Create shards.staging fleet

[chair28980]

Establish a dedicated staging environment named shards.staging within the Waku Fleet infrastructure to facilitate testing and pre-production activities for the Status app.

[jakubgs]

What are the requirements? Configuration? What's the priority of this? Deadline?

[chair28980]

@iurimatias @cammellos please add context per Jakub's comment above :pray:

[cammellos]

I am not very aware of the requirements are, but basically I guess we want to have a fleet that is as similar as possible to shards.test. It will be used for deploying the fleet and run e2e tests against it to validate it's behaviour, much like staging we had before. Is that helpful @jakubgs or you'd like more details?

[jakubgs]

Okay, so just same as shards.test, that's what I wanted to know.

[jakubgs]

Okay, i see, I was confused for a second by the title stating the fleet is supposed ot be status.staging, but I see now it was meant to be shards.staging.

[jakubgs]

Actually, lets keep it short and sweet since ENR records have length limits and call it shards.stage.

For example this hostname would be 52 characters long:

node-01.gc-us-central1-a.shards.staging.statusim.net

And the limit Anton identified while deploying waku.sandbox was 50 characters in total.

• https://github.com/status-im/infra-waku/pull/13

[jakubgs]

I've bit the bullet and migrated most of our repos to shorter status.im domain, while leaving old DNS entries as they are.

[jakubgs]

Now it should be fine with shards.staging:

• infra-shards#c87a3310 - ansible/inventory: update to use status.im domain
• infra-shards#81850e64 - requirements: use full names for all roles

[jakubgs]

Had to fix some issues with Certbot role since domains changed and we now need to handle an extra SAN:

• infra-role-certbot#f7e9ad90 - create: add missing stopping of containers
• infra-role-certbot#69c9e368 - meta: use full names of Ansible roles
• infra-role-certbot#bc267bf8 - service: add --expand to allow adding SANs
• infra-role-certbot#fdf31051 - service: set explicit certificate name
• infra-shards#74be1115 - boot,store: use both new and old domain names
• infra-shards#3c60a6dc - boot,store: go back to using proper deploy branches

Result:

jakubgs@store-02.gc-us-central1-a.shards.test:~ % sudo openssl x509 -noout -text -in /etc/letsencrypt/live/store-02.gc-us-central1-a.shards.test.statusim.net/cert.pem | grep DNS:
DNS:store-02.gc-us-central1-a.shards.test.status.im, DNS:store-02.gc-us-central1-a.shards.test.statusim.net

[jakubgs]

I've deployed the hosts and configured them:

• infra-misc#44a02560 - waku-fleets-dash: make hostname column wider
• infra-misc#e9fc98b3 - waku-fleets-dash: use new status.im domain
• infra-shards#883893f5 - deploy new shards.staging fleet

ENR:

enrtree://AI4W5N5IFEUIHF5LESUAOSMV6TKWF2MB6GU2YK7PU4TYUGUNOCEPW@boot.staging.shards.nodes.status.im

[jakubgs]

I consider this done:

 > curl -sL fleets.status.im | jq '.fleets["shards.staging"]["tcp/p2p/waku/store"]'
{
  "store-01.do-ams3.shards.staging": "/dns4/store-01.do-ams3.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAm3xVDaz6SRJ6kErwC21zBJEZjavVXg7VSkoWzaV1aMA3F",
  "store-02.do-ams3.shards.staging": "/dns4/store-02.do-ams3.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAmCDSnT8oNpMR9HH6uipD71KstYuDCAQGpek9XDAVmqdEr",
  "store-01.gc-us-central1-a.shards.staging": "/dns4/store-01.gc-us-central1-a.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAmB7Ur9HQqo3cWDPovRQjo57fxWWDaQx27WxSzDGhN4JKg",
  "store-02.gc-us-central1-a.shards.staging": "/dns4/store-02.gc-us-central1-a.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAmKBd6crqQNZ6nKCSCpHCAwUPn3DUDmkcPSWUTyVXpxKsW",
  "store-01.ac-cn-hongkong-c.shards.staging": "/dns4/store-01.ac-cn-hongkong-c.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAmMU7Y29oL6DmoJfBFv8J4JhYzYgazPL7nGKJFBV3qcj2E",
  "store-02.ac-cn-hongkong-c.shards.staging": "/dns4/store-02.ac-cn-hongkong-c.shards.staging.status.im/tcp/30303/p2p/16Uiu2HAmU7xtcwytXpGpeDrfyhJkiFvTkQbLB9upL5MXPLGceG9K"
}