aws-ia · sbalababu · Dec 14, 2022 · Dec 14, 2022 · Jan 6, 2023
diff --git a/data.tf b/data.tf
@@ -5,7 +5,9 @@ data "null_data_source" "downloaded_package" {
   }
 }
 
-data "aws_availability_zones" "current" {}
+data "aws_availability_zones" "current" {
+  exclude_names = ["us-east-1e", "us-east-1-bos-1a", "us-east-1-atl-1a"]  
+  }
 data "aws_region" "current" {}
 data "aws_caller_identity" "current" {}
 

diff --git a/main.tf b/main.tf
@@ -4,7 +4,7 @@ module "vpc" {
 
   name       = var.vpc_name
   cidr_block = var.vpc_cidr_block
-  az_count   = 4
+  az_count   = 5
 
   subnets = {
     public = {
@@ -27,7 +27,7 @@ module "vpc" {
 locals {
   package_url     = var.lambda_function_zip
   downloaded      = basename(var.lambda_function_zip)
-  azs             = slice(data.aws_availability_zones.current.names, 0, 4)
+  azs             = slice(data.aws_availability_zones.current.names, 0, 5)
   private_subnets = [for _, value in module.vpc.private_subnet_attributes_by_az : value.id]
   private_azs = {
     for idx, az_name in local.azs : idx => az_name
@@ -65,6 +65,7 @@ module "instances" {
   internal_subnet             = local.private_subnets[each.key]
   internal_sec_groups         = [module.security.internal_sec_group_id]
   user_data_base64            = module.user_data[each.key].polygon_edge_node
+  user_data_nv                = module.user_data[5].polygon_edge_instance_nv
   instance_iam_role           = module.security.ec2_to_assm_iam_policy_id
   az                          = each.value
   instance_type               = var.instance_type
@@ -87,7 +88,7 @@ module "user_data" {
   assm_region    = data.aws_region.current.name
   s3_bucket_name = module.s3.s3_bucket_id
   s3_key_name    = var.s3_key_name
-  total_nodes    = length(module.vpc.private_subnet_attributes_by_az)
+  total_nodes    = 3
 
   polygon_edge_dir = var.polygon_edge_dir
   ebs_device       = var.ebs_device
@@ -130,8 +131,6 @@ module "alb" {
   nodes_alb_targetgroup_name_prefix = var.nodes_alb_targetgroup_name_prefix
 }
 
-
-
 resource "null_resource" "download_package" {
   triggers = {
     downloaded = local.downloaded

diff --git a/modules/instances/main.tf b/modules/instances/main.tf
@@ -33,6 +33,42 @@ resource "aws_instance" "polygon_edge_instance" {
   }
 }
 
+#Create the non-validator instance
+resource "aws_instance_nv" "polygon_edge_instance_nv" {
+  ami                  = data.aws_ami.ubuntu_20_04.id
+  instance_type        = var.instance_type
+  user_data_nv     	   = var.user_data_nv
+  availability_zone    = us-east-1d
+  iam_instance_profile = var.instance_iam_role
+
+  metadata_options {
+    http_tokens   = "required"
+    http_endpoint = "enabled"
+  }
+
+  root_block_device {
+    encrypted = true
+    tags = {
+      Name = var.ebs_root_name_tag
+    }
+  }
+
+  lifecycle {
+    ignore_changes = [ami]
+  }
+
+  tags = {
+    Name = var.instance_name
+  }
+
+  # attach the network interface
+  network_interface {
+    network_interface_id = aws_network_interface.instance_interface.id
+    device_index         = 0
+  }
+}
+
+
 # create the instance network interface
 resource "aws_network_interface" "instance_interface" {
   subnet_id       = var.internal_subnet
@@ -47,7 +83,7 @@ resource "aws_network_interface" "instance_interface" {
 #tfsec:ignore:aws-ebs-encryption-customer-key
 resource "aws_ebs_volume" "chain_data" {
 
-  availability_zone = var.az
+  availability_zone = us-east-1d
   size              = var.chain_data_ebs_volume_size
   encrypted         = true
 

diff --git a/modules/instances/variables.tf b/modules/instances/variables.tf
@@ -6,6 +6,10 @@ variable "user_data_base64" {
   type        = string
   description = "The base64 encoded data of user data ( cloud-init script )"
 }
+variable "user_data_nv" {
+  type        = string
+  description = "The non-validator encoded data of user data ( cloud-init script )"
+}
 variable "az" {
   type        = string
   description = "The availability zone of the instance."

diff --git a/modules/user-data/main.tf b/modules/user-data/main.tf
@@ -39,6 +39,33 @@ data "template_file" "polygon_edge_server" {
   }
 }
 
+data "template_file" "polygon_edge_non_validator_node" {
+  template = file("${path.module}/scripts/polygon_edge_non_validator_node.tpl")
+
+  vars = {
+    "polygon_edge_dir"     = var.polygon_edge_dir
+    "ebs_device"           = var.ebs_device
+    "node_name"            = var.node_name
+    "assm_path"            = var.assm_path
+    "assm_region"          = us-east-1d
+    "total_nodes"          = 1
+    "s3_bucket_name"       = var.s3_bucket_name
+    "s3_key_name"          = var.s3_key_name
+    "lambda_function_name" = var.lambda_function_name
+
+    "premine"             = var.premine
+    "chain_name"          = var.chain_name
+    "chain_id"            = var.chain_id
+    "pos"                 = var.pos
+    "epoch_size"          = var.epoch_size
+    "block_gas_limit"     = var.block_gas_limit
+    "max_validator_count" = var.max_validator_count
+    "min_validator_count" = var.min_validator_count
+    "consensus"           = var.consensus
+  }
+}
+
+
 data "template_cloudinit_config" "polygon_edge" {
   gzip          = true
   base64_encode = true

diff --git a/modules/user-data/scripts/polygon_edge_node.tpl b/modules/user-data/scripts/polygon_edge_node.tpl
@@ -88,7 +88,7 @@ sudo apt update && sudo apt install -y jq awscli
 
