zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5077 Commits
183 Branches
291 MiB
Tree: ac12432603
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ac12432603'
${ noResults }
tendermint/docs/terraform-and-ansible.md

168 lines
5.6 KiB
Raw Normal View History

moar
6 years ago
style fixes/typos/etc from PR review
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
Switch ports 466xx to 266xx (#1735) * Switch ports 466xx to be 266xx This is done so the default ports aren't in the linux kernel's default ephemeral port range. * Update ABCI import * Bump cache on circleci * Get more verbose output for debugging * Bump abci dependency * Fix accidental change of a block header's hash * pin abci release
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
moar
6 years ago
updates to docs for vuepress (#1763) * fix docs for vue, #1640 * docs: clean up re-install instructions
6 years ago
 
  1. # Terraform & Ansible

  2. 

  3. Automated deployments are done using
  4. [Terraform](https://www.terraform.io/) to create servers on Digital
  5. Ocean then [Ansible](http://www.ansible.com/) to create and manage
  6. testnets on those servers.
  7. 

  8. ## Install

  9. 

  10. NOTE: see the [integration bash
  11. script](https://github.com/tendermint/tendermint/blob/develop/networks/remote/integration.sh)
  12. that can be run on a fresh DO droplet and will automatically spin up a 4
  13. node testnet. The script more or less does everything described below.
  14. 

  15. -   Install [Terraform](https://www.terraform.io/downloads.html) and
  16.     [Ansible](http://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
  17.     on a Linux machine.
  18. -   Create a [DigitalOcean API
  19.     token](https://cloud.digitalocean.com/settings/api/tokens) with read
  20.     and write capability.
  21. -   Install the python dopy package (`pip install dopy`)
  22. -   Create SSH keys (`ssh-keygen`)
  23. -   Set environment variables:
  24. 

  25. ```    
  26. export DO_API_TOKEN="abcdef01234567890abcdef01234567890"
  27. export SSH_KEY_FILE="$HOME/.ssh/id_rsa.pub"
  28. ```
  29. 

  30. These will be used by both `terraform` and `ansible`.
  31. 

  32. ### Terraform

  33. 

  34. This step will create four Digital Ocean droplets. First, go to the
  35. correct directory:
  36. 

  37. ```
  38. cd $GOPATH/src/github.com/tendermint/tendermint/networks/remote/terraform
  39. ```
  40. 

  41. then:
  42. 

  43. ```
  44. terraform init
  45. terraform apply -var DO_API_TOKEN="$DO_API_TOKEN" -var SSH_KEY_FILE="$SSH_KEY_FILE"
  46. ```
  47. and you will get a list of IP addresses that belong to your droplets.
  48. 

  49. With the droplets created and running, let's setup Ansible.
  50. 

  51. ### Ansible

  52. 

  53. The playbooks in [the ansible
  54. directory](https://github.com/tendermint/tendermint/tree/master/networks/remote/ansible)
  55. run ansible roles to configure the sentry node architecture. You must
  56. switch to this directory to run ansible
  57. (`cd $GOPATH/src/github.com/tendermint/tendermint/networks/remote/ansible`).
  58. 

  59. There are several roles that are self-explanatory:
  60. 

  61. First, we configure our droplets by specifying the paths for tendermint
  62. (`BINARY`) and the node files (`CONFIGDIR`). The latter expects any
  63. number of directories named `node0, node1, ...` and so on (equal to the
  64. number of droplets created). For this example, we use pre-created files
  65. from [this
  66. directory](https://github.com/tendermint/tendermint/tree/master/docs/examples).
  67. To create your own files, use either the `tendermint testnet` command or
  68. review [manual deployments](./deploy-testnets.md).
  69. 

  70. Here's the command to run:
  71. 

  72. ```
  73. ansible-playbook -i inventory/digital_ocean.py -l sentrynet config.yml -e BINARY=$GOPATH/src/github.com/tendermint/tendermint/build/tendermint -e CONFIGDIR=$GOPATH/src/github.com/tendermint/tendermint/docs/examples
  74. ```
  75. 

