AWS Infra for the TELOS DreamStack
Provision TELOS DreamStack Infrastructure on AWS. Infra as Code with Terragrunt.
Best in class C++ EOSIO protocol technology providing fast, scalable and eco-freindly blockchain augmented by a growing library of Telos services and innovations. Free accounts, work proposals, dapp grants, decentralized exchange, dstor, bancor protocol, telos community and foundation.
Infra as Code
Infrastructure as code (IaC) is the approach to defining computing and network infrastructure through source code that can then be treated just like any software system. Such code can be kept in source control to allow auditability and reproducible builds, subject to testing practices, and the full discipline of continuous delivery.
Terragrunt is a thin wrapper for Terraform that provides extra tools for keeping your Terraform configurations DRY, working with multiple Terraform modules, and managing remote state.
This is a work in progress. Feel free to reach us out on telegram for clarifications. https://t.me/telosdreamstack
- Terraform remote state on S3.
- Terraform pre-commit hooks ( valid code, formatting, documenation).
- VPC (with public/private subnets, NAT gateway for private subnet).
- ECR repository (Docker Container Registry).
- Fargate ECS Cluster + Task definitions.
- Postgres RDS deployed in single AZ.
- Certificate issued by ACM for securing traffic to ALB.
- Logging for RDS, ECS, and ALB into Cloudwatch Logs.
Get started with Terragrunt
How is the code in this repo organized?
3 AWS accounts:
- prod ( telos mainnet )
- stage ( telos testnet )
- monitor ( system controls, logs, etcs. )
The code in this repo uses the following folder hierarchy:
account └ _global └ region └ _global └ environment └ resource
Account: At the top level are each of your AWS accounts, such as
mgmt-account, etc. If you have everything deployed in a single AWS account, there will just be a single folder at the root (e.g.
Region: Within each account, there will be one or more AWS regions, such as
ap-southeast-2, where you've deployed resources. There may also be a
_globalfolder that defines resources that are available across all the AWS regions in this account, such as IAM users, Route 53 hosted zones, and CloudTrail.
Environment: Within each region, there will be one or more "environments", such as
stage, etc. Typically,an environment will correspond to a single AWS Virtual Private Cloud (VPC), which isolates that environment from everything else in that AWS account. There may also be a
_globalfolder that defines resources that are available across all the environments in this AWS region, such as Route 53 A records, SNS topics, and ECR repos.
Resource: Within each environment, you deploy all the resources for that environment, such as EC2 Instances, Auto Scaling Groups, ECS Clusters, Databases, Load Balancers, and so on. Note that the Terraform code for most of these resources lives in the terragrunt-infrastructure-modules-example repo.
Creating and using root (account) level variables
In the situation where you have multiple AWS accounts or regions, you often have to pass common variables down to each of your modules. Rather than copy/pasting the same variables into each
terragrunt.hcl file, in every region and in every environment, you can inherit them from the
inputs defined in the root
- AZ: Availability Zone
- ALB: Application Load Balancer
- ACM: AWS Certificate Manager
- ECS: Elastic Container Service
- RDS: Relational Database Service
This repository is part of the TELOS DreamStack Project which provides set of guidelines, tools and starters to speed up dApp development following best practices for security, performance and maintainability of your application.
The code style convention aims to maximize reusability and facilitate collaboration. We have chosen the stack carefully so that it allows us to write robust and performant applications with more concise and readable code.
Read the contributing guidelines for details.
This project takes ideas from the following projects
Blockmatic is building robust ecosystem of people and tools for development of decentralized applications.