chore: Re-create cross chain messaging fix on v2

.github/workflows/deploy-staging-networks.yml

@@ -125,6 +125,12 @@ jobs:
           BOT_SWAPS_FOLLOW_CHAIN=PENDING
           BOT_SWAPS_TX_INTERVAL_SECONDS=350
 
+          RPC_INGRESS_ENABLED=true
+          RPC_INGRESS_HOST=staging.alpha-testnet.aztec-labs.com
+          RPC_INGRESS_STATIC_IP_NAME=staging-rc-1-ingress
+          RPC_INGRESS_SSL_CERT_NAME=staging-public-rpc-cert
+
+          FLUSH_ENTRY_QUEUE=false
           EOF
           echo "NAMESPACE=$NAMESPACE" >> $GITHUB_ENV
 
@@ -234,6 +240,13 @@ jobs:
           DEPLOY_INTERNAL_BOOTNODE=false
           BOT_TRANSFERS_REPLICAS=0
           BOT_SWAPS_REPLICAS=0
+          FLUSH_ENTRY_QUEUE=false
+
+          # RPC_INGRESS_ENABLED=true
+          # RPC_INGRESS_HOST=rpc.testnet.aztec-labs.com
+          # RPC_INGRESS_STATIC_IP_NAME=testnet-rpc-ingress
+          # RPC_INGRESS_SSL_CERT_NAME=testnet-rpc-cert
+
           EOF
           echo "NAMESPACE=$NAMESPACE" >> $GITHUB_ENV
 

spartan/scripts/deploy_network.sh

@@ -78,6 +78,13 @@ BOT_SWAPS_TX_INTERVAL_SECONDS=${BOT_SWAPS_TX_INTERVAL_SECONDS:-60}
 BOT_TRANSFERS_FOLLOW_CHAIN=${BOT_TRANSFERS_FOLLOW_CHAIN:-PENDING}
 BOT_SWAPS_FOLLOW_CHAIN=${BOT_SWAPS_FOLLOW_CHAIN:-PENDING}
 
+RPC_INGRESS_ENABLED=${RPC_INGRESS_ENABLED:-false}
+RPC_INGRESS_HOST=${RPC_INGRESS_HOST:-}
+RPC_INGRESS_STATIC_IP_NAME=${RPC_INGRESS_STATIC_IP_NAME:-}
+RPC_INGRESS_SSL_CERT_NAME=${RPC_INGRESS_SSL_CERT_NAME:-}
+
+FLUSH_ENTRY_QUEUE=${FLUSH_ENTRY_QUEUE:-true}
+
 ########################
 # CHAOS MESH VARIABLES
 ########################
@@ -301,6 +308,11 @@ BOT_SWAPS_FOLLOW_CHAIN = "${BOT_SWAPS_FOLLOW_CHAIN}"
 BOT_TRANSFERS_L2_PRIVATE_KEY = "${BOT_TRANSFERS_L2_PRIVATE_KEY:-0xcafe01}"
 BOT_SWAPS_L2_PRIVATE_KEY = "${BOT_SWAPS_L2_PRIVATE_KEY:-0xcafe02}"
 PROVER_FAILED_PROOF_STORE = "${PROVER_FAILED_PROOF_STORE}"
+
+RPC_INGRESS_ENABLED = ${RPC_INGRESS_ENABLED}
+RPC_INGRESS_HOST = "${RPC_INGRESS_HOST}"
+RPC_INGRESS_STATIC_IP_NAME = "${RPC_INGRESS_STATIC_IP_NAME}"
+RPC_INGRESS_SSL_CERT_NAME = "${RPC_INGRESS_SSL_CERT_NAME}"
 EOF
 
 tf_run "${DEPLOY_AZTEC_INFRA_DIR}" "${DESTROY_AZTEC_INFRA}" "${CREATE_AZTEC_INFRA}"

