 index 0000000..73ab8e2 --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/xatu.yaml @@ -0,0 +1,87 @@ +# role: ethpandaops.general.xatu_sentry +xatu_sentry_config_name: "{{ ethereum_network_name }}-{{ inventory_hostname }}" +xatu_sentry_config_server_address: "{{ secret_xatu_sentry.server_address }}" +xatu_sentry_config_server_auth_user: "{{ secret_xatu_sentry.user }}" +xatu_sentry_config_server_auth_password: "{{ secret_xatu_sentry.password }}" +xatu_sentry_config_network_name_override: "{{ ethereum_network_name }}" +xatu_sentry_container_networks: "{{ docker_networks_shared }}" +xatu_sentry_container_image: "{{ default_tooling_images.xatu_sentry }}" + +ethereum_node_xatu_sentry_enabled: true + +xatu_sentry_container_command: + - sentry + - --config=/config.yaml + +xatu_sentry_config: + logging: "info" + metricsAddr: ":9090" + name: "{{ xatu_sentry_config_name }}" + ntpServer: time.google.com + ethereum: + beaconNodeAddress: http://{{ vars[ethereum_node_cl + '_container_name'] }}:{{ethereum_node_cl_ports_http_beacon}} + overrideNetworkName: "{{ xatu_sentry_config_network_name_override }}" + beaconSubscriptions: + - attestation + - block + - block_gossip + - chain_reorg + - finalized_checkpoint + - head + - voluntary_exit + - contribution_and_proof + - blob_sidecar + attestationData: + enabled: false + beaconCommittees: + enabled: false + forkChoice: + enabled: false + outputs: + - config: + address: "{{ xatu_sentry_config_server_address }}" + headers: + authorization: "Basic {{ (xatu_sentry_config_server_auth_user + ':' + xatu_sentry_config_server_auth_password) | b64encode }}" + maxExportBatchSize: 32 + maxQueueSize: 1000000 + workers: 5 + tls: true + filter: + eventNames: + - BEACON_API_ETH_V1_EVENTS_UNKNOWN + - BEACON_API_ETH_V1_BEACON_COMMITTEE + - BEACON_API_ETH_V1_EVENTS_BLOB_SIDECAR + - BEACON_API_ETH_V1_EVENTS_BLOCK + - BEACON_API_ETH_V1_EVENTS_BLOCK_V2 + - BEACON_API_ETH_V1_EVENTS_BLOCK_GOSSIP + - BEACON_API_ETH_V1_EVENTS_CHAIN_REORG + - BEACON_API_ETH_V1_EVENTS_CHAIN_REORG_V2 + - BEACON_API_ETH_V1_EVENTS_FINALIZED_CHECKPOINT + - BEACON_API_ETH_V1_EVENTS_FINALIZED_CHECKPOINT_V2 + - BEACON_API_ETH_V1_EVENTS_HEAD + - BEACON_API_ETH_V1_EVENTS_HEAD_V2 + - BEACON_API_ETH_V1_EVENTS_VOLUNTARY_EXIT + - BEACON_API_ETH_V1_EVENTS_VOLUNTARY_EXIT_V2 + - BEACON_API_ETH_V1_EVENTS_CONTRIBUTION_AND_PROOF + - BEACON_API_ETH_V1_EVENTS_CONTRIBUTION_AND_PROOF_V2 + - BEACON_API_ETH_V1_VALIDATOR_ATTESTATION_DATA + - MEMPOOL_TRANSACTION + - MEMPOOL_TRANSACTION_V2 + - BEACON_API_ETH_V2_BEACON_BLOCK + - BEACON_API_ETH_V2_BEACON_BLOCK_V2 + name: grpc-general + type: xatu + - config: + address: "{{ xatu_sentry_config_server_address }}" + headers: + authorization: "Basic {{ (xatu_sentry_config_server_auth_user + ':' + xatu_sentry_config_server_auth_password) | b64encode }}" + maxExportBatchSize: 128 + maxQueueSize: 1000000 + workers: 10 + tls: true + filter: + eventNames: + - BEACON_API_ETH_V1_EVENTS_ATTESTATION + - BEACON_API_ETH_V1_EVENTS_ATTESTATION_V2 + name: grpc-attestation + type: xatu diff --git a/ansible/inventories/devnet-7/group_vars/xatu_sentry.yaml b/ansible/inventories/devnet-7/group_vars/xatu_sentry.yaml new file mode 100644 index 0000000..521fdff --- /dev/null +++ b/ansible/inventories/devnet-7/group_vars/xatu_sentry.yaml @@ -0,0 +1 @@ +ethereum_node_xatu_sentry_enabled: true \ No newline at end of file diff --git a/ansible/inventories/devnet-7/host_vars/localhost b/ansible/inventories/devnet-7/host_vars/localhost new file mode 100644 index 0000000..e187c8f --- /dev/null +++ b/ansible/inventories/devnet-7/host_vars/localhost @@ -0,0 +1,2 @@ +ansible_connection: local +ansible_python_interpreter: "{{ ansible_playbook_python }}" diff --git a/kubernetes/devnet-6/assertoor/.helmignore b/kubernetes-archive/devnet-6/assertoor/.helmignore similarity index 100% rename from kubernetes/devnet-6/assertoor/.helmignore rename to kubernetes-archive/devnet-6/assertoor/.helmignore diff --git a/kubernetes/devnet-6/assertoor/Chart.lock b/kubernetes-archive/devnet-6/assertoor/Chart.lock similarity index 100% rename from kubernetes/devnet-6/assertoor/Chart.lock rename to kubernetes-archive/devnet-6/assertoor/Chart.lock diff --git a/kubernetes/devnet-6/assertoor/Chart.yaml b/kubernetes-archive/devnet-6/assertoor/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/assertoor/Chart.yaml rename to kubernetes-archive/devnet-6/assertoor/Chart.yaml diff --git a/kubernetes/devnet-6/assertoor/charts/assertoor-1.0.0.tgz b/kubernetes-archive/devnet-6/assertoor/charts/assertoor-1.0.0.tgz similarity index 100% rename from kubernetes/devnet-6/assertoor/charts/assertoor-1.0.0.tgz rename to kubernetes-archive/devnet-6/assertoor/charts/assertoor-1.0.0.tgz diff --git a/kubernetes/devnet-6/assertoor/values.yaml b/kubernetes-archive/devnet-6/assertoor/values.yaml similarity index 100% rename from kubernetes/devnet-6/assertoor/values.yaml rename to kubernetes-archive/devnet-6/assertoor/values.yaml diff --git a/kubernetes/devnet-6/checkpointz/.helmignore b/kubernetes-archive/devnet-6/checkpointz/.helmignore similarity index 100% rename from kubernetes/devnet-6/checkpointz/.helmignore rename to kubernetes-archive/devnet-6/checkpointz/.helmignore diff --git a/kubernetes/devnet-6/checkpointz/Chart.lock b/kubernetes-archive/devnet-6/checkpointz/Chart.lock similarity index 100% rename from kubernetes/devnet-6/checkpointz/Chart.lock rename to kubernetes-archive/devnet-6/checkpointz/Chart.lock diff --git a/kubernetes/devnet-6/checkpointz/Chart.yaml b/kubernetes-archive/devnet-6/checkpointz/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/checkpointz/Chart.yaml rename to kubernetes-archive/devnet-6/checkpointz/Chart.yaml diff --git a/kubernetes/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz b/kubernetes-archive/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz similarity index 100% rename from kubernetes/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz rename to kubernetes-archive/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz diff --git a/kubernetes/devnet-6/checkpointz/values.yaml b/kubernetes-archive/devnet-6/checkpointz/values.yaml similarity index 100% rename from kubernetes/devnet-6/checkpointz/values.yaml rename to kubernetes-archive/devnet-6/checkpointz/values.yaml diff --git a/kubernetes/devnet-6/config/.helmignore b/kubernetes-archive/devnet-6/config/.helmignore similarity index 100% rename from kubernetes/devnet-6/config/.helmignore rename to kubernetes-archive/devnet-6/config/.helmignore diff --git a/kubernetes/devnet-6/config/Chart.yaml b/kubernetes-archive/devnet-6/config/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/config/Chart.yaml rename to kubernetes-archive/devnet-6/config/Chart.yaml diff --git a/kubernetes/devnet-6/config/templates/ingress.config.yaml b/kubernetes-archive/devnet-6/config/templates/ingress.config.yaml similarity index 100% rename from kubernetes/devnet-6/config/templates/ingress.config.yaml rename to kubernetes-archive/devnet-6/config/templates/ingress.config.yaml diff --git a/kubernetes/devnet-6/config/values.yaml b/kubernetes-archive/devnet-6/config/values.yaml similarity index 100% rename from kubernetes/devnet-6/config/values.yaml rename to kubernetes-archive/devnet-6/config/values.yaml diff --git a/kubernetes/devnet-6/dora/.helmignore b/kubernetes-archive/devnet-6/dora/.helmignore similarity index 100% rename from kubernetes/devnet-6/dora/.helmignore rename to kubernetes-archive/devnet-6/dora/.helmignore diff --git a/kubernetes/devnet-6/dora/Chart.lock b/kubernetes-archive/devnet-6/dora/Chart.lock similarity index 100% rename from kubernetes/devnet-6/dora/Chart.lock rename to kubernetes-archive/devnet-6/dora/Chart.lock diff --git a/kubernetes/devnet-6/dora/Chart.yaml b/kubernetes-archive/devnet-6/dora/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/dora/Chart.yaml rename to kubernetes-archive/devnet-6/dora/Chart.yaml diff --git a/kubernetes/devnet-6/dora/charts/dora-1.0.8.tgz b/kubernetes-archive/devnet-6/dora/charts/dora-1.0.8.tgz similarity index 100% rename from kubernetes/devnet-6/dora/charts/dora-1.0.8.tgz rename to kubernetes-archive/devnet-6/dora/charts/dora-1.0.8.tgz diff --git a/kubernetes/devnet-6/dora/endpoints-cl.yaml b/kubernetes-archive/devnet-6/dora/endpoints-cl.yaml similarity index 100% rename from kubernetes/devnet-6/dora/endpoints-cl.yaml rename to kubernetes-archive/devnet-6/dora/endpoints-cl.yaml diff --git a/kubernetes/devnet-6/dora/endpoints-el.yaml b/kubernetes-archive/devnet-6/dora/endpoints-el.yaml similarity index 100% rename from kubernetes/devnet-6/dora/endpoints-el.yaml rename to kubernetes-archive/devnet-6/dora/endpoints-el.yaml diff --git a/kubernetes/devnet-6/dora/values.yaml b/kubernetes-archive/devnet-6/dora/values.yaml similarity index 100% rename from kubernetes/devnet-6/dora/values.yaml rename to kubernetes-archive/devnet-6/dora/values.yaml diff --git a/kubernetes/devnet-6/dugtrio/.helmignore b/kubernetes-archive/devnet-6/dugtrio/.helmignore similarity index 100% rename from kubernetes/devnet-6/dugtrio/.helmignore rename to kubernetes-archive/devnet-6/dugtrio/.helmignore diff --git a/kubernetes/devnet-6/dugtrio/Chart.lock b/kubernetes-archive/devnet-6/dugtrio/Chart.lock similarity index 100% rename from kubernetes/devnet-6/dugtrio/Chart.lock rename to kubernetes-archive/devnet-6/dugtrio/Chart.lock diff --git a/kubernetes/devnet-6/dugtrio/Chart.yaml b/kubernetes-archive/devnet-6/dugtrio/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/dugtrio/Chart.yaml rename to kubernetes-archive/devnet-6/dugtrio/Chart.yaml diff --git a/kubernetes/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz b/kubernetes-archive/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz similarity index 100% rename from kubernetes/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz rename to kubernetes-archive/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz diff --git a/kubernetes/devnet-6/dugtrio/values.yaml b/kubernetes-archive/devnet-6/dugtrio/values.yaml similarity index 100% rename from kubernetes/devnet-6/dugtrio/values.yaml rename to kubernetes-archive/devnet-6/dugtrio/values.yaml diff --git a/kubernetes/devnet-6/erpc/.helmignore b/kubernetes-archive/devnet-6/erpc/.helmignore similarity index 100% rename from kubernetes/devnet-6/erpc/.helmignore rename to kubernetes-archive/devnet-6/erpc/.helmignore diff --git a/kubernetes/devnet-6/erpc/Chart.lock b/kubernetes-archive/devnet-6/erpc/Chart.lock similarity index 100% rename from kubernetes/devnet-6/erpc/Chart.lock rename to kubernetes-archive/devnet-6/erpc/Chart.lock diff --git a/kubernetes/devnet-6/erpc/Chart.yaml b/kubernetes-archive/devnet-6/erpc/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/erpc/Chart.yaml rename to kubernetes-archive/devnet-6/erpc/Chart.yaml diff --git a/kubernetes/devnet-6/erpc/charts/erpc-0.0.4.tgz b/kubernetes-archive/devnet-6/erpc/charts/erpc-0.0.4.tgz similarity index 100% rename from kubernetes/devnet-6/erpc/charts/erpc-0.0.4.tgz rename to kubernetes-archive/devnet-6/erpc/charts/erpc-0.0.4.tgz diff --git a/kubernetes/devnet-6/erpc/values.yaml b/kubernetes-archive/devnet-6/erpc/values.yaml similarity index 100% rename from kubernetes/devnet-6/erpc/values.yaml rename to kubernetes-archive/devnet-6/erpc/values.yaml diff --git a/kubernetes/devnet-6/faucet/.helmignore b/kubernetes-archive/devnet-6/faucet/.helmignore similarity index 100% rename from kubernetes/devnet-6/faucet/.helmignore rename to kubernetes-archive/devnet-6/faucet/.helmignore diff --git a/kubernetes/devnet-6/faucet/Chart.lock b/kubernetes-archive/devnet-6/faucet/Chart.lock similarity index 100% rename from kubernetes/devnet-6/faucet/Chart.lock rename to kubernetes-archive/devnet-6/faucet/Chart.lock diff --git a/kubernetes/devnet-6/faucet/Chart.yaml b/kubernetes-archive/devnet-6/faucet/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/faucet/Chart.yaml rename to kubernetes-archive/devnet-6/faucet/Chart.yaml diff --git a/kubernetes/devnet-6/faucet/charts/powfaucet-0.0.4.tgz b/kubernetes-archive/devnet-6/faucet/charts/powfaucet-0.0.4.tgz similarity index 100% rename from kubernetes/devnet-6/faucet/charts/powfaucet-0.0.4.tgz rename to kubernetes-archive/devnet-6/faucet/charts/powfaucet-0.0.4.tgz