Merge pull request #26 from ethpandaops/bbusa/bumptf

feat: bump tf, change hetzner format, fix teku

.tool-versions

@@ -2,7 +2,8 @@ age 1.1.1
 helm 3.12.1
 shellcheck 0.9.0
 sops 3.7.3
-terraform 1.5.2
+terraform 1.6.4
 python 3.11.4
 ansible-lint 6.17.2
-awscli 2.13.7
+awscli 2.13.7
+yq 4.35.2

ansible/group_vars/all/defaults.yaml

@@ -1,6 +1,6 @@
 ansible_user: devops
 ansible_python_interpreter: /usr/bin/python3
-
+devnet_name: template
 ######################################################
 ##
 ##          Role specific overwrites
@@ -44,4 +44,4 @@ docker_daemon_options:
 prometheus_container_networks: "{{ docker_networks_shared }}"
 
 # role: ethpandaops.general.ethereum_node
-ethereum_node_images_always_pull: true
+ethereum_node_images_always_pull: true

ansible/inventories/devnet-0/group_vars/all/all.yaml

@@ -34,7 +34,7 @@ checkpoint_sync_url_kube: https://<path:/secrets/services/services.enc.yaml#ethe
 #  ╚═╝░░╚═╝░╚════╝░╚══════╝╚══════╝  ░░░╚═╝░░░╚═╝░░╚═╝╚═╝░░╚═╝╚═════╝░
 
 # role: ethpandaops.general.ethereum_genesis
-ethereum_genesis_generator_container_image: "ethpandaops/ethereum-genesis-generator:2.0.0-rc.7"
+ethereum_genesis_generator_container_image: "ethpandaops/ethereum-genesis-generator:2.0.4"
 ethereum_genesis_generator_version: "{{ ethereum_genesis_generator_container_image.split(':')[-1] }}"
 ethereum_genesis_network_seed: "{{ ansible_inventory_sources[0] }}"
 ethereum_genesis_chain_id: "70{{ 99999999 | random(start=10000000, seed=ethereum_genesis_network_seed) }}"
@@ -55,7 +55,7 @@ ethereum_genesis_generator_config_files:
     export EL_AND_CL_MNEMONIC="{{ ethereum_genesis_mnemonic }}"
     export CL_EXEC_BLOCK="0"
     export DEPOSIT_CONTRACT_BLOCK="0x0000000000000000000000000000000000000000000000000000000000000000"
-    export NUMBER_OF_VALIDATORS=2500
+    export NUMBER_OF_VALIDATORS=0
     export GENESIS_FORK_VERSION="0x10{{ ethereum_genesis_fork_version_suffix }}"
     export ALTAIR_FORK_VERSION="0x20{{ ethereum_genesis_fork_version_suffix }}"
     export BELLATRIX_FORK_VERSION="0x30{{ ethereum_genesis_fork_version_suffix }}"
@@ -68,6 +68,8 @@ ethereum_genesis_generator_config_files:
     export GENESIS_TIMESTAMP={{ ethereum_genesis_timestamp }}
     export GENESIS_DELAY={{ ethereum_genesis_timedelay }}
     export SLOT_DURATION_IN_SECONDS=12
+    export MAX_CHURN=8
+    export EJECTION_BALANCE=16000000000
 ethereum_genesis_validator_keys_output_dir: "{{ ansible_inventory_sources[0] | dirname }}/files/validator_keys"
 ethereum_genesis_validator_bls_change_execution_address: "{{ ethereum_node_cl_validator_fee_recipient }}"
 ethereum_genesis_validator_keyranges: >-
@@ -91,6 +93,7 @@ bootstrap_default_user_authorized_keys_github_all:
   - samcm
   - savid
   - skylenet
+  - pk910
 bootstrap_default_user_authorized_keys_github: >
   {{
     (bootstrap_default_user_authorized_keys_github_all | default([])) +

