feat: add blue/green proxy (#44)

avatxus · web-flow · commit eb9ec16ebd21 · 2024-04-16T17:38:20.000-03:00
* feat: add blue/green proxy

* applied formatting
diff --git a/bootstrap/configs/vector-testnet/config.json b/bootstrap/configs/vector-testnet/config.json
@@ -0,0 +1,101 @@
+{
+  "ByronGenesisFile": "/genesis/vector-testnet/byron.json",
+  "ShelleyGenesisFile": "/genesis/vector-testnet/shelley.json",
+  "AlonzoGenesisFile": "/genesis/vector-testnet/alonzo.json",
+  "ConwayGenesisFile": "/genesis/vector-testnet/conway.json",
+  "SocketPath": "db/node.socket",
+  "PBftSignatureThreshold": 0.6,
+  "MaxConcurrencyBulkSync": 1,
+  "MaxConcurrencyDeadline": 2,
+  "Protocol": "Cardano",
+  "RequiresNetworkMagic": "RequiresMagic",
+  "LastKnownBlockVersion-Major": 6,
+  "LastKnownBlockVersion-Minor": 0,
+  "LastKnownBlockVersion-Alt": 0,
+  "TurnOnLogging": true,
+  "TurnOnLogMetrics": true,
+  "minSeverity": "Debug",
+  "TracingVerbosity": "NormalVerbosity",
+  "setupBackends": ["KatipBK"],
+  "defaultBackends": ["KatipBK"],
+  "hasEKG": 12788,
+  "hasPrometheus": [
+    "0.0.0.0",
+    12798
+  ],
+  "setupScribes": [
+    {
+      "scKind": "FileSK",
+      "scName": "logs/mainnet.log",
+      "scFormat": "ScText"
+    },
+    {
+      "scKind": "StdoutSK",
+      "scName": "stdout",
+      "scFormat": "ScText"
+    }
+  ],
+  "defaultScribes": [
+    ["FileSK", "logs/mainnet.log"],
+    ["StdoutSK", "stdout"]
+  ],
+  "rotation": {
+    "rpLogLimitBytes": 5000000,
+    "rpKeepFilesNum": 3,
+    "rpMaxAgeHours": 24
+  },
+  "TraceBlockFetchClient": false,
+  "TraceBlockFetchDecisions": false,
+  "TraceBlockFetchProtocol": false,
+  "TraceBlockFetchProtocolSerialised": false,
+  "TraceBlockFetchServer": false,
+  "TraceBlockchainTime": false,
+  "TraceChainDb": true,
+  "TraceChainSyncClient": false,
+  "TraceChainSyncBlockServer": false,
+  "TraceChainSyncHeaderServer": false,
+  "TraceChainSyncProtocol": false,
+  "TraceDNSResolver": true,
+  "TraceDNSSubscription": true,
+  "TraceErrorPolicy": true,
+  "TraceLocalErrorPolicy": true,
+  "TraceForge": true,
+  "TraceHandshake": false,
+  "TraceIpSubscription": true,
+  "TraceLocalRootPeers": true,
+  "TracePublicRootPeers": true,
+  "TracePeerSelection": true,
+  "TraceDebugPeerSelection": false,
+  "TracePeerSelectionActions": true,
+  "TraceConnectionManager": true,
+  "TraceServer": true,
+  "TraceLocalConnectionManager": false,
+  "TraceLocalServer": false,
+  "TraceLocalChainSyncProtocol": false,
+  "TraceLocalHandshake": false,
+  "TraceLocalTxSubmissionProtocol": false,
+  "TraceLocalTxSubmissionServer": false,
+  "TraceMempool": true,
+  "TraceMux": false,
+  "TraceTxInbound": false,
+  "TraceTxOutbound": false,
+  "TraceTxSubmissionProtocol": false,
+  "options": {
+    "mapBackends": {
+      "cardano.node.metrics": ["EKGViewBK"]
+    },
+    "mapScribes": {
+      "cardano.node.metrics": ["FileSK::logs/mainnet.log"]
+    },
+    "mapSeverity": {
+      "cardano.node.ChainDB": "Notice",
+      "cardano.node.DnsSubscription": "Debug"
+    }
+  },
+  "TestShelleyHardForkAtEpoch": 0,
+  "TestAllegraHardForkAtEpoch": 0,
+  "TestMaryHardForkAtEpoch": 0,
+  "TestAlonzoHardForkAtEpoch": 0,
+  "TestBabbageHardForkAtEpoch": 0,
+  "ExperimentalProtocolsEnabled": true
+}
diff --git a/bootstrap/feature/monitor.tf b/bootstrap/feature/monitor.tf
@@ -25,3 +25,31 @@ resource "kubernetes_manifest" "operator_monitor" {
     }
   }
 }
+
+resource "kubernetes_manifest" "instance_monitor" {
+  manifest = {
+    apiVersion = "monitoring.coreos.com/v1"
+    kind       = "PodMonitor"
+    metadata = {
+      labels = {
+        "app.kubernetes.io/component" = "o11y"
+        "app.kubernetes.io/part-of"   = "demeter"
+      }
+      name      = "instance"
+      namespace = var.namespace
+    }
+    spec = {
+      selector = {
+        matchLabels = {
+          role = "instance"
+        }
+      }
+      podMetricsEndpoints = [
+        {
+          port = "api",
+          path = "/metrics"
+        }
+      ]
+    }
+  }
+}
diff --git a/bootstrap/feature/operator.tf b/bootstrap/feature/operator.tf
@@ -68,7 +68,7 @@ resource "kubernetes_deployment_v1" "ogmios_operator" {
 