diff --git a/kubernetes/devnet-6/faucet/values.yaml b/kubernetes-archive/devnet-6/faucet/values.yaml similarity index 100% rename from kubernetes/devnet-6/faucet/values.yaml rename to kubernetes-archive/devnet-6/faucet/values.yaml diff --git a/kubernetes/devnet-6/forkmon/.helmignore b/kubernetes-archive/devnet-6/forkmon/.helmignore similarity index 100% rename from kubernetes/devnet-6/forkmon/.helmignore rename to kubernetes-archive/devnet-6/forkmon/.helmignore diff --git a/kubernetes/devnet-6/forkmon/Chart.lock b/kubernetes-archive/devnet-6/forkmon/Chart.lock similarity index 100% rename from kubernetes/devnet-6/forkmon/Chart.lock rename to kubernetes-archive/devnet-6/forkmon/Chart.lock diff --git a/kubernetes/devnet-6/forkmon/Chart.yaml b/kubernetes-archive/devnet-6/forkmon/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/forkmon/Chart.yaml rename to kubernetes-archive/devnet-6/forkmon/Chart.yaml diff --git a/kubernetes/devnet-6/forkmon/charts/forkmon-0.1.5.tgz b/kubernetes-archive/devnet-6/forkmon/charts/forkmon-0.1.5.tgz similarity index 100% rename from kubernetes/devnet-6/forkmon/charts/forkmon-0.1.5.tgz rename to kubernetes-archive/devnet-6/forkmon/charts/forkmon-0.1.5.tgz diff --git a/kubernetes/devnet-6/forkmon/values.yaml b/kubernetes-archive/devnet-6/forkmon/values.yaml similarity index 100% rename from kubernetes/devnet-6/forkmon/values.yaml rename to kubernetes-archive/devnet-6/forkmon/values.yaml diff --git a/kubernetes/devnet-6/forky/.helmignore b/kubernetes-archive/devnet-6/forky/.helmignore similarity index 100% rename from kubernetes/devnet-6/forky/.helmignore rename to kubernetes-archive/devnet-6/forky/.helmignore diff --git a/kubernetes/devnet-6/forky/Chart.lock b/kubernetes-archive/devnet-6/forky/Chart.lock similarity index 100% rename from kubernetes/devnet-6/forky/Chart.lock rename to kubernetes-archive/devnet-6/forky/Chart.lock diff --git a/kubernetes/devnet-6/forky/Chart.yaml b/kubernetes-archive/devnet-6/forky/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/forky/Chart.yaml rename to kubernetes-archive/devnet-6/forky/Chart.yaml diff --git a/kubernetes/devnet-6/forky/charts/forky-0.2.0.tgz b/kubernetes-archive/devnet-6/forky/charts/forky-0.2.0.tgz similarity index 100% rename from kubernetes/devnet-6/forky/charts/forky-0.2.0.tgz rename to kubernetes-archive/devnet-6/forky/charts/forky-0.2.0.tgz diff --git a/kubernetes/devnet-6/forky/values.yaml b/kubernetes-archive/devnet-6/forky/values.yaml similarity index 100% rename from kubernetes/devnet-6/forky/values.yaml rename to kubernetes-archive/devnet-6/forky/values.yaml diff --git a/kubernetes/devnet-6/homepage/.helmignore b/kubernetes-archive/devnet-6/homepage/.helmignore similarity index 100% rename from kubernetes/devnet-6/homepage/.helmignore rename to kubernetes-archive/devnet-6/homepage/.helmignore diff --git a/kubernetes/devnet-6/homepage/Chart.lock b/kubernetes-archive/devnet-6/homepage/Chart.lock similarity index 100% rename from kubernetes/devnet-6/homepage/Chart.lock rename to kubernetes-archive/devnet-6/homepage/Chart.lock diff --git a/kubernetes/devnet-6/homepage/Chart.yaml b/kubernetes-archive/devnet-6/homepage/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/homepage/Chart.yaml rename to kubernetes-archive/devnet-6/homepage/Chart.yaml diff --git a/kubernetes/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz b/kubernetes-archive/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz similarity index 100% rename from kubernetes/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz rename to kubernetes-archive/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz diff --git a/kubernetes/devnet-6/homepage/values.yaml b/kubernetes-archive/devnet-6/homepage/values.yaml similarity index 100% rename from kubernetes/devnet-6/homepage/values.yaml rename to kubernetes-archive/devnet-6/homepage/values.yaml diff --git a/kubernetes/devnet-6/spamoor/.helmignore b/kubernetes-archive/devnet-6/spamoor/.helmignore similarity index 100% rename from kubernetes/devnet-6/spamoor/.helmignore rename to kubernetes-archive/devnet-6/spamoor/.helmignore diff --git a/kubernetes/devnet-6/spamoor/Chart.lock b/kubernetes-archive/devnet-6/spamoor/Chart.lock similarity index 100% rename from kubernetes/devnet-6/spamoor/Chart.lock rename to kubernetes-archive/devnet-6/spamoor/Chart.lock diff --git a/kubernetes/devnet-6/spamoor/Chart.yaml b/kubernetes-archive/devnet-6/spamoor/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/spamoor/Chart.yaml rename to kubernetes-archive/devnet-6/spamoor/Chart.yaml diff --git a/kubernetes/devnet-6/spamoor/charts/spamoor-1.0.0.tgz b/kubernetes-archive/devnet-6/spamoor/charts/spamoor-1.0.0.tgz similarity index 100% rename from kubernetes/devnet-6/spamoor/charts/spamoor-1.0.0.tgz rename to kubernetes-archive/devnet-6/spamoor/charts/spamoor-1.0.0.tgz diff --git a/kubernetes/devnet-6/spamoor/values.yaml b/kubernetes-archive/devnet-6/spamoor/values.yaml similarity index 100% rename from kubernetes/devnet-6/spamoor/values.yaml rename to kubernetes-archive/devnet-6/spamoor/values.yaml diff --git a/kubernetes/devnet-6/syncoor-server/.helmignore b/kubernetes-archive/devnet-6/syncoor-server/.helmignore similarity index 100% rename from kubernetes/devnet-6/syncoor-server/.helmignore rename to kubernetes-archive/devnet-6/syncoor-server/.helmignore diff --git a/kubernetes/devnet-6/syncoor-server/Chart.lock b/kubernetes-archive/devnet-6/syncoor-server/Chart.lock similarity index 100% rename from kubernetes/devnet-6/syncoor-server/Chart.lock rename to kubernetes-archive/devnet-6/syncoor-server/Chart.lock diff --git a/kubernetes/devnet-6/syncoor-server/Chart.yaml b/kubernetes-archive/devnet-6/syncoor-server/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/syncoor-server/Chart.yaml rename to kubernetes-archive/devnet-6/syncoor-server/Chart.yaml diff --git a/kubernetes/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz b/kubernetes-archive/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz similarity index 100% rename from kubernetes/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz rename to kubernetes-archive/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz diff --git a/kubernetes/devnet-6/syncoor-server/values.yaml b/kubernetes-archive/devnet-6/syncoor-server/values.yaml similarity index 100% rename from kubernetes/devnet-6/syncoor-server/values.yaml rename to kubernetes-archive/devnet-6/syncoor-server/values.yaml diff --git a/kubernetes/devnet-6/syncoor-web/.helmignore b/kubernetes-archive/devnet-6/syncoor-web/.helmignore similarity index 100% rename from kubernetes/devnet-6/syncoor-web/.helmignore rename to kubernetes-archive/devnet-6/syncoor-web/.helmignore diff --git a/kubernetes/devnet-6/syncoor-web/Chart.lock b/kubernetes-archive/devnet-6/syncoor-web/Chart.lock similarity index 100% rename from kubernetes/devnet-6/syncoor-web/Chart.lock rename to kubernetes-archive/devnet-6/syncoor-web/Chart.lock diff --git a/kubernetes/devnet-6/syncoor-web/Chart.yaml b/kubernetes-archive/devnet-6/syncoor-web/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/syncoor-web/Chart.yaml rename to kubernetes-archive/devnet-6/syncoor-web/Chart.yaml diff --git a/kubernetes/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz b/kubernetes-archive/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz similarity index 100% rename from kubernetes/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz rename to kubernetes-archive/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz diff --git a/kubernetes/devnet-6/syncoor-web/values.yaml b/kubernetes-archive/devnet-6/syncoor-web/values.yaml similarity index 100% rename from kubernetes/devnet-6/syncoor-web/values.yaml rename to kubernetes-archive/devnet-6/syncoor-web/values.yaml diff --git a/kubernetes/devnet-6/tracoor/.helmignore b/kubernetes-archive/devnet-6/tracoor/.helmignore similarity index 100% rename from kubernetes/devnet-6/tracoor/.helmignore rename to kubernetes-archive/devnet-6/tracoor/.helmignore diff --git a/kubernetes/devnet-6/tracoor/Chart.lock b/kubernetes-archive/devnet-6/tracoor/Chart.lock similarity index 100% rename from kubernetes/devnet-6/tracoor/Chart.lock rename to kubernetes-archive/devnet-6/tracoor/Chart.lock diff --git a/kubernetes/devnet-6/tracoor/Chart.yaml b/kubernetes-archive/devnet-6/tracoor/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/tracoor/Chart.yaml rename to kubernetes-archive/devnet-6/tracoor/Chart.yaml diff --git a/kubernetes/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz b/kubernetes-archive/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz similarity index 100% rename from kubernetes/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz rename to kubernetes-archive/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz diff --git a/kubernetes/devnet-6/tracoor/values.yaml b/kubernetes-archive/devnet-6/tracoor/values.yaml similarity index 100% rename from kubernetes/devnet-6/tracoor/values.yaml rename to kubernetes-archive/devnet-6/tracoor/values.yaml diff --git a/kubernetes/devnet-6/xatu-cannon/.helmignore b/kubernetes-archive/devnet-6/xatu-cannon/.helmignore similarity index 100% rename from kubernetes/devnet-6/xatu-cannon/.helmignore rename to kubernetes-archive/devnet-6/xatu-cannon/.helmignore diff --git a/kubernetes/devnet-6/xatu-cannon/Chart.lock b/kubernetes-archive/devnet-6/xatu-cannon/Chart.lock similarity index 100% rename from kubernetes/devnet-6/xatu-cannon/Chart.lock rename to kubernetes-archive/devnet-6/xatu-cannon/Chart.lock diff --git a/kubernetes/devnet-6/xatu-cannon/Chart.yaml b/kubernetes-archive/devnet-6/xatu-cannon/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-cannon/Chart.yaml rename to kubernetes-archive/devnet-6/xatu-cannon/Chart.yaml diff --git a/kubernetes/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz b/kubernetes-archive/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz similarity index 100% rename from kubernetes/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz rename to kubernetes-archive/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz diff --git a/kubernetes/devnet-6/xatu-cannon/values.yaml b/kubernetes-archive/devnet-6/xatu-cannon/values.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-cannon/values.yaml rename to kubernetes-archive/devnet-6/xatu-cannon/values.yaml diff --git a/kubernetes/devnet-6/xatu-cl-mimicry/.helmignore b/kubernetes-archive/devnet-6/xatu-cl-mimicry/.helmignore similarity index 100% rename from kubernetes/devnet-6/xatu-cl-mimicry/.helmignore rename to kubernetes-archive/devnet-6/xatu-cl-mimicry/.helmignore diff --git a/kubernetes/devnet-6/xatu-cl-mimicry/Chart.lock b/kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.lock similarity index 100% rename from kubernetes/devnet-6/xatu-cl-mimicry/Chart.lock rename to kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.lock diff --git a/kubernetes/devnet-6/xatu-cl-mimicry/Chart.yaml b/kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-cl-mimicry/Chart.yaml rename to kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.yaml diff --git a/kubernetes/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz b/kubernetes-archive/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz similarity index 100% rename from kubernetes/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz rename to kubernetes-archive/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz diff --git a/kubernetes/devnet-6/xatu-cl-mimicry/values.yaml b/kubernetes-archive/devnet-6/xatu-cl-mimicry/values.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-cl-mimicry/values.yaml rename to kubernetes-archive/devnet-6/xatu-cl-mimicry/values.yaml diff --git a/kubernetes/devnet-6/xatu-mimicry/.helmignore b/kubernetes-archive/devnet-6/xatu-mimicry/.helmignore similarity index 100% rename from kubernetes/devnet-6/xatu-mimicry/.helmignore rename to kubernetes-archive/devnet-6/xatu-mimicry/.helmignore diff --git a/kubernetes/devnet-6/xatu-mimicry/Chart.lock b/kubernetes-archive/devnet-6/xatu-mimicry/Chart.lock similarity index 100% rename from kubernetes/devnet-6/xatu-mimicry/Chart.lock rename to kubernetes-archive/devnet-6/xatu-mimicry/Chart.lock diff --git a/kubernetes/devnet-6/xatu-mimicry/Chart.yaml b/kubernetes-archive/devnet-6/xatu-mimicry/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-mimicry/Chart.yaml rename to kubernetes-archive/devnet-6/xatu-mimicry/Chart.yaml diff --git a/kubernetes/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz b/kubernetes-archive/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz similarity index 100% rename from kubernetes/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz rename to kubernetes-archive/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz diff --git a/kubernetes/devnet-6/xatu-mimicry/values.yaml b/kubernetes-archive/devnet-6/xatu-mimicry/values.