chore(deployment): add cdk8s deployment tool for sequencer (#2250)

* chore(deployment): add cdk8s deployment tool for sequencer

* chore(deployment): aligned references

* chore(deployment): cleaned PR

.github/workflows/deployment.yml

@@ -19,7 +19,6 @@ on:
     paths:
     - 'deployments/sequencer/*'
 
-
 jobs:
   deployment:
     runs-on: ubuntu-latest
@@ -33,4 +32,4 @@ jobs:
           # Synthesize the CDK8s Sequencer app.
           cd deployments/sequencer
           cdk8s synth
-          diff -au references/sequencer-system.k8s.yaml dist/sequencer-system.k8s.yaml
+          diff -aur references/* dist/*

config/sequencer/presets/config-batcher.json

@@ -0,0 +1,8 @@
+{
+  "chain_id": "0x5",
+  "eth_fee_token_address": "0x6",
+  "strk_fee_token_address": "0x7",
+  "batcher_config.storage.db_config.path_prefix": "/data",
+  "batcher_config.storage.db_config.enforce_file_exists": false,
+  "sequencer_address": "0x1"
+}

config/sequencer/presets/config.json

@@ -0,0 +1,20 @@
+{
+  "chain_id": "0x5",
+  "eth_fee_token_address": "0x6",
+  "strk_fee_token_address": "0x7",
+  "components.batcher.execution_mode": "Disabled",
+  "components.batcher.local_server_config.#is_none": true,
+  "components.consensus_manager.execution_mode": "Disabled",
+  "components.gateway.execution_mode": "Disabled",
+  "components.http_server.execution_mode": "Disabled",
+  "components.mempool.execution_mode": "Disabled",
+  "components.mempool_p2p.execution_mode": "Disabled",
+  "components.consensus_manager.local_server_config.#is_none": true,
+  "components.gateway.local_server_config.#is_none": true,
+  "components.http_server.local_server_config.#is_none": true,
+  "components.mempool.local_server_config.#is_none": true,
+  "components.mempool_p2p.local_server_config.#is_none": true,
+  "components.http_server.remote_server_config.#is_none": true,
+  "batcher_config.storage.db_config.enforce_file_exists": false,
+  "batcher_config.storage.db_config.path_prefix": "/data"
+}

deployments/sequencer/config/sequencer.py

@@ -1,30 +1,28 @@
-from typing import Dict, Any
+import typing
 import os
 import json
 import jsonschema
 
-ROOT_DIR = os.path.join(os.path.dirname(os.path.abspath(__file__)), '../../../')
-CONFIG_DIR = os.path.join(ROOT_DIR, 'config/papyrus/')
 
+from services.objects import Config
 
-class Config():
-    def __init__(self, schema: Dict[Any, Any], config: Dict[Any, Any]):
-        self.schema = schema
-        self.config = config
-
-    def get(self):
-        return self.config
-
-    def validate(self):
-        pass
 
+def load_config(config_path):
+    root_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)), '../../../')
+    config_dir = os.path.join(root_dir, 'config/sequencer/')
+
+    return json.loads(
+        open(os.path.join(config_dir, config_path), 'r').read()
+    )
 
 class SequencerDevConfig(Config):
-    def __init__(self):
+    def __init__(self, mount_path: str, custom_config_path: typing.Optional[str]):
         super().__init__(
-            schema=json.loads(open(os.path.join(CONFIG_DIR, 'default_config.json'), 'r').read()),
-            config=json.loads(open(os.path.join(CONFIG_DIR, 'presets', 'sepolia_testnet.json'), 'r').read())
-            )
+            schema=load_config(config_path='default_config.json'),
+            config=load_config(config_path='presets/config.json') if not custom_config_path else json.loads(open(os.path.abspath(custom_config_path)).read()),
+            mount_path=mount_path
+        )
+
 
     def validate(self):
         jsonschema.validate(self.config, schema=self.schema)

deployments/sequencer/main.py

@@ -1,61 +1,73 @@
 #!/usr/bin/env python3
 
-from constructs import Construct
-from cdk8s import App, Chart
-from typing import Dict, Any
-from services.service import Service
 import dataclasses
+import os
+
+from constructs import Construct # type: ignore
+from cdk8s import App, Chart, YamlOutputType # type: ignore
+from typing import Dict, Any, Optional
+
+from services.service import Service
+from config.sequencer import Config
+from services.objects import *
+from services import defaults
+
 
-from config.sequencer import Config, SequencerDevConfig
+env = os.getenv("ENV", "dev")
+
+
+if env == "dev":
+    system_preset = defaults.sequencer_dev
+elif env == "prod":
+    system_preset = defaults.sequencer_prod 
 
 
 @dataclasses.dataclass
 class SystemStructure:
     topology: str = "mesh"
     replicas: str = "2"
     size: str = "small"
-    config: Config = SequencerDevConfig()
+    config: Optional[Config] = None
 
     def __post_init__(self):
         self.config.validate()
 
