ethpandaops · pk910 · Feb 18, 2026 · Feb 18, 2026 · Feb 18, 2026 · Feb 18, 2026
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -1,7 +1,7 @@
 [defaults]
 ansible_managed      = Ansible managed. Don't change this file manually. Template info: {{{{ (template_fullpath | replace(playbook_dir,'')) }}}}
 stdout_callback      = yaml
-inventory            = inventories/devnet-2/inventory.ini
+inventory            = inventories/devnet-3/inventory.ini
 roles_path           = vendor/roles/:roles
 collections_path     = vendor/collections
 forks                = 50
@@ -16,7 +16,7 @@ fact_caching            = jsonfile
 # Keep facts forever
 fact_caching_timeout    = 0
 # Where to store the fact cache
-fact_caching_connection = tmp/devnet-2/
+fact_caching_connection = tmp/devnet-3/
 
 [inventory]
 enable_plugins = script, yaml, ini

diff --git a/ansible/inventories/devnet-3/group_vars/all/00-defaults.yaml b/ansible/inventories/devnet-3/group_vars/all/00-defaults.yaml
@@ -0,0 +1,67 @@
+ansible_user: devops
+ansible_python_interpreter: /usr/bin/python3
+# Template name refers to the name of the devnet without number
+# Generally refer to the first word of the repository name
+# e.g. peerdas, or pectra
+devnet_name: perf
+
+# IPv6 Specific configuration
+global_ipv6_enabled: true
+global_ipv6_subnet_ranges:
+  hetzner: "64"
+  digitalocean: "124"
+  ovh: "64"
+
+######################################################
+##
+##          Role specific overwrites
+##
+######################################################
+
+# role: ethpandaops.general.bootstrap
+bootstrap_user: root
+bootstrap_default_user_authorized_keys_github:
+  - barnabasbusa
+  - parithosh
+  - samcm
+  - savid
+  - skylenet
+  - pk910
+  - mattevans
+
+# role: robertdebock.fail2ban
+fail2ban_loglevel: INFO
+fail2ban_logtarget: /var/log/fail2ban.log
+fail2ban_maxretry: 10
+fail2ban_bantime: 600
+fail2ban_ignoreips:
+  - "127.0.0.1/8 ::1"
+  - "{{ lookup('ansible.builtin.url', 'http://ifconfig.me/ip', split_lines=False) }}/32" # Avoid banning ourself
+
+
+# role: ethpandaops.general.docker_network
+docker_network_name: shared
+docker_network_enable_ipv6: "{{ global_ipv6_enabled }}"
+docker_network_ipam_config: >-
+  {{ global_ipv6_enabled | default(false) | ternary(
+    [ { 'subnet': ansible_default_ipv6.address | default('::1') | ansible.utils.ipsubnet(global_ipv6_subnet_ranges[hostvars[inventory_hostname]['cloud']]) } ]
+    , [])
+  }}
+
+docker_networks_shared:
+  - name: "{{ docker_network_name }}"
+
+# role: geerlingguy.docker
+docker_users:
+  - devops
+docker_daemon_options:
+  "log-driver": "json-file"
+  "log-opts":
+      "max-size": "500m"
+      "max-file": "8"
+
+# role: ethpandaops.general.prometheus
+prometheus_container_networks: "{{ docker_networks_shared }}"
+
+# role: ethpandaops.general.ethereum_node
+ethereum_node_images_always_pull: true
diff --git a/ansible/inventories/devnet-3/group_vars/all/all.sops.yaml b/ansible/inventories/devnet-3/group_vars/all/all.sops.yaml
diff --git a/ansible/inventories/devnet-3/group_vars/all/all.yaml b/ansible/inventories/devnet-3/group_vars/all/all.yaml
diff --git a/ansible/inventories/devnet-3/group_vars/all/images.yaml b/ansible/inventories/devnet-3/group_vars/all/images.yaml
@@ -0,0 +1,59 @@
+default_ethereum_client_images:
+  ### Consensus layer clients
+  lighthouse: docker.ethquokkaops.io/dh/sigp/lighthouse:latest
+  lodestar: docker.ethquokkaops.io/dh/chainsafe/lodestar:latest
+  nimbus: docker.ethquokkaops.io/dh/statusim/nimbus-eth2:multiarch-latest
+  prysm: docker.ethquokkaops.io/gcr/prysmaticlabs/prysm/beacon-chain:latest
+  prysm_validator: docker.ethquokkaops.io/gcr/prysmaticlabs/prysm/validator:latest
+  teku: docker.ethquokkaops.io/dh/consensys/teku:latest