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-mimicry/values.yaml rename to kubernetes-archive/devnet-6/xatu-mimicry/values.yaml diff --git a/kubernetes/devnet-6/xatu-relay-monitor/.helmignore b/kubernetes-archive/devnet-6/xatu-relay-monitor/.helmignore similarity index 100% rename from kubernetes/devnet-6/xatu-relay-monitor/.helmignore rename to kubernetes-archive/devnet-6/xatu-relay-monitor/.helmignore diff --git a/kubernetes/devnet-6/xatu-relay-monitor/Chart.lock b/kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.lock similarity index 100% rename from kubernetes/devnet-6/xatu-relay-monitor/Chart.lock rename to kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.lock diff --git a/kubernetes/devnet-6/xatu-relay-monitor/Chart.yaml b/kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-relay-monitor/Chart.yaml rename to kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.yaml diff --git a/kubernetes/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz b/kubernetes-archive/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz similarity index 100% rename from kubernetes/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz rename to kubernetes-archive/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz diff --git a/kubernetes/devnet-6/xatu-relay-monitor/values.yaml b/kubernetes-archive/devnet-6/xatu-relay-monitor/values.yaml similarity index 100% rename from kubernetes/devnet-6/xatu-relay-monitor/values.yaml rename to kubernetes-archive/devnet-6/xatu-relay-monitor/values.yaml diff --git a/terraform/devnet-7/ansible_inventory.tmpl b/terraform/devnet-7/ansible_inventory.tmpl new file mode 100644 index 0000000..737bbb0 --- /dev/null +++ b/terraform/devnet-7/ansible_inventory.tmpl @@ -0,0 +1,76 @@ +localhost + +[all:vars] +ethereum_network_name=${ethereum_network_name} + +%{ for gid, group in groups ~} +[${replace(gid, "-", "_")}] +%{ for key, host in hosts ~} +%{ if host.group == gid ~} +${host.hostname} ansible_host=${host.ip} ipv6=${host.ipv6} cloud=${host.cloud} cloud_region=${host.region} arch=${host.arch} ethereum_node_cl_supernode_enabled=${title(host.supernode)} %{ if tonumber(host.validator_end) > 0 }validator_start=${host.validator_start} validator_end=${host.validator_end}%{ endif } +%{ endif ~} +%{ endfor ~} +%{ if gid == "lighthouse-reth" ~} +%{ for key, host in hosts ~} +%{ if host.group == "mev-relay" ~} +${host.hostname} +%{ endif ~} +%{ endfor ~} +%{ endif ~} + +%{ endfor ~} + +# Consensus client groups + +%{ for cl in ["lighthouse", "lodestar", "nimbus", "teku", "prysm", "grandine"] ~} +[${cl}:children] +%{ for gid, group in groups ~} +%{ if split("-", gid)[0] == "${cl}" ~} +${replace(gid, "-", "_")} +%{ endif ~} +%{ endfor ~} +%{ endfor ~} + +# Execution client groups + +%{ for el in ["besu", "ethereumjs", "geth", "nethermind", "erigon", "reth", "nimbusel", "ethrex"] ~} +[${el}:children] +%{ for gid, group in groups ~} +%{ if split("-", gid)[0] != "bootnode" && split("-", gid)[0] != "mev" ~} +%{ if length(split("-", gid)) >= 2 && split("-", gid)[1] == "${el}" ~} +${replace(gid, "-", "_")} +%{ endif ~} +%{ endif ~} +%{ endfor ~} +%{ endfor ~} + +# Global groups + +[consensus_node:children] +%{ for x,y in merge( { for gid, group in groups : split("-", gid)[0] => true... if split("-", gid)[0] != "bootnode" && split("-", gid)[0] != "mev" } ) ~} +${x} +%{ endfor ~} + +[execution_node:children] +%{ for x,y in merge( { for gid, group in groups : split("-", gid)[1] => true... if split("-", gid)[0] != "bootnode" && split("-", gid)[0] != "mev" && length(split("-", gid)) >= 2 } ) ~} +${x} +%{ endfor ~} + +[ethereum_node:children] +consensus_node +execution_node + +%{ if contains(keys(groups), "bootnode") ~} +[dns_server:children] +bootnode +%{ endif ~} + +[mev_boost:children] +consensus_node + +[arm] +%{ for key, host in hosts ~} +%{ if can(regex("arm", key)) ~} +${host.hostname} +%{ endif ~} +%{ endfor ~} diff --git a/terraform/devnet-7/cloudflare.tf b/terraform/devnet-7/cloudflare.tf new file mode 100644 index 0000000..c6cf332 --- /dev/null +++ b/terraform/devnet-7/cloudflare.tf @@ -0,0 +1,58 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// DNS NAMES +//////////////////////////////////////////////////////////////////////////////////////// + +data "cloudflare_zone" "default" { + name = "ethpandaops.io" +} + +locals { + bootnodes = merge( + { + for vm in local.digitalocean_vms : vm.id => { + name = vm.name + has_ipv6 = vm.ipv6 + ipv4 = digitalocean_droplet.main[vm.id].ipv4_address + ipv6 = try(digitalocean_droplet.main[vm.id].ipv6_address, null) + } if can(regex("bootnode", vm.name)) + }, + { + for vm in local.hcloud_vms : vm.id => { + name = vm.name + has_ipv6 = vm.ipv6_enabled + ipv4 = hcloud_server.main[vm.id].ipv4_address + ipv6 = try(hcloud_server.main[vm.id].ipv6_address, null) + } if can(regex("bootnode", vm.name)) + } + ) +} + +resource "cloudflare_record" "server_record_v4" { + for_each = local.bootnodes + zone_id = data.cloudflare_zone.default.id + name = "${each.value.name}.${var.ethereum_network}" + type = "A" + value = each.value.ipv4 + proxied = false + ttl = 120 +} + +resource "cloudflare_record" "server_record_v6" { + for_each = { for k, v in local.bootnodes : k => v if v.has_ipv6 } + zone_id = data.cloudflare_zone.default.id + name = "${each.value.name}.${var.ethereum_network}" + type = "AAAA" + value = each.value.ipv6 + proxied = false + ttl = 120 +} + +resource "cloudflare_record" "server_record_ns" { + for_each = local.bootnodes + zone_id = data.cloudflare_zone.default.id + name = "srv.${var.ethereum_network}" + type = "NS" + value = "${each.value.name}.${var.ethereum_network}.${data.cloudflare_zone.default.name}" + proxied = false + ttl = 120 +} diff --git a/terraform/devnet-7/digitalocean.tf b/terraform/devnet-7/digitalocean.tf new file mode 100644 index 0000000..f09f164 --- /dev/null +++ b/terraform/devnet-7/digitalocean.tf @@ -0,0 +1,167 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// VARIABLES +//////////////////////////////////////////////////////////////////////////////////////// +variable "digitalocean_project_name" { + type = string + default = "glamsterdam-devnets" +} + +variable "digitalocean_ssh_key_name" { + type = string + default = "shared-devops-eth2" +} + +variable "digitalocean_supernode_size" { + type = string + default = "s-8vcpu-16gb" +} + +variable "digitalocean_fullnode_size" { + type = string + default = "s-4vcpu-8gb" +} + +variable "digitalocean_regions" { + default = [ + "nyc1", + "sgp1", + "lon1", + "nyc3", + "ams3", + "fra1", + "tor1", + "blr1", + "sfo3", + "syd1" + ] +} + +//////////////////////////////////////////////////////////////////////////////////////// +// LOCALS +//////////////////////////////////////////////////////////////////////////////////////// +locals { + digitalocean_has_servers = length(local.digitalocean_nodes) > 0 + + digitalocean_vpcs = { + for region in var.digitalocean_regions : region => { + name = "${var.ethereum_network}-${region}" + region = region + ip_range = cidrsubnet(var.base_cidr_block, 8, index(var.digitalocean_regions, region)) + } + } +} + +locals { + digitalocean_vm_groups = flatten([ + for node in local.digitalocean_nodes : [ + for i in range(0, node.count) : { + group_name = node.name + id = "${node.name}-${node.start_index + i + 1}" + vms = { + "${i + 1}" = { + val_start = node.validator_start + (i * (node.validator_end - node.validator_start) / node.count) + val_end = min( + node.validator_start + ((i + 1) * (node.validator_end - node.validator_start) / node.count), + node.validator_end + ) + validator_count = node.count > 0 ? (node.validator_end - node.validator_start) / node.count : 0 + + supernode = ( + node.supernode != null ? node.supernode : + can(regex("(bootnode|mev)", node.name)) ? true : + (node.count > 0 ? (node.validator_end - node.validator_start) / node.count >= 128 : false) + ) + + region = node.region != null ? node.region : var.digitalocean_regions[i % length(var.digitalocean_regions)] + ipv6 = node.ipv6 + arch = "amd64" + } + } + } + ] + ]) +} + +locals { + digitalocean_default_region = "ams3" + digitalocean_default_size = var.digitalocean_fullnode_size + digitalocean_default_image = "debian-13-x64" + digitalocean_global_tags = [ + "Owner:Devops", + "EthNetwork:${var.ethereum_network}" + ] + + digitalocean_vms = flatten([ + for group in local.digitalocean_vm_groups : [ + for vm_key, vm in group.vms : { + id = group.id + group_key = group.group_name + vm_key = vm_key + + name = group.id + ssh_keys = [data.digitalocean_ssh_key.main.fingerprint] + region = vm.region + image = local.digitalocean_default_image + size = vm.supernode ? var.digitalocean_supernode_size : var.digitalocean_fullnode_size + resize_disk = true + monitoring = true + backups = false + ipv6 = vm.ipv6 + vpc_uuid = digitalocean_vpc.main[vm.region].id + + tags = concat(local.digitalocean_global_tags, [ + "group_name:${group.group_name}", + "val_start:${vm.val_start}", + "val_end:${vm.val_end}", + "supernode:${vm.supernode ? "True" : "False"}", + "arch:${vm.arch}", + ], compact([ + can(regex("bootnode", group.group_name)) ? "bootnode:${var.ethereum_network}" : null, + can(regex("mev-relay", group.group_name)) ? "mev-relay:${var.ethereum_network}" : null + ])) + } + ] + ]) +} + +//////////////////////////////////////////////////////////////////////////////////////// +// DIGITALOCEAN RESOURCES +//////////////////////////////////////////////////////////////////////////////////////// +data "digitalocean_project" "main" { + name = var.digitalocean_project_name +} + +data "digitalocean_ssh_key" "main" { + name = var.digitalocean_ssh_key_name +} + +resource "digitalocean_vpc" "main" { + for_each = local.digitalocean_has_servers ? local.digitalocean_vpcs : {} + + name = each.value["name"] + region = each.value["region"] + ip_range = each.value["ip_range"] +} + +resource "digitalocean_droplet" "main" { + for_each = { + for vm in local.digitalocean_vms : vm.id => vm + } + name = "${var.ethereum_network}-${each.value.name}" + region = each.value.region + ssh_keys = each.value.ssh_keys + image = each.value.image + size = each.value.size + resize_disk = each.value.resize_disk + monitoring = each.value.monitoring + backups = each.value.backups + ipv6 = each.value.ipv6 + vpc_uuid = each.value.vpc_uuid + tags = each.value.tags +} + +resource "digitalocean_project_resources" "droplets" { + for_each = digitalocean_droplet.main + project = data.digitalocean_project.main.id + resources = [each.value.urn] +} diff --git a/terraform/devnet-7/firewall.tf b/terraform/devnet-7/firewall.tf new file mode 100644 index 0000000..534ae8a --- /dev/null +++ b/terraform/devnet-7/firewall.tf @@ -0,0 +1,330 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// DIGITALOCEAN FIREWALLS +//////////////////////////////////////////////////////////////////////////////////////// +resource "digitalocean_firewall" "main" { + count = length(local.digitalocean_vms) > 0 ? 