Prepare to install Veriscope on a given Shyft Network chain
a) Configure your Veriscope Servers with Terraform Output values
Ansible inventory file
When the Terraform apply procedure is completed, run the following commands from the root directory (~/veriscope
) to auto-configure your veriscope-nodes.yaml
file (aka "Ansible inventory file"):
# Save the Terraform output in Json format to a specific file, e.g. 'terraform_instances_test_output.json'
terraform -chdir=infra/terraform/instances output -json > infra/terraform/instances/terraform_instances_test_output.json
# Run the following script which accepts a Terraform output file in Json format and outputs an ansible inventory file
# python3 infra/terraform/scripts/parse_tf_output.py <path/to/terraform_output.json> <path/to/ansible-inventory.yaml>
python3 infra/terraform/scripts/parse_tf_output.py infra/terraform/instances/terraform_instances_test_output.json infra/configure/inventory/veriscope-nodes.yaml
You must add your Trust Anchor account(s) and corresponding private key(s) to the Ansible inventory file. The steps above will not take care of this! |
veriscope-nodes.yaml
fileall:
hosts:
children:
web:
hosts:
foo-001.my-custom-domain.com:
private_ip: 10.10.10.10
trust_anchor_pk: db3906947188edfe196fe01d3e161ef82722daec9e3259323997c4e877b20cb4
trust_anchor_account: "0xe33bC570112172E2D64e8233d02454BBA56B67A2"
ssh_secret_name: /owner/env/instances/foo-001.my-custom-domain.com
nm_host: foo-001-nm.my-custom-domain.com
bar-002.my-custom-domain.com:
private_ip: 10.10.10.11
trust_anchor_pk: db3906947188edfe196fe01d3e161ef82706947188edfe196fe01d3e161ef827
trust_anchor_account: "0x67A212172E2D64e8233de33bC570102454BBA56B"
ssh_secret_name: /owner/env/instances/bar-002.my-custom-domain.com
nm_host: bar-002-nm.my-custom-domain.com
nethermind:
hosts:
foo-001-nm.my-custom-domain.com:
private_ip: 10.10.10.12
ssh_secret_name: /owner/env/instances/foo-001-nm.my-custom-domain.com
bar-002-nm.my-custom-domain.com:
private_ip: 10.10.10.13
ssh_secret_name: /owner/env/instances/bar-002-nm.my-custom-domain.com
vars:
# Whether to print debug messages to the screen while running the playbooks. NOTE: It may print secret information too. So, please use with caution.
debug: true
env: dev
# Identify a chain to deploy to - choose from the list of directory names in chains/
# One of 'veriscope_testnet', 'fed_testnet', 'fed_mainnet'
veriscope_target: veriscope_testnet
# Owner of the veriscope nodes. The value must be equal to the value of the Owner tag in the Terraform variables file (.tfvars file).
# If each node has a different owner, this can be moved to hosts: section and specified per node.
owner: foobar
# The details of the TA dashboard (PHP Laravel app) admin user. Required values are
# firstname, lastname, email and password. password is optional. If not provided, it
# will be auto-generated and stored in infra/configure/playbooks/credentials/ta_dashboard_admin_pwd/<host-name>
ta_dashboard_admin_user:
firstname: Krishna
lastname: Vasudeva
email: [email protected]
# optional password
# password: mysupersecretpassword that doesn't start with a number!
# Use this list to specify which apps to perform update (re-install) on beyond the copying
# the new version of the code during a node update.
apps_to_update:
- api
- dashboard
# Use this dict to specify the keys and values for changes to TA API config changes
ta_api_config_changes:
HTTP: http://{{ nm_host }}:8545
WS: ws://{{ nm_host }}:8545
|
b) Download SSH Keys onto Veriscope Server
Before moving to the final step, run the following command to download the SSH keys for your Veriscope Server(s):
From the root of the repository (~/veriscope
), run the following command:
ansible-playbook -i infra/configure/inventory/veriscope-nodes.yaml infra/configure/playbooks/prep/get-ssh-key-for-nodes.yaml
c) Take note of how to SSH into Veriscope Server (from the Bastion prompt)
SSH in Versicope Server web instance
Configure and enter the following from the Bastion prompt:
ssh -i ~/.ssh/<web_instances:private_fqdn>.pem veris@<web_instances:private_fqdn>
For example,
ssh -i ~/.ssh/shyft-onboarding-testnet.veriscope.net.pem [email protected]
SSH in Versicope Server Nethermind instance
Configure and enter the following from the Bastion prompt:
ssh -i ~/.ssh/<nm_instances:private_fqdn>.pem veris@<nm_instances:private_fqdn>
For example,
ssh -i ~/.ssh/shyft-onboarding-testnet-nm.veriscope.net.pem [email protected]