+  grandine: docker.ethquokkaops.io/dh/ethpandaops/grandine:develop
+  ### Execution layer clients
+  besu: docker.ethquokkaops.io/dh/ethpandaops/besu:performance
+  geth: docker.ethquokkaops.io/dh/ethpandaops/geth:master
+  erigon: docker.ethquokkaops.io/dh/ethpandaops/erigon:performance
+  ethereumjs: docker.ethquokkaops.io/dh/ethpandaops/ethereumjs:performance
+  nethermind: docker.ethquokkaops.io/dh/ethpandaops/nethermind:performance
+  reth: ghcr.io/paradigmxyz/reth:nightly
+
+default_tooling_images:
+  mev_boost: docker.ethquokkaops.io/dh/ethpandaops/mev-boost:latest
+  mev_boost_relay: docker.ethquokkaops.io/dh/ethpandaops/mev-boost-relay:latest
+  xatu_sentry: docker.ethquokkaops.io/dh/ethpandaops/xatu:latest
+  xatu_cannon: docker.ethquokkaops.io/dh/ethpandaops/xatu:latest
+  xatu_mimicry: docker.ethquokkaops.io/dh/ethpandaops/xatu:latest
+  xatu_cl_mimicry: docker.ethquokkaops.io/dh/ethpandaops/xatu:latest
+  xatu_relay_monitor: docker.ethquokkaops.io/dh/ethpandaops/xatu:latest
+  ethereum_metrics_exporter: docker.ethquokkaops.io/dh/ethpandaops/ethereum-metrics-exporter:latest
+  tx_fuzz: docker.ethquokkaops.io/dh/ethpandaops/tx-fuzz:latest
+  forkmon: docker.ethquokkaops.io/dh/skylenet/nodemonitor:darkmode
+  forky: docker.ethquokkaops.io/dh/ethpandaops/forky:latest
+  fauceth: docker.ethquokkaops.io/dh/skylenet/fauceth:fix_fee_estimation
+  powfaucet: docker.ethquokkaops.io/dh/pk910/powfaucet:v2-stable
+  homepage: docker.ethquokkaops.io/dh/ethpandaops/ethereum-testnet-homepage:latest
+  checkpointz: docker.ethquokkaops.io/dh/ethpandaops/checkpointz:latest
+  blockscout: docker.ethquokkaops.io/dh/blockscout/blockscout:latest
+  blockscout_frontend: docker.ethquokkaops.io/gh/blockscout/frontend:latest
+  beacon_metrics_gazer: docker.ethquokkaops.io/dh/dapplion/beacon-metrics-gazer:latest
+  eth_fauceth: docker.ethquokkaops.io/dh/chainflag/eth-faucet:latest
+  blobscan: docker.ethquokkaops.io/dh/blossomlabs/blobscan:latest
+  blobscan_indexer: docker.ethquokkaops.io/dh/blossomlabs/blobscan-indexer:latest
+  dora: docker.ethquokkaops.io/dh/ethpandaops/dora:master-latest
+  dugtrio: docker.ethquokkaops.io/dh/ethpandaops/dugtrio:latest
+  ethereum_genesis_generator: docker.ethquokkaops.io/dh/ethpandaops/ethereum-genesis-generator:4.1.16
+  tracoor: docker.ethquokkaops.io/dh/ethpandaops/tracoor:0.0.26-debian
+  ncli: docker.ethquokkaops.io/dh/status-im/nimbus-eth2:unstable
+  lcli: docker.ethquokkaops.io/dh/ethpandaops/lighthouse:unstable-a94b12blo
+  zcli: electra
+  assertoor: docker.ethquokkaops.io/dh/ethpandaops/assertoor:master-latest
+  erpc: docker.ethquokkaops.io/gh/erpc/erpc:main
+  prometheus: docker.ethquokkaops.io/dh/prom/prometheus:v2.40.7
+  node_exporter: docker.ethquokkaops.io/dh/prom/node-exporter:v1.5.0
+  cl_bootnode: docker.ethquokkaops.io/dh/protolambda/eth2-bootnode:cleanup
+  json_rpc_snooper: docker.ethquokkaops.io/dh/ethpandaops/rpc-snooper:0.0.5
+  nginx_proxy: docker.ethquokkaops.io/dh/nginx:alpine
+  nginx_proxy_gen: docker.ethquokkaops.io/dh/nginxproxy/docker-gen
+  nginx_proxy_acme: docker.ethquokkaops.io/dh/nginxproxy/acme-companion
+  vector: docker.ethquokkaops.io/dh/timberio/vector:0.46.1-alpine
+  spamoor: docker.ethquokkaops.io/dh/ethpandaops/spamoor:statebloat-latest
+  syncoor_web: docker.ethquokkaops.io/gh/ethpandaops/syncoor-web:master
+  syncoor_server: docker.ethquokkaops.io/gh/ethpandaops/syncoor:master
diff --git a/ansible/inventories/devnet-3/group_vars/all/kubernetes.yaml b/ansible/inventories/devnet-3/group_vars/all/kubernetes.yaml
@@ -0,0 +1,7 @@
+# Kubernetes config generation overrides
+# role: ethpandaops.general.generate_kubernetes_config
+
+gen_kubernetes_config_disabled_services:
+  - prysm-geth-001
+  - blockscout
+  - faucet
