diff --git a/config/qubernetes-tessera.yaml b/config/qubernetes-tessera.yaml new file mode 100644 index 0000000..d9aa4f8 --- /dev/null +++ b/config/qubernetes-tessera.yaml @@ -0,0 +1,39 @@ +namespace: + name: quorum-test +# number of nodes to deploy +nodes: + number: 10 +quorum: + # supported: raft | istanbul + consensus: raft + # base quorum data dir as set inside each container. + Node_DataDir: /etc/quorum/qdata + # This is where all the keys are store, and/or where they are generated, as in the case of quorum-keygen. + # Either full or relative paths on the machine generating the config + Key_Dir_Base: out/config + Permissioned_Nodes_File: out/config/permissioned-nodes.json + Genesis_File: out/config/genesis.json + # related to quorum containers + quorum: + Raft_Port: 50401 + # container images at https://hub.docker.com/u/quorumengineering/ + Quorum_Version: 2.1.1 + # related to transaction manager containers + tm: + # container images at https://hub.docker.com/u/quorumengineering/ + Name: tessera + Tm_Version: 0.7.3 + Port: 9001 + Tessera_Config_Dir: out/config + +# generic geth related options +geth: + Node_WSPort: 8546 + NodeP2P_ListenAddr: 21000 + network: + # network id (1: mainnet, 3: ropsten, 4: rinkeby ... ) + id: 1101 + # public (true|false) is it a public network? + public: false + # general verbosity of geth [1..5] + verbosity: 9 diff --git a/config/qubernetes.yaml b/config/qubernetes.yaml index 512d0b8..e4bc0b3 100644 --- a/config/qubernetes.yaml +++ b/config/qubernetes.yaml @@ -26,6 +26,7 @@ quorum: Name: constellation Tm_Version: 0.3.2 Port: 9001 + Tessera_Config_Dir: out/config # generic geth related options geth: diff --git a/qubernetes-tessera.yaml b/qubernetes-tessera.yaml new file mode 120000 index 0000000..21d037d --- /dev/null +++ b/qubernetes-tessera.yaml @@ -0,0 +1 @@ +config/qubernetes-tessera.yaml \ No newline at end of file diff --git a/qubernetes.yaml b/qubernetes.yaml index 0698934..21d037d 120000 --- a/qubernetes.yaml +++ b/qubernetes.yaml @@ -1 +1 @@ -config/qubernetes.yaml \ No newline at end of file +config/qubernetes-tessera.yaml \ No newline at end of file diff --git a/quorum-config b/quorum-config index 9532422..e909a99 100755 --- a/quorum-config +++ b/quorum-config @@ -10,6 +10,9 @@ require "erb" @Raft_Port = @config["quorum"]["quorum"]["Raft_Port"] @Permissioned_Nodes_File = @config["quorum"]["Permissioned_Nodes_File"] @Genesis_File = @config["quorum"]["Genesis_File"] + +@Tessera_Config_Dir = @config["quorum"]["tm"]["Tessera_Config_Dir"] + @Node_WSPort = @config["geth"]["Node_WSPort"] @NodeP2P_ListenAddr = @config["geth"]["NodeP2P_ListenAddr"] @@ -28,3 +31,13 @@ puts(@Permissioned_Nodes_File) File.open(@Permissioned_Nodes_File , "w") do |f| f.puts (ERB.new(File.read("permissioned-nodes.json.erb"), nil, "-").result) end + +# create tessera config. +puts(@Tessera_Config_Dir + "/tessera-config.json") +File.open(@Tessera_Config_Dir + "/tessera-config.json" , "w") do |f| + f.puts (ERB.new(File.read("tessera-config.json.erb"), nil, "-").result) +end +puts(@Tessera_Config_Dir + "/tessera-config-enhanced.json") +File.open(@Tessera_Config_Dir + "/tessera-config-enhanced.json" , "w") do |f| + f.puts (ERB.new(File.read("tessera-config-enhanced.json.erb"), nil, "-").result) +end diff --git a/quorum-deployment.yaml.erb b/quorum-deployment.yaml.erb index e5c19c2..dbe7067 100644 --- a/quorum-deployment.yaml.erb +++ b/quorum-deployment.yaml.erb @@ -89,12 +89,47 @@ spec: --verbosity=<%= @Geth_Verbosity%> \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:<%= @Tm_Port %>/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + <% else %> + - name: tessera + image: quorumengineering/tessera:<%= @Tm_Version %> + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): $${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + TESSERA_VERSION=$$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json); + + <%- @This_Host = ("#{@Node_UserIdent}".upcase + "_SERVICE_HOST").gsub("-", "_") -%> + CONFIG_WITH_OTHERS=$(echo $CONFIG_TMPL | <%= @Sed_Set_Node_Service_Host %>) ; + CONFIG_WITH_HOSTS=$(echo $CONFIG_WITH_OTHERS | sed \"s/%THIS_SERVICE_HOST%/$<%= @This_Host %>/g\"); + echo $CONFIG_WITH_HOSTS > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " <%- end %> ports: - containerPort: <%= @Tm_Port %> env: - name: QUORUM_HOME value: <%= @Node_DataDir %> + - name: DDIR + value: <%= @Node_DataDir %>/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: <%= @Node_DataDir %>/logs @@ -108,6 +143,12 @@ spec: - name: keystore-tm mountPath: <%= @Node_DataDir %>/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: <%= @Node_DataDir %>/tm/tessera-config.json + subPath: tessera-config.json + - name: tessera-config + mountPath: <%= @Node_DataDir %>/tm/tessera-config-enhanced.json + subPath: tessera-config-enhanced.json - name: quorum image: quorumengineering/quorum:<%= @Quorum_Version %> command: [ "sh" ] @@ -202,6 +243,14 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json + path: tessera-config.json + - key: