Finish GH Action for modifying the disk space of an EC2 instance (#149)

* adding GH action for increasing disk space of an EC2 instance * pull ansible hosts file from S3 * add requirements file for Ansible dependency * get instance by id instead of name * use AWS SSM commands to extend file system
docknetwork · Jan 15, 2024 · 5ff6038 · 5ff6038
1 parent cd60d25
commit 5ff6038
Show file tree

Hide file tree

Showing 7 changed files with 106 additions and 24 deletions.
diff --git a/.github/workflows/node-increase-disk.yml b/.github/workflows/node-increase-disk.yml
@@ -8,42 +8,64 @@ on:
         description: "Whether updating a testnet or mainnet node"
         required: true
       aws_region:
-        description: "Location of EC2 instance to modify"
+        description: "AWS region of EC2 instance to modify"
         required: true
-      instance_name:
-        description: "The name of the EC2 instance"
+      instance_id:
+        description: "The EC2 instance id"
         required: true
       disk_size:
-        description: "The total size of the disk desired"
+        description: "The total size of the disk desired (GB)"
         required: true
 
 
 jobs:
   increase-disk:
+    environment: ${{inputs.network}}
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Get Hosts Config
         id: get-hosts
         uses: keithweaver/[email protected]
         with:
           command: cp
-          source: ${{env.S3_ANSIBLE_HOST_FILE}}
+          source: ${{vars.S3_ANSIBLE_HOST_FILE}}
           destination: ./ansible-hosts
-          aws_access_key_id: ${{ github.env.secret.AWS_ACCESS_KEY_ID }}
-          aws_secret_access_key: ${{ github.env.secret.AWS_SECRET_KEY }}
-          aws_region: ${{env.S3_REGION}}
+          aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws_secret_access_key: ${{ secrets.AWS_SECRET_KEY }}
+          aws_region: ${{vars.S3_REGION}}
 
       - name: Run playbook
-        uses: dawidd6/action-ansible-playbook@v2.6.1
+        uses: arillso/action.playbook@master
         with:
           # Required, playbook filepath
-          playbook: ec2-set-volume-size.yml
-          # Optional, directory where playbooks live
-          directory: ./scripts/ansible/aws
-          # Optional, additional flags to pass to ansible-playbook
-          options: |
-            --inventory ./ansible-hosts
-            --extra-vars aws_region="${{github.event.inputs.aws_region}}" aws_secret_key="${{github.env.secret.AWS_SECRET_KEY}}" aws_access_key_id="${{github.env.secret.AWS_ACCESS_KEY_ID}}" name="${{github.event.inputs.instance_name}}" volume_size="${{github.event.inputs.disk_size}}"
+          playbook: ./scripts/ansible/aws/ec2-modify-volume-size.yml
+          inventory: ./ansible-hosts
+          galaxy_file: ./scripts/ansible/aws/requirements.yml
+          verbose: 3
+          extra_vars: "aws_region=${{github.event.inputs.aws_region}} instance_id=${{inputs.instance_id}} aws_secret_key=${{secrets.AWS_SECRET_KEY}} aws_access_key_id=${{secrets.AWS_ACCESS_KEY_ID}} volume_size=${{github.event.inputs.disk_size}} ansible_python_interpreter='/usr/bin/python3'"
+
+      - name: Extend file system
+        id: extend-file-system
+        uses: nohmad/aws-ssm-send-command-action@master
+        with:
+          aws-region: ${{ inputs.aws_region }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
+          targets: |
+            [{"Key":"InstanceIds","Values":["${{ inputs.instance_id }}"]}]
+          document-name: AWS-RunShellScript
+          parameters: |
+            {"commands":["sudo growpart /dev/nvme0n1 1", "sudo resize2fs /dev/nvme0n1p1"]}
+
+      - name: Check SSM output
+        if: steps.extend-file-system.outcome == 'success'
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+          AWS_DEFAULT_REGION: ${{ inputs.aws_region }}
+        run: |
+          aws ssm list-command-invocations --command-id "${{ steps.extend-file-system.outputs.command-id }}" --details
+
diff --git a/scripts/ansible/aws/README.md b/scripts/ansible/aws/README.md
@@ -35,7 +35,7 @@ Variables ([`instance_host`:vars]):
 9. its reserved nodes as an array `reserved_nodes`, defaults to empty array
 10. if the node should use bootnodes or not as an array `bootnodes`, defaults to empty array
 11. what telemetry url it should use as `telemetry_url`, default to no telemetry
-12. if session key should be rotated, as `rotate_session_key`, defaults to false. If true, session key will be stored 
+12. if session key should be rotated, as `rotate_session_key`, defaults to false. If true, session key will be stored
 in a file called session_key.txt on the host.
 13. pruning mode for the node, as `pruning`, this can be either `archive` or a positive integer.
 14. chain spec file name present in `cspec` directory of this repo's root as `chain_spec_file`
@@ -99,7 +99,9 @@ Close SSH port:
 ansible-playbook -i <hosts file> ec2-disable-ssh.yml --extra-vars "host=Mainnet"
 ```
 
-## Ansible playbook to set new volume size for the AWS ec2 instance with a dock-node.
+## Ansible playbook to extend the disk size for an AWS ec2 instance with a dock-node.
+
+This script will modify the AWS volume, and connect to the EC2 instance to extend the partition and the file system using SSH.
 
 Variables:
 1. `aws_profile` - AWS profile to be used
@@ -113,6 +115,22 @@ Resize the volume:
 ansible-playbook -i <hosts file> ec2-set-volume-size.yml --extra-vars "host=Mainnet"
 ```
 
