mirror of
https://github.com/aljazceru/ThunderCloud.git
synced 2025-12-17 06:14:20 +01:00
Make it easy to run more than one stack
This commit is contained in:
Alex Schoof
@@ -28,6 +28,8 @@ You can use `lncli` to open channels, create invoices, do all the fun lightning
|
|||||||
|
|
||||||
By default, the grpc port will not be accessible. There's a security group that get's created for it, but isn't attached to the node. If you uncomment the line that says `// instance.addSecurityGroup(rpcSg);` and run `cdk deploy`, it'll attach that security group and you'll be able to get to the grpc ports. Want to close them up? comment that line out and do `cdk deploy` again and it'll detach the security group.
|
By default, the grpc port will not be accessible. There's a security group that get's created for it, but isn't attached to the node. If you uncomment the line that says `// instance.addSecurityGroup(rpcSg);` and run `cdk deploy`, it'll attach that security group and you'll be able to get to the grpc ports. Want to close them up? comment that line out and do `cdk deploy` again and it'll detach the security group.
|
||||||
|
|
||||||
|
Want to add a second (or third or fourth) node? Go into `bin/thundercloud.ts` and add a line at the end like `new LightningNode(app, 'SecondLightningNode', {stackName: "SecondLightningNode"});`, then do `cdk deploy SecondLightningNode`.
|
||||||
|
|
||||||
## Shutting down the node
|
## Shutting down the node
|
||||||
1. go into the project root and do `cdk destroy`
|
1. go into the project root and do `cdk destroy`
|
||||||
There is no step 2. You can also go find the stack in CloudFormation and delete it there. either way works.
|
There is no step 2. You can also go find the stack in CloudFormation and delete it there. either way works.
|
||||||
|
|||||||
@@ -19,3 +19,6 @@ new LightningNode(app, 'ThundercloudStack', {
|
|||||||
|
|
||||||
/* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */
|
/* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Here's an example of a second node. uncomment this and then run `cdk deploy SecondLightningNode`
|
||||||
|
// new LightningNode(app, 'SecondLightningNode', {stackName: "SecondLightningNode"});
|
||||||
@@ -14,40 +14,38 @@ export class LightningNode extends cdk.Stack {
|
|||||||
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
|
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
|
||||||
super(scope, id, props);
|
super(scope, id, props);
|
||||||
|
|
||||||
|
const suffix = props?.stackName || "";
|
||||||
// Set up a VPC with public and isolated subnets in 3 AZs (out of the list above)
|
// Set up a VPC with public and isolated subnets in 3 AZs (out of the list above)
|
||||||
const vpc = new ec2.Vpc(this, "vpc", {
|
const vpc = new ec2.Vpc(this, "vpc" + suffix, {
|
||||||
cidr: "10.0.0.0/16",
|
cidr: "10.0.0.0/16",
|
||||||
natGateways: 0,
|
natGateways: 0,
|
||||||
maxAzs: 3,
|
maxAzs: 3,
|
||||||
});
|
});
|
||||||
|
|
||||||
// SSH key for the node
|
// SSH key for the node
|
||||||
const key = new KeyPair(this, 'KeyPair', {
|
const key = new KeyPair(this, 'KeyPair' + suffix, {
|
||||||
name: 'cdk-keypair',
|
name: 'cdk-keypair',
|
||||||
description: 'Key Pair created with CDK Deployment',
|
description: 'Key Pair created with CDK Deployment',
|
||||||
});
|
});
|
||||||
|
|
||||||
// Security groups. I made three different ones because adding/removing SGs from instances
|
// Security groups. I made three different ones because adding/removing SGs from instances
|
||||||
// is easier to do through automation than changing rules on a single SG.
|
// is easier to do through automation than changing rules on a single SG.
