diff --git a/7nodes/istanbul-7nodes/k8s-yaml/quorum-deployments.yaml b/7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-deployments.yaml similarity index 100% rename from 7nodes/istanbul-7nodes/k8s-yaml/quorum-deployments.yaml rename to 7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-deployments.yaml diff --git a/7nodes/istanbul-7nodes/k8s-yaml/quorum-keyconfigs.yaml b/7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-keyconfigs.yaml similarity index 100% rename from 7nodes/istanbul-7nodes/k8s-yaml/quorum-keyconfigs.yaml rename to 7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-keyconfigs.yaml diff --git a/7nodes/istanbul-7nodes/k8s-yaml/quorum-services.yaml b/7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-services.yaml similarity index 100% rename from 7nodes/istanbul-7nodes/k8s-yaml/quorum-services.yaml rename to 7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-services.yaml diff --git a/7nodes/istanbul-7nodes/k8s-yaml/quorum-shared-config.yaml b/7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-shared-config.yaml similarity index 100% rename from 7nodes/istanbul-7nodes/k8s-yaml/quorum-shared-config.yaml rename to 7nodes/istanbul-7nodes-constellation/k8s-yaml/quorum-shared-config.yaml diff --git a/7nodes/istanbul-7nodes/qubernetes-istanbul-7nodes.yaml b/7nodes/istanbul-7nodes-constellation/qubernetes-istanbul-7nodes.yaml similarity index 92% rename from 7nodes/istanbul-7nodes/qubernetes-istanbul-7nodes.yaml rename to 7nodes/istanbul-7nodes-constellation/qubernetes-istanbul-7nodes.yaml index 63ca573..3c22331 100644 --- a/7nodes/istanbul-7nodes/qubernetes-istanbul-7nodes.yaml +++ b/7nodes/istanbul-7nodes-constellation/qubernetes-istanbul-7nodes.yaml @@ -12,7 +12,7 @@ quorum: # Either full or relative paths on the machine generating the config Key_Dir_Base: 7nodes Permissioned_Nodes_File: 7nodes/permissioned-nodes.json - Genesis_File: 7nodes/istanbul-7nodes/istanbul-genesis.json + Genesis_File: 7nodes/istanbul-genesis.json # related to quorum containers quorum: Raft_Port: 50401 @@ -20,11 +20,13 @@ quorum: Quorum_Version: 2.1.1 # related to transaction manager containers tm: + Name: constellation # container images at https://hub.docker.com/u/quorumengineering/ # TODO: add support for tessera, this should hold the full container name # in that case. Tm_Version: 0.3.2 Port: 9001 + Tessera_Config_Dir: 7nodes # generic geth related options geth: diff --git a/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-deployments.yaml b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-deployments.yaml new file mode 100644 index 0000000..c020ad5 --- /dev/null +++ b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-deployments.yaml @@ -0,0 +1,1696 @@ +--- + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node1-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node1-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node1-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node1-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node1-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node1-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node1 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node1 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node1-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node2-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node2-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node2-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node2-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node2-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node2-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node2 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node2 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node2-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node3-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node3-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node3-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node3-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node3-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node3-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node3 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node3 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node3-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node4-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node4-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node4-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node4-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node4-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node4-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node4 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node4 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node4-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node5-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node5-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node5-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node5-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node5-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node5-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node5 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node5 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node5-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node6-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node6-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node6-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node6-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node6-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node6-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node6 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node6 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node6-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node7-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node7-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node7-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node7-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node7-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node7-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node7 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node7 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node7-logs + diff --git a/7nodes/raft-7nodes/k8s-yaml/quorum-keyconfigs.yaml b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml similarity index 94% rename from 7nodes/raft-7nodes/k8s-yaml/quorum-keyconfigs.yaml rename to 7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml index 946586c..225c984 100644 --- a/7nodes/raft-7nodes/k8s-yaml/quorum-keyconfigs.yaml +++ b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml @@ -8,11 +8,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node1-constellation-key-config + name: quorum-node1-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node1-constellation-key-config + name: quorum-node1-tm-key-config data: tm.key: |- {"data":{"bytes":"Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA="},"type":"unlocked"} @@ -59,11 +59,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node2-constellation-key-config + name: quorum-node2-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node2-constellation-key-config + name: quorum-node2-tm-key-config data: tm.key: |- {"data":{"bytes":"nDFwJNHSiT1gNzKBy9WJvMhmYRkW3TzFUmPsNzR6oFk="},"type":"unlocked"} @@ -110,11 +110,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node3-constellation-key-config + name: quorum-node3-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node3-constellation-key-config + name: quorum-node3-tm-key-config data: tm.key: |- {"data":{"bytes":"tMxUVR8bX7aq/TbpVHc2QV3SN2iUuExBwefAuFsO0Lg="},"type":"unlocked"} @@ -161,11 +161,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node4-constellation-key-config + name: quorum-node4-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node4-constellation-key-config + name: quorum-node4-tm-key-config data: tm.key: |- {"data":{"bytes":"grQjd3dBp4qFs8/5Jdq7xjz++aUx/LXAqISFyPWaCRw="},"type":"unlocked"} @@ -212,11 +212,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node5-constellation-key-config + name: quorum-node5-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node5-constellation-key-config + name: quorum-node5-tm-key-config data: tm.key: |- {"data":{"bytes":"W8XcdJfOuxCrLcspSceNg9vh7Cwe8tXiIx5xPJ88OtQ="},"type":"unlocked"} @@ -263,11 +263,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node6-constellation-key-config + name: quorum-node6-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node6-constellation-key-config + name: quorum-node6-tm-key-config data: tm.key: |- {"data":{"bytes":"N9wH6bG0lWOCJtSnosatAskvzkrDApdrjaWkqjDyDzE="},"type":"unlocked"} @@ -314,11 +314,11 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: quorum-node7-constellation-key-config + name: quorum-node7-tm-key-config namespace: quorum-test labels: app: qubernetes - name: quorum-node7-constellation-key-config + name: quorum-node7-tm-key-config data: tm.key: |- {"data":{"bytes":"lesaO6EWbmL1rie1biy851BnN1QsRRDK4kWUimlK0EA="},"type":"unlocked"} diff --git a/7nodes/raft-7nodes/k8s-yaml/quorum-services.yaml b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-services.yaml similarity index 81% rename from 7nodes/raft-7nodes/k8s-yaml/quorum-services.yaml rename to 7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-services.yaml index 1720d21..22523c0 100644 --- a/7nodes/raft-7nodes/k8s-yaml/quorum-services.yaml +++ b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-services.yaml @@ -19,11 +19,16 @@ spec: name: quorum-node1-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -56,11 +61,16 @@ spec: name: quorum-node2-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -93,11 +103,16 @@ spec: name: quorum-node3-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -130,11 +145,16 @@ spec: name: quorum-node4-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -167,11 +187,16 @@ spec: name: quorum-node5-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -204,11 +229,16 @@ spec: name: quorum-node6-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 @@ -241,11 +271,16 @@ spec: name: quorum-node7-deployment type: ClusterIP ports: - - name: constellation + - name: tm-manager protocol: TCP port: 9001 targetPort: 9001 # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: 8546 diff --git a/7nodes/raft-7nodes/k8s-yaml/quorum-shared-config.yaml b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml similarity index 70% rename from 7nodes/raft-7nodes/k8s-yaml/quorum-shared-config.yaml rename to 7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml index 0bbe0aa..dac216f 100644 --- a/7nodes/raft-7nodes/k8s-yaml/quorum-shared-config.yaml +++ b/7nodes/istanbul-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml @@ -99,6 +99,211 @@ data: "timestamp": "0x00" } +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: tessera-config + namespace: quorum-test + labels: + app: qubernetes + name: tessera-config +data: + tessera-config.json.tmpl: |- + + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "server": { + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001", + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + } + }, + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "privateKeyPath": "/etc/quorum/qdata/tm/tm.key", + "publicKeyPath": "/etc/quorum/qdata/tm/tm.pub" + } + ] + }, + "alwaysSendTo": [], + "unixSocketFile": "/etc/quorum/qdata/tm/tm.ipc" + } + + + tessera-config-enhanced.json.tmpl: |- + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "serverConfigs":[ + { + "app":"ThirdParty", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9080, + "hostName": "http://%THIS_SERVICE_HOST%" + }, + "communicationType" : "REST" + }, + { + "app":"Q2T", + "enabled": true, + "serverSocket":{ + "type":"UNIX", + "path":"/etc/quorum/qdata/tm/tm.ipc" + }, + "communicationType" : "UNIX_SOCKET" + }, + { + "app":"P2P", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001" + }, + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + }, + "communicationType" : "REST" + } + ], + + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "config": %THIS_PRIV_KEY%, + "publicKey": "%THIS_PUB_KEY%" + } + ] + }, + "alwaysSendTo": [] + } + --- apiVersion: v1 kind: ConfigMap diff --git a/7nodes/istanbul-7nodes-tessera/qubernetes-istanbul-7nodes.yaml b/7nodes/istanbul-7nodes-tessera/qubernetes-istanbul-7nodes.yaml new file mode 100644 index 0000000..cd7adcf --- /dev/null +++ b/7nodes/istanbul-7nodes-tessera/qubernetes-istanbul-7nodes.yaml @@ -0,0 +1,39 @@ +namespace: + name: quorum-test +# number of nodes to deploy +nodes: + number: 7 +quorum: + # supported: raft | istanbul + consensus: istanbul + # base quorum data dir as set inside each container. + Node_DataDir: /etc/quorum/qdata + # This is where all the keys are store, and/or where they are generated, as in the case of quorum-keygen. + # Either full or relative paths on the machine generating the config + Key_Dir_Base: 7nodes + Permissioned_Nodes_File: 7nodes/permissioned-nodes.json + Genesis_File: 7nodes/istanbul-genesis.json + # related to quorum containers + quorum: + Raft_Port: 50401 + # container images at https://hub.docker.com/u/quorumengineering/ + Quorum_Version: 2.1.1 + # related to transaction manager containers + tm: + # (tessera|constellation) + Name: tessera + Tm_Version: 0.7.3 + Port: 9001 + Tessera_Config_Dir: 7nodes + +# generic geth related options +geth: + Node_WSPort: 8546 + NodeP2P_ListenAddr: 21000 + network: + # network id (1: mainnet, 3: ropsten, 4: rinkeby ... ) + id: 1101 + # public (true|false) is it a public network? + public: false + # general verbosity of geth [1..5] + verbosity: 9 diff --git a/7nodes/istanbul-7nodes/istanbul-genesis.json b/7nodes/istanbul-genesis.json similarity index 100% rename from 7nodes/istanbul-7nodes/istanbul-genesis.json rename to 7nodes/istanbul-genesis.json diff --git a/7nodes/raft-7nodes/k8s-yaml/quorum-deployments.yaml b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-deployments.yaml similarity index 87% rename from 7nodes/raft-7nodes/k8s-yaml/quorum-deployments.yaml rename to 7nodes/raft-7nodes-constellation/k8s-yaml/quorum-deployments.yaml index f7c606a..1c4f744 100644 --- a/7nodes/raft-7nodes/k8s-yaml/quorum-deployments.yaml +++ b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-deployments.yaml @@ -51,6 +51,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -68,24 +69,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -111,7 +121,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -147,7 +157,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -176,12 +186,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node1-constellation-key-config + name: quorum-node1-tm-key-config items: - key: tm.pub path: tm.pub @@ -202,7 +220,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node1 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node1 - name: quorum-logs-persistent-storage @@ -260,6 +278,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -277,24 +296,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -320,7 +348,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -356,7 +384,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -385,12 +413,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node2-constellation-key-config + name: quorum-node2-tm-key-config items: - key: tm.pub path: tm.pub @@ -411,7 +447,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node2 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node2 - name: quorum-logs-persistent-storage @@ -469,6 +505,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -486,24 +523,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -529,7 +575,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -565,7 +611,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -594,12 +640,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node3-constellation-key-config + name: quorum-node3-tm-key-config items: - key: tm.pub path: tm.pub @@ -620,7 +674,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node3 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node3 - name: quorum-logs-persistent-storage @@ -678,6 +732,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -695,24 +750,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -738,7 +802,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -774,7 +838,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -803,12 +867,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node4-constellation-key-config + name: quorum-node4-tm-key-config items: - key: tm.pub path: tm.pub @@ -829,7 +901,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node4 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node4 - name: quorum-logs-persistent-storage @@ -887,6 +959,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -904,24 +977,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -947,7 +1029,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -983,7 +1065,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -1012,12 +1094,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node5-constellation-key-config + name: quorum-node5-tm-key-config items: - key: tm.pub path: tm.pub @@ -1038,7 +1128,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node5 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node5 - name: quorum-logs-persistent-storage @@ -1096,6 +1186,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -1113,24 +1204,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -1156,7 +1256,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -1192,7 +1292,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -1221,12 +1321,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node6-constellation-key-config + name: quorum-node6-tm-key-config items: - key: tm.pub path: tm.pub @@ -1247,7 +1355,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node6 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node6 - name: quorum-logs-persistent-storage @@ -1305,6 +1413,7 @@ spec: mountPath: /etc/quorum/qdata/contracts-tmp readOnly: false containers: + - name: constellation image: quorumengineering/constellation:0.3.2 command: ["sh"] @@ -1322,24 +1431,33 @@ spec: --verbosity=9 \ --othernodes=https://$QUORUM_NODE1_SERVICE_HOST:9001/ \"; /usr/local/bin/constellation-node $args 2>&1 | tee -a $QUORUM_HOME/logs/tm.log; " + ports: - containerPort: 9001 env: - name: QUORUM_HOME value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm volumeMounts: - name: quorum-logs-persistent-storage mountPath: /etc/quorum/qdata/logs - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.pub subPath: tm.pub - - name: keystore-constellation + - name: keystore-tm mountPath: /etc/quorum/qdata/tm/tm.key subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:2.1.1 command: [ "sh" ] @@ -1365,7 +1483,7 @@ spec: touch $QUORUM_DATA_DIR/password.txt; NETWORK_ID=1101 - args=\" --istanbul.blockperiod 3 --syncmode full --mine --minerthreads 1 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul \"; + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; /usr/local/bin/geth \ --datadir $QUORUM_DATA_DIR \ @@ -1401,7 +1519,7 @@ spec: subPath: genesis-geth.json - name: quorum-persistent-storage mountPath: /etc/quorum/qdata - - name: constellation-persistent-storage + - name: tm-persistent-storage mountPath: /etc/quorum/qdata/tm - name: quorum-key-config-persistent-storage mountPath: /etc/quorum/qdata/dd/keystore/key @@ -1430,12 +1548,20 @@ spec: items: - key: genesis-geth.json path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config - - name: keystore-constellation + - name: keystore-tm configMap: - name: quorum-node7-constellation-key-config + name: quorum-node7-tm-key-config items: - key: tm.pub path: tm.pub @@ -1456,7 +1582,7 @@ spec: - name: quorum-persistent-storage hostPath: path: /var/lib/docker/geth-storage/quorum-node7 - - name: constellation-persistent-storage + - name: tm-persistent-storage hostPath: path: /var/lib/docker/geth-storage/tm-quorum-node7 - name: quorum-logs-persistent-storage diff --git a/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-keyconfigs.yaml b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-keyconfigs.yaml new file mode 100644 index 0000000..225c984 --- /dev/null +++ b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-keyconfigs.yaml @@ -0,0 +1,360 @@ + + + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA="},"type":"unlocked"} + tm.pub: |- + BULeR8JyUWhiuuCMU/HLA0Q5pzkYT+cHII3ZKBey3Bo= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-nodekey-config +data: + nodekey: | + 1be3b50b31734be48452c29d714941ba165ef0cbf3ccea8ca16c45e3d8d45fb0 + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-account-key-config +data: + key: |- + + + {"address":"ed9d02e382b34818e88b88a309c7fe71e65f419d","crypto":{"cipher":"aes-128-ctr","ciphertext":"4e77046ba3f699e744acb4a89c36a3ea1158a1bd90a076d36675f4c883864377","cipherparams":{"iv":"a8932af2a3c0225ee8e872bc0e462c11"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"8ca49552b3e92f79c51f2cd3d38dfc723412c212e702bd337a3724e8937aff0f"},"mac":"6d1354fef5aa0418389b1a5d1f5ee0050d7273292a1171c51fd02f9ecff55264"},"id":"a65d1ac3-db7e-445d-a1cc-b6c5eeaa05e0","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"nDFwJNHSiT1gNzKBy9WJvMhmYRkW3TzFUmPsNzR6oFk="},"type":"unlocked"} + tm.pub: |- + QfeDAys9MPDs2XHExtc84jKGHxZg/aj52DTh0vtA3Xc= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-nodekey-config +data: + nodekey: | + 9bdd6a2e7cc1ca4a4019029df3834d2633ea6e14034d6dcc3b944396fe13a08b + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-account-key-config +data: + key: |- + + + {"address":"ca843569e3427144cead5e4d5999a3d0ccf92b8e","crypto":{"cipher":"aes-128-ctr","ciphertext":"01d409941ce57b83a18597058033657182ffb10ae15d7d0906b8a8c04c8d1e3a","cipherparams":{"iv":"0bfb6eadbe0ab7ffaac7e1be285fb4e5"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"7b90f455a95942c7c682e0ef080afc2b494ef71e749ba5b384700ecbe6f4a1bf"},"mac":"4cc851f9349972f851d03d75a96383a37557f7c0055763c673e922de55e9e307"},"id":"354e3b35-1fed-407d-a358-889a29111211","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"tMxUVR8bX7aq/TbpVHc2QV3SN2iUuExBwefAuFsO0Lg="},"type":"unlocked"} + tm.pub: |- + 1iTZde/ndBHvzhcl7V68x44Vx7pl8nwx9LqnM/AfJUg= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-nodekey-config +data: + nodekey: | + 722f11686b2277dcbd72713d8a3c81c666b585c337d47f503c3c1f3c17cf001d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-account-key-config +data: + key: |- + + + {"address":"0fbdc686b912d7722dc86510934589e0aaf3b55a","crypto":{"cipher":"aes-128-ctr","ciphertext":"6b2c72c6793f3da8185e36536e02f574805e41c18f551f24b58346ef4ecf3640","cipherparams":{"iv":"582f27a739f39580410faa108d5cc59f"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"1a79b0db3f8cb5c2ae4fa6ccb2b5917ce446bd5e42c8d61faeee512b97b4ad4a"},"mac":"cecb44d2797d6946805d5d744ff803805477195fab1d2209eddc3d1158f2e403"},"id":"f7292e90-af71-49af-a5b3-40e8493f4681","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"grQjd3dBp4qFs8/5Jdq7xjz++aUx/LXAqISFyPWaCRw="},"type":"unlocked"} + tm.pub: |- + oNspPPgszVUFw0qmGFfWwh1uxVUXgvBxleXORHj07g8= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-nodekey-config +data: + nodekey: | + 6af685c4de99d44c620ccd9464d19bdeb62a750b9ae49b1740fb28d68a0e5c7d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-account-key-config +data: + key: |- + + + {"address":"9186eb3d20cbd1f5f992a950d808c4495153abd5","crypto":{"cipher":"aes-128-ctr","ciphertext":"d160a630a39be3ff35556055406d8ff2a635f0535fe298d62ccc812d8f7b3bd5","cipherparams":{"iv":"82fce06bc6e1658a5e81ccef3b753329"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"8d0c486db4c942721f4f5e96d48e9344805d101dad8159962b8a2008ac718548"},"mac":"4a92bda949068968d470320260ae1a825aa22f6a40fb8567c9f91d700c3f7e91"},"id":"bdb3b4f6-d8d0-4b00-8473-e223ef371b5c","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"W8XcdJfOuxCrLcspSceNg9vh7Cwe8tXiIx5xPJ88OtQ="},"type":"unlocked"} + tm.pub: |- + R56gy4dn24YOjwyesTczYa8m5xhP6hF2uTMCju/1xkY= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-nodekey-config +data: + nodekey: | + 103bb5d20384b9af9f693d4287822fef6da7d79cb2317ed815f0081c7ea8d17d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-account-key-config +data: + key: |- + + + {"address":"0638e1574728b6d862dd5d3a3e0942c3be47d996","crypto":{"cipher":"aes-128-ctr","ciphertext":"d8119d67cb134bc65c53506577cfd633bbbf5acca976cea12dd507de3eb7fd6f","cipherparams":{"iv":"76e88f3f246d4bf9544448d1a27b06f4"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"6d05ade3ee96191ed73ea019f30c02cceb6fc0502c99f706b7b627158bfc2b0a"},"mac":"b39c2c56b35958c712225970b49238fb230d7981ef47d7c33c730c363b658d06"},"id":"00307b43-53a3-4e03-9d0c-4fcbb3da29df","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"N9wH6bG0lWOCJtSnosatAskvzkrDApdrjaWkqjDyDzE="},"type":"unlocked"} + tm.pub: |- + UfNSeSGySeKg11DVNEnqrUtxYRVor4+CvluI8tVv62Y= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-nodekey-config +data: + nodekey: | + 79999aef8d5197446b6051df47f01fd4d6dd1997aec3f5282e77ea27b6727346 + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-account-key-config +data: + key: |- + + + {"address":"ae9bc6cd5145e67fbd1887a5145271fd182f0ee7","crypto":{"cipher":"aes-128-ctr","ciphertext":"013ed4c928bf7ae50dba7c9d8396f2d89d1fccc16a2067fdad56e125a0f5d96c","cipherparams":{"iv":"9fce4f1ab5c9cdaee9432dbc43d28ed8"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"5301d6b0c7bc8ba4ca60256ba524bae57cb078679e0de7d5322ebdc2393849a0"},"mac":"55aabdbc4853a188e8b63a1cec93e5d233a8b5b529ed00c610d1b4a9b27990da"},"id":"025f7cf0-f35b-4988-8a22-2443a08e5d69","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"lesaO6EWbmL1rie1biy851BnN1QsRRDK4kWUimlK0EA="},"type":"unlocked"} + tm.pub: |- + ROAZBWtSacxXQrOe3FGAqJDyJjFePR5ce4TSIzmJ0Bc= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-nodekey-config +data: + nodekey: | + e85dae073b504871ffd7946bf5f45e6fa8dc09eb1536a48c4b6822332008973d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-account-key-config +data: + key: |- + + + {"address":"cc71c7546429a13796cf1bf9228bff213e7ae9cc","crypto":{"cipher":"aes-128-ctr","ciphertext":"a522d53d5a86405435f6288d4e34b0c038de25f46fa935b0be78fd24d4aa65da","cipherparams":{"iv":"10511f1422825b699718559dcaaa0ff2"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"471dfeff2dc7524d27970e54d8224320cb13f7e580431473a362fe8850ebc120"},"mac":"25ee0b623467350a4245a041a89a6797560ade8a1bd1c8d4d1b67ca5e37c56c0"},"id":"477df10a-9591-4fae-9c30-3aa0bc0ec57b","version":3} +# end node + diff --git a/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-services.yaml b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-services.yaml new file mode 100644 index 0000000..22523c0 --- /dev/null +++ b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-services.yaml @@ -0,0 +1,295 @@ + + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node1 + labels: + app: qubernetes + tier: backend + name: quorum-node1 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node1-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node2 + labels: + app: qubernetes + tier: backend + name: quorum-node2 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node2-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node3 + labels: + app: qubernetes + tier: backend + name: quorum-node3 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node3-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node4 + labels: + app: qubernetes + tier: backend + name: quorum-node4 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node4-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node5 + labels: + app: qubernetes + tier: backend + name: quorum-node5 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node5-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node6 + labels: + app: qubernetes + tier: backend + name: quorum-node6 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node6-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node7 + labels: + app: qubernetes + tier: backend + name: quorum-node7 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node7-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 diff --git a/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-shared-config.yaml b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-shared-config.yaml new file mode 100644 index 0000000..2d847e1 --- /dev/null +++ b/7nodes/raft-7nodes-constellation/k8s-yaml/quorum-shared-config.yaml @@ -0,0 +1,344 @@ + + +apiVersion: v1 +kind: Namespace +metadata: + name: quorum-test + labels: + name: quorum-test + +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-permissioned-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-permissioned-config +data: + permissioned-nodes.json: | + + [ + "enode://ac6b1096ca56b9f6d004b779ae3728bf83f8e22453404cc3cef16a3d9b96608bc67c4b30db88e0a5a6c6390213f7acbe1153ff6d23ce57380104288ae19373ef@%QUORUM-NODE1_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://0ba6b9f606a43a95edc6247cdb1c1e105145817be7bcafd6b2c0ba15d58145f0dc1a194f70ba73cd6f4cdd6864edc7687f311254c7555cc32e4d45aeb1b80416@%QUORUM-NODE2_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://579f786d4e2830bbcc02815a27e8a9bacccc9605df4dc6f20bcc1a6eb391e7225fff7cb83e5b4ecd1f3a94d8b733803f2f66b7e871961e7b029e22c155c3a778@%QUORUM-NODE3_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://3d9ca5956b38557aba991e31cf510d4df641dce9cc26bfeb7de082f0c07abb6ede3a58410c8f249dabeecee4ad3979929ac4c7c496ad20b8cfdd061b7401b4f5@%QUORUM-NODE4_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://3701f007bfa4cb26512d7df18e6bbd202e8484a6e11d387af6e482b525fa25542d46ff9c99db87bd419b980c24a086117a397f6d8f88e74351b41693880ea0cb@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://eacaa74c4b0e7a9e12d2fe5fee6595eda841d6d992c35dbbcc50fcee4aa86dfbbdeff7dc7e72c2305d5a62257f82737a8cffc80474c15c611c037f52db1a3a7b@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://239c1f044a2b03b6c4713109af036b775c5418fe4ca63b04b1ce00124af00ddab7cc088fc46020cdc783b6207efe624551be4c06a994993d8d70f684688fb7cf@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401" + ] + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: genesis-config + namespace: quorum-test + labels: + app: qubernetes + name: genesis-config +data: + genesis-geth.json: |- + { + "alloc": { + "0xed9d02e382b34818e88b88a309c7fe71e65f419d": { + "balance": "1000000000000000000000000000" + }, + "0xca843569e3427144cead5e4d5999a3d0ccf92b8e": { + "balance": "1000000000000000000000000000" + }, + "0x0fbdc686b912d7722dc86510934589e0aaf3b55a": { + "balance": "1000000000000000000000000000" + }, + "0x9186eb3d20cbd1f5f992a950d808c4495153abd5": { + "balance": "1000000000000000000000000000" + }, + "0x0638e1574728b6d862dd5d3a3e0942c3be47d996": { + "balance": "1000000000000000000000000000" + } + }, + "coinbase": "0x0000000000000000000000000000000000000000", + "config": { + "byzantiumBlock": 1, + "chainId": 10, + "eip150Block": 1, + "eip155Block": 0, + "eip150Hash": "0x0000000000000000000000000000000000000000000000000000000000000000", + "eip158Block": 1, + "isQuorum":true + }, + "difficulty": "0x0", + "extraData": "0x0000000000000000000000000000000000000000000000000000000000000000", + "gasLimit": "0xE0000000", + "mixhash": "0x00000000000000000000000000000000000000647572616c65787365646c6578", + "nonce": "0x0", + "parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000", + "timestamp": "0x00" + } + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: tessera-config + namespace: quorum-test + labels: + app: qubernetes + name: tessera-config +data: + tessera-config.json.tmpl: |- + + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "server": { + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001", + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + } + }, + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "privateKeyPath": "/etc/quorum/qdata/tm/tm.key", + "publicKeyPath": "/etc/quorum/qdata/tm/tm.pub" + } + ] + }, + "alwaysSendTo": [], + "unixSocketFile": "/etc/quorum/qdata/tm/tm.ipc" + } + + + tessera-config-enhanced.json.tmpl: |- + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "serverConfigs":[ + { + "app":"ThirdParty", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9080, + "hostName": "http://%THIS_SERVICE_HOST%" + }, + "communicationType" : "REST" + }, + { + "app":"Q2T", + "enabled": true, + "serverSocket":{ + "type":"UNIX", + "path":"/etc/quorum/qdata/tm/tm.ipc" + }, + "communicationType" : "UNIX_SOCKET" + }, + { + "app":"P2P", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001" + }, + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + }, + "communicationType" : "REST" + } + ], + + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "config": %THIS_PRIV_KEY%, + "publicKey": "%THIS_PUB_KEY%" + } + ] + }, + "alwaysSendTo": [] + } + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: contracts-config + namespace: quorum-test + labels: + app: qubernetes + name: contracts-config +data: + runscript.sh: |- + #!/bin/ash + PRIVATE_CONFIG=$TM_HOME/tm.ipc geth --exec "loadScript(\"$1\")" attach ipc:$QUORUM_HOME/dd/geth.ipc + private_contract.js: |- + a = eth.accounts[0] + web3.eth.defaultAccount = a; + + // abi and bytecode generated from simplestorage.sol: + // > solcjs --bin --abi simplestorage.sol + var abi = [{"constant":true,"inputs":[],"name":"storedData","outputs":[{"name":"","type":"uint256"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"x","type":"uint256"}],"name":"set","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"get","outputs":[{"name":"retVal","type":"uint256"}],"payable":false,"type":"function"},{"inputs":[{"name":"initVal","type":"uint256"}],"payable":false,"type":"constructor"}]; + + var bytecode = "0x6060604052341561000f57600080fd5b604051602080610149833981016040528080519060200190919050505b806000819055505b505b610104806100456000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680632a1afcd914605157806360fe47b11460775780636d4ce63c146097575b600080fd5b3415605b57600080fd5b606160bd565b6040518082815260200191505060405180910390f35b3415608157600080fd5b6095600480803590602001909190505060c3565b005b341560a157600080fd5b60a760ce565b6040518082815260200191505060405180910390f35b60005481565b806000819055505b50565b6000805490505b905600a165627a7a72305820d5851baab720bba574474de3d09dbeaabc674a15f4dd93b974908476542c23f00029"; + + var simpleContract = web3.eth.contract(abi); + var simple = simpleContract.new(42, {from:web3.eth.accounts[0], data: bytecode, gas: 0x47b760, privateFor: ["ROAZBWtSacxXQrOe3FGAqJDyJjFePR5ce4TSIzmJ0Bc="]}, function(e, contract) { + if (e) { + console.log("err creating contract", e); + } else { + if (!contract.address) { + console.log("Contract transaction send: TransactionHash: " + contract.transactionHash + " waiting to be mined..."); + } else { + console.log("Contract mined! Address: " + contract.address); + console.log(contract); + } + } + }); + public_contract.js: |- + a = eth.accounts[0] + web3.eth.defaultAccount = a; + + // abi and bytecode generated from simplestorage.sol: + // > solcjs --bin --abi simplestorage.sol + var abi = [{"constant":true,"inputs":[],"name":"storedData","outputs":[{"name":"","type":"uint256"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"x","type":"uint256"}],"name":"set","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"get","outputs":[{"name":"retVal","type":"uint256"}],"payable":false,"type":"function"},{"inputs":[{"name":"initVal","type":"uint256"}],"payable":false,"type":"constructor"}]; + + var bytecode = "0x6060604052341561000f57600080fd5b604051602080610149833981016040528080519060200190919050505b806000819055505b505b610104806100456000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680632a1afcd914605157806360fe47b11460775780636d4ce63c146097575b600080fd5b3415605b57600080fd5b606160bd565b6040518082815260200191505060405180910390f35b3415608157600080fd5b6095600480803590602001909190505060c3565b005b341560a157600080fd5b60a760ce565b6040518082815260200191505060405180910390f35b60005481565b806000819055505b50565b6000805490505b905600a165627a7a72305820d5851baab720bba574474de3d09dbeaabc674a15f4dd93b974908476542c23f00029"; + + var simpleContract = web3.eth.contract(abi); + var simple = simpleContract.new(42, {from:web3.eth.accounts[0], data: bytecode, gas: 0x47b760}, function(e, contract) { + if (e) { + console.log("err creating contract", e); + } else { + if (!contract.address) { + console.log("Contract transaction send: TransactionHash: " + contract.transactionHash + " waiting to be mined..."); + } else { + console.log("Contract mined! Address: " + contract.address); + console.log(contract); + } + } + }); diff --git a/7nodes/raft-7nodes/qubernetes-raft-7nodes.yaml b/7nodes/raft-7nodes-constellation/qubernetes-raft-7nodes.yaml similarity index 87% rename from 7nodes/raft-7nodes/qubernetes-raft-7nodes.yaml rename to 7nodes/raft-7nodes-constellation/qubernetes-raft-7nodes.yaml index 451d8af..0be0e76 100644 --- a/7nodes/raft-7nodes/qubernetes-raft-7nodes.yaml +++ b/7nodes/raft-7nodes-constellation/qubernetes-raft-7nodes.yaml @@ -12,7 +12,7 @@ quorum: # Either full or relative paths on the machine generating the config Key_Dir_Base: 7nodes Permissioned_Nodes_File: 7nodes/permissioned-nodes.json - Genesis_File: 7nodes/raft-7nodes/genesis.json + Genesis_File: 7nodes/raft-genesis.json # related to quorum containers quorum: Raft_Port: 50401 @@ -21,10 +21,10 @@ quorum: # related to transaction manager containers tm: # container images at https://hub.docker.com/u/quorumengineering/ - # TODO: add support for tessera, this should hold the full container name - # in that case. + Name: constellation Tm_Version: 0.3.2 Port: 9001 + Tessera_Config_Dir: 7nodes # generic geth related options geth: diff --git a/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-deployments.yaml b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-deployments.yaml new file mode 100644 index 0000000..fc9be34 --- /dev/null +++ b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-deployments.yaml @@ -0,0 +1,1696 @@ +--- + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node1-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node1-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node1-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node1-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node1-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node1-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node1 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node1 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node1-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node2-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node2-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node2-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node2-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node2-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node2-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node2 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node2 