1 : 0 + name = "${var.ethereum_network}-nodes" + tags = [ + "EthNetwork:${var.ethereum_network}" + ] + + // SSH + inbound_rule { + protocol = "tcp" + port_range = "22" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Allow all inbound ICMP + inbound_rule { + protocol = "icmp" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Nginx / Web + inbound_rule { + protocol = "tcp" + port_range = "80" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + inbound_rule { + protocol = "tcp" + port_range = "443" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Consensus layer p2p port + inbound_rule { + protocol = "tcp" + port_range = "9000-9002" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "udp" + port_range = "9000-9002" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Execution layer p2p Port + inbound_rule { + protocol = "tcp" + port_range = "30303" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "udp" + port_range = "30303" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "tcp" + port_range = "42069" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "udp" + port_range = "42069" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Engine rpc-snooper api + inbound_rule { + protocol = "tcp" + port_range = "8961" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Allow all outbound traffic + outbound_rule { + protocol = "tcp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + outbound_rule { + protocol = "udp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + outbound_rule { + protocol = "icmp" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + depends_on = [digitalocean_project_resources.droplets] +} + +resource "digitalocean_firewall" "bootnode" { + count = contains(keys(digitalocean_droplet.main), "bootnode-1") ? 1 : 0 + name = "${var.ethereum_network}-nodes-bootnode" + tags = [ + "bootnode:${var.ethereum_network}" + ] + + // DNS + inbound_rule { + protocol = "tcp" + port_range = "53" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "udp" + port_range = "53" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + // Bootnodoor P2P + inbound_rule { + protocol = "tcp" + port_range = "9010" + source_addresses = ["0.0.0.0/0", "::/0"] + } + inbound_rule { + protocol = "udp" + port_range = "9010" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + depends_on = [digitalocean_project_resources.droplets] +} + +resource "digitalocean_firewall" "mev_relay" { + count = contains(keys(digitalocean_droplet.main), "mev-relay-1") ? 1 : 0 + name = "${var.ethereum_network}-nodes-mev-relay" + tags = ["mev-relay:${var.ethereum_network}"] + + // mev-relay ports + inbound_rule { + protocol = "tcp" + port_range = "9060-9062" + source_addresses = ["0.0.0.0/0", "::/0"] + } + depends_on = [digitalocean_project_resources.droplets] +} + +//////////////////////////////////////////////////////////////////////////////////////// +// HETZNER FIREWALLS +//////////////////////////////////////////////////////////////////////////////////////// +resource "hcloud_firewall" "machine_firewall" { + count = local.hetzner_has_servers ? 1 : 0 + name = "${var.ethereum_network}-firewall" + + apply_to { + label_selector = "EthNetwork=${var.ethereum_network}" + } + + // SSH + rule { + description = "Allow SSH" + direction = "in" + protocol = "tcp" + port = "22" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Allow all inbound ICMP + rule { + description = "Allow all inbound ICMP" + direction = "in" + protocol = "icmp" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Nginx / Web + rule { + description = "Allow HTTP" + direction = "in" + protocol = "tcp" + port = "80" + source_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow HTTPS" + direction = "in" + protocol = "tcp" + port = "443" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Consensus layer p2p port + rule { + description = "Allow consensus p2p port TCP" + direction = "in" + protocol = "tcp" + port = "9000-9002" + source_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow consensus p2p port UDP" + direction = "in" + protocol = "udp" + port = "9000-9002" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Execution layer p2p Port + rule { + description = "Allow execution p2p port TCP" + direction = "in" + protocol = "tcp" + port = "30303" + source_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow execution p2p port UDP" + direction = "in" + protocol = "udp" + port = "30303" + source_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow execution torrent port TCP" + direction = "in" + protocol = "tcp" + port = "42069" + source_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow execution torrent port UDP" + direction = "in" + protocol = "udp" + port = "42069" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Engine rpc-snooper api + rule { + description = "Allow engine snooper api port TCP" + direction = "in" + protocol = "tcp" + port = "8961" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Allow all outbound traffic + rule { + description = "Allow all outbound traffic TCP" + direction = "out" + protocol = "tcp" + port = "1-65535" + destination_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow all outbound traffic UDP" + direction = "out" + protocol = "udp" + port = "1-65535" + destination_ips = ["0.0.0.0/0", "::/0"] + } + + rule { + description = "Allow all outbound traffic ICMP" + direction = "out" + protocol = "icmp" + destination_ips = ["0.0.0.0/0", "::/0"] + } +} + +resource "hcloud_firewall" "bootnode_firewall" { + count = contains(keys(hcloud_server.main), "bootnode-1") ? 1 : 0 + name = "${var.ethereum_network}-bootnode-firewall" + + apply_to { + label_selector = "bootnode=${var.ethereum_network}" + } + + // DNS + rule { + description = "Allow DNS UDP" + direction = "in" + protocol = "udp" + port = "53" + source_ips = ["0.0.0.0/0", "::/0"] + } + rule { + description = "Allow DNS TCP" + direction = "in" + protocol = "tcp" + port = "53" + source_ips = ["0.0.0.0/0", "::/0"] + } + + // Bootnodoor P2P + rule { + description = "Allow Bootnodoor P2P port TCP" + direction = "in" + protocol = "tcp" + port = "9010" + source_ips = ["0.0.0.0/0", "::/0"] + } + rule { + description = "Allow Bootnodoor P2P port UDP" + direction = "in" + protocol = "udp" + port = "9010" + source_ips = ["0.0.0.0/0", "::/0"] + } +} + +resource "hcloud_firewall" "mev_relay_firewall" { + count = contains(keys(hcloud_server.main), "mev-relay-1") ? 1 : 0 + name = "${var.ethereum_network}-mev-relay-firewall" + + apply_to { + label_selector = "mev=${var.ethereum_network}" + } + + // mev-relay ports + rule { + description = "Allow MEV Relay ports" + direction = "in" + protocol = "tcp" + port = "9060-9062" + source_ips = ["0.0.0.0/0", "::/0"] + } +} diff --git a/terraform/devnet-7/hetzner.tf b/terraform/devnet-7/hetzner.tf new file mode 100644 index 0000000..2cc5d80 --- /dev/null +++ b/terraform/devnet-7/hetzner.tf @@ -0,0 +1,173 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// VARIABLES +//////////////////////////////////////////////////////////////////////////////////////// +variable "hcloud_ssh_key_fingerprint" { + type = string + default = "d6:76:2d:9c:5b:33:80:ff:0f:09:a2:10:9b:58:7e:dc" +} + +variable "hetzner_supernode_size" { + type = string + default = "cpx42" +} + +variable "hetzner_fullnode_size" { + type = string + default = "cpx32" +} + +variable "hetzner_regions" { + default = [ + "nbg1", + "fsn1", + "hel1" + ] +} + +//////////////////////////////////////////////////////////////////////////////////////// +// LOCALS +//////////////////////////////////////////////////////////////////////////////////////// +locals { + hetzner_has_servers = length(local.hetzner_nodes) > 0 + + hetzner_network = { + for region in var.hetzner_regions : region => { + name = "${var.ethereum_network}-${region}" + ip_range = cidrsubnet(var.base_cidr_block, 8, index(var.hetzner_regions, region)) + } + } + hetzner_network_subnets = { + for region in var.hetzner_regions : region => { + zone = "eu-central" + ip_range = cidrsubnet(var.base_cidr_block, 8, index(var.hetzner_regions, region)) + } + } +} + +locals { + hetzner_vm_groups = flatten([ + for node in local.hetzner_nodes : [ + for i in range(0, node.count) : { + group_name = node.name + id = "${node.name}-${node.start_index + i + 1}" + vms = { + "${i + 1}" = { + val_start = node.validator_start + (i * (node.validator_end - node.validator_start) / node.count) + val_end = min( + node.validator_start + ((i + 1) * (node.validator_end - node.validator_start) / node.count), + node.validator_end + ) + validator_count = node.count > 0 ? (node.validator_end - node.validator_start) / node.count : 0 + + supernode = ( + node.supernode != null ? node.supernode : + can(regex("(bootnode|mev)", node.name)) ? true : + (node.count > 0 ? (node.validator_end - node.validator_start) / node.count >= 128 : false) + ) + + size = ( + node.size != null ? node.size : + (node.supernode != null ? node.supernode : + can(regex("(bootnode|mev)", node.name)) ? true : + (node.count > 0 ? (node.validator_end - node.validator_start) / node.count >= 128 : false) + ) ? var.hetzner_supernode_size : var.hetzner_fullnode_size + ) + + location = node.location != null ? node.location : var.hetzner_regions[i % length(var.hetzner_regions)] + ipv4_enabled = node.ipv4_enabled + ipv6_enabled = node.ipv6_enabled + } + } + } + ] + ]) +} + +locals { + hcloud_default_location = "nbg1" + hcloud_default_image = "debian-13" + hcloud_default_server_type = var.hetzner_fullnode_size + hcloud_global_labels = [ + "Owner:Devops", + "EthNetwork:${var.ethereum_network}" + ] + + hcloud_vms = flatten([ + for group in local.hetzner_vm_groups : [ + for vm_key, vm in group.vms : { + id = group.id + group_key = group.group_name + vm_key = vm_key + + name = group.id + ipv4_enabled = vm.ipv4_enabled + ipv6_enabled = vm.ipv6_enabled + ssh_keys = local.hetzner_has_servers ? [data.hcloud_ssh_key.main[0].id] : [] + location = vm.location + image = local.hcloud_default_image + server_type = vm.size + backups = false + + arch = can(regex("^cax", vm.size)) ? "arm64" : "amd64" + + labels = concat(local.hcloud_global_labels, [ + "group_name:${group.group_name}", + "val_start:${vm.val_start}", + "val_end:${vm.val_end}", + "supernode:${vm.supernode ? "True" : "False"}", + "arch:${can(regex("^cax", vm.size)) ? "arm64" : "amd64"}", + ], compact([ + can(regex("bootnode", group.group_name)) ? "bootnode:${var.ethereum_network}" : null, + can(regex("mev-relay", group.group_name)) ? "mev:${var.ethereum_network}" : null + ])) + } + ] + ]) +} + +//////////////////////////////////////////////////////////////////////////////////////// +// HETZNER RESOURCES +//////////////////////////////////////////////////////////////////////////////////////// +resource "hcloud_network" "main" { + for_each = local.hetzner_has_servers ? local.hetzner_network : {} + name = each.value.name + ip_range = each.value.ip_range +} + +resource "hcloud_network_subnet" "main" { + for_each = local.hetzner_has_servers ? local.hetzner_network_subnets : {} + network_id = hcloud_network.main[each.key].id + type = "cloud" + network_zone = each.value.zone + ip_range = each.value.ip_range +} + +data "hcloud_ssh_key" "main" { + count = local.hetzner_has_servers ? 