Ah, this is an encrypted file. What to do is, create a fork of the repository, then delete that file, and replace it with a text file, with these contents:
master_user_password="<your password>"
You actually only need this file if you’re creating an Opensearch stack, which we don’t need for just running a testnet.
This PR would basically just explain that we only need to run the base networking setup without creating an Opensearch stack.
So if you’ve worked through the ‘General Setup’ section, try to run:
just networking "dev"
Where “dev” could be replaced by any short word you like, say “alpha”, or perhaps your name. Or you can just stick with “dev”.
That creates the base networking components which we can run the testnet on.
THanks Chris
thats a lot easier. 
off to the races 
… now what? ahh I see, another repo!
To be continued… tomorrow. Thanks Chris.
Apply complete! Resources: 26 added, 0 changed, 0 destroyed.
ps. how do I bring those down.
To destroy the stack:
cd networking
terraform destroy
The next thing to do is get my fork of sn_testnet_tool and use the new-safenode-testnet branch:
git clone https://github.com/jacderida/sn_testnet_tool.git
cd sn_testnet_tool
git checkout new-safenode-testnet
Now go to the aws directory. Read the instructions in the ‘Setup’ section in the README and get back to me. Note: this is the README under the aws directory, not the README at the top level of the repository.
The SN_TESNET_DEV_SUBNET_ID and SN_TESTNET_DEV_SECURITY_GROUP_ID need to be replaced with values from your own infrastructure. The subnet ID can be either of the two public subnets that were created from terraform-testnet-infra, and the security group ID also comes from that infrastructure.
I keep running into permissions problems…
willie@gagarin:~/projects/maidsafe/terraform-testnet-infra/networking$ terraform validate
╷
│ Error: Module not installed
│
│ on main.tf line 15:
│ 15: module "vpc" {
│
│ This module is not yet installed. Run "terraform init" to install all modules required by this configuration.
╵
willie@gagarin:~/projects/maidsafe/terraform-testnet-infra/networking$ terraform init
Initializing the backend...
Error refreshing state: AccessDenied: Access Denied
status code: 403, request id: Z4F3RDGT557X9R7R, host id: tnasCI8ib/DU+gXXdxfJH7eNMeks2hzzML+O3QoVbQR43IrGwBaf6mnwJOvyZ+JoDFLmNcp5Gc8=
I can complete the first couple of Hasicorp tutorials so I know I am set up correctly.
Please post the full output from running just networking "dev".
Good morning Mr @chriso , what could be causing this, my account is not blocked as far as I can tell.
Error: creating EC2 Instance: Blocked: This account is currently blocked and not recognized as a valid accountwillie@gagarin:~/projects/maidsafe/terraform-testnet-infra$ just networking "dev"
Initializing the backend...
Error refreshing state: AccessDenied: Access Denied
status code: 403, request id: 6JBBGM2SE4KDNDJJ, host id: W/cEF3YZOykSoCaMjSY0eGDFgbuhraa7hPhd3gJXQyW9KjuOwFbQ866L29faIJSJHHAYQM2SwvQ=
╷
│ Error: Required plugins are not installed
│
│ The installed provider plugins are not consistent with the packages selected in the dependency lock file:
│ - registry.terraform.io/hashicorp/aws: there is no package for registry.terraform.io/hashicorp/aws 4.49.0 cached in .terraform/providers
│
│ Terraform uses external plugins to integrate with a variety of different infrastructure services. To download the plugins required for this
│ configuration, run:
│ terraform init
╵
Creating new Terraform workspace dev
╷
│ Error: Required plugins are not installed
│
│ The installed provider plugins are not consistent with the packages selected in the dependency lock file:
│ - registry.terraform.io/hashicorp/aws: there is no package for registry.terraform.io/hashicorp/aws 4.49.0 cached in .terraform/providers
│
│ Terraform uses external plugins to integrate with a variety of different infrastructure services. To download the plugins required for this
│ configuration, run:
│ terraform init
╵
cat: '<path>': No such file or directory
Creating new key pair for the testnet infra...