spartan/terraform/deploy-aztec-infra/main.tf

@@ -160,10 +160,21 @@ locals {
         "rpc.yaml",
         "rpc-resources-${var.RPC_RESOURCE_PROFILE}.yaml"
       ]
-      custom_settings = {
-        "nodeType"         = "rpc"
-        "node.env.NETWORK" = var.NETWORK
-      }
+      custom_settings = merge(
+        {
+          "nodeType"            = "rpc"
+          "node.env.NETWORK"    = var.NETWORK
+          "ingress.rpc.enabled" = var.RPC_INGRESS_ENABLED
+          "ingress.rpc.host"    = var.RPC_INGRESS_HOST
+        },
+        var.RPC_INGRESS_ENABLED ? {
+          "service.rpc.annotations.cloud\\.google\\.com/neg"                        = "{\"ingress\": true}"
+          "ingress.rpc.annotations.kubernetes\\.io/ingress\\.class"                 = "gce"
+          "ingress.rpc.annotations.kubernetes\\.io/ingress\\.global-static-ip-name" = var.RPC_INGRESS_STATIC_IP_NAME
+          "ingress.rpc.annotations.ingress\\.gcp\\.kubernetes\\.io/pre-shared-cert" = var.RPC_INGRESS_SSL_CERT_NAME
+          "ingress.rpc.annotations.kubernetes\\.io/ingress\\.allow-http"            = "false"
+        } : {}
+      )
       boot_node_host_path  = "node.env.BOOT_NODE_HOST"
       bootstrap_nodes_path = "node.env.BOOTSTRAP_NODES"
     }

spartan/terraform/deploy-aztec-infra/values/prover-resources-prod.yaml

@@ -3,12 +3,13 @@ node:
   node:
     resources:
       requests:
-        cpu: "3"
-        memory: "12Gi"
+        cpu: "1.6"
+        memory: "5Gi"
 
   nodeSelector:
     local-ssd: "false"
     node-type: "network"
+    cores: "2"
 
   affinity:
     podAntiAffinity:
@@ -40,6 +41,7 @@ broker:
   nodeSelector:
     local-ssd: "false"
     node-type: "network"
+    cores: "2"
 
   persistence:
     enabled: true

spartan/terraform/deploy-aztec-infra/values/rpc-resources-prod.yaml

@@ -1,6 +1,7 @@
 nodeSelector:
   local-ssd: "false"
   node-type: "network"
+  cores: "2"
 
 affinity:
   podAntiAffinity:
@@ -20,8 +21,8 @@ hostNetwork: true
 node:
   resources:
     requests:
-      cpu: "3"
-      memory: "12Gi"
+      cpu: "1.6"
+      memory: "5Gi"
 persistence:
   enabled: true
 

spartan/terraform/deploy-aztec-infra/values/validator-resources-prod.yaml

@@ -3,6 +3,7 @@ validator:
   nodeSelector:
     local-ssd: "false"
     node-type: "network"
+    cores: "2"
   affinity:
     podAntiAffinity:
       requiredDuringSchedulingIgnoredDuringExecution:
@@ -17,8 +18,8 @@ validator:
   node:
     resources:
       requests:
-        cpu: "3"
-        memory: "12Gi"
+        cpu: "1.6"
+        memory: "5Gi"
   statefulSet:
     volumeClaimTemplates:
       - metadata:

spartan/terraform/deploy-aztec-infra/variables.tf

@@ -381,3 +381,28 @@ variable "PROVER_FAILED_PROOF_STORE" {
   nullable    = false
   default     = ""
 }
+
+# RPC ingress configuration (GKE-specific)
+variable "RPC_INGRESS_ENABLED" {
+  description = "Enable GKE ingress for RPC nodes"
+  type        = bool
+  default     = false
+}
+
+variable "RPC_INGRESS_HOST" {
+  description = "Hostname for RPC ingress"
+  type        = string
+  default     = ""
+}
+
+variable "RPC_INGRESS_STATIC_IP_NAME" {
+  description = "Name of the GCP static IP resource for the ingress"
+  type        = string
+  default     = ""
+}
+
+variable "RPC_INGRESS_SSL_CERT_NAME" {
+  description = "Name of the GCP managed SSL certificate for the ingress"
+  type        = string
+  default     = ""
+}

spartan/terraform/gke-cluster/auto-updater-config.tf

@@ -47,7 +47,7 @@ resource "google_storage_bucket_object" "staging_public" {
   content = jsonencode({
     version = ""
     config = {
-      governanceProposerPayload = "0x3fe8bFFd590d57E39281596433F1d95249f5d469"
+      governanceProposerPayload = "0x0972CE94b1AC39Ecf737e8221cD290A84bA63921"
     }
   })
 }

spartan/terraform/gke-cluster/cluster/main.tf

@@ -41,44 +41,44 @@ resource "google_container_cluster" "primary" {
 }
 
 # Create 2 core node pool with local ssd
-resource "google_container_node_pool" "aztec_nodes_2core_ssd" {
-  name     = "${var.cluster_name}-2core-ssd"
-  location = var.zone
-  cluster  = var.cluster_name
-  version  = var.node_version
+# resource "google_container_node_pool" "aztec_nodes_2core_ssd" {
+#   name     = "${var.cluster_name}-2core-ssd"
+#   location = var.zone
+#   cluster  = var.cluster_name
+#   version  = var.node_version
 