tessera-config-enhanced.json + path: tessera-config-enhanced.json - name: contracts-config configMap: name: contracts-config diff --git a/quorum-shared-config.yaml.erb b/quorum-shared-config.yaml.erb index 793491f..3efa6d9 100644 --- a/quorum-shared-config.yaml.erb +++ b/quorum-shared-config.yaml.erb @@ -1,6 +1,7 @@ <%- @Permissioned_Nodes_File = @config["quorum"]["Permissioned_Nodes_File"] @Genesis_File = @config["quorum"]["Genesis_File"] + @Tessera_Config_Dir = @config["quorum"]["tm"]["Tessera_Config_Dir"] %> apiVersion: v1 @@ -42,6 +43,26 @@ data: <%= line -%> <% end -%> +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: tessera-config + namespace: <%= @config["namespace"]["name"] %> + labels: + app: qubernetes + name: tessera-config +data: + tessera-config.json: |- +<%- File.readlines(@Tessera_Config_Dir + "/tessera-config.json").each do |line| -%> + <%= line -%> +<% end -%> + + tessera-config-enhanced.json: |- +<%- File.readlines(@Tessera_Config_Dir + "/tessera-config-enhanced.json").each do |line| -%> + <%= line -%> +<% end -%> + --- apiVersion: v1 kind: ConfigMap diff --git a/tessera-config-enhanced.json.erb b/tessera-config-enhanced.json.erb new file mode 100644 index 0000000..c708139 --- /dev/null +++ b/tessera-config-enhanced.json.erb @@ -0,0 +1,91 @@ +<% +def set_node_template_vars(values) + @Node_UserIdent = values["Node_UserIdent"] + @Node_Key_Dir = values["Key_Dir"] + return +end +-%> + +<% # The configured key directory of each node holds a file with the enode value. +# The enode value is obtained from that file and set in the permissioned-nodes.json +%> +<% + @Key_Dir_Base = @config["quorum"]["Key_Dir_Base"] + @Tm_Port = @config["quorum"]["tm"]["Port"] +%> +{ + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:./$${DDIR}/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "serverConfigs":[ + { + "app":"ThirdParty", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9080, + "hostName": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%" + }, + "communicationType" : "REST" + }, + { + "app":"Q2T", + "enabled": true, + "serverSocket":{ + "type":"UNIX", + "path":"$${DDIR}/tm.ipc" + }, + "communicationType" : "UNIX_SOCKET" + }, + { + "app":"P2P", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": <%= @Tm_Port %>, + "hostName": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%" + }, + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "$${DDIR}/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "$${DDIR}/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "$${DDIR}/knownClients", + "clientKeyStore": "$${DDIR}/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "$${DDIR}/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "$${DDIR}/knownServers" + }, + "communicationType" : "REST" + } + ], + + "peer": [ +<%- @nodes.each_with_index do |node, indexNode| %> +<%= set_node_template_vars(node.values.first) -%> + { + "url": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%:<%= @Tm_Port %>" + }<%- if (indexNode != @nodes.size - 1) %>,<%- end %> + +<% end -%> + ], + "keys": { + "passwords": [], + "keyData": [ + { + "config": $$(cat $${DDIR}/tm.key), + "publicKey": "$$(cat $${DDIR}/tm.pub)" + } + ] + }, + "alwaysSendTo": [] +} diff --git a/tessera-config.json.erb b/tessera-config.json.erb new file mode 100644 index 0000000..9edaebe --- /dev/null +++ b/tessera-config.json.erb @@ -0,0 +1,68 @@ +<% +def set_node_template_vars(values) + @Node_UserIdent = values["Node_UserIdent"] + @Node_Key_Dir = values["Key_Dir"] + return +end +-%> + +<% # The configured key directory of each node holds a file with the enode value. +# The enode value is obtained from that file and set in the permissioned-nodes.json +%> +<% + @Key_Dir_Base = @config["quorum"]["Key_Dir_Base"] + @Tm_Port = @config["quorum"]["tm"]["Port"] + @Node_DataDir = @config["quorum"]["Node_DataDir"] + @DDIR = @Node_DataDir + "/tm" +%> + +{ + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:<%= @DDIR %>/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "server": { + "port": <%= @Tm_Port %>, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:<%= @Tm_Port %>", + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "<%= @DDIR %>/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "<%= @DDIR %>/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "<%= @DDIR %>/knownClients", + "clientKeyStore": "<%= @DDIR %>/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "<%= @DDIR %>/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "<%= @DDIR %>/knownServers" + } + }, + "peer": [ +<%- @nodes.each_with_index do |node, indexNode| %> + <%= set_node_template_vars(node.values.first) -%> + { + "url": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%:<%= @Tm_Port %>" + }<%- if (indexNode != @nodes.size - 1) %>,<%- end %> + +<% end -%> + ], + "keys": { + "passwords": [], + "keyData": [ + { + "privateKeyPath": "<%= @DDIR %>/tm.key", + "publicKeyPath": "<%= @DDIR %>/tm.pub" + } + ] + }, + "alwaysSendTo": [], + "unixSocketFile": "<%= @DDIR %>/tm.ipc" +}