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node2-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node3-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node3-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node3-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node3-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node3-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node3-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node3 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node3 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node3-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node4-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node4-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node4-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node4-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node4-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node4-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node4 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node4 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node4-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node5-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node5-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node5-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node5-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node5-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node5-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node5 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node5 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node5-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node6-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node6-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node6-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node6-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node6-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node6-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node6 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node6 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node6-logs + + + + +# The quorum deployment consists of +# 1. the transaction manager / private tx container (constellation or tessera) +# 2. the quorum node container + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: quorum-node7-deployment + namespace: quorum-test +spec: + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + name: quorum-node7-deployment + labels: + app: qubernetes + tier: backend + name: quorum-node7-deployment + spec: + initContainers: + - name: quorum-genesis-init-container + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + args: + - "-cx" + - "if [ ! -f $QUORUM_DATA_DIR/genesis_created ]; then + /usr/local/bin/geth --datadir $QUORUM_DATA_DIR init /etc/quorum/genesis/genesis-geth.json; + touch $QUORUM_DATA_DIR/genesis_created; + fi; + cp -r /etc/quorum/qdata/contracts-tmp /etc/quorum/qdata/contracts; + chmod 755 /etc/quorum/qdata/contracts/runscript.sh; + " + env: + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + volumeMounts: + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: contracts-config + mountPath: /etc/quorum/qdata/contracts-tmp + readOnly: false + containers: + + - name: tessera + image: quorumengineering/tessera:0.7.3 + command: ["sh"] + args: + - "-cx" + - "chmod 600 $QUORUM_HOME/tm/tm.key; + echo DDIR is $DDIR; + printenv; + + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; + + TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; + + TESSERA_CONFIG_TYPE=; + + if [ \"${TESSERA_VERSION}\" \\> \"0.8 \" ]; then TESSERA_CONFIG_TYPE=\"-enhanced\"; fi; + + echo Config type ${TESSERA_CONFIG_TYPE}; + + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); + + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; + cat ${DDIR}/tessera-config-with-hosts.json; + java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; + " + + ports: + - containerPort: 9001 + env: + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: DDIR + value: /etc/quorum/qdata/tm + volumeMounts: + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.pub + subPath: tm.pub + - name: keystore-tm + mountPath: /etc/quorum/qdata/tm/tm.key + subPath: tm.key + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl + - name: tessera-config + mountPath: /etc/quorum/qdata/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl + - name: quorum + image: quorumengineering/quorum:2.1.1 + command: [ "sh" ] + # TODO: have to generate sed files + # PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE01_SERVICE_HOST%/$QUORUM_NODE01_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE02_SERVICE_HOST%/$QUORUM_NODE02_SERVICE_HOST/g\"); + # sleep to give constellation some time to start up and discover the other nodes. + args: + - "-cx" + - " + sleep 5; + PERM_NODE_TMPL=$(cat $QUORUM_DATA_DIR/permissioned-nodes.json.tmpl); + PERM_NODE_JSON=$(echo $PERM_NODE_TMPL | sed \"s/%QUORUM-NODE1_SERVICE_HOST%/$QUORUM_NODE1_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE2_SERVICE_HOST%/$QUORUM_NODE2_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE3_SERVICE_HOST%/$QUORUM_NODE3_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE4_SERVICE_HOST%/$QUORUM_NODE4_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE5_SERVICE_HOST%/$QUORUM_NODE5_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE6_SERVICE_HOST%/$QUORUM_NODE6_SERVICE_HOST/g\" | sed \"s/%QUORUM-NODE7_SERVICE_HOST%/$QUORUM_NODE7_SERVICE_HOST/g\" ); + echo $PERM_NODE_JSON > $QUORUM_DATA_DIR/permissioned-nodes.json; + cp $QUORUM_DATA_DIR/permissioned-nodes.json $QUORUM_DATA_DIR/static-nodes.json; + + rm -r /etc/quorum/qdata/contracts-tmp; + + echo what in this dir; + ls $QUORUM_DATA_DIR; + cat /etc/quorum/genesis/genesis-geth.json; + + chmod 644 $QUORUM_DATA_DIR/keystore/key; + touch $QUORUM_DATA_DIR/password.txt; + NETWORK_ID=1101 + + args=\" --raft --maxpeers 7 --raftport 50401 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft \"; + + /usr/local/bin/geth \ + --datadir $QUORUM_DATA_DIR \ + $args \ + --permissioned \ + --nodiscover \ + --nat=none \ + --verbosity 9 \ + --networkid $NETWORK_ID \ + --unlock 0 \ + --emitcheckpoints \ + --rpc \ + --rpcaddr 0.0.0.0 \ + --rpcport 8546 \ + --port 21000 \ + --password $QUORUM_DATA_DIR/password.txt 2>&1 | tee -a /etc/quorum/qdata/logs/quorum.log; " + ports: + - containerPort: 50401 + - containerPort: 8546 + - containerPort: 21000 + env: + - name: PRIVATE_CONFIG + value: /etc/quorum/qdata/tm/tm.ipc + - name: QUORUM_DATA_DIR + value: /etc/quorum/qdata/dd + - name: QUORUM_HOME + value: /etc/quorum/qdata + - name: TM_HOME + value: /etc/quorum/qdata/tm/ + volumeMounts: + - name: genesis-config-persistent-storage + mountPath: /etc/quorum/genesis/genesis-geth.json + subPath: genesis-geth.json + - name: quorum-persistent-storage + mountPath: /etc/quorum/qdata + - name: tm-persistent-storage + mountPath: /etc/quorum/qdata/tm + - name: quorum-key-config-persistent-storage + mountPath: /etc/quorum/qdata/dd/keystore/key + subPath: key + - name: quorum-logs-persistent-storage + mountPath: /etc/quorum/qdata/logs + - name: quorum-nodekey + mountPath: /etc/quorum/qdata/dd/geth/nodekey + subPath: nodekey + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/permissioned-nodes.json.tmpl + subPath: permissioned-nodes.json + - name: quorum-permissioned-config + mountPath: /etc/quorum/qdata/dd/static-nodes.json.tmpl + subPath: permissioned-nodes.json + volumes: + - name: quorum-permissioned-config + configMap: + name: quorum-permissioned-config + items: + - key: permissioned-nodes.json + path: permissioned-nodes.json + - name: genesis-config-persistent-storage + configMap: + name: genesis-config + items: + - key: genesis-geth.json + path: genesis-geth.json + - name: tessera-config + configMap: + name: tessera-config + items: + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl + - name: contracts-config + configMap: + name: contracts-config + - name: keystore-tm + configMap: + name: quorum-node7-tm-key-config + items: + - key: tm.pub + path: tm.pub + - key: tm.key + path: tm.key + - name: quorum-key-config-persistent-storage + configMap: + name: quorum-node7-account-key-config + items: + - key: key + path: key + - name: quorum-nodekey + configMap: + name: quorum-node7-nodekey-config + items: + - key: nodekey + path: nodekey + - name: quorum-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node7 + - name: tm-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/tm-quorum-node7 + - name: quorum-logs-persistent-storage + hostPath: + path: /var/lib/docker/geth-storage/quorum-node7-logs + diff --git a/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml new file mode 100644 index 0000000..225c984 --- /dev/null +++ b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-keyconfigs.yaml @@ -0,0 +1,360 @@ + + + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA="},"type":"unlocked"} + tm.pub: |- + BULeR8JyUWhiuuCMU/HLA0Q5pzkYT+cHII3ZKBey3Bo= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-nodekey-config +data: + nodekey: | + 1be3b50b31734be48452c29d714941ba165ef0cbf3ccea8ca16c45e3d8d45fb0 + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node1-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node1-account-key-config +data: + key: |- + + + {"address":"ed9d02e382b34818e88b88a309c7fe71e65f419d","crypto":{"cipher":"aes-128-ctr","ciphertext":"4e77046ba3f699e744acb4a89c36a3ea1158a1bd90a076d36675f4c883864377","cipherparams":{"iv":"a8932af2a3c0225ee8e872bc0e462c11"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"8ca49552b3e92f79c51f2cd3d38dfc723412c212e702bd337a3724e8937aff0f"},"mac":"6d1354fef5aa0418389b1a5d1f5ee0050d7273292a1171c51fd02f9ecff55264"},"id":"a65d1ac3-db7e-445d-a1cc-b6c5eeaa05e0","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"nDFwJNHSiT1gNzKBy9WJvMhmYRkW3TzFUmPsNzR6oFk="},"type":"unlocked"} + tm.pub: |- + QfeDAys9MPDs2XHExtc84jKGHxZg/aj52DTh0vtA3Xc= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-nodekey-config +data: + nodekey: | + 9bdd6a2e7cc1ca4a4019029df3834d2633ea6e14034d6dcc3b944396fe13a08b + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node2-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node2-account-key-config +data: + key: |- + + + {"address":"ca843569e3427144cead5e4d5999a3d0ccf92b8e","crypto":{"cipher":"aes-128-ctr","ciphertext":"01d409941ce57b83a18597058033657182ffb10ae15d7d0906b8a8c04c8d1e3a","cipherparams":{"iv":"0bfb6eadbe0ab7ffaac7e1be285fb4e5"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"7b90f455a95942c7c682e0ef080afc2b494ef71e749ba5b384700ecbe6f4a1bf"},"mac":"4cc851f9349972f851d03d75a96383a37557f7c0055763c673e922de55e9e307"},"id":"354e3b35-1fed-407d-a358-889a29111211","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"tMxUVR8bX7aq/TbpVHc2QV3SN2iUuExBwefAuFsO0Lg="},"type":"unlocked"} + tm.pub: |- + 1iTZde/ndBHvzhcl7V68x44Vx7pl8nwx9LqnM/AfJUg= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-nodekey-config +data: + nodekey: | + 722f11686b2277dcbd72713d8a3c81c666b585c337d47f503c3c1f3c17cf001d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node3-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node3-account-key-config +data: + key: |- + + + {"address":"0fbdc686b912d7722dc86510934589e0aaf3b55a","crypto":{"cipher":"aes-128-ctr","ciphertext":"6b2c72c6793f3da8185e36536e02f574805e41c18f551f24b58346ef4ecf3640","cipherparams":{"iv":"582f27a739f39580410faa108d5cc59f"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"1a79b0db3f8cb5c2ae4fa6ccb2b5917ce446bd5e42c8d61faeee512b97b4ad4a"},"mac":"cecb44d2797d6946805d5d744ff803805477195fab1d2209eddc3d1158f2e403"},"id":"f7292e90-af71-49af-a5b3-40e8493f4681","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"grQjd3dBp4qFs8/5Jdq7xjz++aUx/LXAqISFyPWaCRw="},"type":"unlocked"} + tm.pub: |- + oNspPPgszVUFw0qmGFfWwh1uxVUXgvBxleXORHj07g8= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-nodekey-config +data: + nodekey: | + 6af685c4de99d44c620ccd9464d19bdeb62a750b9ae49b1740fb28d68a0e5c7d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node4-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node4-account-key-config +data: + key: |- + + + {"address":"9186eb3d20cbd1f5f992a950d808c4495153abd5","crypto":{"cipher":"aes-128-ctr","ciphertext":"d160a630a39be3ff35556055406d8ff2a635f0535fe298d62ccc812d8f7b3bd5","cipherparams":{"iv":"82fce06bc6e1658a5e81ccef3b753329"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"8d0c486db4c942721f4f5e96d48e9344805d101dad8159962b8a2008ac718548"},"mac":"4a92bda949068968d470320260ae1a825aa22f6a40fb8567c9f91d700c3f7e91"},"id":"bdb3b4f6-d8d0-4b00-8473-e223ef371b5c","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"W8XcdJfOuxCrLcspSceNg9vh7Cwe8tXiIx5xPJ88OtQ="},"type":"unlocked"} + tm.pub: |- + R56gy4dn24YOjwyesTczYa8m5xhP6hF2uTMCju/1xkY= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-nodekey-config +data: + nodekey: | + 103bb5d20384b9af9f693d4287822fef6da7d79cb2317ed815f0081c7ea8d17d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node5-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node5-account-key-config +data: + key: |- + + + {"address":"0638e1574728b6d862dd5d3a3e0942c3be47d996","crypto":{"cipher":"aes-128-ctr","ciphertext":"d8119d67cb134bc65c53506577cfd633bbbf5acca976cea12dd507de3eb7fd6f","cipherparams":{"iv":"76e88f3f246d4bf9544448d1a27b06f4"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"6d05ade3ee96191ed73ea019f30c02cceb6fc0502c99f706b7b627158bfc2b0a"},"mac":"b39c2c56b35958c712225970b49238fb230d7981ef47d7c33c730c363b658d06"},"id":"00307b43-53a3-4e03-9d0c-4fcbb3da29df","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"N9wH6bG0lWOCJtSnosatAskvzkrDApdrjaWkqjDyDzE="},"type":"unlocked"} + tm.pub: |- + UfNSeSGySeKg11DVNEnqrUtxYRVor4+CvluI8tVv62Y= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-nodekey-config +data: + nodekey: | + 79999aef8d5197446b6051df47f01fd4d6dd1997aec3f5282e77ea27b6727346 + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node6-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node6-account-key-config +data: + key: |- + + + {"address":"ae9bc6cd5145e67fbd1887a5145271fd182f0ee7","crypto":{"cipher":"aes-128-ctr","ciphertext":"013ed4c928bf7ae50dba7c9d8396f2d89d1fccc16a2067fdad56e125a0f5d96c","cipherparams":{"iv":"9fce4f1ab5c9cdaee9432dbc43d28ed8"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"5301d6b0c7bc8ba4ca60256ba524bae57cb078679e0de7d5322ebdc2393849a0"},"mac":"55aabdbc4853a188e8b63a1cec93e5d233a8b5b529ed00c610d1b4a9b27990da"},"id":"025f7cf0-f35b-4988-8a22-2443a08e5d69","version":3} +# end node + +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# the key used for private transactions +# quorum transaction manager keys +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-tm-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-tm-key-config +data: + tm.key: |- + {"data":{"bytes":"lesaO6EWbmL1rie1biy851BnN1QsRRDK4kWUimlK0EA="},"type":"unlocked"} + tm.pub: |- + ROAZBWtSacxXQrOe3FGAqJDyJjFePR5ce4TSIzmJ0Bc= +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +# nodekey (enode) (geth/ethereum) +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-nodekey-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-nodekey-config +data: + nodekey: | + e85dae073b504871ffd7946bf5f45e6fa8dc09eb1536a48c4b6822332008973d + + +# ethereum / geth account keys (keystore) +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-node7-account-key-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-node7-account-key-config +data: + key: |- + + + {"address":"cc71c7546429a13796cf1bf9228bff213e7ae9cc","crypto":{"cipher":"aes-128-ctr","ciphertext":"a522d53d5a86405435f6288d4e34b0c038de25f46fa935b0be78fd24d4aa65da","cipherparams":{"iv":"10511f1422825b699718559dcaaa0ff2"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"471dfeff2dc7524d27970e54d8224320cb13f7e580431473a362fe8850ebc120"},"mac":"25ee0b623467350a4245a041a89a6797560ade8a1bd1c8d4d1b67ca5e37c56c0"},"id":"477df10a-9591-4fae-9c30-3aa0bc0ec57b","version":3} +# end node + diff --git a/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-services.yaml b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-services.yaml new file mode 100644 index 0000000..22523c0 --- /dev/null +++ b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-services.yaml @@ -0,0 +1,295 @@ + + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node1 + labels: + app: qubernetes + tier: backend + name: quorum-node1 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node1-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node2 + labels: + app: qubernetes + tier: backend + name: quorum-node2 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node2-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node3 + labels: + app: qubernetes + tier: backend + name: quorum-node3 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node3-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node4 + labels: + app: qubernetes + tier: backend + name: quorum-node4 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node4-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node5 + labels: + app: qubernetes + tier: backend + name: quorum-node5 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node5-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node6 + labels: + app: qubernetes + tier: backend + name: quorum-node6 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node6-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 + + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: quorum-test + name: quorum-node7 + labels: + app: qubernetes + tier: backend + name: quorum-node7 +spec: + selector: + app: qubernetes + tier: backend + name: quorum-node7-deployment + type: ClusterIP + ports: + - name: tm-manager + protocol: TCP + port: 9001 + targetPort: 9001 + # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 + - name: wsrpc-listener + protocol: TCP + port: 8546 + targetPort: 8546 + - name: quorum-listener + protocol: TCP + port: 21000 + targetPort: 21000 + - name: raft + protocol: TCP + targetPort: 50401 + port: 50401 diff --git a/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml new file mode 100644 index 0000000..2d847e1 --- /dev/null +++ b/7nodes/raft-7nodes-tessera/k8s-yaml/quorum-shared-config.yaml @@ -0,0 +1,344 @@ + + +apiVersion: v1 +kind: Namespace +metadata: + name: quorum-test + labels: + name: quorum-test + +--- +# kubectl create configmap game-config --from-file=configure-pod-container/dd1/key +apiVersion: v1 +kind: ConfigMap +metadata: + name: quorum-permissioned-config + namespace: quorum-test + labels: + app: qubernetes + name: quorum-permissioned-config +data: + permissioned-nodes.json: | + + [ + "enode://ac6b1096ca56b9f6d004b779ae3728bf83f8e22453404cc3cef16a3d9b96608bc67c4b30db88e0a5a6c6390213f7acbe1153ff6d23ce57380104288ae19373ef@%QUORUM-NODE1_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://0ba6b9f606a43a95edc6247cdb1c1e105145817be7bcafd6b2c0ba15d58145f0dc1a194f70ba73cd6f4cdd6864edc7687f311254c7555cc32e4d45aeb1b80416@%QUORUM-NODE2_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://579f786d4e2830bbcc02815a27e8a9bacccc9605df4dc6f20bcc1a6eb391e7225fff7cb83e5b4ecd1f3a94d8b733803f2f66b7e871961e7b029e22c155c3a778@%QUORUM-NODE3_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://3d9ca5956b38557aba991e31cf510d4df641dce9cc26bfeb7de082f0c07abb6ede3a58410c8f249dabeecee4ad3979929ac4c7c496ad20b8cfdd061b7401b4f5@%QUORUM-NODE4_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://3701f007bfa4cb26512d7df18e6bbd202e8484a6e11d387af6e482b525fa25542d46ff9c99db87bd419b980c24a086117a397f6d8f88e74351b41693880ea0cb@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://eacaa74c4b0e7a9e12d2fe5fee6595eda841d6d992c35dbbcc50fcee4aa86dfbbdeff7dc7e72c2305d5a62257f82737a8cffc80474c15c611c037f52db1a3a7b@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401", + "enode://239c1f044a2b03b6c4713109af036b775c5418fe4ca63b04b1ce00124af00ddab7cc088fc46020cdc783b6207efe624551be4c06a994993d8d70f684688fb7cf@%QUORUM-NODE5_SERVICE_HOST%:21000?discport=0&raftport=50401" + ] + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: genesis-config + namespace: quorum-test + labels: + app: qubernetes + name: genesis-config +data: + genesis-geth.json: |- + { + "alloc": { + "0xed9d02e382b34818e88b88a309c7fe71e65f419d": { + "balance": "1000000000000000000000000000" + }, + "0xca843569e3427144cead5e4d5999a3d0ccf92b8e": { + "balance": "1000000000000000000000000000" + }, + "0x0fbdc686b912d7722dc86510934589e0aaf3b55a": { + "balance": "1000000000000000000000000000" + }, + "0x9186eb3d20cbd1f5f992a950d808c4495153abd5": { + "balance": "1000000000000000000000000000" + }, + "0x0638e1574728b6d862dd5d3a3e0942c3be47d996": { + "balance": "1000000000000000000000000000" + } + }, + "coinbase": "0x0000000000000000000000000000000000000000", + "config": { + "byzantiumBlock": 1, + "chainId": 10, + "eip150Block": 1, + "eip155Block": 0, + "eip150Hash": "0x0000000000000000000000000000000000000000000000000000000000000000", + "eip158Block": 1, + "isQuorum":true + }, + "difficulty": "0x0", + "extraData": "0x0000000000000000000000000000000000000000000000000000000000000000", + "gasLimit": "0xE0000000", + "mixhash": "0x00000000000000000000000000000000000000647572616c65787365646c6578", + "nonce": "0x0", + "parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000", + "timestamp": "0x00" + } + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: tessera-config + namespace: quorum-test + labels: + app: qubernetes + name: tessera-config +data: + tessera-config.json.tmpl: |- + + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "server": { + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001", + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + } + }, + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "privateKeyPath": "/etc/quorum/qdata/tm/tm.key", + "publicKeyPath": "/etc/quorum/qdata/tm/tm.pub" + } + ] + }, + "alwaysSendTo": [], + "unixSocketFile": "/etc/quorum/qdata/tm/tm.ipc" + } + + + tessera-config-enhanced.json.tmpl: |- + + + + { + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "serverConfigs":[ + { + "app":"ThirdParty", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9080, + "hostName": "http://%THIS_SERVICE_HOST%" + }, + "communicationType" : "REST" + }, + { + "app":"Q2T", + "enabled": true, + "serverSocket":{ + "type":"UNIX", + "path":"/etc/quorum/qdata/tm/tm.ipc" + }, + "communicationType" : "UNIX_SOCKET" + }, + { + "app":"P2P", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001" + }, + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + }, + "communicationType" : "REST" + } + ], + + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "config": %THIS_PRIV_KEY%, + "publicKey": "%THIS_PUB_KEY%" + } + ] + }, + "alwaysSendTo": [] + } + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: contracts-config + namespace: quorum-test + labels: + app: qubernetes + name: contracts-config +data: + runscript.sh: |- + #!/bin/ash + PRIVATE_CONFIG=$TM_HOME/tm.ipc geth --exec "loadScript(\"$1\")" attach ipc:$QUORUM_HOME/dd/geth.ipc + private_contract.js: |- + a = eth.accounts[0] + web3.eth.defaultAccount = a; + + // abi and bytecode generated from simplestorage.sol: + // > solcjs --bin --abi simplestorage.sol + var abi = [{"constant":true,"inputs":[],"name":"storedData","outputs":[{"name":"","type":"uint256"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"x","type":"uint256"}],"name":"set","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"get","outputs":[{"name":"retVal","type":"uint256"}],"payable":false,"type":"function"},{"inputs":[{"name":"initVal","type":"uint256"}],"payable":false,"type":"constructor"}]; + + var bytecode = "0x6060604052341561000f57600080fd5b604051602080610149833981016040528080519060200190919050505b806000819055505b505b610104806100456000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680632a1afcd914605157806360fe47b11460775780636d4ce63c146097575b600080fd5b3415605b57600080fd5b606160bd565b6040518082815260200191505060405180910390f35b3415608157600080fd5b6095600480803590602001909190505060c3565b005b341560a157600080fd5b60a760ce565b6040518082815260200191505060405180910390f35b60005481565b806000819055505b50565b6000805490505b905600a165627a7a72305820d5851baab720bba574474de3d09dbeaabc674a15f4dd93b974908476542c23f00029"; + + var simpleContract = web3.eth.contract(abi); + var simple = simpleContract.new(42, {from:web3.eth.accounts[0], data: bytecode, gas: 0x47b760, privateFor: ["ROAZBWtSacxXQrOe3FGAqJDyJjFePR5ce4TSIzmJ0Bc="]}, function(e, contract) { + if (e) { + console.log("err creating contract", e); + } else { + if (!contract.address) { + console.log("Contract transaction send: TransactionHash: " + contract.transactionHash + " waiting to be mined..."); + } else { + console.log("Contract mined! Address: " + contract.address); + console.log(contract); + } + } + }); + public_contract.js: |- + a = eth.accounts[0] + web3.eth.defaultAccount = a; + + // abi and bytecode generated from simplestorage.sol: + // > solcjs --bin --abi simplestorage.sol + var abi = [{"constant":true,"inputs":[],"name":"storedData","outputs":[{"name":"","type":"uint256"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"x","type":"uint256"}],"name":"set","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"get","outputs":[{"name":"retVal","type":"uint256"}],"payable":false,"type":"function"},{"inputs":[{"name":"initVal","type":"uint256"}],"payable":false,"type":"constructor"}]; + + var bytecode = "0x6060604052341561000f57600080fd5b604051602080610149833981016040528080519060200190919050505b806000819055505b505b610104806100456000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680632a1afcd914605157806360fe47b11460775780636d4ce63c146097575b600080fd5b3415605b57600080fd5b606160bd565b6040518082815260200191505060405180910390f35b3415608157600080fd5b6095600480803590602001909190505060c3565b005b341560a157600080fd5b60a760ce565b6040518082815260200191505060405180910390f35b60005481565b806000819055505b50565b6000805490505b905600a165627a7a72305820d5851baab720bba574474de3d09dbeaabc674a15f4dd93b974908476542c23f00029"; + + var simpleContract = web3.eth.contract(abi); + var simple = simpleContract.new(42, {from:web3.eth.accounts[0], data: bytecode, gas: 0x47b760}, function(e, contract) { + if (e) { + console.log("err creating contract", e); + } else { + if (!contract.address) { + console.log("Contract transaction send: TransactionHash: " + contract.transactionHash + " waiting to be mined..."); + } else { + console.log("Contract mined! Address: " + contract.address); + console.log(contract); + } + } + }); diff --git a/7nodes/raft-7nodes-tessera/qubernetes-tessera.yaml b/7nodes/raft-7nodes-tessera/qubernetes-tessera.yaml new file mode 100644 index 0000000..16923f9 --- /dev/null +++ b/7nodes/raft-7nodes-tessera/qubernetes-tessera.yaml @@ -0,0 +1,39 @@ +namespace: + name: quorum-test +# number of nodes to deploy +nodes: + number: 7 +quorum: + # supported: raft | istanbul + consensus: raft + # base quorum data dir as set inside each container. + Node_DataDir: /etc/quorum/qdata + # This is where all the keys are store, and/or where they are generated, as in the case of quorum-keygen. + # Either full or relative paths on the machine generating the config + Key_Dir_Base: 7nodes + Permissioned_Nodes_File: 7nodes/permissioned-nodes.json + Genesis_File: 7nodes/raft-genesis.json + # related to quorum containers + quorum: + Raft_Port: 50401 + # container images at https://hub.docker.com/u/quorumengineering/ + Quorum_Version: 2.1.1 + # related to transaction manager containers + tm: + # container images at https://hub.docker.com/u/quorumengineering/ + Name: tessera + Tm_Version: 0.7.3 + Port: 9001 + Tessera_Config_Dir: 7nodes + +# generic geth related options +geth: + Node_WSPort: 8546 + NodeP2P_ListenAddr: 21000 + network: + # network id (1: mainnet, 3: ropsten, 4: rinkeby ... ) + id: 1101 + # public (true|false) is it a public network? + public: false + # general verbosity of geth [1..5] + verbosity: 9 diff --git a/7nodes/raft-7nodes/genesis.json b/7nodes/raft-genesis.json similarity index 100% rename from 7nodes/raft-7nodes/genesis.json rename to 7nodes/raft-genesis.json diff --git a/7nodes/tessera-config-enhanced.json b/7nodes/tessera-config-enhanced.json new file mode 100644 index 0000000..02869f9 --- /dev/null +++ b/7nodes/tessera-config-enhanced.json @@ -0,0 +1,108 @@ + + + +{ + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "serverConfigs":[ + { + "app":"ThirdParty", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9080, + "hostName": "http://%THIS_SERVICE_HOST%" + }, + "communicationType" : "REST" + }, + { + "app":"Q2T", + "enabled": true, + "serverSocket":{ + "type":"UNIX", + "path":"/etc/quorum/qdata/tm/tm.ipc" + }, + "communicationType" : "UNIX_SOCKET" + }, + { + "app":"P2P", + "enabled": true, + "serverSocket":{ + "type":"INET", + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001" + }, + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + }, + "communicationType" : "REST" + } + ], + + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "config": %THIS_PRIV_KEY%, + "publicKey": "%THIS_PUB_KEY%" + } + ] + }, + "alwaysSendTo": [] +} diff --git a/7nodes/tessera-config.json b/7nodes/tessera-config.json new file mode 100644 index 0000000..0872dbe --- /dev/null +++ b/7nodes/tessera-config.json @@ -0,0 +1,83 @@ + + + + +{ + "useWhiteList": false, + "jdbc": { + "username": "sa", + "password": "", + "url": "jdbc:h2:/etc/quorum/qdata/tm/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "autoCreateTables": true + }, + "server": { + "port": 