-  # Enable autoscaling
-  autoscaling {
-    min_node_count = 0
-    max_node_count = 512
-  }
+#   # Enable autoscaling
+#   autoscaling {
+#     min_node_count = 0
+#     max_node_count = 512
+#   }
 
-  # Node configuration
-  node_config {
-    machine_type = "n2d-standard-2"
-    ephemeral_storage_local_ssd_config {
-      local_ssd_count = 1
-    }
+#   # Node configuration
+#   node_config {
+#     machine_type = "n2d-standard-2"
+#     ephemeral_storage_local_ssd_config {
+#       local_ssd_count = 1
+#     }
 
-    service_account = var.service_account
-    oauth_scopes = [
-      "https://www.googleapis.com/auth/cloud-platform"
-    ]
+#     service_account = var.service_account
+#     oauth_scopes = [
+#       "https://www.googleapis.com/auth/cloud-platform"
+#     ]
 
-    labels = {
-      env       = "production"
-      local-ssd = "true"
-      node-type = "network"
+#     labels = {
+#       env       = "production"
+#       local-ssd = "true"
+#       node-type = "network"
 
-    }
-    tags = ["aztec-gke-node", "aztec"]
-  }
+#     }
+#     tags = ["aztec-gke-node", "aztec"]
+#   }
 
-  management {
-    auto_repair  = true
-    auto_upgrade = false
-  }
-}
+#   management {
+#     auto_repair  = true
+#     auto_upgrade = false
+#   }
+# }
 
 # Create 2 core node pool no ssd
 resource "google_container_node_pool" "aztec_nodes-2core" {
@@ -105,6 +105,7 @@ resource "google_container_node_pool" "aztec_nodes-2core" {
       env       = "production"
       local-ssd = "false"
       node-type = "network"
+      cores     = "2"
     }
     tags = ["aztec-gke-node", "aztec"]
   }
@@ -141,6 +142,7 @@ resource "google_container_node_pool" "aztec_nodes-4core" {
       env       = "production"
       local-ssd = "false"
       node-type = "network"
+      cores     = "4"
     }
     tags = ["aztec-gke-node", "aztec"]
   }
@@ -245,49 +247,49 @@ resource "google_container_node_pool" "spot_nodes_8core" {
 }
 
 # Create 2 core spot instance node pool with autoscaling
-resource "google_container_node_pool" "spot_nodes_2core" {
-  name     = "${var.cluster_name}-2core-spot"
-  location = var.zone
-  cluster  = var.cluster_name
-  version  = var.node_version
-  # Enable autoscaling
-  autoscaling {
-    min_node_count = 0
-    max_node_count = 1500
-  }
+# resource "google_container_node_pool" "spot_nodes_2core" {
+#   name     = "${var.cluster_name}-2core-spot"
+#   location = var.zone
+#   cluster  = var.cluster_name
+#   version  = var.node_version
+#   # Enable autoscaling
+#   autoscaling {
+#     min_node_count = 0
+#     max_node_count = 1500
+#   }
 
-  # Node configuration
-  node_config {
-    machine_type = "t2d-standard-2"
-    spot         = true
+#   # Node configuration
+#   node_config {
+#     machine_type = "t2d-standard-2"
+#     spot         = true
 
-    service_account = var.service_account
-    oauth_scopes = [
-      "https://www.googleapis.com/auth/cloud-platform"
-    ]
+#     service_account = var.service_account
+#     oauth_scopes = [
+#       "https://www.googleapis.com/auth/cloud-platform"
+#     ]
 
-    labels = {
-      env       = "production"
-      pool      = "spot"
-      local-ssd = "false"
-      node-type = "network"
-    }
-    tags = ["aztec-gke-node", "spot"]
+#     labels = {
+#       env       = "production"
+#       pool      = "spot"
+#       local-ssd = "false"
+#       node-type = "network"
+#     }
+#     tags = ["aztec-gke-node", "spot"]
 
-    # Spot instance termination handler
-    taint {
-      key    = "cloud.google.com/gke-spot"
-      value  = "true"
-      effect = "NO_SCHEDULE"
-    }
-  }
+#     # Spot instance termination handler
+#     taint {
+#       key    = "cloud.google.com/gke-spot"
+#       value  = "true"
+#       effect = "NO_SCHEDULE"
+#     }
+#   }
 
-  # Management configuration
-  management {
-    auto_repair  = true
-    auto_upgrade = false
-  }
-}
+#   # Management configuration
+#   management {
+#     auto_repair  = true
+#     auto_upgrade = false
+#   }
+# }
 
 # Create 8 core high memory (64 GB) node pool with autoscaling, used for metrics
 resource "google_container_node_pool" "infra_nodes_8core_highmem" {