feat(substrate): enable platform deployment via ansible server

This commit introduces support for deploying a decentralized ledger technology (DLT) network using Ansible automation. The changes include:

- Added a new network configuration file (`substrate-network-config.yaml`) to define nodes (Bootnode, Validator, Member, IPFS) within a single organization.
- Updated the `deployment-network.yaml` to support the new network configuration.
- Updated multiple Ansible roles, Helm release templates, and charts to align with the new network configuration.
- Updated the user guide documentation to assist users/developers in correctly configuring the network.

fixes #2547

Signed-off-by: saurabhkumarkardam <[email protected]>

platforms/network-schema.json

@@ -1296,6 +1296,9 @@
         },
         "apiPort": {
           "type": "number"
+        },
+        "enabled": {
+          "type": "boolean"
         }
       },
       "required": [

platforms/shared/configuration/roles/setup/edge-stack/tasks/main.yaml

@@ -47,7 +47,7 @@
 - name: Create custom values for aes helm chart
   vars:
     ports: "{{ network.env.ambassadorPorts.ports | default([]) }}"
-    elastic_ip: "{{ allocation_ips_stdout | default(item.publicIps[0]) }}"
+    elastic_ip: "{{ allocation_ips_stdout | default(item.publicIps[0] | default('')) }}"
     lbSourceRangeDefault:
       - 0.0.0.0/0
     loadBalancerSourceRanges: "{{ network.env.loadBalancerSourceRanges | default(lbSourceRangeDefault) }}"

platforms/substrate/charts/dscp-ipfs-node/Chart.yaml

@@ -2,7 +2,9 @@
 #  This Chart is a fork from https://github.com/digicatapult/helm-charts/tree/main/charts/dscp-ipfs
 #  Please update if needed
 ##############################################################################################
-apiVersion: v1
+
+---
+apiVersion: v2
 name: dscp-ipfs-node
 appVersion: '2.6.1'
 description: dscp-ipfs is a component of the DSCP project that provides a distributed IPFS based storage solution for the DSCP platform.

platforms/substrate/charts/dscp-ipfs-node/requirements.yaml

@@ -7,7 +7,7 @@ dependencies:
     version: 4.x.x
     condition: dscpNode.enabled
   - name: bevel-storageclass
-    alias: storage
+    alias: substrate-storage
     repository: "file://../../../shared/charts/bevel-storageclass"
     tags:
       - storage

platforms/substrate/charts/dscp-ipfs-node/templates/secret.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ include "dscp-ipfs.fullname" . }}-secret
+  name: "substrate-node-{{ include "dscp-ipfs.fullname" . }}-keys"
   labels:
     {{- include "dscp-ipfs.labels" . | nindent 4 }}
 {{- if and .Values.config.publicKey .Values.config.privateKey }}

platforms/substrate/charts/dscp-ipfs-node/templates/statefulset.yaml

@@ -169,7 +169,7 @@ spec:
                 jq -r 'if .errors then . else .auth.client_token end')
 
               validateVaultResponse 'vault login token' "${VAULT_CLIENT_TOKEN}"
-              vault_secret_key="${VAULT_SECRET_ENGINE}"/"${VAULT_SECRET_PREFIX}/ipfs"
+              vault_secret_key="${VAULT_SECRET_ENGINE}"/"${VAULT_SECRET_PREFIX}-ipfs-keys"
               # Save the generated keys to VAULT
               LOOKUP_SECRET_RESPONSE=$(curl -sS -H "X-Vault-Token: ${VAULT_CLIENT_TOKEN}" \
                 -H "Content-Type: application/json" \
@@ -263,7 +263,7 @@ spec:
       spec:
         accessModes: [ "ReadWriteOnce" ]
         {{- if .Values.storage.storageClass }}
-        storageClassName: storage-{{ .Release.Name }}
+        storageClassName: substrate-storage-{{ .Release.Name }}
         {{- end }}
         resources:
           requests:

platforms/substrate/charts/substrate-genesis/Chart.yaml

@@ -3,7 +3,9 @@
 #
 #  SPDX-License-Identifier: Apache-2.0
 ##############################################################################################
-apiVersion: v1
+
+---
+apiVersion: v2
 name: substrate-genesis
 description: A Helm chart to generate the genesis for Substrate Nodes
 type: application