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
aws: error: argument --public-key-material: expected one argument
error: Recipe `init` failed with exit code 2
error: Recipe `networking` failed with exit code 2
willie@gagarin:~/projects/maidsafe/terraform-testnet-infra$
I think the problem is here:
This is our bucket, so you need to change the name to one of your own. If I recall correctly, bucket names are global to the whole system, so you won’t have access to one in our account.
Also, there’s an error further down which is indicating you haven’t created the .env file and set your SSH public/private key paths.
Make sure also you have set these environment variables:
AWS_ACCESS_KEY_ID=<your access key>
AWS_DEFAULT_REGION=eu-west-2
AWS_SECRET_ACCESS_KEY=<your secret access key>
This will apply to both repositories.
@Josh You would need to do the same thing and change the name of the buckets for the tfstate files (in both repositories).
I have honestly never seen that error before about creating an EC2 instance. You can launch Terraform with TF_LOG=debug to see if you can get more information. If you’re using a free tier account, is it possible you’re trying to launch an instance that isn’t on free tier?
first!
Not a free tier
All buckets are changed, maybe this helps:
Error: creating EC2 Instance: Blocked: This account is currently blocked and not recognized as a valid account. Please contact aws-verification@amazon.com if you have questions.
│ status code: 400
│
│ with module.genesis_ec2_instance.aws_instance.this[0],
│ on .terraform/modules/genesis_ec2_instance/main.tf line 7, in resource "aws_instance" "this":
│ 7: resource "aws_instance" "this" {
looks like it is a region issue, I am not a new customer but how do we determine new.
As a new customer, you can launch Elastic Compute Cloud (EC2) instances in 3 AWS regions. We suggest you to use the regions US East (N. Virginia), US East (Ohio), US West (Oregon),
I am getting involved with this on the assumption that we (those who are diving in right now) will be able to set up their own testnets on AWS - with a view to combining them all later into the upcoming Joshnet which will predominately consist of Maidsafe-funded AWS and DO resources.
Is this a reasonable assumption and if so, should we be looking to set up the VPCs in the same AWS region?
Should I move everything from eu-west-1 to eu-west-2?
Ah yeah, I’ve just seen that the region is hard coded in the Terraform manifest. Ideally these would probably use environment variables, but I think I looked into that before and you can’t use environment variables with the provider blocks.
Make sure the Terraform manifest and AWS_DEFAULT_REGION are set to the same value.
You might want to log in to the GUI and try launching an instance in different regions to see which one it will let you launch in.
It should be possible for nodes you launch to connect to ours, but it would all be done using public IP addresses, so it shouldn’t matter where your nodes are running, as long as the connectivity is open.
In any case, we use eu-west-2 and I’ve no plans to change that.
Changed regions but it found something new to complain about!
Error: creating EC2 Instance: InvalidAMIID.NotFound: The image id '[ami-01b8d743224353ffe]' does not exist
│ status code: 400,
│
│ with module.node_ec2_instances[13].aws_instance.this[0],
│ on .terraform/modules/node_ec2_instances/main.tf line 7, in resource "aws_instance" "this":
│ 7: resource "aws_instance" "this" {Can you show me the command you’re using which produces this output?
This is the AMI of the client machine, which you don’t need.
just testnet comnet 25
I feel like I am on the brink of success
Sorry, show me the command and all of the output please.
ahh reduced to 1 for this purpose.
(ansible_env) josh@pc1:~/sn_testnet_tool/aws$ just testnet comnet 1
Initializing the backend...
Initializing modules...