 
-class SequencerSystem(Chart):
+class SequencerNode(Chart):
     def __init__(
         self,
         scope: Construct,
         name: str,
-        namespace: str,
-        system_structure: Dict[str, Dict[str, Any]],
+        namespace: str
     ):
         super().__init__(
             scope, name, disable_resource_name_hashes=True, namespace=namespace
         )
-        self.mempool = Service(
+        self.service = Service(
             self,
-            "mempool",
-            image="paulbouwer/hello-kubernetes:1.7",
-            replicas=2,
-            config=system_structure.config.get(),
-        )
-        self.batcher = Service(self, "batcher", image="ghost", container_port=2368)
-        self.sequencer_node = Service(
-            self, 
-            "sequencer", 
-            image="", 
-            container_port=8082, 
-            startup_probe_path="/monitoring/nodeVersion", 
-            readiness_probe_path="/monitoring/ready", 
-            liveness_probe_path="/monitoring/alive"
+            name,
+            namespace=namespace,
+            deployment=system_preset.deployment,
+            config=system_preset.config,
+            image=system_preset.image,
+            args=system_preset.args,
+            port_mappings=system_preset.port_mappings,
+            service_type=system_preset.service_type,
+            replicas=system_preset.replicas,
+            health_check=system_preset.health_check,
+            pvc=system_preset.pvc,
+            ingress=system_preset.ingress
         )
 
 
-app = App()
-a = SequencerSystem(
+app = App(
+    yaml_output_type=YamlOutputType.FOLDER_PER_CHART_FILE_PER_RESOURCE
+)
+
+sequencer_node = SequencerNode(
     scope=app,
-    name="sequencer-system",
-    namespace="test-namespace",
-    system_structure=SystemStructure(),
+    name=system_preset.name,
+    namespace=system_preset.namespace
 )
 
 app.synth()

deployments/sequencer/references/sequencer-node/ConfigMap.sequencer-node-config.k8s.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sequencer-node-config
+  namespace: default
+data:
+  config: '{"chain_id": "0x5", "eth_fee_token_address": "0x6", "strk_fee_token_address": "0x7", "components.batcher.execution_mode": "Disabled", "components.batcher.local_server_config.#is_none": true, "components.consensus_manager.execution_mode": "Disabled", "components.gateway.execution_mode": "Disabled", "components.http_server.execution_mode": "Disabled", "components.mempool.execution_mode": "Disabled", "components.mempool_p2p.execution_mode": "Disabled", "components.consensus_manager.local_server_config.#is_none": true, "components.gateway.local_server_config.#is_none": true, "components.http_server.local_server_config.#is_none": true, "components.mempool.local_server_config.#is_none": true, "components.mempool_p2p.local_server_config.#is_none": true, "components.http_server.remote_server_config.#is_none": true, "batcher_config.storage.db_config.enforce_file_exists": false, "batcher_config.storage.db_config.path_prefix": "/data"}'

deployments/sequencer/references/sequencer-node/Deployment.sequencer-node-deployment.k8s.yaml

@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sequencer-node-deployment
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sequencer-node
+  template:
+    metadata:
+      labels:
+        app: sequencer-node
+    spec:
+      containers:
+        - args:
+            - --config_file
+            - /config/sequencer/presets/config
+          image: us.gcr.io/starkware-dev/sequencer-node-test:0.0.1-dev.3
+          livenessProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /monitoring/alive
+              port: 8082
+            periodSeconds: 10
+            timeoutSeconds: 5
+          name: sequencer-node-container
+          ports:
+            - containerPort: 8080
+            - containerPort: 8081
+            - containerPort: 8082
+          readinessProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /monitoring/ready
+              port: 8082
+            periodSeconds: 10
+            timeoutSeconds: 5
+          startupProbe:
+            failureThreshold: 10
+            httpGet:
+              path: /monitoring/nodeVersion
+              port: 8082
+            periodSeconds: 10
+            timeoutSeconds: 5
+          volumeMounts:
+            - mountPath: /config/sequencer/presets/
+              name: sequencer-node-config
+              readOnly: true
+            - mountPath: /data
+              name: sequencer-node-data
+              readOnly: false
+      securityContext:
+        fsGroup: 1000
+      volumes:
+        - configMap:
+            name: sequencer-node-config
+          name: sequencer-node-config
+        - name: sequencer-node-data
+          persistentVolumeClaim:
+            claimName: sequencer-node-data
+            readOnly: false

deployments/sequencer/references/sequencer-node/Ingress.sequencer-node-ingress.k8s.yaml

@@ -0,0 +1,29 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/common-name: default.gcp-integration.sw-dev.io
+    cert-manager.io/issue-temporary-certificate: "true"
+    cert-manager.io/issuer: letsencrypt-prod
+    kubernetes.io/tls-acme: "true"
+  labels:
+    app: sequencer-node
+  name: sequencer-node-ingress
+  namespace: default
+spec:
+  rules:
+    - host: default.gcp-integration.sw-dev.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: sequencer-node-service
+                port:
+                  number: 8082
+            path: /monitoring/
+            pathType: Prefix
+  tls:
+    - hosts:
+        - default.gcp-integration.sw-dev.io
+      secretName: sequencer-tls

deployments/sequencer/references/sequencer-node/Namespace.default.k8s.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: default
+  namespace: default

deployments/sequencer/references/sequencer-node/PersistentVolumeClaim.sequencer-node-data.k8s.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app: sequencer-node
+  name: sequencer-node-data
+  namespace: default
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 64Gi
+  storageClassName: premium-rwo
+  volumeMode: Filesystem

deployments/sequencer/references/sequencer-node/Service.sequencer-node-service.k8s.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: sequencer-node-service
+  namespace: default
+spec:
+  ports:
+    - name: http
+      port: 80
+      targetPort: 8080
+    - name: rpc
+      port: 8081
+      targetPort: 8081
+    - name: monitoring
+      port: 8082
+      targetPort: 8082
+  selector:
+    app: sequencer-node
+  type: ClusterIP