ansible/inventories/devnet-0/group_vars/teku.yaml

@@ -34,7 +34,7 @@ teku_container_volumes:
   - "{{ eth_testnet_config_dir }}:/network-config:ro"
 teku_container_command_extra_args:
   - --network=/network-config/config.yaml
-  - --initial-state=/network-config/genesis.ssz
+  - --genesis-state=/network-config/genesis.ssz
   - --p2p-discovery-bootnodes={{ ethereum_cl_bootnodes | join(',') }}
   - --p2p-peer-upper-bound=100
   - --data-storage-non-canonical-blocks-enabled=true

requirements.txt

@@ -1,5 +1,5 @@
 ansible-lint==6.17.2
 ansible==8.2.0
 netaddr==0.8.0
-pip==23.2.1
+pip==23.3.1
 PyYAML==6.0.1

terraform/devnet-0/hetzner.tf.disabled → terraform/devnet-0/hetzner/hetzner.tf

@@ -21,8 +21,8 @@ variable "hcloud_ssh_key_fingerprint" {
 variable "hetzner_regions" {
   default = [
     "nbg1",
-    "hel1",
-    "fsn1"
+    "fsn1",
+    "hel1"
   ]
 }
 
@@ -50,13 +50,13 @@ locals {
     [
       for i in range(0, vm_group.count) : {
         group_name = "${vm_group.name}"
-        id         = "${vm_group.name}-${i + 1}"
+        id         = "${vm_group.name}-${i + 1}-arm"
         vms = {
           "${i + 1}" = {
             labels = "group_name:${vm_group.name},val_start:${vm_group.validator_start + (i * (vm_group.validator_end -
               vm_group.validator_start) / vm_group.count)},val_end:${min(vm_group.validator_start + ((i + 1) * (vm_group.validator_end -
             vm_group.validator_start) / vm_group.count), vm_group.validator_end)}"
-            location     = element(var.hetzner_regions, i % length(var.hetzner_regions))
+            location     = try(vm_group.location, local.hcloud_default_location)
             size         = try(vm_group.size, local.hcloud_default_server_type)
             ansible_vars = try(vm_group.ansible_vars, null)
           }
@@ -69,7 +69,7 @@ locals {
 locals {
   hcloud_default_location    = "nbg1"
   hcloud_default_image       = "debian-12"
-  hcloud_default_server_type = "cpx21"
+  hcloud_default_server_type = "cax31"
   hcloud_global_labels = [
     "Owner:Devops",
     "EthNetwork:${var.ethereum_network}"
@@ -138,6 +138,7 @@ resource "hcloud_server_network" "main" {
   }
   server_id  = hcloud_server.main[each.key].id
   network_id = hcloud_network.main[each.value.location].id
+
 }
 
 ////////////////////////////////////////////////////////////////////////////////////////
@@ -149,18 +150,6 @@ data "cloudflare_zone" "default" {
 }
 
 resource "cloudflare_record" "server_record" {
-  for_each = {
-    for vm in local.hcloud_vms : "${vm.id}" => vm
-  }
-  zone_id = data.cloudflare_zone.default.id
-  name    = "${each.value.name}.srv.${var.ethereum_network}"
-  type    = "A"
-  value   = hcloud_server.main[each.value.id].ipv4_address
-  proxied = false
-  ttl     = 120
-}
-
-resource "cloudflare_record" "server_record_short" {
   for_each = {
     for vm in local.hcloud_vms : "${vm.id}" => vm
   }
@@ -177,7 +166,7 @@ resource "cloudflare_record" "server_record_rpc" {
     for vm in local.hcloud_vms : "${vm.id}" => vm
   }
   zone_id = data.cloudflare_zone.default.id
-  name    = "rpc.${each.value.name}.srv.${var.ethereum_network}"
+  name    = "rpc.${each.value.name}.${var.ethereum_network}"
   type    = "A"
   value   = hcloud_server.main[each.value.id].ipv4_address
   proxied = false
@@ -189,7 +178,7 @@ resource "cloudflare_record" "server_record_beacon" {
     for vm in local.hcloud_vms : "${vm.id}" => vm
   }
   zone_id = data.cloudflare_zone.default.id
-  name    = "bn.${each.value.name}.srv.${var.ethereum_network}"
+  name    = "bn.${each.value.name}.${var.ethereum_network}"
   type    = "A"
   value   = hcloud_server.main[each.value.id].ipv4_address
   proxied = false
@@ -202,7 +191,7 @@ resource "cloudflare_record" "server_record_beacon" {
 