           env {
             name  = "DCU_PER_FRAME"
-            value = "mainnet=${var.dcu_per_frame["mainnet"]},preprod=${var.dcu_per_frame["preprod"]},preview=${var.dcu_per_frame["preview"]}"
+            value = "mainnet=${var.dcu_per_frame["mainnet"]},preprod=${var.dcu_per_frame["preprod"]},preview=${var.dcu_per_frame["preview"]},vector-testnet=${var.dcu_per_frame["vector-testnet"]}"
           }
 
           env {
diff --git a/bootstrap/instance/main.tf b/bootstrap/instance/main.tf
@@ -27,8 +27,8 @@ variable "network" {
   type = string
 
   validation {
-    condition     = contains(["mainnet", "preprod", "preview"], var.network)
-    error_message = "Invalid network. Allowed values are mainnet, preprod and preview."
+    condition     = contains(["mainnet", "preprod", "preview", "vector-testnet"], var.network)
+    error_message = "Invalid network. Allowed values are mainnet, preprod, preview and vector-testnet."
   }
 }
 
diff --git a/bootstrap/instance/monitor.tf b/bootstrap/instance/monitor.tf
diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -28,9 +28,23 @@ module "ogmios_v1_proxy" {
   depends_on      = [kubernetes_namespace.namespace]
   source          = "./proxy"
   namespace       = var.namespace
-  replicas        = var.proxy_replicas
-  proxy_image_tag = var.proxy_image_tag
+  replicas        = var.proxy_blue_replicas
+  proxy_image_tag = var.proxy_blue_image_tag
   extension_name  = var.extension_name
+  networks        = ["mainnet", "preprod", "preview"]
+  name            = "proxy"
+}
+
+module "ogmios_v1_proxy_green" {
+  depends_on      = [kubernetes_namespace.namespace]
+  source          = "./proxy"
+  namespace       = var.namespace
+  replicas        = var.proxy_green_replicas
+  proxy_image_tag = var.proxy_green_image_tag
+  extension_name  = var.extension_name
+  networks        = ["mainnet", "preprod", "preview", "vector-testnet"]
+  environment     = "green"
+  name            = "proxy-green"
 }
 
 // mainnet
diff --git a/bootstrap/proxy/cert.tf b/bootstrap/proxy/cert.tf
@@ -8,16 +8,16 @@ locals {
   ])
 