|
||||||
const sshSg = new ec2.SecurityGroup(this, 'sshSecurityGroup', {
|
const sshSg = new ec2.SecurityGroup(this, 'sshSecurityGroup' + suffix, {
|
||||||
vpc,
|
vpc,
|
||||||
description: 'Allow SSH (TCP port 22) in',
|
description: 'Allow SSH (TCP port 22) in',
|
||||||
});
|
});
|
||||||
sshSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(22), 'Allow SSH Access')
|
sshSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(22), 'Allow SSH Access')
|
||||||
const lightningSg = new ec2.SecurityGroup(this, "LightningSecurityGroup", {
|
const lightningSg = new ec2.SecurityGroup(this, "LightningSecurityGroup" + suffix, {
|
||||||
vpc,
|
vpc,
|
||||||
description: 'Allow lightning protocol (port 9735) traffic from the Internet',
|
description: 'Allow lightning protocol (port 9735) traffic from the Internet',
|
||||||
});
|
});
|
||||||
lightningSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(9735));
|
lightningSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(9735));
|
||||||
const setupScript = new Asset(this, "SetupScript", {
|
const rpcSg = new ec2.SecurityGroup(this, "RpcSecurityGroup" + suffix, {
|
||||||
path: path.join(__dirname, 'configure-node.sh')
|
|
||||||
});
|
|
||||||
const rpcSg = new ec2.SecurityGroup(this, "RpcSecurityGroup", {
|
|
||||||
vpc,
|
vpc,
|
||||||
description: 'Allow access to lnd grpc interface',
|
description: 'Allow access to lnd grpc interface',
|
||||||
});
|
});
|
||||||
rpcSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(10009));
|
rpcSg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(10009));
|
||||||
const restSg = new ec2.SecurityGroup(this, "RestSecurityGroup", {
|
const restSg = new ec2.SecurityGroup(this, "RestSecurityGroup" + suffix, {
|
||||||
vpc: vpc,
|
vpc: vpc,
|
||||||
description: "Allow access to lnd REST ports"
|
description: "Allow access to lnd REST ports"
|
||||||
});
|
});
|
||||||
@@ -59,7 +57,7 @@ export class LightningNode extends cdk.Stack {
|
|||||||
cpuType: ec2.AmazonLinuxCpuType.ARM_64
|
cpuType: ec2.AmazonLinuxCpuType.ARM_64
|
||||||
});
|
});
|
||||||
|
|
||||||
const instance = new ec2.Instance(this, "lightningNode", {
|
const instance = new ec2.Instance(this, "lightningNode" + suffix, {
|
||||||
instanceType: new ec2.InstanceType("t4g.micro"),
|
instanceType: new ec2.InstanceType("t4g.micro"),
|
||||||
vpc: vpc,
|
vpc: vpc,
|
||||||
machineImage: ami,
|
machineImage: ami,
|
||||||
@@ -76,12 +74,15 @@ export class LightningNode extends cdk.Stack {
|
|||||||
// You can also edit the ingress rule above if you want a different port
|
// You can also edit the ingress rule above if you want a different port
|
||||||
// instance.addSecurityGroup(restSg);
|
// instance.addSecurityGroup(restSg);
|
||||||
|
|
||||||
const eip = new CfnEIP(this, "NodeEIP", {
|
const eip = new CfnEIP(this, "NodeEIP" + suffix, {
|
||||||
domain: "vpc",
|
domain: "vpc",
|
||||||
instanceId: instance.instanceId
|
instanceId: instance.instanceId
|
||||||
});
|
});
|
||||||
|
|
||||||
// Wire the bootstrap script into the instance userdata
|
// Wire the bootstrap script into the instance userdata
|
||||||
|
const setupScript = new Asset(this, "SetupScript" + suffix, {
|
||||||
|
path: path.join(__dirname, 'configure-node.sh')
|
||||||
|
});
|
||||||
const localPath = instance.userData.addS3DownloadCommand({
|
const localPath = instance.userData.addS3DownloadCommand({
|
||||||
bucket:setupScript.bucket,
|
bucket:setupScript.bucket,
|
||||||
bucketKey:setupScript.s3ObjectKey,
|
bucketKey:setupScript.s3ObjectKey,
|
||||||
|
|||||||
Reference in New Issue
Block a user