diff --git a/ansible/inventories/devnet-3/group_vars/besu.yaml b/ansible/inventories/devnet-3/group_vars/besu.yaml
@@ -0,0 +1,106 @@
+# role: ethpandaops.general.bootstrap
+bootstrap_default_user_authorized_keys_github_team_el:
+  - garyschulte
+  - jflo
+  - fab-10
+  - matkt
+  - gezero
+  - siladu
+  - pinges
+  - jframe
+  - ahamlat
+  - Gabriel-Trintinalia
+
+# role: ethpandaops.general.ethereum_node
+ethereum_node_el: besu
+# role: ethpandaops.general.besu
+besu_container_name: execution
+besu_container_image: "{{ default_ethereum_client_images.besu }}"
+besu_container_env:
+  VIRTUAL_HOST: "{{ ethereum_node_rcp_hostname }}"
+  VIRTUAL_PORT: "{{ ethereum_node_el_ports_http_rpc | string }}"
+  LETSENCRYPT_HOST: "{{ ethereum_node_rcp_hostname }}"
+besu_container_volumes:
+  - "{{ besu_datadir }}:/data"
+  - "{{ besu_auth_jwt_path }}:/execution-auth.jwt:ro"
+  - "{{ eth_testnet_config_dir }}:/network-config:ro"
+besu_container_command_extra_args:
+  - --genesis-file=/network-config/besu.json
+  - --bootnodes={{ ethereum_el_bootnodes | join(',') }}
+  - --rpc-http-api=ADMIN,DEBUG,ETH,MINER,NET,TRACE,TXPOOL,WEB3
+  - --version-compatibility-protection=false
+  - --target-gas-limit=1000000000
+  - --sync-mode=SNAP
+  - --sync-min-peers=1
+  - --static-nodes-file=/network-config/static-nodes.json
+  - --bonsai-limit-trie-logs-enabled=false
+  #- --required-block=23115201=0x88b0d56cc14c5232cdf6238c7252ca953e505f2a44ee60374f2bafb18bf067bf
+  - --network-id={{ shadowfork_network_id }}
+  - --cache-last-block-headers-preload-enabled=true
+  - --cache-last-block-headers=15000
+  - --Xplugin-rocksdb-high-spec-enabled=true
+besu_container_pull: true
+
+prometheus_config: |
+  global:
+    scrape_interval: 12s
+    evaluation_interval: 30s
+    scrape_timeout: 10s
+    external_labels:
+      instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+      ip_address: "{{ ansible_host }}"
+      network: "{{ ethereum_network_name }}"
+      testnet: "{{ ethereum_network_name }}"
+      execution_client: "{{ ethereum_node_el }}"
+      consensus_client: "{{ ethereum_node_cl }}"
+  remote_write:
+    - queue_config:
+        batch_send_deadline: 5s
+        max_backoff: 500ms
+        max_samples_per_send: 500
+        min_backoff: 50ms
+        max_shards: 100
+      url: {{ prometheus_remote_push_url }}
+      remote_timeout: 10s
+      basic_auth:
+        username: {{ prometheus_remote_write_username }}
+        password: {{ prometheus_remote_write_password }}
+  scrape_configs:
+    - job_name: "prometheus"
+      metrics_path: "/metrics"
+      static_configs:
+        - targets: ["localhost:9090"]
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+    - job_name: "node"
+      metrics_path: "/metrics"
+      static_configs:
+        - targets: ["172.17.0.1:9100"]
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+    - job_name: "exporter"
+      metrics_path: "/metrics"
+      static_configs:
+        - targets: ["ethereum-metrics-exporter:9090"]
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+    - job_name: "consensus_node"
+      metrics_path: "/metrics"
+      static_configs:
+        - targets: ["{{ vars[ethereum_node_cl + '_container_name'] }}:{{ ethereum_node_cl_ports_metrics }}"]
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+    - job_name: "execution"
+      metrics_path: "/metrics"
+      static_configs:
+        - targets: ["execution:{{ ethereum_node_el_ports_metrics }}"]
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"
+    - job_name: "snooper"
+      scrape_interval: "1s"
+      static_configs:
+        - targets:
+            - "snooper-rpc:9090"
+            - "snooper-engine:9090"
+          labels:
+            instance: "{{ ethereum_network_name }}-{{ inventory_hostname }}"