Merge pull request #1802 from SeanMikha/master

Deploying Nucypher Infrastructure to Azure

deploy/ansible/azure/README.md

@@ -0,0 +1,78 @@
+# Deploying Nucypher (worker/staker) to Azure Cloud
+
+
+If you have Ansible setup to run playbooks against the Azure resource API then you can run the `deploy_nucypher_azure_infra.yml`
+
+
+### Setting up a environment for running Ansible Azure
+
+You have 3 options for using Ansible to deploy your infrastructure:
+
+1. Utilize the "cloud shell" within the Azure portal which comes pre-installed with Ansible and your credentials.
+2. Use your own copy of Ansible and install the Azure module (through pip)
+3. Setup your own deployment machine on Ubuntu to run playbooks and deploy stakers/workers.
+
+Option 1 is ready to go, use the play book `deploy_nucypher_azure_infra.yml` followed by the playbooks in the /worker/ folder
+
+For options 2 you will need Ansible (Azure module) installed on your local host (documentation [here](https://docs.ansible.com/ansible/latest/scenario_guides/guide_azure.html)).
+
+For option 3 I've included the following steps below to setup a vanilla Ubuntu node to run Ansible (w/ Azure module), geth, and everything you need to deploy the Ansible playbooks for your Nucypher staker/workers.
+
+(Instructions valid w/ Canonical Ubuntu 16.04/18.04)
+
+
+#### Install virtualenv and activate
+```console
+azureuser@ncdeploy:~$ sudo apt-get update
+azureuser@ncdeploy:~$ sudo apt-get install -y virtualenv
+azureuser@ncdeploy:~$ virtualenv nucypher_ansible
+azureuser@ncdeploy:~$ source nucypher_ansible/bin/activate
+```
+#### Install Ansible (w/ Azure module) inside a virtual environment
+```console
+azureuser@ncdeploy:~$ pip install 'ansible[azure]'
+```
+#### Export environment variables (Azure credentials)
+```console
+azureuser@ncdeploy:~$ export AZURE_CLIENT_ID=''
+azureuser@ncdeploy:~$ export AZURE_SECRET=''
+azureuser@ncdeploy:~$ export AZURE_SUBSCRIPTION_ID=''
+azureuser@ncdeploy:~$ export AZURE_TENANT=''
+```
+#### Create 2GB swap file (for local geth instance)
+```console
+azureuser@ncdeploy:~$ sudo fallocate -l 2G /swapfile
+azureuser@ncdeploy:~$ sudo chmod 600 /swapfile
+azureuser@ncdeploy:~$ sudo mkswap /swapfile
+azureuser@ncdeploy:~$ sudo swapon /swapfile
+azureuser@ncdeploy:~$ sudo cp /etc/fstab /etc/fstab.bak
+azureuser@ncdeploy:~$ echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
+```
+#### Install geth
+```console
+azureuser@ncdeploy:~$ sudo add-apt-repository -y ppa:ethereum/ethereum
+azureuser@ncdeploy:~$ sudo apt-get update
+azureuser@ncdeploy:~$ sudo apt-get install -y ethereum
+```
+#### Run geth (goerli testnet)
+```console
+azureuser@ncdeploy:~$ nohup geth --goerli --syncmode fast --cache 1024 &
+```
+#### Check geth is finished syncing
+```console
+azureuser@ncdeploy:~$ geth attach ~/.ethereum/goerli/geth.ipc
+(within geth): eth.syncing
+```
+Wait for the result from above to come back as false
+
+#### Run ansible playbook to deploy Nucypher Staker and Worker(s)
+
+<ins>Inventory values:</ins>
+* Azure Location: West Central US (typcially one of the lowest cost locations)
+* Linux Distribution: Ubuntu 18.04 LTS
+* VM Size: B1s (1 vCPU , 1GB RAM, 4GB Ephemeral Disk)
+* Make sure to update the inventory file with your public key for login.
+
+```console
+azureuser@ncdeploy:~$ ansible-playbook deploy_nucypher_azure_infra.yml -i inventory.yml
+```