 resource "local_file" "ansible_inventory" {
   depends_on = [hcloud_server.main]
-  content = templatefile("ansible_inventory.tmpl",
+  content = templatefile("../ansible_inventory.tmpl",
     {
       ethereum_network_name = "${var.ethereum_network}"
       groups = merge(
@@ -224,5 +213,5 @@ resource "local_file" "ansible_inventory" {
       )
     }
   )
-  filename = "../../ansible/inventories/devnet-0/inventory.ini"
-}
+  filename = "../../../ansible/inventories/devnet-0/hetzner_inventory.ini"
+}

terraform/devnet-0/hetzner/main.tf

@@ -0,0 +1,99 @@
+////////////////////////////////////////////////////////////////////////////////////////
+//                            TERRAFORM PROVIDERS & BACKEND
+////////////////////////////////////////////////////////////////////////////////////////
+terraform {
+  required_providers {
+    digitalocean = {
+      source  = "digitalocean/digitalocean"
+      version = "~> 2.28"
+    }
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 3.0"
+    }
+    hcloud = {
+      source  = "hetznercloud/hcloud"
+      version = "~> 1.42.1"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "3.5.1"
+    }
+  }
+}
+
+terraform {
+  backend "s3" {
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    endpoints                   = { s3 = "https://fra1.digitaloceanspaces.com" }
+    skip_requesting_account_id  = true
+    region                      = "us-east-1"
+    bucket                      = "merge-testnets"
+    key                         = "infrastructure/devnet-0/hetzner-terraform.tfstate"
+  }
+}
+
+provider "digitalocean" {
+  http_retry_max = 20
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
+////////////////////////////////////////////////////////////////////////////////////////
+//                                        VARIABLES
+////////////////////////////////////////////////////////////////////////////////////////
+variable "cloudflare_api_token" {
+  type        = string
+  sensitive   = true
+  description = "Cloudflare API Token"
+}
+
+variable "ethereum_network" {
+  type    = string
+  default = "template-devnet-0"
+}
+
+variable "base_cidr_block" {
+  default = "10.76.0.0/16"
+}
+////////////////////////////////////////////////////////////////////////////////////////
+//                                        LOCALS
+////////////////////////////////////////////////////////////////////////////////////////
+locals {
+  vm_groups = [
+    var.bootnode,
+    var.lighthouse_geth,
+    var.lighthouse_nethermind,
+    var.lighthouse_erigon,
+    var.lighthouse_besu,
+    var.lighthouse_ethereumjs,
+    var.lighthouse_reth,
+    var.prysm_geth,
+    var.prysm_nethermind,
+    var.prysm_erigon,
+    var.prysm_besu,
+    var.prysm_ethereumjs,
+    var.prysm_reth,
+    var.lodestar_geth,
+    var.lodestar_nethermind,
+    var.lodestar_erigon,
+    var.lodestar_besu,
+    var.lodestar_ethereumjs,
+    var.lodestar_reth,
+    var.nimbus_geth,
+    var.nimbus_nethermind,
+    var.nimbus_erigon,
+    var.nimbus_besu,
+    var.nimbus_ethereumjs,
+    var.nimbus_reth,
+    var.teku_geth,
+    var.teku_nethermind,
+    var.teku_erigon,
+    var.teku_besu,
+    var.teku_ethereumjs,
+    var.teku_reth
+  ]
+}