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Using previously-installed hashicorp/aws v4.52.0
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.genesis_ec2_instance.aws_instance.this[0] will be created
+ resource "aws_instance" "this" {
+ ami = "ami-007855ac798b5175e"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_stop = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ host_resource_group_arn = (known after apply)
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.small"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "testnet-comnet"
+ monitoring = false
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ placement_partition_number = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = "subnet-0265f5b00e6da15c3"
+ tags = {
+ "Environment" = "comnet"
+ "Name" = "comnet-genesis"
+ "Type" = "genesis"
}
+ tags_all = {
+ "Environment" = "comnet"
+ "Name" = "comnet-genesis"
+ "Type" = "genesis"
}
+ tenancy = (known after apply)
+ user_data = (known after apply)
+ user_data_base64 = (known after apply)
+ user_data_replace_on_change = false
+ volume_tags = {
+ "Name" = "comnet-genesis"
}
+ vpc_security_group_ids = [
+ "sg-0932b9c314a78e545",
]
+ credit_specification {}
+ ebs_block_device {
+ delete_on_termination = true
+ device_name = "/dev/sdb"
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = 20
+ volume_type = "gp3"
}
+ enclave_options {
+ enabled = (known after apply)
}
+ metadata_options {
+ http_endpoint = "enabled"
+ http_put_response_hop_limit = 1
+ http_tokens = "optional"
+ instance_metadata_tags = (known after apply)
}
+ timeouts {}
}
# module.node_ec2_instances[0].aws_instance.this[0] will be created
+ resource "aws_instance" "this" {
+ ami = "ami-007855ac798b5175e"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_stop = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ host_resource_group_arn = (known after apply)
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.small"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "testnet-comnet"
+ monitoring = false
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ placement_partition_number = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = "subnet-0265f5b00e6da15c3"
+ tags = {
+ "Environment" = "comnet"
+ "Name" = "comnet-node-1"
+ "Type" = "node"
}
+ tags_all = {
+ "Environment" = "comnet"
+ "Name" = "comnet-node-1"
+ "Type" = "node"
}
+ tenancy = (known after apply)
+ user_data = (known after apply)
+ user_data_base64 = (known after apply)
+ user_data_replace_on_change = false
+ volume_tags = {
+ "Name" = "comnet-node-1"
}
+ vpc_security_group_ids = [
+ "sg-0932b9c314a78e545",
]
+ credit_specification {}
+ ebs_block_device {
+ delete_on_termination = true
+ device_name = "/dev/sdb"
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = 20
+ volume_type = "gp3"
}
+ enclave_options {
+ enabled = (known after apply)
}
+ metadata_options {
+ http_endpoint = "enabled"
+ http_put_response_hop_limit = 1
+ http_tokens = "optional"
+ instance_metadata_tags = (known after apply)
}
+ timeouts {}
}
Plan: 2 to add, 0 to change, 0 to destroy.
module.genesis_ec2_instance.aws_instance.this[0]: Creating...
module.node_ec2_instances[0].aws_instance.this[0]: Creating...
╷
│ Error: creating EC2 Instance: InvalidAMIID.NotFound: The image id '[ami-007855ac798b5175e]' does not exist
│ status code: 400, request id: 81cd59e3-5830-4213-b615-2c8b40719b9c
│
│ with module.genesis_ec2_instance.aws_instance.this[0],
│ on .terraform/modules/genesis_ec2_instance/main.tf line 7, in resource "aws_instance" "this":
│ 7: resource "aws_instance" "this" {
│
╵
╷
│ Error: creating EC2 Instance: InvalidAMIID.NotFound: The image id '[ami-007855ac798b5175e]' does not exist
│ status code: 400, request id: bb431392-5cd5-4f08-9662-f5490b615986
│
│ with module.node_ec2_instances[0].aws_instance.this[0],
│ on .terraform/modules/node_ec2_instances/main.tf line 7, in resource "aws_instance" "this":
│ 7: resource "aws_instance" "this" {
│
╵
error: Recipe `testnet` failed with exit code 1@chriso - One time again for the stupid, please…
Should I create the .env file in the top level of terraform-testnet-infra?
in here?
like this?
SSH_PRIVATE_KEY_PATH=~/.ssh/id_rsa
SSH_PUBLIC_KEY_PATH=~/.ssh/id_rsa.pub
Have you changed the ID of the AMI?
The default is this:
variable "ami_id" {
default = "ami-01b8d743224353ffe"
description = "AMI ID for Ubuntu 22.04"
}
That should be global to all accounts I think.