+## Ansible playbook to set new volume size for an AWS ec2 instance
+
+This script will modify the AWS volume, but does NOT connect to the EC2 instance to extend the partition and the file system
+
+Variables:
+1. `aws_access_key_id` - AWS access key to be used
+2. `aws_secret_key` - AWS secret to be used
+2. `aws_region` - AWS region where the EC2 instance is running
+3. `instance_id` - the AWS instance id for the EC2 instance to be modified
+4. `volume_size` - new size to be set for the volume
+
+Resize the volume:
+
+```
+ansible-playbook -i <hosts file> ec2-set-volume-size.yml --extra-vars "aws_region=${{aws_region}} instance_id=${{instance_id}} aws_secret_key=$AWS_SECRET_KEY aws_access_key_id=$AWS_ACCESS_KEY_ID volume_size=${{disk_size}}"
+```
 
 ## Ansible playbook to setup a gateway from the AWS ec2 instance with a dock-node.
 

diff --git a/scripts/ansible/aws/ec2-disable-ssh.yml b/scripts/ansible/aws/ec2-disable-ssh.yml
@@ -21,4 +21,4 @@
       profile: "{{ aws_profile }}"
       region: "{{ aws_region }}"
       name: "{{ instance_name }}"
-      security_groups: "{{ instances['instances'][0] | json_query('security_groups[*].group_name') | difference(['SSH port open (created by ansible)']) }}"
+      security_groups: "{{ instances['instances'][0] | json_query('security_groups[*].group_name') | difference(['SSH port open (created by ansible)']) }}"
diff --git a/scripts/ansible/aws/ec2-enable-ssh.yml b/scripts/ansible/aws/ec2-enable-ssh.yml
@@ -33,4 +33,4 @@
       profile: "{{ aws_profile }}"
       region: "{{ aws_region }}"
       name: "{{ instance_name }}"
-      security_groups: "{{ instances['instances'][0] | json_query('security_groups[*].group_id') + ['SSH port open (created by ansible)'] }}"
+      security_groups: "{{ instances['instances'][0] | json_query('security_groups[*].group_id') + ['SSH port open (created by ansible)'] }}"
diff --git a/scripts/ansible/aws/ec2-modify-volume-size.yml b/scripts/ansible/aws/ec2-modify-volume-size.yml
@@ -0,0 +1,40 @@
+- hosts: localhost
+  connection: local
+  gather_facts: False
+  vars:
+    instance_name: "{{ name }} (created by ansible)"
+    volume_type_default: "{{ volume_type | default('io1') }}"
+
+  pre_tasks:
+  - name: Install dependencies
+    pip: name={{ item }}
+    with_items:
+    - boto3
+    - botocore
+
+  tasks:
+
+  - name: Get EC2 instance state
+    amazon.aws.ec2_instance:
+      aws_access_key_id: "{{ aws_access_key_id }}"
+      aws_secret_access_key: "{{ aws_secret_key }}"
+      region: "{{ aws_region }}"
+      instance_ids: [ "{{instance_id}}" ]
+    register: instances
+
+  - name: EC2 instance info
+    ansible.builtin.debug:
+      msg: Instance ID {{ instances['instances'][0].instance_id }}, root volume {{ instances['instances'][0].block_device_mappings[0].ebs }}
+
+  - name: Modify the volume
+    amazon.aws.ec2_vol:
+      aws_access_key_id: "{{ aws_access_key_id }}"
+      aws_secret_access_key: "{{ aws_secret_key }}"
+      region: "{{ aws_region }}"
+      instance: "{{ instance_id }}"
+      id: "{{ instances['instances'][0].block_device_mappings[0].ebs.volume_id }}"
+      volume_size: "{{ volume_size }}"
+      volume_type: "{{ volume_type_default }}"
+      iops: "{{ iops | default(1300) if volume_type_default is regex('^io*') else omit }}"
+      modify_volume: true
+
diff --git a/scripts/ansible/aws/ec2-set-volume-size.yml b/scripts/ansible/aws/ec2-set-volume-size.yml
@@ -19,10 +19,9 @@
 
   - name: Modify the volume
     amazon.aws.ec2_vol:
-      aws_access_key_id: "{{ aws_key_id }}"
-      aws_access_key: "{{ aws_secret_key }}"
+      profile: "{{ aws_profile }}"
       region: "{{ aws_region }}"
-      instance: "{{ instances['instances'][0].instance_id }}"
+      name: "{{ instance_name }}"
       id: "{{ instances['instances'][0].block_device_mappings[0].ebs.volume_id }}"
       volume_size: "{{ volume_size }}"
       volume_type: "{{ volume_type_default }}"

diff --git a/scripts/ansible/aws/requirements.yml b/scripts/ansible/aws/requirements.yml
@@ -0,0 +1,3 @@
+collections:
+  - name: amazon.aws
+  - name: community.general