deploy/ansible/azure/deploy_nucypher_azure_infra.yml

@@ -0,0 +1,85 @@
+- name: Nucypher (staker/worker) VM for Azure
+  hosts: localhost
+  connection: local
+  tasks:
+
+  - name: Resource Group for Nucypher nodes (deployment location is determined below)
+    azure_rm_resourcegroup:
+      name: "{{ resgroup }}"
+      location: "{{ cloudregion }}"
+
+  - name: Virtual Network
+    azure_rm_virtualnetwork:
+      resource_group: "{{ resgroup }}"
+      name: "{{ vnet }}"
+      address_prefixes: "10.0.0.0/16"
+
+  - name: Subnet
+    azure_rm_subnet:
+      resource_group: "{{ resgroup }}"
+      name: "{{ subnet }}"
+      address_prefix: "10.0.1.0/24"
+      virtual_network: "{{ vnet }}"
+
+  - name: Create public IP address
+    azure_rm_publicipaddress:
+      resource_group: "{{ resgroup }}"
+      allocation_method: Static
+      name: "{{ item.ip }}"
+    register: output_ip_address
+    loop: "{{ vmlist }}"
+
+  - name: Allow SSH and Nucypher communication ports in network security group
+    azure_rm_securitygroup:
+      resource_group: "{{ resgroup }}"
+      name: "{{ item.nsg }}"
+      rules:
+        - name: SSH
+          protocol: Tcp
+          destination_port_range: 22
+          access: Allow
+          priority: 1001
+          direction: Inbound
+
+        - name: nucypher_inbound
+          protocol: Tcp
+          destination_port_range: 9151
+          access: Allow
+          priority: 1002
+          direction: Inbound
+
+        - name: nucypher_outbound
+          protocol: Tcp
+          destination_port_range: 9151
+          access: Allow
+          priority: 3002
+          direction: Outbound
+    loop: "{{ vmlist }}"
+
+  - name: Virtual Network VM NIC
+    azure_rm_networkinterface:
+      resource_group: "{{ resgroup }}"
+      name: "{{ item.nic }}"
+      virtual_network: "{{ vnet }}"
+      subnet: "{{ subnet }}"
+      public_ip_name: "{{ item.ip }}"
+      security_group: "{{ item.nsg }}"
+    loop: "{{ vmlist }}"
+
+  - name: Create VM
+    azure_rm_virtualmachine:
+      resource_group: "{{ resgroup }}"
+      name: "{{ item.name }}"
+      vm_size: "{{ item.size }}"
+      admin_username: "{{ user }}"
+      ssh_password_enabled: false
+      ssh_public_keys:
+        - path: "/home/{{ user }}/.ssh/authorized_keys"
+          key_data: "{{ osshpkey }}"
+      network_interfaces: "{{ item.nic }}"
+      image:
+        offer: UbuntuServer
+        publisher: Canonical
+        sku: 18.04-LTS
+        version: latest
+    loop: "{{ vmlist }}"

deploy/ansible/azure/inventory.yml

@@ -0,0 +1,12 @@
+all:
+ vars:
+      cloudregion: "westcentralus"
+      resgroup: "ncrg"
+      vnet: "ncvnet"
+      subnet: "ncsnet"
+      osshpkey: "<open-ssh-public-key>"
+      user: "azureuser"
+      vmlist:
+        - { name: "ncstaker", nic: "stakernic", ip: "stakerip", nsg: "stakernsg", size: "Standard_B1s" }
+        - { name: "ncworker1", nic: "ncworker1nic", ip: "ncworker1ip", nsg: "ncworker1nsg", size: "Standard_B1s" }
+        - { name: "ncworker2", nic: "ncworker2nic", ip: "ncworker2ip", nsg: "ncworker2nsg", size: "Standard_B1s" }