archway-network / networks Goto Github PK
View Code? Open in Web Editor NEWRegistry of archway public networks
networks's People
Stargazers
Watchers
Forkers
jeongseup dsrvlabs shivsantosh1996 kinrokinro cosmostation northa clemensgg edouardlvdl dvjromashkin stakeandrelax-validator sychonix kj89 nodestake 0xvixello disperze reversesigh lesnikutsa wainach stakemepro imperator-co enigma-validator packetstracer jjangg96 kwunyeung l0vd2 informalsystems landerosua rooiie volles88 kernelpanic9 errorist79 krewedk0 mortelligaming ezstaking justinlydialabs baryon-guru zenon-provalidator etherealmanatee hashkeycloud wetezos daniel-ck89 crosnest secretsaturn vik-nov-dev bwarelabs validatrium scarletbright aditya-manit felichita nuclearblock oleksanderkorn franono maxzonder sorkand1 mrx01010101010 michel-leidson r1m-nodes secord0 brightlystake m8nky staketake frens-validator ardapda danil00524 vfabian8 chillyvee stakecito whispernode emrenop jcs1910 szu-szu stakely llporzall jovecosmos a41-official ricotoothless chorusone huginntech mchaffee scv-security silk-nodes nktsh ryujimin220 golden-ratio-staking orochi8 mms-team rizbe gelotto staketown xiphiar techgigs80 sigv openbitlab2 kayano dylanschultzie svv28 xtgz hacker-web-vi nodersteam shahbaznnetworks's Issues
feat: Build terraform modules for environment setup
Currently all the terraform files are under infrastructure folder
New proposed structure:
- infrastrucure
- modules
- environment
- environments
- non-prod
- main.tf
- prod
- main.tf
- xyz-env
- main.tf
- non-prod
- modules
environment module:
- Setup a new project under non-prod or prod folder
- Use shared VPC from non-prod or prod
- Create and configure GKE cluster
- Create and configure apps in GKE cluster
spike: Define critical alerts for archway nodes
feat(ci): Add IBC infrastructure
We need to be able to test IBC transfers across various chains and to be able to do so we need the following infrastructure
- An archive node on cosmoshub public testnetwork. funds can be aquired through https://stakely.io/en/faucet/cosmos-atom
- A full node on osmosis public testnetwork. Fund can be aquired through https://faucet.osmosis.zone/#/
- A new testnetwork operated internally
- Relayers to execute on IBC transactions
feat(ci): Automated upgrade proposals on constantine with new protocol release
feat(monitoring): Route critical severity alerts to slack
fix(iam): Sanitise and mange gsuit permisions and manage gcp permissions in terraform
[WIP] monitoring features/fixes
feat(nodeset): Add DNS configs for nodeset module
Nodeset module should be able to set up Cloud DNS enteries to expose RPC, gRPC and API endpoints.
Proposal:
- nodeset should input two variables for zone and domain
- nodeset should create two records in cloud DNS under the give zone
A record: *.
A record:
Relayer operation is unstable
Relayer operation seems quite unstable -> context
There seems to be multiple issue:
- packets get stuck after a while and the relayer stops relaying until restarted
- ibc client on axelar keep getting expired and chain configs on hermes probably are to blame.
feat(vpn): Restrict infrastructure access only through VPN
Currently our nodes are highly available from the internet and it brings quite a significant security risk.
Enhance the security of the cluster by:
- limitting access to nodes through VPN only
- limiting access to Kubernetes through VPN only
- limiting access to public endpoints like Grafana through VPN only
This requires task #62 to be done first
fix: Use archway docker repositories for big-dipper image
Currently archway branded big-dippers are deployed from @drewstaylor personal repository on docker hub docker.io/drewstaylor/bigdipper:1.0.1-archway
[ ] Add CI to release docker image to use archway docker repository.
[ ] Update deploy CI to use archway docker repository
Add swagger interface to constantine-1
feature: Create service account for terraform to be used with CI
feat(mainnet airdrop): Create automation scripts to extract and process data from blockchain state export
feat: automate checks for infrastucture
Currently there is not automated checks for infrastructure which can cause unnecessary problems and security risks.
Tools:
- Terraform
- tflint
- terraform fmt
- tfsec
- Kubernetes
- kube-score
- yamllint
Each tool should be run by CI and also be available from Make file or equivalent
feature: test and try out Terraform Automation Atlantis
Atlantis is a Terraform PR automation tool that could help us more easily deploy Terraform code
https://www.runatlantis.io/
fix(monitoring): Disable control plane alerts from kube-porometheus-stack
fix: make wireguard instance automatically configure itself
Wireguard base instance now has to be configured manually everytime the instance gets deleted.
It would be good to have cloud-init there to do the following:
- Install packages:
- wireguard
- iptables
- resolvconf
- qrencode
- Format and automount the disk to
/etc/wireguard - Add these to `/etc/sysctl.d/wg.conf
net.ipv4.ip_forward = 1net.ipv6.conf.all.forwarding = 1
- Enable wireguard via systemd :
systemdctl enable wg-quick@wg0
feat: Automate CloudDNS into terraform
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.