1 : 0 + fingerprint = var.hcloud_ssh_key_fingerprint +} + +resource "hcloud_server" "main" { + for_each = { + for vm in local.hcloud_vms : vm.id => vm + } + name = "${var.ethereum_network}-${each.value.name}" + image = each.value.image + server_type = each.value.server_type + location = each.value.location + ssh_keys = each.value.ssh_keys + backups = each.value.backups + labels = { for label in each.value.labels : split(":", label)[0] => split(":", label)[1] } + public_net { + ipv4_enabled = each.value.ipv4_enabled + ipv6_enabled = each.value.ipv6_enabled + } +} + +resource "hcloud_server_network" "main" { + for_each = { + for vm in local.hcloud_vms : vm.id => vm + } + server_id = hcloud_server.main[each.key].id + network_id = hcloud_network.main[each.value.location].id +} diff --git a/terraform/devnet-7/main.tf b/terraform/devnet-7/main.tf new file mode 100644 index 0000000..0fa5904 --- /dev/null +++ b/terraform/devnet-7/main.tf @@ -0,0 +1,95 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// TERRAFORM PROVIDERS & BACKEND +//////////////////////////////////////////////////////////////////////////////////////// +terraform { + required_providers { + digitalocean = { + source = "digitalocean/digitalocean" + version = "~> 2.28" + } + cloudflare = { + source = "cloudflare/cloudflare" + version = "~> 3.0" + } + hcloud = { + source = "hetznercloud/hcloud" + version = "~> 1.42.1" + } + } +} + +terraform { + backend "s3" { + skip_credentials_validation = true + skip_metadata_api_check = true + endpoints = { s3 = "https://fra1.digitaloceanspaces.com" } + skip_requesting_account_id = true + skip_s3_checksum = true + region = "us-east-1" + bucket = "merge-testnets" + key = "infrastructure/bal-devnet-7/terraform.tfstate" + } +} + +provider "digitalocean" { + http_retry_max = 20 +} + +provider "cloudflare" { + api_token = var.cloudflare_api_token +} + +provider "hcloud" { + token = var.bal_hcloud_token +} + +//////////////////////////////////////////////////////////////////////////////////////// +// VARIABLES +//////////////////////////////////////////////////////////////////////////////////////// +variable "cloudflare_api_token" { + type = string + sensitive = true + description = "Cloudflare API Token" +} + +variable "bal_hcloud_token" { + type = string + sensitive = true + default = "" + description = "Hetzner Cloud API Token (optional if not using Hetzner)" +} + +variable "ethereum_network" { + type = string + default = "bal-devnet-7" +} + +variable "base_cidr_block" { + default = "10.38.0.0/16" +} + +//////////////////////////////////////////////////////////////////////////////////////// +// LOCALS +//////////////////////////////////////////////////////////////////////////////////////// +locals { + nodes_normalized = [ + for idx, node in var.nodes : { + name = node.name + count = node.count + cloud = node.cloud + validator_start = try(node.validator_start, 0) + validator_end = try(node.validator_end, 0) + size = try(node.size, null) + region = try(node.region, null) + location = try(node.location, try(node.region, null)) + supernode = try(node.supernode, null) + ipv6 = try(node.ipv6, true) + ipv4_enabled = try(node.ipv4_enabled, true) + ipv6_enabled = try(node.ipv6_enabled, true) + start_index = sum(concat([for i, n in var.nodes : n.count if i < idx && n.name == node.name], [0])) + } + ] + + digitalocean_nodes = [for n in local.nodes_normalized : n if n.cloud == "digitalocean" && n.count > 0] + hetzner_nodes = [for n in local.nodes_normalized : n if n.cloud == "hetzner" && n.count > 0] +} diff --git a/terraform/devnet-7/nodes.tf b/terraform/devnet-7/nodes.tf new file mode 100644 index 0000000..9219690 --- /dev/null +++ b/terraform/devnet-7/nodes.tf @@ -0,0 +1,44 @@ +######################################################################################## +# NODE DEFINITIONS +# +# Define your fleet as a list of node entries. Each entry supports: +# +# Required: +# - name : Node type (e.g., "lighthouse-geth", "bootnode") +# - count : Number of instances +# - cloud : "digitalocean" or "hetzner" +# +# Optional: +# - validator_start : First validator index (default: 0) +# - validator_end : Last validator index (default: 0) +# - size : Instance size override (provider-specific) +# - region : Region override (digitalocean) or location (hetzner) +# - supernode : Force supernode=true/false (auto-detected from name) +# +# Examples: +# { name = "bootnode", count = 1, cloud = "digitalocean" } +# { name = "lighthouse-geth", count = 2, cloud = "hetzner", validator_start = 0, validator_end = 200 } +# { name = "mev-relay", count = 1, cloud = "hetzner", size = "ccx53" } +# +######################################################################################## + +variable "nodes" { + description = "List of node definitions for the devnet" + default = [ + { name = "bootnode", count = 1, cloud = "hetzner" }, + { name = "lighthouse-geth", count = 1, cloud = "hetzner", validator_start = 0, validator_end = 200 }, + { name = "lighthouse-besu", count = 1, cloud = "hetzner", validator_start = 200, validator_end = 400 }, + { name = "lighthouse-ethrex", count = 1, cloud = "hetzner", validator_start = 400, validator_end = 600 }, + { name = "lodestar-geth", count = 1, cloud = "hetzner", validator_start = 600, validator_end = 800 }, + { name = "lodestar-besu", count = 1, cloud = "hetzner", validator_start = 800, validator_end = 1000 }, + { name = "lodestar-ethrex", count = 1, cloud = "hetzner", validator_start = 1000, validator_end = 1200 }, + { name = "lighthouse-nethermind", count = 1, cloud = "hetzner", validator_start = 1200, validator_end = 1400 }, + { name = "lodestar-nethermind", count = 1, cloud = "hetzner", validator_start = 1400, validator_end = 1600 }, + { name = "lighthouse-nimbusel", count = 1, cloud = "hetzner", validator_start = 1600, validator_end = 1800 }, + { name = "lodestar-nimbusel", count = 1, cloud = "hetzner", validator_start = 1800, validator_end = 2000 }, + { name = "lighthouse-reth", count = 1, cloud = "hetzner", validator_start = 2000, validator_end = 2200 }, + { name = "lodestar-reth", count = 1, cloud = "hetzner", validator_start = 2200, validator_end = 2400 }, + { name = "lighthouse-erigon", count = 1, cloud = "hetzner", validator_start = 2400, validator_end = 2600 }, + { name = "lodestar-erigon", count = 1, cloud = "hetzner", validator_start = 2600, validator_end = 2800 }, + ] +} diff --git a/terraform/devnet-7/outputs.tf b/terraform/devnet-7/outputs.tf new file mode 100644 index 0000000..4f2737a --- /dev/null +++ b/terraform/devnet-7/outputs.tf @@ -0,0 +1,118 @@ +//////////////////////////////////////////////////////////////////////////////////////// +// GENERATED FILES AND OUTPUTS +//////////////////////////////////////////////////////////////////////////////////////// + +resource "local_file" "ansible_inventory" { + content = templatefile("ansible_inventory.tmpl", + { + ethereum_network_name = "${var.ethereum_network}" + groups = merge( + { for group in local.digitalocean_vm_groups : "${group.group_name}" => true... }, + { for group in local.hetzner_vm_groups : "${group.group_name}" => true... }, + ) + hosts = merge( + { + for key, server in digitalocean_droplet.main : "do.${key}" => { + ip = "${server.ipv4_address}" + ipv6 = try(server.ipv6_address, "none") + group = try([for tag in tolist(server.tags) : split(":", tag)[1] if can(regex("^group_name:", tag))][0], "unknown") + validator_start = try([for tag in tolist(server.tags) : split(":", tag)[1] if can(regex("^val_start:", tag))][0], 0) + validator_end = try([for tag in tolist(server.tags) : split(":", tag)[1] if can(regex("^val_end:", tag))][0], 0) + supernode = try(title([for tag in tolist(server.tags) : split(":", tag)[1] if can(regex("^supernode:", tag))][0]), "undefined") + arch = try([for tag in tolist(server.tags) : split(":", tag)[1] if can(regex("^arch:", tag))][0], "amd64") + tags = "${server.tags}" + hostname = "${split(".", key)[0]}" + cloud = "digitalocean" + region = "${server.region}" + } + }, + { + for key, server in hcloud_server.main : "${key}" => { + ip = coalesce(server.ipv4_address, (try(server.ipv6_address, ""))) + ipv6 = coalesce(server.ipv6_address, "") + group = server.labels.group_name + validator_start = server.labels.val_start + validator_end = server.labels.val_end + supernode = server.labels.supernode + arch = server.labels.arch + tags = server.labels + hostname = split(".", key)[0] + cloud = "hetzner" + region = server.datacenter + } + } + ) + } + ) + filename = "../../ansible/inventories/${join("-", slice(split("-", var.ethereum_network), length(split("-", var.ethereum_network)) - 2, length(split("-", var.ethereum_network))))}/inventory.ini" +} + +locals { + ssh_config_path = pathexpand("~/.ssh/config.d/ssh_config.${var.ethereum_network}") +} + +resource "local_file" "ssh_config" { + content = templatefile("${path.module}/ssh_config.tmpl", + { + ethereum_network = var.ethereum_network + hosts = merge( + { + for key, server in digitalocean_droplet.main : "${var.ethereum_network}-${key}" => { + hostname = server.ipv4_address + private_ip = server.ipv4_address_private + name = key + user = "devops" + } + }, + { + for key, server in hcloud_server.main : "${var.ethereum_network}-${key}" => { + hostname = coalesce(server.ipv4_address, (try(server.ipv6_address, ""))) + private_ip = try(hcloud_server_network.main[key].ip, "") + name = key + user = "devops" + } + } + ) + } + ) + filename = local.ssh_config_path + + depends_on = [digitalocean_droplet.main, hcloud_server.main] + + lifecycle { + create_before_destroy = true + } +} + +resource "null_resource" "ssh_config_cleanup" { + triggers = { + ssh_config_path = local.ssh_config_path + } + + provisioner "local-exec" { + when = destroy + command = "rm -f ${self.triggers.ssh_config_path} || true" + } + + depends_on = [local_file.ssh_config] +} + +output "ssh_config_file" { + value = "SSH config generated at: ${local.ssh_config_path}" + description = "Path to the generated SSH config file" +} + +output "digitalocean_server_count" { + value = length(digitalocean_droplet.main) + description = "Number of DigitalOcean servers created" +} + +output "hetzner_server_count" { + value = length(hcloud_server.main) + description = "Number of Hetzner servers created" +} + +output "total_server_count" { + value = length(digitalocean_droplet.main) + length(hcloud_server.main) + description = "Total number of servers created across all providers" +} diff --git a/terraform/devnet-7/ssh_config.tmpl b/terraform/devnet-7/ssh_config.tmpl new file mode 100644 index 0000000..d2394b4 --- /dev/null +++ b/terraform/devnet-7/ssh_config.tmpl @@ -0,0 +1,16 @@ +# SSH Config for ${ethereum_network} devnet +# Generated by Terraform +# Usage: Include this file in your ~/.ssh/config with: +# Include /path/to/this/ssh_config +# Or copy entries to your main SSH config file + +%{ for host_key, host in hosts ~} +Host ${host_key} + HostName ${host.hostname} + User ${host.user} + Port 22 + StrictHostKeyChecking no + UserKnownHostsFile /dev/null + LogLevel ERROR + +%{ endfor ~} From 003445d70aed4a829e8c799006296f282c2b0203 Mon Sep 17 00:00:00 2001 From: Stefan Date: Tue, 19 May 2026 13:12:32 +0200 Subject: [PATCH 2/3] devnet-7: drop geth, repack validators, push genesis/gloas - terraform/devnet-7/nodes.tf: comment out lighthouse-geth and lodestar-geth until a bal-devnet-7 geth image branch exists; repack remaining 12 nodes contiguously into validator ranges 0-2400 (200 each). - ansible/inventories/devnet-7/group_vars/all/all.yaml: - NUMBER_OF_VALIDATORS 1200 -> 2400 (matches 12 nodes x 200) - GENESIS_GASLIMIT 100M -> 150M - GENESIS_TIMESTAMP -> 2026-05-19 13:05 UTC (15:05 CEST, ~2h out) - GLOAS_FORK_EPOCH 10 -> 9 (~57m after genesis, ~3h out) - gen_kubernetes_config_ethereum_node flipped lodestar/geth -> lighthouse/reth - ansible/inventories/devnet-7/group_vars/bootnode.yaml: bootnode EL geth -> reth (no bal-devnet-7 geth image yet); inline reth role config replaces the geth_* block, drops the geth init step. --- .../devnet-7/group_vars/all/all.yaml | 12 +++---- .../devnet-7/group_vars/bootnode.yaml | 36 ++++++++----------- terraform/devnet-7/nodes.tf | 27 +++++++------- 3 files changed, 35 insertions(+), 40 deletions(-) diff --git a/ansible/inventories/devnet-7/group_vars/all/all.yaml b/ansible/inventories/devnet-7/group_vars/all/all.yaml index b290c2a..494a143 100644 --- a/ansible/inventories/devnet-7/group_vars/all/all.yaml +++ b/ansible/inventories/devnet-7/group_vars/all/all.yaml @@ -47,7 +47,7 @@ ethereum_genesis_network_seed: "bal-devnet-7" ethereum_genesis_chain_id: "70{{ 99999999 | random(start=10000000, seed=ethereum_genesis_network_seed) }}" ethereum_genesis_fork_version_suffix: "{{ 999999 | random(start=100000, seed=ethereum_genesis_network_seed) }}" ethereum_genesis_generator_output_dir: "../network-configs/{{ network_iteration }}" -ethereum_genesis_timestamp: 1779116400 # 2026-05-18 15:00:00 UTC (17:00 CEST) +ethereum_genesis_timestamp: 1779195900 # 2026-05-19 13:05:00 UTC (15:05 CEST) ethereum_genesis_timedelay: 30 ethereum_genesis_timestamp_relative_cmd: Linux: "date +%s -d '+45 minutes'" @@ -61,7 +61,7 @@ ethereum_genesis_generator_config_files: values.env: |- export CHAIN_ID="{{ ethereum_genesis_chain_id }}" export EL_AND_CL_MNEMONIC="{{ ethereum_genesis_mnemonic }}" - export NUMBER_OF_VALIDATORS=1200 + export NUMBER_OF_VALIDATORS=2400 export GENESIS_FORK_VERSION="0x10{{ ethereum_genesis_fork_version_suffix }}" export ALTAIR_FORK_VERSION="0x20{{ ethereum_genesis_fork_version_suffix }}" export BELLATRIX_FORK_VERSION="0x30{{ ethereum_genesis_fork_version_suffix }}" @@ -77,10 +77,10 @@ ethereum_genesis_generator_config_files: export BPO_2_MAX_BLOBS=21 export BPO_2_TARGET_BLOBS=14 export GLOAS_FORK_VERSION="0x80{{ ethereum_genesis_fork_version_suffix }}" - export GLOAS_FORK_EPOCH=10 + export GLOAS_FORK_EPOCH=9 # ~57m36s after genesis (~3h from