   # Add the extra URL to the list of generated URLs
-  dns_names = concat(local.by_network, ["*.${var.extension_name}.${var.dns_zone}"])
-  cert_secret_name = "${var.extension_name}-wildcard-tls"
+  dns_names        = concat(local.by_network, ["*.${var.extension_name}.${var.dns_zone}"])
+  cert_secret_name = var.environment != null ? "${var.extension_name}-${var.environment}-wildcard-tls" : "${var.extension_name}-wildcard-tls"
 }
 
 resource "kubernetes_manifest" "certificate_cluster_wildcard_tls" {
   manifest = {
     "apiVersion" = "cert-manager.io/v1"
     "kind"       = "Certificate"
     "metadata" = {
-      "name"      = "${var.extension_name}-wildcard-tls"
+      "name"      = local.cert_secret_name
       "namespace" = var.namespace
     }
     "spec" = {
diff --git a/bootstrap/proxy/deployment.tf b/bootstrap/proxy/deployment.tf
@@ -1,27 +1,21 @@
 resource "kubernetes_deployment_v1" "ogmios_proxy" {
   wait_for_rollout = false
-  depends_on = [ kubernetes_manifest.certificate_cluster_wildcard_tls ]
+  depends_on       = [kubernetes_manifest.certificate_cluster_wildcard_tls]
 
   metadata {
     name      = local.name
     namespace = var.namespace
-    labels = {
-      role = local.role
-    }
+    labels    = local.proxy_labels
   }
   spec {
     replicas = var.replicas
     selector {
-      match_labels = {
-        role = local.role
-      }
+      match_labels = local.proxy_labels
     }
     template {
       metadata {
-        name = local.name
-        labels = {
-          role = local.role
-        }
+        name   = local.name
+        labels = local.proxy_labels
       }
       spec {
         container {
@@ -73,12 +67,12 @@ resource "kubernetes_deployment_v1" "ogmios_proxy" {
           }
 
           env {
-            name = "SSL_CRT_PATH"
+            name  = "SSL_CRT_PATH"
             value = "/certs/tls.crt"
           }
 
           env {
-            name = "SSL_KEY_PATH"
+            name  = "SSL_KEY_PATH"
             value = "/certs/tls.key"
           }
 
diff --git a/bootstrap/proxy/main.tf b/bootstrap/proxy/main.tf
@@ -1,11 +1,23 @@
 locals {
-  name = "proxy"
+  name = var.name
   role = "proxy"
 
   prometheus_port = 9187
   prometheus_addr = "0.0.0.0:${local.prometheus_port}"
   proxy_port      = 8080
   proxy_addr      = "0.0.0.0:${local.proxy_port}"
+  # proxy_labels = var.environment != null ? { role = local.role, environment = var.environment } : { role = local.role }
+  proxy_labels = var.environment != null ? { role = "${local.role}-${var.environment}" } : { role = local.role }
+}
+
+variable "name" {
+  type    = string
+  default = "proxy"
+}
+
+// blue - green
+variable "environment" {
+  default = null
 }
 
 variable "namespace" {
@@ -55,16 +67,16 @@ variable "extension_name" {
 }
 
 variable "networks" {
-  type = list(string)
-  default = ["mainnet", "preprod", "preview"]
+  type    = list(string)
+  default = ["mainnet", "preprod", "preview", "vector-testnet"]
 }
 
 variable "versions" {
-  type = list(string)
+  type    = list(string)
   default = ["5", "6"]
 }
 
 variable "dns_zone" {
   type    = string
   default = "demeter.run"
-}
+}
diff --git a/bootstrap/proxy/monitor.tf b/bootstrap/proxy/monitor.tf
@@ -7,14 +7,12 @@ resource "kubernetes_manifest" "operator_monitor" {
         "app.kubernetes.io/component" = "o11y"
         "app.kubernetes.io/part-of"   = "demeter"
       }
-      name      = "proxy"
+      name      = local.name
       namespace = var.namespace
     }
     spec = {
       selector = {
-        matchLabels = {
-          role = "proxy"
-        }
+        matchLabels = local.proxy_labels
       }
       podMetricsEndpoints = [
         {
diff --git a/bootstrap/proxy/service.tf b/bootstrap/proxy/service.tf
@@ -13,9 +13,7 @@ resource "kubernetes_service_v1" "proxy_service" {
 
