From 4aacf27c6187c8bc6629565d5832041d38d9f555 Mon Sep 17 00:00:00 2001 From: Cale Teeter Date: Tue, 2 Jan 2024 16:46:39 -0500 Subject: [PATCH] Update to add deployment script and initial postgres deployment --- aks/cdk-validium-aggregator.yaml | 32 ++++ aks/cdk-validium-approve.yaml | 25 +++ aks/cdk-validium-data-availability.yaml | 25 +++ aks/cdk-validium-deploy-sepolia.yaml | 29 ++++ aks/cdk-validium-eth-tx-manager.yaml | 30 ++++ aks/cdk-validium-explorer-json-rpc.yaml | 36 ++++ aks/cdk-validium-explorer-l1.yaml | 42 +++++ aks/cdk-validium-explorer-l2.yaml | 46 ++++++ aks/cdk-validium-json-rpc.yaml | 34 ++++ aks/cdk-validium-l2gaspricer.yaml | 25 +++ aks/cdk-validium-metrics.yaml | 25 +++ aks/cdk-validium-mock-l1-network.yaml | 27 +++ ...lidium-permissionless-node-forced-DAC.yaml | 54 ++++++ aks/cdk-validium-permissionless-node.yaml | 52 ++++++ aks/cdk-validium-permissionless-prover.yaml | 29 ++++ aks/cdk-validium-prover.yaml | 29 ++++ aks/cdk-validium-sequence-sender.yaml | 29 ++++ aks/cdk-validium-sequencer.yaml | 32 ++++ aks/cdk-validium-sh.yaml | 27 +++ aks/cdk-validium-sync.yaml | 25 +++ aks/dac-setup-committee-mock-l1.yaml | 29 ++++ aks/dac-setup-committee-sepolia.yaml | 31 ++++ aks/grafana.yaml | 30 ++++ aks/telegraf.yaml | 31 ++++ aks/zkevm-bridge-service.yaml | 38 +++++ aks/zkevm-bridge-ui.yaml | 54 ++++++ main2.bicep | 156 ++++++++++++++++++ scripts/deploy2.sh | 34 ++++ scripts/postgresql.sql | 13 ++ 29 files changed, 1069 insertions(+) create mode 100644 aks/cdk-validium-aggregator.yaml create mode 100644 aks/cdk-validium-approve.yaml create mode 100644 aks/cdk-validium-data-availability.yaml create mode 100644 aks/cdk-validium-deploy-sepolia.yaml create mode 100644 aks/cdk-validium-eth-tx-manager.yaml create mode 100644 aks/cdk-validium-explorer-json-rpc.yaml create mode 100644 aks/cdk-validium-explorer-l1.yaml create mode 100644 aks/cdk-validium-explorer-l2.yaml create mode 100644 aks/cdk-validium-json-rpc.yaml create mode 100644 aks/cdk-validium-l2gaspricer.yaml create mode 100644 aks/cdk-validium-metrics.yaml create mode 100644 aks/cdk-validium-mock-l1-network.yaml create mode 100644 aks/cdk-validium-permissionless-node-forced-DAC.yaml create mode 100644 aks/cdk-validium-permissionless-node.yaml create mode 100644 aks/cdk-validium-permissionless-prover.yaml create mode 100644 aks/cdk-validium-prover.yaml create mode 100644 aks/cdk-validium-sequence-sender.yaml create mode 100644 aks/cdk-validium-sequencer.yaml create mode 100644 aks/cdk-validium-sh.yaml create mode 100644 aks/cdk-validium-sync.yaml create mode 100644 aks/dac-setup-committee-mock-l1.yaml create mode 100644 aks/dac-setup-committee-sepolia.yaml create mode 100644 aks/grafana.yaml create mode 100644 aks/telegraf.yaml create mode 100644 aks/zkevm-bridge-service.yaml create mode 100644 aks/zkevm-bridge-ui.yaml create mode 100644 main2.bicep create mode 100644 scripts/deploy2.sh create mode 100644 scripts/postgresql.sql diff --git a/aks/cdk-validium-aggregator.yaml b/aks/cdk-validium-aggregator.yaml new file mode 100644 index 0000000..2803720 --- /dev/null +++ b/aks/cdk-validium-aggregator.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-aggregator +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-aggregator + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-aggregator + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_AGGREGATOR_SENDER_ADDRESS + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 50081 + name: main + - containerPort: 9093 + name: metrics \ No newline at end of file diff --git a/aks/cdk-validium-approve.yaml b/aks/cdk-validium-approve.yaml new file mode 100644 index 0000000..3354db1 --- /dev/null +++ b/aks/cdk-validium-approve.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-approve +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-approve + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-approve + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/cdk-validium-data-availability.yaml b/aks/cdk-validium-data-availability.yaml new file mode 100644 index 0000000..d79f4ba --- /dev/null +++ b/aks/cdk-validium-data-availability.