inventory edit) export GENESIS_TIMESTAMP={{ ethereum_genesis_timestamp }} export GENESIS_DELAY={{ ethereum_genesis_timedelay }} - export GENESIS_GASLIMIT=100000000 + export GENESIS_GASLIMIT=150000000 export WITHDRAWAL_TYPE=0x02 export EL_PREMINE_ADDRS='{"0x9a97ee9d32a0d68406e32b34c92afb81ce2bc467": {"balance": "100000ETH"}, "0x107781Bc6FA8f66B843f4216fd6D5862D3aa4fcd": {"balance": "100000ETH"}}' @@ -163,8 +163,8 @@ ethereum_node_json_rpc_snooper_engine_container_env: # role: ethpandaops.general.generate_kubernetes_config gen_kubernetes_config_ethereum_node: - el: geth - cl: lodestar + el: reth + cl: lighthouse value: "001" gen_kubernetes_config_dora_execution_snooper_port: 8961 diff --git a/ansible/inventories/devnet-7/group_vars/bootnode.yaml b/ansible/inventories/devnet-7/group_vars/bootnode.yaml index acc5d47..84880ac 100644 --- a/ansible/inventories/devnet-7/group_vars/bootnode.yaml +++ b/ansible/inventories/devnet-7/group_vars/bootnode.yaml @@ -44,7 +44,7 @@ eth_inventory_web_container_env: LETSENCRYPT_HOST: "{{ server_fqdn }}" # role: ethpandaops.general.ethereum_node -ethereum_node_el: geth +ethereum_node_el: reth ethereum_node_cl: lodestar ethereum_node_cl_validator_enabled: false @@ -90,21 +90,22 @@ lodestar_container_command_extra_args: | join(',') }} -# role: ethpandaops.general.geth -geth_container_name: execution -geth_container_image: "{{ default_ethereum_client_images.geth }}" -geth_container_env: +# role: ethpandaops.general.reth +reth_container_name: execution +reth_container_image: "{{ default_ethereum_client_images.reth }}" +reth_container_env: VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}" VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}" LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}" -geth_container_command_extra_args: - - --http.api=eth,net,web3,debug,admin,txpool,trace - - --http.vhosts=* - - --networkid={{ ethereum_network_id }} - - --syncmode=full - - --gcmode=archive - - --history.state=0 - - --miner.gaslimit=200000000 + RUST_BACKTRACE: "full" +reth_container_volumes: + - "{{ reth_datadir }}:/data" + - "{{ reth_auth_jwt_path }}:/execution-auth.jwt:ro" + - "{{ eth_testnet_config_dir }}:/network-config:ro" +reth_container_command_extra_args: + - --chain=/network-config/genesis.json + - --http.api=trace,rpc,eth,net,debug,web3,admin,txpool + - --builder.gaslimit=200000000 - >- --bootnodes={{ ( @@ -124,14 +125,7 @@ geth_container_command_extra_args: ) | join(',') }} -geth_init_custom_network: true -geth_init_custom_network_genesis_file: "{{ eth_testnet_config_dir }}/genesis.json" -geth_container_pull: true - -geth_init_custom_network_container_command: - - --datadir=/data - - init - - /genesis.json +reth_container_pull: true # role: ethpandaops.general.prometheus prometheus_remote_push_url: https://victoriametrics.ethdevops.io/insert/0/prometheus/api/v1/write diff --git a/terraform/devnet-7/nodes.tf b/terraform/devnet-7/nodes.tf index 9219690..c0192a1 100644 --- a/terraform/devnet-7/nodes.tf +++ b/terraform/devnet-7/nodes.tf @@ -26,19 +26,20 @@ variable "nodes" { description = "List of node definitions for the devnet" default = [ { name = "bootnode", count = 1, cloud = "hetzner" }, - { name = "lighthouse-geth", count = 1, cloud = "hetzner", validator_start = 0, validator_end = 200 }, - { name = "lighthouse-besu", count = 1, cloud = "hetzner", validator_start = 200, validator_end = 400 }, - { name = "lighthouse-ethrex", count = 1, cloud = "hetzner", validator_start = 400, validator_end = 600 }, - { name = "lodestar-geth", count = 1, cloud = "hetzner", validator_start = 600, validator_end = 800 }, - { name = "lodestar-besu", count = 1, cloud = "hetzner", validator_start = 800, validator_end = 1000 }, - { name = "lodestar-ethrex", count = 1, cloud = "hetzner", validator_start = 1000, validator_end = 1200 }, - { name = "lighthouse-nethermind", count = 1, cloud = "hetzner", validator_start = 1200, validator_end = 1400 }, - { name = "lodestar-nethermind", count = 1, cloud = "hetzner", validator_start = 1400, validator_end = 1600 }, - { name = "lighthouse-nimbusel", count = 1, cloud = "hetzner", validator_start = 1600, validator_end = 1800 }, + # geth nodes provisioned later, once a bal-devnet-7 image branch exists. + # { name = "lighthouse-geth", count = 1, cloud = "hetzner" }, + # { name = "lodestar-geth", count = 1, cloud = "hetzner" }, + { name = "lighthouse-besu", count = 1, cloud = "hetzner", validator_start = 0, validator_end = 200 }, + { name = "lighthouse-ethrex", count = 1, cloud = "hetzner", validator_start = 200, validator_end = 400 }, + { name = "lighthouse-nethermind", count = 1, cloud = "hetzner", validator_start = 400, validator_end = 600 }, + { name = "lighthouse-nimbusel", count = 1, cloud = "hetzner", validator_start = 600, validator_end = 800 }, + { name = "lighthouse-reth", count = 1, cloud = "hetzner", validator_start = 800, validator_end = 1000 }, + { name = "lighthouse-erigon", count = 1, cloud = "hetzner", validator_start = 1000, validator_end = 1200 }, + { name = "lodestar-besu", count = 1, cloud = "hetzner", validator_start = 1200, validator_end = 1400 }, + { name = "lodestar-ethrex", count = 1, cloud = "hetzner", validator_start = 1400, validator_end = 1600 }, + { name = "lodestar-nethermind", count = 1, cloud = "hetzner", validator_start = 1600, validator_end = 1800 }, { name = "lodestar-nimbusel", count = 1, cloud = "hetzner", validator_start = 1800, validator_end = 2000 }, - { name = "lighthouse-reth", count = 1, cloud = "hetzner", validator_start = 2000, validator_end = 2200 }, - { name = "lodestar-reth", count = 1, cloud = "hetzner", validator_start = 2200, validator_end = 2400 }, - { name = "lighthouse-erigon", count = 1, cloud = "hetzner", validator_start = 2400, validator_end = 2600 }, - { name = "lodestar-erigon", count = 1, cloud = "hetzner", validator_start = 2600, validator_end = 2800 }, + { name = "lodestar-reth", count = 1, cloud = "hetzner", validator_start = 2000, validator_end = 2200 }, + { name = "lodestar-erigon", count = 1, cloud = "hetzner", validator_start = 2200, validator_end = 2400 }, ] } From 6db9ad8e3e99a0d423ad9eddf7f895b1987a2d8c Mon Sep 17 00:00:00 2001 From: Stefan Date: Tue, 19 May 2026 13:15:35 +0200 Subject: [PATCH 3/3] Restore kubernetes/devnet-6 The kubernetes/devnet-6 -> kubernetes-archive/devnet-6 move was bundled into the devnet-7 scaffold by mistake. devnet-6 archival will land in a separate PR scoped to devnet-6's wind-down. --- .../devnet-6/assertoor/.helmignore | 0 .../devnet-6/assertoor/Chart.lock | 0 .../devnet-6/assertoor/Chart.yaml | 0 .../devnet-6/assertoor/charts/assertoor-1.0.0.tgz | Bin .../devnet-6/assertoor/values.yaml | 0 .../devnet-6/checkpointz/.helmignore | 0 .../devnet-6/checkpointz/Chart.lock | 0 .../devnet-6/checkpointz/Chart.yaml | 0 .../checkpointz/charts/checkpointz-0.1.3.tgz | Bin .../devnet-6/checkpointz/values.yaml | 0 .../devnet-6/config/.helmignore | 0 .../devnet-6/config/Chart.yaml | 0 .../devnet-6/config/templates/ingress.config.yaml | 0 .../devnet-6/config/values.yaml | 0 .../devnet-6/dora/.helmignore | 0 .../devnet-6/dora/Chart.lock | 0 .../devnet-6/dora/Chart.yaml | 0 .../devnet-6/dora/charts/dora-1.0.8.tgz | Bin .../devnet-6/dora/endpoints-cl.yaml | 0 .../devnet-6/dora/endpoints-el.yaml | 0 .../devnet-6/dora/values.yaml | 0 .../devnet-6/dugtrio/.helmignore | 0 .../devnet-6/dugtrio/Chart.lock | 0 .../devnet-6/dugtrio/Chart.yaml | 0 .../devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz | Bin .../devnet-6/dugtrio/values.yaml | 0 .../devnet-6/erpc/.helmignore | 0 .../devnet-6/erpc/Chart.lock | 0 .../devnet-6/erpc/Chart.yaml | 0 .../devnet-6/erpc/charts/erpc-0.0.4.tgz | Bin .../devnet-6/erpc/values.yaml | 0 .../devnet-6/faucet/.helmignore | 0 .../devnet-6/faucet/Chart.lock | 0 .../devnet-6/faucet/Chart.yaml | 0 .../devnet-6/faucet/charts/powfaucet-0.0.4.tgz | Bin .../devnet-6/faucet/values.yaml | 0 .../devnet-6/forkmon/.helmignore | 0 .../devnet-6/forkmon/Chart.lock | 0 .../devnet-6/forkmon/Chart.yaml | 0 .../devnet-6/forkmon/charts/forkmon-0.1.5.tgz | Bin .../devnet-6/forkmon/values.yaml | 0 .../devnet-6/forky/.helmignore | 0 .../devnet-6/forky/Chart.lock | 0 .../devnet-6/forky/Chart.yaml | 0 .../devnet-6/forky/charts/forky-0.2.0.tgz | Bin .../devnet-6/forky/values.yaml | 0 .../devnet-6/homepage/.helmignore | 0 .../devnet-6/homepage/Chart.lock | 0 .../devnet-6/homepage/Chart.yaml | 0 .../homepage/charts/testnet-homepage-0.2.3.tgz | Bin .../devnet-6/homepage/values.yaml | 0 .../devnet-6/spamoor/.helmignore | 0 .../devnet-6/spamoor/Chart.lock | 0 .../devnet-6/spamoor/Chart.yaml | 0 .../devnet-6/spamoor/charts/spamoor-1.0.0.tgz | Bin .../devnet-6/spamoor/values.yaml | 0 .../devnet-6/syncoor-server/.helmignore | 0 .../devnet-6/syncoor-server/Chart.lock | 0 .../devnet-6/syncoor-server/Chart.yaml | 0 .../syncoor-server/charts/syncoor-server-0.0.1.tgz | Bin .../devnet-6/syncoor-server/values.yaml | 0 .../devnet-6/syncoor-web/.helmignore | 0 .../devnet-6/syncoor-web/Chart.lock | 0 .../devnet-6/syncoor-web/Chart.yaml | 0 .../syncoor-web/charts/syncoor-web-0.0.1.tgz | Bin .../devnet-6/syncoor-web/values.yaml | 0 .../devnet-6/tracoor/.helmignore | 0 .../devnet-6/tracoor/Chart.lock | 0 .../devnet-6/tracoor/Chart.yaml | 0 .../tracoor/charts/tracoor-single-0.0.5.tgz | Bin .../devnet-6/tracoor/values.yaml | 0 .../devnet-6/xatu-cannon/.helmignore | 0 .../devnet-6/xatu-cannon/Chart.lock | 0 .../devnet-6/xatu-cannon/Chart.yaml | 0 .../xatu-cannon/charts/xatu-cannon-0.2.2.tgz | Bin .../devnet-6/xatu-cannon/values.yaml | 0 .../devnet-6/xatu-cl-mimicry/.helmignore | 0 .../devnet-6/xatu-cl-mimicry/Chart.lock | 0 .../devnet-6/xatu-cl-mimicry/Chart.yaml | 0 .../charts/xatu-cl-mimicry-0.0.2.tgz | Bin .../devnet-6/xatu-cl-mimicry/values.yaml | 0 .../devnet-6/xatu-mimicry/.helmignore | 0 .../devnet-6/xatu-mimicry/Chart.lock | 0 .../devnet-6/xatu-mimicry/Chart.yaml | 0 .../xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz | Bin .../devnet-6/xatu-mimicry/values.yaml | 0 .../devnet-6/xatu-relay-monitor/.helmignore | 0 .../devnet-6/xatu-relay-monitor/Chart.lock | 0 .../devnet-6/xatu-relay-monitor/Chart.yaml | 0 .../charts/xatu-relay-monitor-0.0.1.tgz | Bin .../devnet-6/xatu-relay-monitor/values.yaml | 0 91 files changed, 0 insertions(+), 0 deletions(-) rename {kubernetes-archive => kubernetes}/devnet-6/assertoor/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/assertoor/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/assertoor/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/assertoor/charts/assertoor-1.0.0.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/assertoor/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/checkpointz/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/checkpointz/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/checkpointz/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/checkpointz/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/config/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/config/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/config/templates/ingress.config.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/config/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/charts/dora-1.0.8.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/endpoints-cl.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/endpoints-el.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dora/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dugtrio/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dugtrio/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dugtrio/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/dugtrio/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/erpc/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/erpc/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/erpc/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/erpc/charts/erpc-0.0.4.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/erpc/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/faucet/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/faucet/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/faucet/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/faucet/charts/powfaucet-0.0.4.