demeter-run · gonzalezzfelipe · Dec 19, 2024 · Aug 18, 2024 · Sep 23, 2024 · Nov 12, 2024
diff --git a/bootstrap/feature/main.tf b/bootstrap/feature/main.tf
@@ -31,9 +31,10 @@ variable "api_key_salt" {
 variable "dcu_per_frame" {
   type = map(string)
   default = {
-    "mainnet" = "10"
-    "preprod" = "5"
-    "preview" = "5"
+    "mainnet"        = "10"
+    "preprod"        = "5"
+    "preview"        = "5"
+    "vector-testnet" = "5"
   }
 }
 

diff --git a/bootstrap/instance/main.tf b/bootstrap/instance/main.tf
@@ -55,7 +55,31 @@ variable "resources" {
   }
 }
 
-
-variable "compute_arch" {
-  type = string
-}
+variable "tolerations" {
+  description = "List of tolerations for the instance"
+  type = list(object({
+    effect   = string
+    key      = string
+    operator = string
+    value    = optional(string)
+  }))
+  default = [
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-profile"
+      operator = "Exists"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/compute-arch"
+      operator = "Equal"
+      value    = "x86"
+    },
+    {
+      effect   = "NoSchedule"
+      key      = "demeter.run/availability-sla"
+      operator = "Equal"
+      value    = "consistent"
+    }
+  ]
+}
diff --git a/bootstrap/instance/ogmios.tf b/bootstrap/instance/ogmios.tf
@@ -62,7 +62,7 @@ resource "kubernetes_deployment_v1" "ogmios" {
           name              = "main"
           image             = local.image
           image_pull_policy = "IfNotPresent"
-          args = local.container_args
+          args              = local.container_args
 
           resources {
             limits = {
@@ -137,24 +137,14 @@ resource "kubernetes_deployment_v1" "ogmios" {
           }
         }
 
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-profile"
-          operator = "Exists"
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/compute-arch"
-          operator = "Equal"
-          value    = var.compute_arch
-        }
-
-        toleration {
-          effect   = "NoSchedule"
-          key      = "demeter.run/availability-sla"
-          operator = "Equal"
-          value    = "consistent"
+        dynamic "toleration" {
+          for_each = var.tolerations
+          content {
+            effect   = toleration.value.effect
+            key      = toleration.value.key
+            operator = toleration.value.operator
+            value    = toleration.value.value
+          }
         }
       }
     }

diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -32,6 +32,9 @@ module "ogmios_v1_proxy" {
   proxy_image_tag = var.proxy_blue_image_tag
   extension_name  = var.extension_name
   networks        = var.networks
+  cloud_provider  = var.cloud_provider
+  dns_zone        = var.dns_zone
+  cluster_issuer  = var.cluster_issuer
   name            = "proxy"
 }
 
@@ -44,6 +47,9 @@ module "ogmios_v1_proxy_green" {
   extension_name  = var.extension_name
   networks        = ["mainnet", "preprod", "preview", "vector-testnet"]
   environment     = "green"
+  cloud_provider  = var.cloud_provider
+  dns_zone        = var.dns_zone
+  cluster_issuer  = var.cluster_issuer
   name            = "proxy-green"
 }
 
@@ -69,7 +75,7 @@ module "ogmios_instances" {
   ogmios_image     = each.value.ogmios_image
   node_private_dns = each.value.node_private_dns
   ogmios_version   = each.value.ogmios_version
-  compute_arch     = each.value.compute_arch
+  tolerations      = each.value.tolerations
   replicas         = each.value.replicas
 }
 

diff --git a/bootstrap/proxy/cert.tf b/bootstrap/proxy/cert.tf
@@ -25,7 +25,7 @@ resource "kubernetes_manifest" "certificate_cluster_wildcard_tls" {
 
       "issuerRef" = {
         "kind" = "ClusterIssuer"
-        "name" = "letsencrypt"
+        "name" = var.cluster_issuer
       }
       "secretName" = local.cert_secret_name
     }

diff --git a/bootstrap/proxy/main.tf b/bootstrap/proxy/main.tf
@@ -80,3 +80,18 @@ variable "dns_zone" {
   type    = string
   default = "demeter.run"
 }
+
+variable "cluster_issuer" {
+  type    = string
+  default = "letsencrypt"
+}
+
+variable "cloud_provider" {
+  type    = string
+  default = "aws"
+}
+
+variable "healthcheck_port" {
+  type    = number
+  default = null
+}
diff --git a/bootstrap/proxy/service.tf b/bootstrap/proxy/service.tf
@@ -1,4 +1,5 @@
-resource "kubernetes_service_v1" "proxy_service" {
+resource "kubernetes_service_v1" "proxy_service_aws" {
+  for_each = toset([for n in toset(["loadbalancer"]) : n if var.cloud_provider == "aws"])
   metadata {
     name      = local.name
     namespace = var.namespace
@@ -8,6 +9,7 @@ resource "kubernetes_service_v1" "proxy_service" {
       "service.beta.kubernetes.io/aws-load-balancer-type" : "external"
       "service.beta.kubernetes.io/aws-load-balancer-healthcheck-protocol" : "HTTPS"
       "service.beta.kubernetes.io/aws-load-balancer-healthcheck-path" : "/healthz"
+      "service.beta.kubernetes.io/aws-load-balancer-healthcheck-port" : var.healthcheck_port != null ? var.healthcheck_port : "traffic-port"
     }
   }
 