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-data-availability +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-data-availability + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-data-availability + image: hermeznetwork/cdk-data-availability:v0.0.1 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8444 + name: rpc \ No newline at end of file diff --git a/aks/cdk-validium-deploy-sepolia.yaml b/aks/cdk-validium-deploy-sepolia.yaml new file mode 100644 index 0000000..51d394d --- /dev/null +++ b/aks/cdk-validium-deploy-sepolia.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-deploy-sepolia +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-deploy-sepolia + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-deploy-sepolia + image: snapchain/cdk-validium-contracts + env: + - name: MNEMONIC + value: + - name: INFURA_PROJECT_ID + value: + - name: HARDHAT_NETWORK + value: sepolia + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/cdk-validium-eth-tx-manager.yaml b/aks/cdk-validium-eth-tx-manager.yaml new file mode 100644 index 0000000..1b14017 --- /dev/null +++ b/aks/cdk-validium-eth-tx-manager.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-eth-tx-manager +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-eth-tx-manager + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-eth-tx-manager + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 9094 + name: metrics \ No newline at end of file diff --git a/aks/cdk-validium-explorer-json-rpc.yaml b/aks/cdk-validium-explorer-json-rpc.yaml new file mode 100644 index 0000000..c0743b0 --- /dev/null +++ b/aks/cdk-validium-explorer-json-rpc.yaml @@ -0,0 +1,36 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-explorer-json-rpc +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-explorer-json-rpc + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-explorer-json-rpc + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + - name: CDK_VALIDIUM_NODE_RPC_PORT + value: 8124 + - name: CDK_VALIDIUM_NODE_RPC_WEBSOCKETS_PORT + value: 8134 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8124 + name: rpc + - containerPort: 8134 + name: web-socket \ No newline at end of file diff --git a/aks/cdk-validium-explorer-l1.yaml b/aks/cdk-validium-explorer-l1.yaml new file mode 100644 index 0000000..2d56383 --- /dev/null +++ b/aks/cdk-validium-explorer-l1.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-explorer-l1 +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-explorer-l1 + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-explorer-l1 + image: hermeznetwork/zkevm-explorer:latest + env: + - name: NETWORK + value: ETH + - name: SUBNETWORK + value: Local Ethereum + - name: COIN + value: ETH + - name: ETHEREUM_JSONRPC_VARIANT + value: geth + - name: ETHEREUM_JSONRPC_HTTP_URL + value: http://cdk-validium-mock-l1-network:8545 + - name: DATABASE_URL + value: postgres://l1_explorer_user:l1_explorer_password@cdk-validium-explorer-l1-db:5432/l1_explorer_db + - name: ECTO_USE_SSL + value: false + - name: MIX_ENV + value: prod + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 4000 + name: explorer-web \ No newline at end of file diff --git a/aks/cdk-validium-explorer-l2.yaml b/aks/cdk-validium-explorer-l2.yaml new file mode 100644 index 0000000..dcc35b2 --- /dev/null +++ b/aks/cdk-validium-explorer-l2.yaml @@ -0,0 +1,46 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-explorer-l2 +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-explorer-l2 + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-explorer-l2 + image: hermeznetwork/zkevm-explorer:latest + env: + - name: NETWORK + value: POE + - name: SUBNETWORK + value: Polygon Hermez + - name: COIN + value: ETH + - name: ETHEREUM_JSONRPC_VARIANT + value: geth + - name: ETHEREUM_JSONRPC_HTTP_URL + value: http://cdk-validium-explorer-json-rpc:8124 + - name: DATABASE_URL + value: postgres://l2_explorer_user:l2_explorer_password@cdk-validium-explorer-l2-db:5432/l2_explorer_db + - name: ECTO_USE_SSL + value: false + - name: MIX_ENV + value: prod + - name: LOGO + value: /images/blockscout_logo.svg + - name: LOGO_FOOTER + value: /images/blockscout_logo.svg + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 4001 + name: explorer-web \ No newline at end of file diff --git a/aks/cdk-validium-json-rpc.yaml b/aks/cdk-validium-json-rpc.yaml new file mode 100644 index 0000000..84178ed --- /dev/null +++ b/aks/cdk-validium-json-rpc.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-json-rpc +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-json-rpc + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-json-rpc + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8123 + name: rpc + - containerPort: 8133 + name: web-socket + - containerPort: 9091 + name: metrics \ No newline at end of file diff --git a/aks/cdk-validium-l2gaspricer.yaml b/aks/cdk-validium-l2gaspricer.yaml new file mode 100644 index 0000000..138bc8b --- /dev/null +++ b/aks/cdk-validium-l2gaspricer.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-l2gaspricer +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-l2gaspricer + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-l2gaspricer + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/cdk-validium-metrics.yaml b/aks/cdk-validium-metrics.yaml new file mode 100644 index 0000000..eeb5e10 --- /dev/null +++ b/aks/cdk-validium-metrics.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-metrics +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-metrics + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-metrics + image: prom/prometheus:v2.39.1 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 9090 + name: metrics \ No newline at end of file diff --git a/aks/cdk-validium-mock-l1-network.yaml b/aks/cdk-validium-mock-l1-network.yaml new file mode 100644 index 0000000..5343ca6 --- /dev/null +++ b/aks/cdk-validium-mock-l1-network.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-mock-l1-network +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-mock-l1-network + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-mock-l1-network + image: snapchain/geth-cdk-validium-contracts + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8545 + name: rpc + - containerPort: 8546 + name: web-socket \ No newline at end of file diff --git a/aks/cdk-validium-permissionless-node-forced-DAC.yaml b/aks/cdk-validium-permissionless-node-forced-DAC.yaml new file mode 100644 index 0000000..36fa2c7 --- /dev/null +++ b/aks/cdk-validium-permissionless-node-forced-DAC.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-permissionless-node-forced-DAC +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-permissionless-node-forced-DAC + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-permissionless-node-forced-DAC + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_ISTRUSTEDSEQUENCER + value: false + - name: CDK_VALIDIUM_NODE_STATEDB_USER + value: test_user + - name: CDK_VALIDIUM_NODE_STATEDB_PASSWORD + value: test_password + - name: CDK_VALIDIUM_NODE_STATEDB_NAME + value: state_db + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: cdk-validium-permissionless-db + - name: CDK_VALIDIUM_NODE_POOL_DB_USER + value: test_user + - name: CDK_VALIDIUM_NODE_POOL_DB_PASSWORD + value: test_password + - name: CDK_VALIDIUM_NODE_POOL_DB_NAME + value: pool_db + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: cdk-validium-permissionless-db + - name: CDK_VALIDIUM_NODE_RPC_PORT + value: 8125 + - name: CDK_VALIDIUM_NODE_RPC_SEQUENCERNODEURI + value: http://cdk-validium-json-rpc:8123 + - name: CDK_VALIDIUM_NODE_SYNCHRONIZER_TRUSTEDSEQUENCERURL + value: http://you-cant-touch-this:8123 + - name: CDK_VALIDIUM_NODE_MTCLIENT_URI + value: cdk-validium-permissionless-prover:50061 + - name: CDK_VALIDIUM_NODE_EXECUTOR_URI + value: cdk-validium-permissionless-prover:50071 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8125 + name: rpc \ No newline at end of file diff --git a/aks/cdk-validium-permissionless-node.yaml b/aks/cdk-validium-permissionless-node.yaml new file mode 100644 index 0000000..94fa2c0 --- /dev/null +++ b/aks/cdk-validium-permissionless-node.