9001, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:9001", + "sslConfig": { + "tls": "OFF", + "generateKeyStoreIfNotExisted": true, + "serverKeyStore": "/etc/quorum/qdata/tm/server-keystore", + "serverKeyStorePassword": "quorum", + "serverTrustStore": "/etc/quorum/qdata/tm/server-truststore", + "serverTrustStorePassword": "quorum", + "serverTrustMode": "TOFU", + "knownClientsFile": "/etc/quorum/qdata/tm/knownClients", + "clientKeyStore": "/etc/quorum/qdata/tm/client-keystore", + "clientKeyStorePassword": "quorum", + "clientTrustStore": "/etc/quorum/qdata/tm/client-truststore", + "clientTrustStorePassword": "quorum", + "clientTrustMode": "TOFU", + "knownServersFile": "/etc/quorum/qdata/tm/knownServers" + } + }, + "peer": [ + + { + "url": "http://%QUORUM-NODE1_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE2_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE3_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE4_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE5_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE6_SERVICE_HOST%:9001" + }, + + + { + "url": "http://%QUORUM-NODE7_SERVICE_HOST%:9001" + } + + ], + "keys": { + "passwords": [], + "keyData": [ + { + "privateKeyPath": "/etc/quorum/qdata/tm/tm.key", + "publicKeyPath": "/etc/quorum/qdata/tm/tm.pub" + } + ] + }, + "alwaysSendTo": [], + "unixSocketFile": "/etc/quorum/qdata/tm/tm.ipc" +} + diff --git a/nodes.yaml b/nodes.yaml index 1c93dc6..2194d75 120000 --- a/nodes.yaml +++ b/nodes.yaml @@ -1 +1 @@ -out/nodes.yaml \ No newline at end of file +7nodes/nodes-7.yaml \ No newline at end of file diff --git a/qubernetes-tessera.yaml b/qubernetes-tessera.yaml deleted file mode 120000 index 21d037d..0000000 --- a/qubernetes-tessera.yaml +++ /dev/null @@ -1 +0,0 @@ -config/qubernetes-tessera.yaml \ No newline at end of file diff --git a/qubernetes.yaml b/qubernetes.yaml index 21d037d..9d9e72e 120000 --- a/qubernetes.yaml +++ b/qubernetes.yaml @@ -1 +1 @@ -config/qubernetes-tessera.yaml \ No newline at end of file +7nodes/istanbul-7nodes-tessera/qubernetes-istanbul-7nodes.yaml \ No newline at end of file diff --git a/quorum-config b/quorum-config index e909a99..49e328b 100755 --- a/quorum-config +++ b/quorum-config @@ -20,6 +20,8 @@ require "erb" # Generate genesis.json and permissioned-nodes.json ##################################################### +`mkdir -p out/config` + # create genesis files with all discovered keystore accounts pre alloc with funds. puts(@Genesis_File) File.open(@Genesis_File, "w") do |f| diff --git a/quorum-deployment.yaml.erb b/quorum-deployment.yaml.erb index dbe7067..078c246 100644 --- a/quorum-deployment.yaml.erb +++ b/quorum-deployment.yaml.erb @@ -99,8 +99,8 @@ spec: echo DDIR is $DDIR; printenv; - TESSERA_VERSION=$$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); - echo \"Tessera version (extracted from manifest file): $${TESSERA_VERSION}\"; + TESSERA_VERSION=$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); + echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; TESSERA_VERSION=\"${TESSERA_VERSION}-suffix\"; @@ -110,15 +110,16 @@ spec: echo Config type ${TESSERA_CONFIG_TYPE}; - TESSERA_VERSION=$$(unzip -p /tessera/tessera-app.jar META-INF/MANIFEST.MF | grep Tessera-Version | cut -d\" \" -f2); - echo \"Tessera version (extracted from manifest file): ${TESSERA_VERSION}\"; - - CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json); + CONFIG_TMPL=$(cat ${DDIR}/tessera-config${TESSERA_CONFIG_TYPE}.json.tmpl); <%- @This_Host = ("#{@Node_UserIdent}".upcase + "_SERVICE_HOST").gsub("-", "_") -%> - CONFIG_WITH_OTHERS=$(echo $CONFIG_TMPL | <%= @Sed_Set_Node_Service_Host %>) ; - CONFIG_WITH_HOSTS=$(echo $CONFIG_WITH_OTHERS | sed \"s/%THIS_SERVICE_HOST%/$<%= @This_Host %>/g\"); - echo $CONFIG_WITH_HOSTS > ${DDIR}/tessera-config-with-hosts.json; + CONFIG_WITH_OTHER_HOSTS=$(echo $CONFIG_TMPL | <%= @Sed_Set_Node_Service_Host %>) ; + CONFIG_WITH_ALL_HOSTS=$(echo $CONFIG_WITH_OTHER_HOSTS | sed \"s/%THIS_SERVICE_HOST%/$<%= @This_Host %>/g\"); + PRIV_KEY=$(cat $DDIR/tm.key) + PUB_KEY=$(cat $DDIR/tm.pub) + CONFIG_FINAL=$(echo $CONFIG_WITH_ALL_HOSTS | sed \"s-%THIS_PRIV_KEY%-${PRIV_KEY}-g\" | sed \"s-%THIS_PUB_KEY%-${PUB_KEY}-g\") + + echo $CONFIG_FINAL > ${DDIR}/tessera-config-with-hosts.json; cat ${DDIR}/tessera-config-with-hosts.json; java -Xms128M -Xmx128M -jar /tessera/tessera-app.jar -configfile ${DDIR}/tessera-config-with-hosts.json; " @@ -144,11 +145,11 @@ spec: mountPath: <%= @Node_DataDir %>/tm/tm.key subPath: tm.key - name: tessera-config - mountPath: <%= @Node_DataDir %>/tm/tessera-config.json - subPath: tessera-config.json + mountPath: <%= @Node_DataDir %>/tm/tessera-config.json.tmpl + subPath: tessera-config.json.tmpl - name: tessera-config - mountPath: <%= @Node_DataDir %>/tm/tessera-config-enhanced.json - subPath: tessera-config-enhanced.json + mountPath: <%= @Node_DataDir %>/tm/tessera-config-enhanced.json.tmpl + subPath: tessera-config-enhanced.json.tmpl - name: quorum image: quorumengineering/quorum:<%= @Quorum_Version %> command: [ "sh" ] @@ -247,10 +248,10 @@ spec: configMap: name: tessera-config items: - - key: tessera-config.json - path: tessera-config.json - - key: tessera-config-enhanced.json - path: tessera-config-enhanced.json + - key: tessera-config.json.tmpl + path: tessera-config.json.tmpl + - key: tessera-config-enhanced.json.tmpl + path: tessera-config-enhanced.json.tmpl - name: contracts-config configMap: name: contracts-config diff --git a/quorum-services.yaml.erb b/quorum-services.yaml.erb index a2a7f0e..178de53 100644 --- a/quorum-services.yaml.erb +++ b/quorum-services.yaml.erb @@ -37,6 +37,11 @@ spec: port: <%= @TM_Port %> targetPort: <%= @TM_Port %> # default 8545 + - name: tm-tessera-third-part + protocol: TCP + port: 9080 + targetPort: 9080 + # default 8545 - name: wsrpc-listener protocol: TCP port: <%= @Node_WSPort %> diff --git a/quorum-shared-config.yaml.erb b/quorum-shared-config.yaml.erb index 3efa6d9..b22bfaf 100644 --- a/quorum-shared-config.yaml.erb +++ b/quorum-shared-config.yaml.erb @@ -53,12 +53,12 @@ metadata: app: qubernetes name: tessera-config data: - tessera-config.json: |- + tessera-config.json.tmpl: |- <%- File.readlines(@Tessera_Config_Dir + "/tessera-config.json").each do |line| -%> <%= line -%> <% end -%> - tessera-config-enhanced.json: |- + tessera-config-enhanced.json.tmpl: |- <%- File.readlines(@Tessera_Config_Dir + "/tessera-config-enhanced.json").each do |line| -%> <%= line -%> <% end -%> diff --git a/tessera-config-enhanced.json.erb b/tessera-config-enhanced.json.erb index c708139..34c7bba 100644 --- a/tessera-config-enhanced.json.erb +++ b/tessera-config-enhanced.json.erb @@ -6,19 +6,20 @@ def set_node_template_vars(values) end -%> -<% # The configured key directory of each node holds a file with the enode value. -# The enode value is obtained from that file and set in the permissioned-nodes.json +<% +# for more information about the tessera-config file see https://github.com/jpmorganchase/tessera/wiki/Configuration-overview. %> <% @Key_Dir_Base = @config["quorum"]["Key_Dir_Base"] @Tm_Port = @config["quorum"]["tm"]["Port"] + @DDIR = @Node_DataDir + "/tm" %> { "useWhiteList": false, "jdbc": { "username": "sa", "password": "", - "url": "jdbc:h2:./$${DDIR}/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", + "url": "jdbc:h2:<%= @DDIR %>/db;MODE=Oracle;TRACE_LEVEL_SYSTEM_OUT=0", "autoCreateTables": true }, "serverConfigs":[ @@ -28,7 +29,7 @@ end "serverSocket":{ "type":"INET", "port": 9080, - "hostName": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%" + "hostName": "http://%THIS_SERVICE_HOST%" }, "communicationType" : "REST" }, @@ -37,7 +38,7 @@ end "enabled": true, "serverSocket":{ "type":"UNIX", - "path":"$${DDIR}/tm.ipc" + "path":"<%= @DDIR %>/tm.ipc" }, "communicationType" : "UNIX_SOCKET" }, @@ -46,24 +47,25 @@ end "enabled": true, "serverSocket":{ "type":"INET", - "port": <%= @Tm_Port %>, - "hostName": "http://%<%= "#{@Node_UserIdent}".upcase %>_SERVICE_HOST%" + "port": <%= @Tm_Port %>, + "hostName": "http://%THIS_SERVICE_HOST%", + "bindingAddress": "http://0.0.0.0:<%= @Tm_Port %>" }, "sslConfig": { "tls": "OFF", "generateKeyStoreIfNotExisted": true, - "serverKeyStore": "$${DDIR}/server-keystore", + "serverKeyStore": "<%= @DDIR %>/server-keystore", "serverKeyStorePassword": "quorum", - "serverTrustStore": "$${DDIR}/server-truststore", + "serverTrustStore": "<%= @DDIR %>/server-truststore", "serverTrustStorePassword": "quorum", "serverTrustMode": "TOFU", - "knownClientsFile": "$${DDIR}/knownClients", - "clientKeyStore": "$${DDIR}/client-keystore", + "knownClientsFile": "<%= @DDIR %>/knownClients", + "clientKeyStore": "<%= @DDIR %>/client-keystore", "clientKeyStorePassword": "quorum", - "clientTrustStore": "$${DDIR}/client-truststore", + "clientTrustStore": "<%= @DDIR %>/client-truststore", "clientTrustStorePassword": "quorum", "clientTrustMode": "TOFU", - "knownServersFile": "$${DDIR}/knownServers" + "knownServersFile": "<%= @DDIR %>/knownServers" }, "communicationType" : "REST" } @@ -82,8 +84,8 @@ end "passwords": [], "keyData": [ { - "config": $$(cat $${DDIR}/tm.key), - "publicKey": "$$(cat $${DDIR}/tm.pub)" + "config": %THIS_PRIV_KEY%, + "publicKey": "%THIS_PUB_KEY%" } ] }, diff --git a/tessera-config.json.erb b/tessera-config.json.erb index 9edaebe..4a95124 100644 --- a/tessera-config.json.erb +++ b/tessera-config.json.erb @@ -6,8 +6,8 @@ def set_node_template_vars(values) end -%> -<% # The configured key directory of each node holds a file with the enode value. -# The enode value is obtained from that file and set in the permissioned-nodes.json +<% +# for more information about the tessera-config file see https://github.com/jpmorganchase/tessera/wiki/Configuration-overview %> <% @Key_Dir_Base = @config["quorum"]["Key_Dir_Base"] @@ -66,3 +66,4 @@ end "alwaysSendTo": [], "unixSocketFile": "<%= @DDIR %>/tm.ipc" } +