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/faucet/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forkmon/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forkmon/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forkmon/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forkmon/charts/forkmon-0.1.5.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forkmon/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forky/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forky/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forky/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forky/charts/forky-0.2.0.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/forky/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/homepage/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/homepage/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/homepage/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/homepage/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/spamoor/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/spamoor/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/spamoor/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/spamoor/charts/spamoor-1.0.0.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/spamoor/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-server/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-server/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-server/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-server/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-web/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-web/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-web/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/syncoor-web/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/tracoor/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/tracoor/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/tracoor/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/tracoor/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cannon/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cannon/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cannon/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cannon/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cl-mimicry/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cl-mimicry/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cl-mimicry/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-cl-mimicry/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-mimicry/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-mimicry/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-mimicry/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-mimicry/values.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-relay-monitor/.helmignore (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-relay-monitor/Chart.lock (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-relay-monitor/Chart.yaml (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz (100%) rename {kubernetes-archive => kubernetes}/devnet-6/xatu-relay-monitor/values.yaml (100%) diff --git a/kubernetes-archive/devnet-6/assertoor/.helmignore b/kubernetes/devnet-6/assertoor/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/assertoor/.helmignore rename to kubernetes/devnet-6/assertoor/.helmignore diff --git a/kubernetes-archive/devnet-6/assertoor/Chart.lock b/kubernetes/devnet-6/assertoor/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/assertoor/Chart.lock rename to kubernetes/devnet-6/assertoor/Chart.lock diff --git a/kubernetes-archive/devnet-6/assertoor/Chart.yaml b/kubernetes/devnet-6/assertoor/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/assertoor/Chart.yaml rename to kubernetes/devnet-6/assertoor/Chart.yaml diff --git a/kubernetes-archive/devnet-6/assertoor/charts/assertoor-1.0.0.tgz b/kubernetes/devnet-6/assertoor/charts/assertoor-1.0.0.tgz similarity index 100% rename from kubernetes-archive/devnet-6/assertoor/charts/assertoor-1.0.0.tgz rename to kubernetes/devnet-6/assertoor/charts/assertoor-1.0.0.tgz diff --git a/kubernetes-archive/devnet-6/assertoor/values.yaml b/kubernetes/devnet-6/assertoor/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/assertoor/values.yaml rename to kubernetes/devnet-6/assertoor/values.yaml diff --git a/kubernetes-archive/devnet-6/checkpointz/.helmignore b/kubernetes/devnet-6/checkpointz/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/checkpointz/.helmignore rename to kubernetes/devnet-6/checkpointz/.helmignore diff --git a/kubernetes-archive/devnet-6/checkpointz/Chart.lock b/kubernetes/devnet-6/checkpointz/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/checkpointz/Chart.lock rename to kubernetes/devnet-6/checkpointz/Chart.lock diff --git a/kubernetes-archive/devnet-6/checkpointz/Chart.yaml b/kubernetes/devnet-6/checkpointz/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/checkpointz/Chart.yaml rename to kubernetes/devnet-6/checkpointz/Chart.yaml diff --git a/kubernetes-archive/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz b/kubernetes/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz similarity index 100% rename from kubernetes-archive/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz rename to kubernetes/devnet-6/checkpointz/charts/checkpointz-0.1.3.tgz diff --git a/kubernetes-archive/devnet-6/checkpointz/values.yaml b/kubernetes/devnet-6/checkpointz/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/checkpointz/values.yaml rename to kubernetes/devnet-6/checkpointz/values.yaml diff --git a/kubernetes-archive/devnet-6/config/.helmignore b/kubernetes/devnet-6/config/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/config/.helmignore rename to kubernetes/devnet-6/config/.helmignore diff --git a/kubernetes-archive/devnet-6/config/Chart.yaml b/kubernetes/devnet-6/config/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/config/Chart.yaml rename to kubernetes/devnet-6/config/Chart.yaml diff --git a/kubernetes-archive/devnet-6/config/templates/ingress.config.yaml b/kubernetes/devnet-6/config/templates/ingress.config.yaml similarity index 100% rename from kubernetes-archive/devnet-6/config/templates/ingress.config.yaml rename to kubernetes/devnet-6/config/templates/ingress.config.yaml diff --git a/kubernetes-archive/devnet-6/config/values.yaml b/kubernetes/devnet-6/config/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/config/values.yaml rename to kubernetes/devnet-6/config/values.yaml diff --git a/kubernetes-archive/devnet-6/dora/.helmignore b/kubernetes/devnet-6/dora/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/dora/.helmignore rename to kubernetes/devnet-6/dora/.helmignore diff --git a/kubernetes-archive/devnet-6/dora/Chart.lock b/kubernetes/devnet-6/dora/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/dora/Chart.lock rename to kubernetes/devnet-6/dora/Chart.lock diff --git a/kubernetes-archive/devnet-6/dora/Chart.yaml b/kubernetes/devnet-6/dora/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dora/Chart.yaml rename to kubernetes/devnet-6/dora/Chart.yaml diff --git a/kubernetes-archive/devnet-6/dora/charts/dora-1.0.8.tgz b/kubernetes/devnet-6/dora/charts/dora-1.0.8.tgz similarity index 100% rename from kubernetes-archive/devnet-6/dora/charts/dora-1.0.8.tgz rename to kubernetes/devnet-6/dora/charts/dora-1.0.8.tgz diff --git a/kubernetes-archive/devnet-6/dora/endpoints-cl.yaml b/kubernetes/devnet-6/dora/endpoints-cl.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dora/endpoints-cl.yaml rename to kubernetes/devnet-6/dora/endpoints-cl.yaml diff --git a/kubernetes-archive/devnet-6/dora/endpoints-el.yaml b/kubernetes/devnet-6/dora/endpoints-el.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dora/endpoints-el.yaml rename to kubernetes/devnet-6/dora/endpoints-el.yaml diff --git a/kubernetes-archive/devnet-6/dora/values.yaml b/kubernetes/devnet-6/dora/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dora/values.yaml rename to kubernetes/devnet-6/dora/values.yaml diff --git a/kubernetes-archive/devnet-6/dugtrio/.helmignore b/kubernetes/devnet-6/dugtrio/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/dugtrio/.helmignore rename to kubernetes/devnet-6/dugtrio/.helmignore diff --git a/kubernetes-archive/devnet-6/dugtrio/Chart.lock b/kubernetes/devnet-6/dugtrio/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/dugtrio/Chart.lock rename to kubernetes/devnet-6/dugtrio/Chart.lock diff --git a/kubernetes-archive/devnet-6/dugtrio/Chart.yaml b/kubernetes/devnet-6/dugtrio/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dugtrio/Chart.yaml rename to kubernetes/devnet-6/dugtrio/Chart.yaml diff --git a/kubernetes-archive/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz b/kubernetes/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz similarity index 100% rename from kubernetes-archive/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz rename to kubernetes/devnet-6/dugtrio/charts/dugtrio-0.0.6.tgz diff --git a/kubernetes-archive/devnet-6/dugtrio/values.yaml b/kubernetes/devnet-6/dugtrio/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/dugtrio/values.yaml rename to kubernetes/devnet-6/dugtrio/values.yaml diff --git a/kubernetes-archive/devnet-6/erpc/.helmignore b/kubernetes/devnet-6/erpc/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/erpc/.helmignore rename to kubernetes/devnet-6/erpc/.helmignore diff --git a/kubernetes-archive/devnet-6/erpc/Chart.lock b/kubernetes/devnet-6/erpc/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/erpc/Chart.lock rename to kubernetes/devnet-6/erpc/Chart.lock diff --git a/kubernetes-archive/devnet-6/erpc/Chart.yaml b/kubernetes/devnet-6/erpc/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/erpc/Chart.yaml rename to kubernetes/devnet-6/erpc/Chart.yaml diff --git a/kubernetes-archive/devnet-6/erpc/charts/erpc-0.0.4.tgz b/kubernetes/devnet-6/erpc/charts/erpc-0.0.4.tgz similarity index 100% rename from kubernetes-archive/devnet-6/erpc/charts/erpc-0.0.4.tgz rename to kubernetes/devnet-6/erpc/charts/erpc-0.0.4.tgz diff --git a/kubernetes-archive/devnet-6/erpc/values.yaml b/kubernetes/devnet-6/erpc/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/erpc/values.yaml rename to kubernetes/devnet-6/erpc/values.yaml diff --git a/kubernetes-archive/devnet-6/faucet/.helmignore b/kubernetes/devnet-6/faucet/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/faucet/.helmignore rename to kubernetes/devnet-6/faucet/.helmignore diff --git a/kubernetes-archive/devnet-6/faucet/Chart.lock b/kubernetes/devnet-6/faucet/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/faucet/Chart.lock rename to kubernetes/devnet-6/faucet/Chart.lock diff --git a/kubernetes-archive/devnet-6/faucet/Chart.yaml b/kubernetes/devnet-6/faucet/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/faucet/Chart.yaml rename to kubernetes/devnet-6/faucet/Chart.yaml diff --git a/kubernetes-archive/devnet-6/faucet/charts/powfaucet-0.0.4.tgz b/kubernetes/devnet-6/faucet/charts/powfaucet-0.0.4.tgz similarity index 100% rename from kubernetes-archive/devnet-6/faucet/charts/powfaucet-0.0.4.tgz rename to kubernetes/devnet-6/faucet/charts/powfaucet-0.0.4.tgz diff --git a/kubernetes-archive/devnet-6/faucet/values.yaml b/kubernetes/devnet-6/faucet/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/faucet/values.yaml rename to kubernetes/devnet-6/faucet/values.yaml diff --git a/kubernetes-archive/devnet-6/forkmon/.helmignore b/kubernetes/devnet-6/forkmon/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/forkmon/.helmignore rename to kubernetes/devnet-6/forkmon/.helmignore diff --git a/kubernetes-archive/devnet-6/forkmon/Chart.lock b/kubernetes/devnet-6/forkmon/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/forkmon/Chart.lock rename to kubernetes/devnet-6/forkmon/Chart.lock diff --git a/kubernetes-archive/devnet-6/forkmon/Chart.yaml b/kubernetes/devnet-6/forkmon/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/forkmon/Chart.yaml rename to kubernetes/devnet-6/forkmon/Chart.yaml diff --git a/kubernetes-archive/devnet-6/forkmon/charts/forkmon-0.1.5.tgz b/kubernetes/devnet-6/forkmon/charts/forkmon-0.1.5.tgz similarity index 100% rename from