To set up the infrastructure, you need to clone the tokamak-thanos-stack repository to your local machine.
Visit the link below to clone the repository:
The tokamak-thanos-stack repository is structured as follows:
charts: Helm charts for deploying the Thanos chain.
terraform: Terraform code is used to configure the AWS infrastructure to run the Thanos chain.
In this guide, we will use the Terraform code to set up the infrastructure that forms the foundation of the Thanos chain.
Configure env
Before deploying the infrastructure with Terraform, you need to set up environment variables. we manage the environment variables by creating a .envrc file.
Go to terraform directory
cd terraform
Copy .envrc.example file to .envrc.
cp .envrc.example .envrc
Please fill in the values for the items listed below in the copied file.
TF_VAR_thanos_stack_name: Name
TF_VAR_aws_region: The AWS region to use.
TF_VAR_sequencer_key: The Sequencer Private key.
TF_VAR_batcher_key: The Batcher Private key.
TF_VAR_proposer_key: The Proposer Private key.
TF_VAR_challenger_key: The Challenger Private key.
TF_VAR_eks_cluster_admins: Your IAM user ARN.
TF_VAR_stack_deployments_path: The path to the file containing the L1 contract address. You can find it here.
TF_VAR_stack_l1_rpc_url: The L1 RPC endpoint.
TF_VAR_stack_l1_rpc_provider: The L1 RPC Provider.
TF_VAR_stack_l1_beacon_url: The beacon RPC endpoint
Note to env configure
Variables with default values do not need to be modified.
You can ignore TF_VAR_backend_bucket_name for now, as it will be filled in after configuring the Terraform backend.
The ARN of the IAM user can be found in the EC2 console under Users > User name > Summary tab.
When you've filled it all in, it should look like this:
Before provisioning AWS resources with Terraform, you need to set up a backend storage to store the state information. The backend storage will use AWS S3.
Go to backend directory
$ cd terraform/backend
Command terraform init
$ terraform init
......
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Command terraform plan to verify if the backend creation is set up correctly.
$ terraform plan
......
Plan: 4 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ backend_bucket_name = (known after apply)
Command terraform apply to create the backend.
$ terraform apply
......
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
Outputs:
backend_bucket_name = "thanos-stack-example-thanos-stack-tfstate-avfalb9c"
direnv: error /Users/austin/Documents/tokamak-network/tokamak-thanos-stack/terraform/.envrc is blocked. Run `direnv allow` to approve its content
<aside> 💡
The error can be ignored because it occurred after the backend was created and the TF_VAR_backend_bucket_name value in the environment file was automatically filled in.
</aside>
Go back terraform directory and apply the environment variables
In this phase, we will set up the infrastructure needed to run the apps required for operating the Thanos chain, and to do so, we will create the following resources:
vpc: VPC is a networking service provided by AWS.
secretsmanager: The Secrets Manager stores the private keys used by operator nodes.
chain-config: Storage for genesis file and rollup file. used AWS S3
EFS: EFS is a cloud-based file system service. It is used for the file system storage of Thanos stack services.
EKS: EKS is a managed Kubernetes service. It is used to deploy and manage applications in the Thanos stack.
kubernetes: This module is for deploying controllers to use AWS services in Kubernetes. It deploys controllers for load balancers, coredns, and secrets.
Bring genesis and rollup files
Before building the infrastructure, make sure to have the genesis and rollup files created during step 2.
Go to thanos-stack directory
$ cd terraform/thanos-stack
Copy generate and rollup files to config-files directory.
$ terraform init
......
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Command terraform plan to verify if the thanos-stack infra creation is set up correctly.
$ terraform plan
......
Plan: 79 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ aws_secretsmanager_id = (known after apply)
+ efs_id = (known after apply)
+ genesis_file_url = (known after apply)
+ prestate_file_url = (known after apply)
+ private_subnet_ids = [
+ (known after apply),
+ (known after apply),
]
+ public_subnet_ids = [
+ (known after apply),
+ (known after apply),
]
+ rollup_file_url = (known after apply)
+ vpc_id = (known after apply)
Command terraform apply to create the thanos-stack infra. The process will take around 15 to 20 minutes to complete.
Once the infrastructure setup is complete, you’ll see that the thanos-stack-values.yaml file has been created. This file will be used in the next step to deploy the Thanos chain.
$ ls
... thanos-stack-values.yaml ...
To interact with EKS, register the EKS kubeconfig with kubectl.
$ aws eks update-kubeconfig --region $TF_VAR_aws_region --name $TF_VAR_thanos_stack_name
Added new context arn:aws:eks:ap-northeast-2:111111111111:cluster/thanos-stack-example to /Users/austin/.kube/config
With the infrastructure setup complete, proceed to the next phase