platforms/substrate/charts/substrate-genesis/templates/generate-keys.yaml

@@ -16,6 +16,7 @@ metadata:
     "helm.sh/hook-weight": "1"
     "helm.sh/hook-delete-policy": "before-hook-creation"
   labels:
+    app: genesis
     app.kubernetes.io/name: pre-install-hook
     app.kubernetes.io/component: keygen
     app.kubernetes.io/namespace: {{ .Release.Namespace }}

platforms/substrate/charts/substrate-genesis/templates/genesis.yaml

@@ -15,6 +15,7 @@ metadata:
     "helm.sh/hook-weight": "2"
     "helm.sh/hook-delete-policy": "before-hook-creation"
   labels:
+    app: genesis
     app: {{ .Release.Name }}
     app.kubernetes.io/name: {{ .Release.Name }}
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
@@ -201,9 +202,10 @@ spec:
           # Initialize the token
           . /scripts/bevel-vault.sh
           vaultBevelFunc "init"
+
           vault_secret_key="${VAULT_SECRET_ENGINE}/${VAULT_SECRET_PREFIX}/genesis"
           vaultBevelFunc "readJson" "$vault_secret_key"
-
+          
           # The vault CLI is required for this job as the genesis file is too large to be passed in via a vault API call
           echo "Installing Vault CLI"
           curl -O -L https://releases.hashicorp.com/vault/1.7.1/vault_1.7.1_linux_amd64.zip

platforms/substrate/charts/substrate-node/Chart.yaml

@@ -2,9 +2,26 @@
 #  This Chart is a fork from https://github.com/paritytech/helm-charts
 #  Please update if needed
 ##############################################################################################
-apiVersion: v1
+
+---
+apiVersion: v2 
 name: substrate-node
 description: A Helm chart to deploy Substrate/Polkadot nodes
 type: application
-version: 1.2.0
-appVersion: "0.0.1"
+version: 1.0.0
+appVersion: latest
+keywords:
+  - bevel
+  - ethereum
+  - substrate
+  - hyperledger
+  - enterprise
+  - blockchain
+  - deployment
+  - accenture
+home: https://hyperledger-bevel.readthedocs.io/en/latest/
+sources:
+  - https://github.com/hyperledger/bevel
+maintainers:
+  - name: Hyperledger Bevel maintainers
+    email: [email protected]

platforms/substrate/charts/substrate-node/requirements.yaml

@@ -1,6 +1,6 @@
 dependencies:
   - name: bevel-storageclass
-    alias: storage
+    alias: substrate-storage
     repository: "file://../../../shared/charts/bevel-storageclass"
     tags:
       - storage

platforms/substrate/charts/substrate-node/templates/_helpers.tpl

@@ -50,6 +50,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 Selector labels
 */}}
 {{- define "node.selectorLabels" -}}
+name: {{ include "node.name" . }}
 app.kubernetes.io/name: {{ include "node.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}

platforms/substrate/charts/substrate-node/templates/statefulset.yaml

@@ -198,25 +198,21 @@ spec:
 
             #!/bin/sh
 
-              # STEP-1
               echo "Step 1: Install necessary packages using custom package manager script"
               . /scripts/package-manager.sh
               packages_to_install="jq curl"
               install_packages "$packages_to_install"
 
-              # STEP-2
               echo "STEP-2: Download and set up kubectl for Kubernetes management"
               curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
               chmod +x kubectl
               mv kubectl /usr/local/bin/
               kubectl version --client
 
-              # STEP-3
               echo "Step 3: Extract chain specification (genesis) from Kubernetes ConfigMap and store it"
               chain_spec=$(kubectl get configmap "substrate-genesis" --namespace {{ .Release.Namespace }} -o json | jq -r '.data["genesis"]')
               echo "${chain_spec}" | base64 -d > {{ .Values.node.customChainspecPath }}
 