   spec {
     load_balancer_class = "service.k8s.aws/nlb"
-    selector = {
-      role = local.role
-    }
+    selector            = local.proxy_labels
 
     port {
       name        = "proxy"
diff --git a/bootstrap/service/main.tf b/bootstrap/service/main.tf
@@ -6,8 +6,8 @@ variable "network" {
   description = "cardano node network"
 
   validation {
-    condition     = contains(["mainnet", "preprod", "preview"], var.network)
-    error_message = "Invalid network. Allowed values are mainnet, preprod and preview."
+    condition     = contains(["mainnet", "preprod", "preview", "vector-testnet"], var.network)
+    error_message = "Invalid network. Allowed values are mainnet, preprod, preview and vector-testnet."
   }
 }
 
diff --git a/bootstrap/variables.tf b/bootstrap/variables.tf

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ resource "kubernetes_deployment_v1" "ogmios_operator" {`
`68`	`68`
`69`	`69`	`env {`
`70`	`70`	`name = "DCU_PER_FRAME"`
`71`		`- value = "mainnet=${var.dcu_per_frame["mainnet"]},preprod=${var.dcu_per_frame["preprod"]},preview=${var.dcu_per_frame["preview"]}"`
	`71`	`+ value = "mainnet=${var.dcu_per_frame["mainnet"]},preprod=${var.dcu_per_frame["preprod"]},preview=${var.dcu_per_frame["preview"]},vector-testnet=${var.dcu_per_frame["vector-testnet"]}"`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`env {`
Original file line number	Diff line number	Diff line change
`@@ -27,8 +27,8 @@ variable "network" {`
`27`	`27`	`type = string`
`28`	`28`
`29`	`29`	`validation {`
`30`		`- condition = contains(["mainnet", "preprod", "preview"], var.network)`
`31`		`- error_message = "Invalid network. Allowed values are mainnet, preprod and preview."`
	`30`	`+ condition = contains(["mainnet", "preprod", "preview", "vector-testnet"], var.network)`
	`31`	`+ error_message = "Invalid network. Allowed values are mainnet, preprod, preview and vector-testnet."`
`32`	`32`	`}`
`33`	`33`	`}`
`34`	`34`
Original file line number	Diff line number	Diff line change
`@@ -7,14 +7,12 @@ resource "kubernetes_manifest" "operator_monitor" {`
`7`	`7`	`"app.kubernetes.io/component" = "o11y"`
`8`	`8`	`"app.kubernetes.io/part-of" = "demeter"`
`9`	`9`	`}`
`10`		`- name = "proxy"`
	`10`	`+ name = local.name`
`11`	`11`	`namespace = var.namespace`
`12`	`12`	`}`
`13`	`13`	`spec = {`
`14`	`14`	`selector = {`
`15`		`- matchLabels = {`
`16`		`- role = "proxy"`
`17`		`- }`
	`15`	`+ matchLabels = local.proxy_labels`
`18`	`16`	`}`
`19`	`17`	`podMetricsEndpoints = [`
`20`	`18`	`{`
Original file line number	Diff line number	Diff line change
`@@ -6,8 +6,8 @@ variable "network" {`
`6`	`6`	`description = "cardano node network"`
`7`	`7`
`8`	`8`	`validation {`
`9`		`- condition = contains(["mainnet", "preprod", "preview"], var.network)`
`10`		`- error_message = "Invalid network. Allowed values are mainnet, preprod and preview."`
	`9`	`+ condition = contains(["mainnet", "preprod", "preview", "vector-testnet"], var.network)`
	`10`	`+ error_message = "Invalid network. Allowed values are mainnet, preprod, preview and vector-testnet."`
`11`	`11`	`}`
`12`	`12`	`}`
`13`	`13`