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-permissionless-node +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-permissionless-node + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-permissionless-node + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_ISTRUSTEDSEQUENCER + value: false + - name: CDK_VALIDIUM_NODE_STATEDB_USER + value: test_user + - name: CDK_VALIDIUM_NODE_STATEDB_PASSWORD + value: test_password + - name: CDK_VALIDIUM_NODE_STATEDB_NAME + value: state_db + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: cdk-validium-permissionless-db + - name: CDK_VALIDIUM_NODE_POOL_DB_USER + value: test_user + - name: CDK_VALIDIUM_NODE_POOL_DB_PASSWORD + value: test_password + - name: CDK_VALIDIUM_NODE_POOL_DB_NAME + value: pool_db + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: cdk-validium-permissionless-db + - name: CDK_VALIDIUM_NODE_RPC_PORT + value: 8125 + - name: CDK_VALIDIUM_NODE_RPC_SEQUENCERNODEURI + value: http://cdk-validium-json-rpc:8123 + - name: CDK_VALIDIUM_NODE_MTCLIENT_URI + value: cdk-validium-permissionless-prover:50061 + - name: CDK_VALIDIUM_NODE_EXECUTOR_URI + value: cdk-validium-permissionless-prover:50071 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8125 + name: rpc \ No newline at end of file diff --git a/aks/cdk-validium-permissionless-prover.yaml b/aks/cdk-validium-permissionless-prover.yaml new file mode 100644 index 0000000..653912f --- /dev/null +++ b/aks/cdk-validium-permissionless-prover.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-permissionless-prover +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-permissionless-prover + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-permissionless-prover + image: hermeznetwork/zkevm-prover:v2.2.0-RC4 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 50059 + name: mock_prover + - containerPort: 50068 + name: mt + - containerPort: 50078 + name: executor \ No newline at end of file diff --git a/aks/cdk-validium-prover.yaml b/aks/cdk-validium-prover.yaml new file mode 100644 index 0000000..ff5e051 --- /dev/null +++ b/aks/cdk-validium-prover.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-prover +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-prover + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-prover + image: hermeznetwork/zkevm-prover:v2.2.0 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 50052 + name: mock prover + - containerPort: 50061 + name: MT + - containerPort: 50071 + name: Executor \ No newline at end of file diff --git a/aks/cdk-validium-sequence-sender.yaml b/aks/cdk-validium-sequence-sender.yaml new file mode 100644 index 0000000..df7d595 --- /dev/null +++ b/aks/cdk-validium-sequence-sender.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-sequencer-sender +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-sequencer-sender + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-sequencer-sender + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + - name: CDK_VALIDIUM_NODE_SEQUENCER_SENDER_ADDRESS + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/cdk-validium-sequencer.yaml b/aks/cdk-validium-sequencer.yaml new file mode 100644 index 0000000..87a4f84 --- /dev/null +++ b/aks/cdk-validium-sequencer.