@@ -22,6 +24,46 @@ resource "kubernetes_service_v1" "proxy_service" {
       protocol    = "TCP"
     }
 
+
+    port {
+      name        = "health"
+      port        = 80
+      target_port = local.prometheus_port
+      protocol    = "TCP"
+    }
+
+    type = "LoadBalancer"
+  }
+}
+
+resource "kubernetes_service_v1" "proxy_service_gcp" {
+  for_each = toset([for n in toset(["loadbalancer"]) : n if var.cloud_provider == "gcp"])
+  metadata {
+    name      = local.name
+    namespace = var.namespace
+    annotations = {
+      "cloud.google.com/l4-rbs" : "enabled"
+    }
+  }
+
+  spec {
+    external_traffic_policy = "Local"
+    selector                = local.proxy_labels
+
+    port {
+      name        = "proxy"
+      port        = 443
+      target_port = local.proxy_port
+      protocol    = "TCP"
+    }
+
+    port {
+      name        = "health"
+      port        = 80
+      target_port = local.prometheus_port
+      protocol    = "TCP"
+    }
+
     type = "LoadBalancer"
   }
 }
diff --git a/bootstrap/variables.tf b/bootstrap/variables.tf
@@ -7,11 +7,20 @@ variable "dns_zone" {
   default = "demeter.run"
 }
 
+variable "cluster_issuer" {
+  type    = string
+  default = "letsencrypt"
+}
+
 variable "extension_name" {
   type    = string
   default = "ogmios-m1"
 }
 
+variable "cloud_provider" {
+  type    = string
+  default = "aws"
+}
 
 variable "networks" {
   type    = list(string)
@@ -37,9 +46,10 @@ variable "api_key_salt" {
 variable "dcu_per_frame" {
   type = map(string)
   default = {
-    "mainnet" = "10"
-    "preprod" = "5"
-    "preview" = "5"
+    "mainnet"        = "10"
+    "preprod"        = "5"
+    "preview"        = "5"
+    "vector-testnet" = "5"
   }
 }
 
@@ -128,7 +138,6 @@ variable "proxy_resources" {
   }
 }
 
-
 variable "instances" {
   type = map(object({
     salt             = string
@@ -148,5 +157,11 @@ variable "instances" {
         memory = string
       })
     }))
+    tolerations = optional(list(object({
+      effect   = string
+      key      = string
+      operator = string
+      value    = optional(string)
+    })))
   }))
 }
diff --git a/docker/ogmios-6/Dockerfile b/docker/ogmios-6/Dockerfile
@@ -1,3 +1,3 @@
-FROM cardanosolutions/ogmios:v6.6.1
+FROM cardanosolutions/ogmios:v6.9.0
 
 COPY ./genesis /genesis
diff --git a/operator/src/crdgen.rs b/operator/src/crdgen.rs
@@ -2,6 +2,15 @@ use kube::CustomResourceExt;
 use operator::controller;
 
 fn main() {
+    let args: Vec<String> = std::env::args().collect();
+    if args.len() > 1 && args[1] == "json" {
+        print!(
+            "{}",
+            serde_json::to_string_pretty(&controller::OgmiosPort::crd()).unwrap()
+        );
+        return;
+    }
+
     print!(
         "{}",
         serde_yaml::to_string(&controller::OgmiosPort::crd()).unwrap()

diff --git a/proxy/src/main.rs b/proxy/src/main.rs
@@ -52,7 +52,7 @@ impl State {
     pub fn try_new() -> Result<Self, Box<dyn Error>> {
         let config = Config::new();
         let metrics = Metrics::try_new(Registry::default())?;
-        let host_regex = Regex::new(r"(dmtr_[\w\d-]+)?\.?.+")?;
+        let host_regex = Regex::new(r"([dmtr_]?[\w\d-]+)?\.?.+")?;
         let consumers = Default::default();
         let tiers = Default::default();
         let limiter = Default::default();

diff --git a/proxy/src/proxy.rs b/proxy/src/proxy.rs
@@ -312,11 +312,6 @@ pub struct ProxyRequest {
 }
 impl ProxyRequest {
     pub async fn new(hyper_req: &mut Request<Incoming>, state: &State) -> Option<Self> {
-        let mut host = get_header(hyper_req, HOST.as_str())?;
-        let host_regex = host.clone();
-
-        let captures = state.host_regex.captures(&host_regex)?;
-
         let namespace = state.config.proxy_namespace.clone();
 
         let protocol = get_header(hyper_req, UPGRADE.as_str())
@@ -329,15 +324,13 @@ impl ProxyRequest {
             })
             .unwrap_or(Protocol::Http);
 
-        if let Some(key) = captures.get(1) {
-            let key = key.as_str();
-            hyper_req
-                .headers_mut()
-                .insert(DMTR_API_KEY, HeaderValue::from_str(key).unwrap());
-            host = host.replace(&format!("{key}."), "");
-        }
+        let host = get_header(hyper_req, HOST.as_str())?;
+        let captures = state.host_regex.captures(&host)?;
+
+        let token = get_header(hyper_req, DMTR_API_KEY)
+            .or_else(|| captures.get(1).map(|v| v.as_str().to_string()))
+            .unwrap_or_default();
 
-        let token = get_header(hyper_req, DMTR_API_KEY).unwrap_or_default();
         let consumer = state.get_consumer(&token).await?;
         let instance = format!(
             "ogmios-{}-{}.{}:{}",