Skip to content

Latest commit

 

History

History
139 lines (109 loc) · 10.3 KB

README.md

File metadata and controls

139 lines (109 loc) · 10.3 KB

SSV Node Terraform Deployment

This Terraform project provisions and configures an SSV (Secret Shared Validator) node on Google Cloud Platform (GCP). It sets up the necessary infrastructure, including a virtual machine, subnet, firewall rules, and secret management.

Prerequisites

  • GCP account with appropriate permissions
  • Terraform >= 1.4.4 installed
  • Ansible (compatible version)

Usage

  1. Clone the repository:
git clone https://github.com/your-username/your-repo.git
  1. Set the required variables in variables.tf.

  2. Initialize the Terraform working directory:

terraform init
  1. Preview the changes:
terraform plan
  1. Apply the changes:
terraform apply

Configuration

The following variables can be configured:

  • gcp_project_id: The GCP project ID.
  • gcp_region: The GCP region.
  • gcp_zone: The GCP zone.
  • vm_name: The name of the VM.
  • vm_machine_type: The machine type for the VM.
  • vm_image: The OS image for the VM.
  • network_subnet_cidr_range: The IP CIDR range for the subnet.

For a complete list of configurable variables, please refer to the variables.tf file.

Requirements

Name Version
terraform >= 1.4.4
google ~> 4.0
null ~> 3.0

Modules

Name Source
subnet_1 ./modules/subnet
vm ./modules/vm

Resources

Name Type
google_compute_firewall.fw_de_allow_2 resource
google_compute_firewall.fw_de_allow_7 resource
google_secret_manager_secret.encrypted_key resource
google_secret_manager_secret.password resource
google_secret_manager_secret_iam_member.encrypted_key_read resource
google_secret_manager_secret_iam_member.encrypted_key_write resource
google_secret_manager_secret_iam_member.password_read resource
google_secret_manager_secret_iam_member.password_write resource
google_service_account.vm_service_account resource
google_storage_bucket_iam_member.terraform_state_iam resource
null_resource.ansible_vm_app_ssv_bootstrap resource
null_resource.ansible_vm_app_ssv_deployment resource
null_resource.ansible_vm_resize_boot_disk resource
null_resource.ansible_vm_resize_data_disk resource
null_resource.ansible_vm_server_bootstrap resource

Inputs

Name Description Type Default Required
firewall_priority The priority for the firewall rules number 1000 no
firewall_source_tags List of source tags for the 'fw_de_allow_7' firewall rule list(string) [] no
gcp_network_name The name of the GCP network string "default" no
gcp_project_id The GCP project ID string "your-project-id" no
gcp_region The GCP region string "us-central1" no
gcp_zone The GCP zone string "us-central1-a" no
network_subnet_cidr_range The IP CIDR range for the subnet string "10.100.105.0/24" no
network_tier The network tier for the subnet string "PREMIUM" no
ssh SSH configuration for accessing the VM. Specify the SSH user and the path to the private key file
object({
type = string
user = string
private_key = string
})
{
"private_key": "~/.ssh/private_key",
"type": "ssh",
"user": "username"
}
no
ssv_consensus_client_endpoint The consensus client endpoint of Ethereum node string "http://localhost:5052" no
ssv_data_dir The data directory for the SSV node. This directory path is appended to the value of 'vm_data_disk_mount_point' to form the full path for storing SSV node's data string "/ssv" no
ssv_docker_image_tag The tag for the SSV Docker image string "latest" no
ssv_encrypted_key_secret_id The ID of the secret containing the encrypted operator key string "sc-ssv-encrypted-key" no
ssv_execution_client_websocket_endpoint The execution client websocket endpoint of Ethereum node string "http://localhost:8546" no
ssv_metrics_api_port The Metrics API port for monitoring the SSV node number 15000 no
ssv_network The Ethereum network for the SSV node to connect with string "mainnet" no
ssv_password_secret_id The ID of the secret containing the password string "sc-ssv-password" no
ssv_tcp_port The TCP port for the SSV node number 13000 no
ssv_udp_port The UDP port for the SSV node number 12000 no
vm_boot_disk_size The size of the boot disk in GB number 10 no
vm_boot_disk_type The type of the boot disk string "pd-ssd" no
vm_data_disk_disk_type The type of the data disk string "pd-ssd" no
vm_data_disk_mount_point The mount point for the data disk on the VM string "/data" no
vm_data_disk_size The size of the data disk in GB number 10 no
vm_image The OS image for the VM string "https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/ubuntu-minimal-2204-jammy-v20230726" no
vm_machine_type The machine type for the VM. See: https://cloud.google.com/compute/docs/machine-types string "n1-standard-2" no
vm_name The name of the VM string "ssv-node" no

Outputs

Name Description
ssv_encrypted_key_secret_id The ID of the secret containing the encrypted operator key
ssv_password_secret_id The ID of the secret containing the password
subnet_gateway_address The gateway address of the subnet
subnet_ip_cidr_range The IP CIDR range of the subnet
subnet_name The name of the subnet
subnet_self_link The self link of the subnet
vm_name The name of the VM

Contributing

Contributions are welcome! If you find any issues or have suggestions for improvements, please open an issue or submit a pull request. Make sure to follow the existing code style and provide clear descriptions of your changes.

License

This project is licensed under the MIT License.