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-sequencer +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-sequencer + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-sequencer + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 9001 + name: metrics + - containerPort: 6060 + name: sequencer \ No newline at end of file diff --git a/aks/cdk-validium-sh.yaml b/aks/cdk-validium-sh.yaml new file mode 100644 index 0000000..70edb52 --- /dev/null +++ b/aks/cdk-validium-sh.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zkevm-sh +spec: + replicas: 1 + selector: + matchLabels: + app: zkevm-sh + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: zkevm-sh + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + - name: CDK_VALIDIUM_NODE_POOL_DB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/cdk-validium-sync.yaml b/aks/cdk-validium-sync.yaml new file mode 100644 index 0000000..635b5a1 --- /dev/null +++ b/aks/cdk-validium-sync.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdk-validium-sync +spec: + replicas: 1 + selector: + matchLabels: + app: cdk-validium-sync + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: cdk-validium-sync + image: hermeznetwork/cdk-validium-node:develop + env: + - name: CDK_VALIDIUM_NODE_STATEDB_HOST + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/dac-setup-committee-mock-l1.yaml b/aks/dac-setup-committee-mock-l1.yaml new file mode 100644 index 0000000..90d51d2 --- /dev/null +++ b/aks/dac-setup-committee-mock-l1.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dac-setup-committee +spec: + replicas: 1 + selector: + matchLabels: + app: dac-setup-committee + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: dac-setup-committee + image: snapchain/cdk-validium-contracts + env: + - name: JSONRPC_HTTP_URL + value: http://cdk-validium-mock-l1-network:8545 + - name: DAC_URL + value: http://cdk-validium-data-availability:8444 + - name: DAC_ADDRESS + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/dac-setup-committee-sepolia.yaml b/aks/dac-setup-committee-sepolia.yaml new file mode 100644 index 0000000..ebbd4ba --- /dev/null +++ b/aks/dac-setup-committee-sepolia.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dac-setup-committee +spec: + replicas: 1 + selector: + matchLabels: + app: dac-setup-committee + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: dac-setup-committee + image: snapchain/cdk-validium-contracts + env: + - name: JSONRPC_HTTP_URL + value: http://cdk-validium-mock-l1-network:8545 + - name: DAC_URL + value: http://cdk-validium-data-availability:8444 + - name: DAC_ADDRESS + value: + - name: DEPLOYER_PRIVATE_KEY + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi \ No newline at end of file diff --git a/aks/grafana.yaml b/aks/grafana.yaml new file mode 100644 index 0000000..a01b65e --- /dev/null +++ b/aks/grafana.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: grafana +spec: + replicas: 1 + selector: + matchLabels: + app: grafana + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: grafana + image: grafana/grafana-oss + env: + - name: GF_SECURITY_ADMIN_USER + value: cdk-validium + - name: GF_SECURITY_ADMIN_PASSWORD + value: cdk-validium + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 3000 + name: grafana-web diff --git a/aks/telegraf.yaml b/aks/telegraf.yaml new file mode 100644 index 0000000..ca07b7b --- /dev/null +++ b/aks/telegraf.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: telegraf +spec: + replicas: 1 + selector: + matchLabels: + app: telegraf + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: telegraf + image: telegraf + env: + - name: POSTGRES_HOST + value: + - name: POSTGRES_USER + value: + - name: POSTGRES_PASSWORD + value: + - name: POSTGRES_DB + value: + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi diff --git a/aks/zkevm-bridge-service.yaml b/aks/zkevm-bridge-service.yaml new file mode 100644 index 0000000..e1612c9 --- /dev/null +++ b/aks/zkevm-bridge-service.yaml @@ -0,0 +1,38 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zkevm-bridge-service +spec: + replicas: 1 + selector: + matchLabels: + app: zkevm-bridge-service + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: zkevm-bridge-service + image: hermeznetwork/zkevm-bridge-service:v0.2.0 + env: + - name: ZKEVM_BRIDGE_DATABASE_USER + value: test_user + - name: ZKEVM_BRIDGE_DATABASE_PASSWORD + value: test_password + - name: ZKEVM_BRIDGE_DATABASE_NAME + value: test_db + - name: ZKEVM_BRIDGE_DATABASE_HOST + value: zkevm-bridge-db + - name: ZKEVM_BRIDGE_DATABASE_PORT + value: 5432 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8080 + name: rpc + - containerPort: 9090 + name: web-socket \ No newline at end of file diff --git a/aks/zkevm-bridge-ui.yaml b/aks/zkevm-bridge-ui.yaml new file mode 100644 index 0000000..c46a9f2 --- /dev/null +++ b/aks/zkevm-bridge-ui.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zkevm-bridge-ui +spec: + replicas: 1 + selector: + matchLabels: + app: zkevm-bridge-ui + spec: + nodeSelector: + 'beta.kubernetes.io/os': linux + containers: + - name: zkevm-bridge-ui + image: hermeznetwork/zkevm-bridge-ui:latest + env: + - name: ETHEREUM_RPC_URL + value: http://${COMMON_HOST}:8545 + - name: ETHEREUM_EXPLORER_URL + value: http://${COMMON_HOST}:4000 + - name: ETHEREUM_BRIDGE_CONTRACT_ADDRESS + value: + - name: ETHEREUM_FORCE_UPDATE_GLOBAL_EXIT_ROOT + value: true + - name: ETHEREUM_PROOF_OF_EFFICIENCY_CONTRACT_ADDRESS + value: + - name: POLYGON_ZK_EVM_RPC_URL + value: http://${COMMON_HOST}:8123 + - name: POLYGON_ZK_EVM_EXPLORER_URL + value: http://${COMMON_HOST}:4001 + - name: POLYGON_ZK_EVM_BRIDGE_CONTRACT_ADDRESS + value: + - name: POLYGON_ZK_EVM_NETWORK_ID + value: 1 + - name: BRIDGE_API_URL + value: http://${COMMON_HOST}:8080 + - name: ENABLE_FIAT_EXCHANGE_RATES + value: false + - name: ENABLE_OUTDATED_NETWORK_MODAL + value: false + - name: ENABLE_DEPOSIT_WARNING + value: true + - name: ENABLE_REPORT_FORM + value: false + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 8088 + name: bridge-service \ No newline at end of file diff --git a/main2.bicep b/main2.bicep new file mode 100644 index 0000000..3fd8286 --- /dev/null +++ b/main2.bicep @@ -0,0 +1,156 @@ +@description('Azure region that will be the target for resources') +param location string = resourceGroup().location + +@description('Postgres database administrator login name') +@minLength(1) +param postgresAdminLogin string + +@description('Postgres database administrator password') +@minLength(8) +@secure() +param postgresAdminPassword string + +var akssubnet = 'akssubnet' +var pgsubnet = 'pgsubnet' + +// allow access to all ips on the internet, for testing, will be removed or adjusted +// for production +var firewallrules= [ + { + Name: 'allowAzure' + StartIpAddress: '0.0.0.0' + EndIpAddress: '0.0.0.0' + } + { + Name: 'allowAllInternet' + StartIPAddress: '0.0.0.0' + EndIpAddress: '255.255.255.255' + } +] + +// the virtual network used by both AKS and PGaaS +resource vnet 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: uniqueString(resourceGroup().id) + location: location + properties: { + addressSpace: { + addressPrefixes: [ + '10.1.0.0/16' + ] + } + + subnets: [ + { + name: akssubnet + properties: { + addressPrefix: '10.1.1.0/24' + } + } + { + name: pgsubnet + properties: { + addressPrefix: '10.1.2.0/24' + } + } + ] + } + + resource akssubnet1 'subnets' existing = { + name: akssubnet + } + + resource pgsubnet1 'subnets' existing = { + name: pgsubnet + } +} + +// the identity used for internal service calls for AKS and PGaaS +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2022-01-31-preview' = { + name: '${uniqueString(resourceGroup().id)}mi' + location: location +} + +// the managed kubernetes (AKS) cluster +resource aks 'Microsoft.ContainerService/managedClusters@2022-05-02-preview' = { + name: '${uniqueString(resourceGroup().id)}aks' + location: location + dependsOn: [ + vnet::akssubnet1 + ] + properties: { + dnsPrefix: '${uniqueString(resourceGroup().id)}aks' + agentPoolProfiles: [ + { + name: 'agentpool' + count: 3 + vmSize: 