-              # STEP-4
               echo "Step 4: Retrieve secret keys from Kubernetes Secrets if available"
               secretName="substrate-node-{{ .Release.Name }}-keys"
               if kubectl get secret "${secretName}" --namespace {{ .Release.Namespace }} >/dev/null 2>&1; then
@@ -233,14 +229,12 @@ spec:
                 BOOTNODE_ID=$(kubectl get secret "substrate-node-{{ .Values.node.isBootnode.bootnodeName }}-keys" --namespace {{ .Release.Namespace }} -o json | jq -r '.data["substrate-node-keys"]' | base64 -d | jq -r '.data.node_id')
               {{- end }}
 
-              # STEP-5
               echo "Step 5: Insert keys into Keystore using dscp-node command-line tool"
               # Insert AURA key into Keystore
               ./{{ .Values.node.command }} key insert --base-path=/data --chain=/data/chainspec.json --key-type=aura --scheme=Sr25519 --suri="${AURA_SECRETPHRASE}" && echo "Inserted key aura into Keystore" || echo "Failed to insert key aura into Keystore."
               # Insert GRANPA key into Keystore
               ./{{ .Values.node.command }} key insert --base-path=/data --chain=/data/chainspec.json --key-type=gran --scheme=Ed25519 --suri="${GRAN_SECRETPHRASE}" && echo "Inserted key gran into Keystore" || echo "Failed to insert key gran into Keystore."
 
-              # STEP-6
               echo "Step 6: Determine various ports and external addresses for P2P communication"
               POD_INDEX="${HOSTNAME##*-}"
               {{- if and (.Values.node.perNodeServices.createP2pService) (eq .Values.node.perNodeServices.p2pServiceType "NodePort") }}
@@ -259,21 +253,14 @@ spec:
                 EXTERNAL_ADDRESS=$(curl -sS {{ .Values.node.perNodeServices.setPublicAddressToExternal.ipRetrievalServiceUrl }})
               {{- else if and .Values.node.perNodeServices.setPublicAddressToExternal.enabled (eq .Values.node.perNodeServices.p2pServiceType "LoadBalancer") }}
                 EXTERNAL_ADDRESS=$(kubectl --namespace {{ .Release.Namespace }} get service {{ $fullname }}-${POD_INDEX}-rc-p2p -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
-              {{- else if eq .Values.node.perNodeServices.p2pServiceType "ClusterIP" }}
-                EXTERNAL_ADDRESS={{ $fullname }}-${POD_INDEX}-rc-p2p.{{ .Release.Namespace }}.svc.cluster.local
-                EXTERNAL_P2P_PORT="{{ .Values.node.ports.p2p }}"
               {{- else if eq .Values.proxy.provider "ambassador" }}
                 EXTERNAL_ADDRESS="{{ $fullname }}-${POD_INDEX}.{{ .Values.proxy.external_url }}"
                 EXTERNAL_P2P_PORT="{{ .Values.proxy.p2p }}"
-                echo "test-one"
+              {{- else if eq .Values.node.perNodeServices.p2pServiceType "ClusterIP" }}
+                EXTERNAL_ADDRESS={{ $fullname }}-${POD_INDEX}-rc-p2p.{{ .Release.Namespace }}.svc.cluster.local
+                EXTERNAL_P2P_PORT="{{ .Values.node.ports.p2p }}"
               {{- end }}
 
-              echo "PARA_CHAIN_P2P_PORT:$PARA_CHAIN_P2P_PORT"
-              echo "RELAY_CHAIN_P2P_PORT:$RELAY_CHAIN_P2P_PORT"
-              echo "EXTERNAL_ADDRESS:$EXTERNAL_ADDRESS"
-              echo "EXTERNAL_P2P_PORT:$EXTERNAL_P2P_PORT"
-
-              # STEP-7
               echo "Step 7: Start the node"
               exec {{ .Values.node.command }} \
               --name=${POD_NAME} \
@@ -475,7 +462,7 @@ spec:
           kind: VolumeSnapshot
           apiGroup: snapshot.storage.k8s.io
         {{- end }}
-        storageClassName: storage-{{ .Release.Name }}
+        storageClassName: substrate-storage-{{ .Release.Name }}
         resources:
           requests:
             storage: {{ .Values.storage.size }}