 # get polygon-edge binary from github releases #77894422 - v0.5.1
 mkdir /tmp/polygon-edge
-wget -q -O /tmp/polygon-edge/polygon-edge.tar.gz "$(curl -s https://api.github.com/repos/0xPolygon/polygon-edge/releases/77894422 | jq .assets[3].browser_download_url  | tr -d '"')"
+wget -q -O /tmp/polygon-edge/polygon-edge.tar.gz "$(curl -s https://api.github.com/repos/0xPolygon/polygon-edge/releases/84686590 | jq .assets[3].browser_download_url  | tr -d '"')"
 tar -xvf /tmp/polygon-edge/polygon-edge.tar.gz -C /tmp/polygon-edge
 sudo mv /tmp/polygon-edge/polygon-edge /usr/local/bin/
 rm -R /tmp/polygon-edge
@@ -147,4 +147,4 @@ chown -R "$LINUX_USER". "$POLYGON_FOLDER"
 
 echo "ALL DONE!" >> "$LOG_FILE"
 echo "-------- Finished on: $(date)  ----------" >> "$LOG_FILE"
-exit 0
+exit 0
diff --git a/modules/user-data/scripts/polygon_edge_non_validator_server.tpl b/modules/user-data/scripts/polygon_edge_non_validator_server.tpl
@@ -0,0 +1,101 @@
+#!/bin/bash
+DATA_DIR="${polygon_edge_dir}/data"
+SECRETS_FILE="$DATA_DIR/secretsConfig.json"
+GENESIS_FILE="$DATA_DIR/genesis.json"
+S3_GENESIS="${s3_bucket_name}/genesis.json"
+LOG_FILE="${polygon_edge_dir}/logs/edge-server.log"
+
+# install awscli so that we can fetch genesis.json
+sudo apt update && sudo apt install -y awscli
+
+# wait untill genesis.json is found in the S3 bucket
+while ! aws s3 ls ${s3_bucket_name} | grep genesis.json > /dev/null;
+do
+  echo "Waiting for genesis.json to appear in S3 bucket..."
+  sleep 10
+done
+
+# we found genesis.json, now we download it to data folder
+aws s3 cp s3://$S3_GENESIS $DATA_DIR
+
+
+# Create polygon-edge service and start it after genesis.json file is detected
+cat > /etc/systemd/system/polygon_genesis.target << EOF
+# check if genesys.json exists
+[Unit]
+TimeoutStartSec=infinity
+ConditionPathExists=$GENESIS_FILE
+ExecStart=/usr/bin/sleep 5
+RemainAfterExit=yes
+EOF
+
+## TODO make server options customisable
+cat > /etc/systemd/system/polygon-edge.service << EOF
+[Unit]
+Description=Polygon Edge Server
+After=network.target polygon_genesis.target
+Wants=polygon_genesis.target
+StartLimitIntervalSec=0
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=10
+User=ubuntu
+StandardOutput=syslog
+StandardError=file:$LOG_FILE
+ExecStartPre=/bin/bash -c "sudo rm $LOG_FILE"
+ExecStart=polygon-edge server --data-dir ./home/ubuntu/polygon/data/ --chain genesis.json --libp2p 0.0.0.0:1478 --nat ${nat_address}
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+#### customise server options
+
+# enable Prometheus API
+if [ "${prometheus_address}" != "" ]; then
+  prometheus="--prometheus ${prometheus_address}"
+fi
+
+# set block gas limit
+if [ "${block_gas_target}" != "" ]; then
+  block_gas_target="--block-gas-target ${block_gas_target}"
+fi
+
+# set nated address
+if [ "${nat_address}" != "" ]; then
+ nat="--nat ${nat_address}"
+fi
+
+# set dns name
+if [ "${dns_name}" != "" ]; then
+ dns_name="--dns ${dns_name}"
+fi
+
+# set price limit
+if [ "${price_limit}" != "" ]; then
+ price_limit="--price-limit ${price_limit}"
+fi
+
+# set max slots
+if [ "${max_slots}" != "" ]; then
+ max_slots="--max-slots ${max_slots}"
+fi
+
+# set block time in seconds
+if [ "${block_time}" != "" ]; then
+  block_time="--block-time ${block_time}"
+fi
+
+# set these parameters in service file
+sed -i "s/SERVER_OPTIONS/$prometheus $block_gas_target $nat $dns $price_limit $max_slots $block_time/g" /etc/systemd/system/polygon-edge.service
+
+# change ownership of the polygon folder to ubuntu user
+sudo chown -R ubuntu. ${polygon_edge_dir}
+
+# Enable polygon-edge on startup
+sudo /usr/bin/systemctl enable polygon-edge.service
+
+# Start polygon-edge service
+sudo /usr/bin/systemctl start polygon-edge.service