'Standard_D4s_v4' + mode: 'System' + vnetSubnetID: resourceId('Microsoft.Network/virtualNetworks/subnets/', vnet.name, 'akssubnet') + } + ] + } + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } +} + +// the PGaaS (managed Postgres) instance +resource server 'Microsoft.DBforPostgreSQL/flexibleServers@2022-01-20-preview' = { + name: '${uniqueString(resourceGroup().id)}pfs' + location: location + sku: { + name: 'Standard_D4ds_v4' + tier: 'GeneralPurpose' + } + dependsOn: [ + vnet::pgsubnet1 + ] + properties: { + version: '14' + administratorLogin: postgresAdminLogin + administratorLoginPassword: postgresAdminPassword + storage:{ + storageSizeGB: 32 + } + } +} + +// creating the firewall rules that are applied to the PGaaS instance +@batchSize(1) +resource firewallRules 'Microsoft.DBforPostgreSQL/flexibleServers/firewallRules@2022-01-20-preview' = [for rule in firewallrules: { + parent: server + name: '${rule.Name}' + properties: { + startIpAddress: rule.StartIpAddress + endIpAddress: rule.EndIpAddress + } +}] + +// the deployment script that will create assets in the PGaaS instance, initially databases, but additionally the +// k8s deployment +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: '${uniqueString(resourceGroup().id)}dpy' + location: location + kind: 'AzureCLI' + identity: { + type: 'UserAssigned' + userAssignedIdentities:{ + '${managedIdentity.id}': {} + } + } + properties: { + arguments: '${managedIdentity.id} ${resourceGroup().name} ${aks.name} ${server.name} ${postgresAdminLogin} ${postgresAdminPassword}' + forceUpdateTag: '1' + containerSettings:{ + containerGroupName: '${uniqueString(resourceGroup().id)}ci1' + } + primaryScriptUri: 'https://raw.githubusercontent.com/caleteeter/polygon-azure/main/scripts/deploy2.sh' + timeout: 'PT30M' + cleanupPreference: 'OnSuccess' + azCliVersion: '2.45.0' + retentionInterval:'P1D' + } +} diff --git a/scripts/deploy2.sh b/scripts/deploy2.sh new file mode 100644 index 0000000..1f59258 --- /dev/null +++ b/scripts/deploy2.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +managedIdentity="${1}" +resourceGroupName="${2}" +aksClusterName="${3}" +serverName="${4}" +administratorLogin="${5}" +administratorLoginPassword="${6}" + +artifactsBaseUrl="https://raw.githubusercontent.com/caleteeter/polygon-azure/main" + +# login +az login --identity --username "${managedIdentity}" + +# get credentials for kubectl used for data plane operations +az aks install-cli +az aks get-credentials --name "${aksClusterName}" --resource-group "${resourceGroupName}" + +# ensure the preview bits can be used with prompt in UI +az config set extension.use_dynamic_install=yes_without_prompt + +# install the psql client +apk --no-cache add postgresql-client + +# create database objects +wget -O postgresql.sql "${artifactsBaseUrl}/scripts/postgresql.sql" + +# update tokens in script with real values +# shellcheck disable=SC2002 +dbPass=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) +sed -i "s/DB_PASS/${dbPass}/g" postgresql.sql +sed -i "s/DB_ADMIN/${administratorLogin}/g" postgresql.sql + +psql "host=${serverName}.postgres.database.azure.com port=5432 dbname=postgres user=${administratorLogin} password=${administratorLoginPassword} sslmode=require" -a -f "postgresql.sql" \ No newline at end of file diff --git a/scripts/postgresql.sql b/scripts/postgresql.sql new file mode 100644 index 0000000..f1fb1de --- /dev/null +++ b/scripts/postgresql.sql @@ -0,0 +1,13 @@ +-- Postgres bootstrap - For automation + +CREATE ROLE grafana WITH PASSWORD 'DB_PASS' LOGIN; +ALTER ROLE grafana SET statement_timeout=60000; +COMMENT ON ROLE grafana IS 'Grafana manager role' + +GRANT grafana TO DB_ADMIN; +CREATE DATABASE grafana OWNER grafana +COMMENT ON DATABASE grafana IS 'Grafana database'; +REVOKE ALL ON DATABASE grafana TO grafana; +\c grafana +REVOKE ALL ON schema public FROM public; +ALTER SCHEMA public OWNER TO grafana; \ No newline at end of file