  76. Voila! All your droplets now have the `tendermint` binary and required
  77. configuration files to run a testnet.
  78. 

  79. Next, we run the install role:
  80. 

  81. ```
  82. ansible-playbook -i inventory/digital_ocean.py -l sentrynet install.yml
  83. ```
  84. 

  85. which as you'll see below, executes
  86. `tendermint node --proxy_app=kvstore` on all droplets. Although we'll
  87. soon be modifying this role and running it again, this first execution
  88. allows us to get each `node_info.id` that corresponds to each
  89. `node_info.listen_addr`. (This part will be automated in the future). In
  90. your browser (or using `curl`), for every droplet, go to IP:26657/status
  91. and note the two just mentioned `node_info` fields. Notice that blocks
  92. aren't being created (`latest_block_height` should be zero and not
  93. increasing).
  94. 

  95. Next, open `roles/install/templates/systemd.service.j2` and look for the
  96. line `ExecStart` which should look something like:
  97. 

  98. ```
  99. ExecStart=/usr/bin/tendermint node --proxy_app=kvstore
  100. ```
  101. 

  102. and add the `--p2p.persistent_peers` flag with the relevant information
  103. for each node. The resulting file should look something like:
  104. 

  105. ```
  106. [Unit]
  107. Description={{service}}
  108. Requires=network-online.target
  109. After=network-online.target
  110. 

  111. [Service]
  112. Restart=on-failure
  113. User={{service}}
  114. Group={{service}}
  115. PermissionsStartOnly=true
  116. ExecStart=/usr/bin/tendermint node --proxy_app=kvstore --p2p.persistent_peers=167b80242c300bf0ccfb3ced3dec60dc2a81776e@165.227.41.206:26656,3c7a5920811550c04bf7a0b2f1e02ab52317b5e6@165.227.43.146:26656,303a1a4312c30525c99ba66522dd81cca56a361a@159.89.115.32:26656,b686c2a7f4b1b46dca96af3a0f31a6a7beae0be4@159.89.119.125:26656
  117. ExecReload=/bin/kill -HUP $MAINPID
  118. KillSignal=SIGTERM
  119. 

  120. [Install]
  121. WantedBy=multi-user.target
  122. ```
  123. 

  124. Then, stop the nodes:
  125. 

  126. ```
  127. ansible-playbook -i inventory/digital_ocean.py -l sentrynet stop.yml
  128. ```
  129. 

  130. Finally, we run the install role again:
  131. 

  132. ```
  133. ansible-playbook -i inventory/digital_ocean.py -l sentrynet install.yml
  134. ```
  135. 

  136. to re-run `tendermint node` with the new flag, on all droplets. The
  137. `latest_block_hash` should now be changing and `latest_block_height`
  138. increasing. Your testnet is now up and running :)
  139. 

  140. Peek at the logs with the status role:
  141. 

  142. ```
  143. ansible-playbook -i inventory/digital_ocean.py -l sentrynet status.yml
  144. ```
  145. 

  146. ### Logging

  147. 

  148. The crudest way is the status role described above. You can also ship
  149. logs to Logz.io, an Elastic stack (Elastic search, Logstash and Kibana)
  150. service provider. You can set up your nodes to log there automatically.
  151. Create an account and get your API key from the notes on [this
  152. page](https://app.logz.io/#/dashboard/data-sources/Filebeat), then:
  153. 

  154. ```
  155. yum install systemd-devel || echo "This will only work on RHEL-based systems."
  156. apt-get install libsystemd-dev || echo "This will only work on Debian-based systems."
  157.     
  158. go get github.com/mheese/journalbeat
  159. ansible-playbook -i inventory/digital_ocean.py -l sentrynet logzio.yml -e LOGZIO_TOKEN=ABCDEFGHIJKLMNOPQRSTUVWXYZ012345
  160. ```
  161. 

  162. ### Cleanup

  163. 

  164. To remove your droplets, run:
  165. 

  166. ```
  167. terraform destroy -var DO_API_TOKEN="$DO_API_TOKEN" -var SSH_KEY_FILE="$SSH_KEY_FILE"
  168. ```