kubernetes-archive/devnet-6/forkmon/charts/forkmon-0.1.5.tgz rename to kubernetes/devnet-6/forkmon/charts/forkmon-0.1.5.tgz diff --git a/kubernetes-archive/devnet-6/forkmon/values.yaml b/kubernetes/devnet-6/forkmon/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/forkmon/values.yaml rename to kubernetes/devnet-6/forkmon/values.yaml diff --git a/kubernetes-archive/devnet-6/forky/.helmignore b/kubernetes/devnet-6/forky/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/forky/.helmignore rename to kubernetes/devnet-6/forky/.helmignore diff --git a/kubernetes-archive/devnet-6/forky/Chart.lock b/kubernetes/devnet-6/forky/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/forky/Chart.lock rename to kubernetes/devnet-6/forky/Chart.lock diff --git a/kubernetes-archive/devnet-6/forky/Chart.yaml b/kubernetes/devnet-6/forky/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/forky/Chart.yaml rename to kubernetes/devnet-6/forky/Chart.yaml diff --git a/kubernetes-archive/devnet-6/forky/charts/forky-0.2.0.tgz b/kubernetes/devnet-6/forky/charts/forky-0.2.0.tgz similarity index 100% rename from kubernetes-archive/devnet-6/forky/charts/forky-0.2.0.tgz rename to kubernetes/devnet-6/forky/charts/forky-0.2.0.tgz diff --git a/kubernetes-archive/devnet-6/forky/values.yaml b/kubernetes/devnet-6/forky/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/forky/values.yaml rename to kubernetes/devnet-6/forky/values.yaml diff --git a/kubernetes-archive/devnet-6/homepage/.helmignore b/kubernetes/devnet-6/homepage/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/homepage/.helmignore rename to kubernetes/devnet-6/homepage/.helmignore diff --git a/kubernetes-archive/devnet-6/homepage/Chart.lock b/kubernetes/devnet-6/homepage/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/homepage/Chart.lock rename to kubernetes/devnet-6/homepage/Chart.lock diff --git a/kubernetes-archive/devnet-6/homepage/Chart.yaml b/kubernetes/devnet-6/homepage/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/homepage/Chart.yaml rename to kubernetes/devnet-6/homepage/Chart.yaml diff --git a/kubernetes-archive/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz b/kubernetes/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz similarity index 100% rename from kubernetes-archive/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz rename to kubernetes/devnet-6/homepage/charts/testnet-homepage-0.2.3.tgz diff --git a/kubernetes-archive/devnet-6/homepage/values.yaml b/kubernetes/devnet-6/homepage/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/homepage/values.yaml rename to kubernetes/devnet-6/homepage/values.yaml diff --git a/kubernetes-archive/devnet-6/spamoor/.helmignore b/kubernetes/devnet-6/spamoor/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/spamoor/.helmignore rename to kubernetes/devnet-6/spamoor/.helmignore diff --git a/kubernetes-archive/devnet-6/spamoor/Chart.lock b/kubernetes/devnet-6/spamoor/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/spamoor/Chart.lock rename to kubernetes/devnet-6/spamoor/Chart.lock diff --git a/kubernetes-archive/devnet-6/spamoor/Chart.yaml b/kubernetes/devnet-6/spamoor/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/spamoor/Chart.yaml rename to kubernetes/devnet-6/spamoor/Chart.yaml diff --git a/kubernetes-archive/devnet-6/spamoor/charts/spamoor-1.0.0.tgz b/kubernetes/devnet-6/spamoor/charts/spamoor-1.0.0.tgz similarity index 100% rename from kubernetes-archive/devnet-6/spamoor/charts/spamoor-1.0.0.tgz rename to kubernetes/devnet-6/spamoor/charts/spamoor-1.0.0.tgz diff --git a/kubernetes-archive/devnet-6/spamoor/values.yaml b/kubernetes/devnet-6/spamoor/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/spamoor/values.yaml rename to kubernetes/devnet-6/spamoor/values.yaml diff --git a/kubernetes-archive/devnet-6/syncoor-server/.helmignore b/kubernetes/devnet-6/syncoor-server/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-server/.helmignore rename to kubernetes/devnet-6/syncoor-server/.helmignore diff --git a/kubernetes-archive/devnet-6/syncoor-server/Chart.lock b/kubernetes/devnet-6/syncoor-server/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-server/Chart.lock rename to kubernetes/devnet-6/syncoor-server/Chart.lock diff --git a/kubernetes-archive/devnet-6/syncoor-server/Chart.yaml b/kubernetes/devnet-6/syncoor-server/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-server/Chart.yaml rename to kubernetes/devnet-6/syncoor-server/Chart.yaml diff --git a/kubernetes-archive/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz b/kubernetes/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz rename to kubernetes/devnet-6/syncoor-server/charts/syncoor-server-0.0.1.tgz diff --git a/kubernetes-archive/devnet-6/syncoor-server/values.yaml b/kubernetes/devnet-6/syncoor-server/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-server/values.yaml rename to kubernetes/devnet-6/syncoor-server/values.yaml diff --git a/kubernetes-archive/devnet-6/syncoor-web/.helmignore b/kubernetes/devnet-6/syncoor-web/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-web/.helmignore rename to kubernetes/devnet-6/syncoor-web/.helmignore diff --git a/kubernetes-archive/devnet-6/syncoor-web/Chart.lock b/kubernetes/devnet-6/syncoor-web/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-web/Chart.lock rename to kubernetes/devnet-6/syncoor-web/Chart.lock diff --git a/kubernetes-archive/devnet-6/syncoor-web/Chart.yaml b/kubernetes/devnet-6/syncoor-web/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-web/Chart.yaml rename to kubernetes/devnet-6/syncoor-web/Chart.yaml diff --git a/kubernetes-archive/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz b/kubernetes/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz rename to kubernetes/devnet-6/syncoor-web/charts/syncoor-web-0.0.1.tgz diff --git a/kubernetes-archive/devnet-6/syncoor-web/values.yaml b/kubernetes/devnet-6/syncoor-web/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/syncoor-web/values.yaml rename to kubernetes/devnet-6/syncoor-web/values.yaml diff --git a/kubernetes-archive/devnet-6/tracoor/.helmignore b/kubernetes/devnet-6/tracoor/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/tracoor/.helmignore rename to kubernetes/devnet-6/tracoor/.helmignore diff --git a/kubernetes-archive/devnet-6/tracoor/Chart.lock b/kubernetes/devnet-6/tracoor/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/tracoor/Chart.lock rename to kubernetes/devnet-6/tracoor/Chart.lock diff --git a/kubernetes-archive/devnet-6/tracoor/Chart.yaml b/kubernetes/devnet-6/tracoor/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/tracoor/Chart.yaml rename to kubernetes/devnet-6/tracoor/Chart.yaml diff --git a/kubernetes-archive/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz b/kubernetes/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz similarity index 100% rename from kubernetes-archive/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz rename to kubernetes/devnet-6/tracoor/charts/tracoor-single-0.0.5.tgz diff --git a/kubernetes-archive/devnet-6/tracoor/values.yaml b/kubernetes/devnet-6/tracoor/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/tracoor/values.yaml rename to kubernetes/devnet-6/tracoor/values.yaml diff --git a/kubernetes-archive/devnet-6/xatu-cannon/.helmignore b/kubernetes/devnet-6/xatu-cannon/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cannon/.helmignore rename to kubernetes/devnet-6/xatu-cannon/.helmignore diff --git a/kubernetes-archive/devnet-6/xatu-cannon/Chart.lock b/kubernetes/devnet-6/xatu-cannon/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cannon/Chart.lock rename to kubernetes/devnet-6/xatu-cannon/Chart.lock diff --git a/kubernetes-archive/devnet-6/xatu-cannon/Chart.yaml b/kubernetes/devnet-6/xatu-cannon/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cannon/Chart.yaml rename to kubernetes/devnet-6/xatu-cannon/Chart.yaml diff --git a/kubernetes-archive/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz b/kubernetes/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz rename to kubernetes/devnet-6/xatu-cannon/charts/xatu-cannon-0.2.2.tgz diff --git a/kubernetes-archive/devnet-6/xatu-cannon/values.yaml b/kubernetes/devnet-6/xatu-cannon/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cannon/values.yaml rename to kubernetes/devnet-6/xatu-cannon/values.yaml diff --git a/kubernetes-archive/devnet-6/xatu-cl-mimicry/.helmignore b/kubernetes/devnet-6/xatu-cl-mimicry/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cl-mimicry/.helmignore rename to kubernetes/devnet-6/xatu-cl-mimicry/.helmignore diff --git a/kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.lock b/kubernetes/devnet-6/xatu-cl-mimicry/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.lock rename to kubernetes/devnet-6/xatu-cl-mimicry/Chart.lock diff --git a/kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.yaml b/kubernetes/devnet-6/xatu-cl-mimicry/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cl-mimicry/Chart.yaml rename to kubernetes/devnet-6/xatu-cl-mimicry/Chart.yaml diff --git a/kubernetes-archive/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz b/kubernetes/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz rename to kubernetes/devnet-6/xatu-cl-mimicry/charts/xatu-cl-mimicry-0.0.2.tgz diff --git a/kubernetes-archive/devnet-6/xatu-cl-mimicry/values.yaml b/kubernetes/devnet-6/xatu-cl-mimicry/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-cl-mimicry/values.yaml rename to kubernetes/devnet-6/xatu-cl-mimicry/values.yaml diff --git a/kubernetes-archive/devnet-6/xatu-mimicry/.helmignore b/kubernetes/devnet-6/xatu-mimicry/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/xatu-mimicry/.helmignore rename to kubernetes/devnet-6/xatu-mimicry/.helmignore diff --git a/kubernetes-archive/devnet-6/xatu-mimicry/Chart.lock b/kubernetes/devnet-6/xatu-mimicry/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/xatu-mimicry/Chart.lock rename to kubernetes/devnet-6/xatu-mimicry/Chart.lock diff --git a/kubernetes-archive/devnet-6/xatu-mimicry/Chart.yaml b/kubernetes/devnet-6/xatu-mimicry/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-mimicry/Chart.yaml rename to kubernetes/devnet-6/xatu-mimicry/Chart.yaml diff --git a/kubernetes-archive/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz b/kubernetes/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz similarity index 100% rename from kubernetes-archive/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz rename to kubernetes/devnet-6/xatu-mimicry/charts/xatu-mimicry-0.0.7.tgz diff --git a/kubernetes-archive/devnet-6/xatu-mimicry/values.yaml b/kubernetes/devnet-6/xatu-mimicry/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-mimicry/values.yaml rename to kubernetes/devnet-6/xatu-mimicry/values.yaml diff --git a/kubernetes-archive/devnet-6/xatu-relay-monitor/.helmignore b/kubernetes/devnet-6/xatu-relay-monitor/.helmignore similarity index 100% rename from kubernetes-archive/devnet-6/xatu-relay-monitor/.helmignore rename to kubernetes/devnet-6/xatu-relay-monitor/.helmignore diff --git a/kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.lock b/kubernetes/devnet-6/xatu-relay-monitor/Chart.lock similarity index 100% rename from kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.lock rename to kubernetes/devnet-6/xatu-relay-monitor/Chart.lock diff --git a/kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.yaml b/kubernetes/devnet-6/xatu-relay-monitor/Chart.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-relay-monitor/Chart.yaml rename to kubernetes/devnet-6/xatu-relay-monitor/Chart.yaml diff --git a/kubernetes-archive/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz b/kubernetes/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz similarity index 100% rename from kubernetes-archive/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz rename to kubernetes/devnet-6/xatu-relay-monitor/charts/xatu-relay-monitor-0.0.1.tgz diff --git a/kubernetes-archive/devnet-6/xatu-relay-monitor/values.yaml b/kubernetes/devnet-6/xatu-relay-monitor/values.yaml similarity index 100% rename from kubernetes-archive/devnet-6/xatu-relay-monitor/values.yaml rename to kubernetes/devnet-6/xatu-relay-monitor/values.yaml