config: rework validator configs #1939
Conversation
|
Note I was able to convert everything in a fairly straightforward manner except some of the benchmarking binaries for remote benchmarking. I think those will require some help from @oxade to get done properly. I still plan on doing a bit more in this area immediately once this PR lands but would like to get this landed asap given the vast blast radius it already has. |
|
One thing of note is that now instead of needing to curry around this extra |
bmwill
added
Priority: Medium
sui/src/bin/bench_configure.rs
Outdated
| // let load_gen_path = Path::new(&path_str); | ||
|
|
||
| // lg.persisted(load_gen_path).save().unwrap(); | ||
| // } |
There was a problem hiding this comment.
Thanks, i've removed it
|
Overall this seems like a good idea. Some comments:
|
A SuiAddress is derived from a PublicKey so this actually enforces that we don't have an address that mis-matches the public key. Validators are still identified the same.
Yes this will and will need to be handled in a separate change. We don't need nor want a network.conf for a solo validator. Instead the validator binary should only accept a ValidatorConfig as a network config contains information about all validators for testing purposes and individual validators shouldn't know all of the config information for other validators. So this might mean that we have some pre-step that generates the network config for all validators and then distributes the individual validator configs to the respective validators. |
There was a problem hiding this comment.
thanks for taking time cleaning this up!
This is a relevant issue being tracked #1837
Main feedback from the 1st round of looking: how do we expect the genesis process looks like for testnet/mainnet? My gut feeling is we will need to share a file that contains all validator's information, and only public information. (some context: Initially the network.conf had all the private keys and we moved away to only contain one key pair recently)
sui/src/bin/validator.rs
Outdated
| let (network_config, _, _) = genesis(genesis_conf, Some(adddress)).await?; | ||
| network_config | ||
| let mut genesis_conf: GenesisConfig = PersistedConfig::read(&cfg.genesis_config_path)?; | ||
| genesis_conf.quorum_size = 1; |
There was a problem hiding this comment.
This is specifically for the case where a config isn't provided and we want to spin up a lonely validator. I'm not so sure i agree with the overall flow in this case but didn't want to change even more things in this PR since its already long
| let listen_address = cfg | ||
| .listen_address | ||
| .unwrap_or_else(|| authority.network_address.clone()); | ||
|
|
||
| let consensus_committee = network_config.make_narwhal_committee(); | ||
|
|
||
| let consensus_parameters = ConsensusParameters { | ||
| max_header_delay: std::time::Duration::from_millis(5_000), | ||
| max_batch_delay: std::time::Duration::from_millis(5_000), | ||
| ..ConsensusParameters::default() | ||
| }; | ||
| let consensus_store_path = sui_config_dir()? | ||
| .join(CONSENSUS_DB_NAME) | ||
| .join(encode_bytes_hex(&authority.public_key)); | ||
| .unwrap_or_else(|| validator_config.network_address().to_owned()); |
There was a problem hiding this comment.
We don't use this flag now (because we can get it from ValidatorInfo)
should be safe to delete it
cc @mystenmark
There was a problem hiding this comment.
I was trying to not adjust the cmdline flags too much so i can leave this to be cleaned up in a future pr.
| use sui_config::PersistedConfig; | ||
| use sui_config::{GenesisConfig, ValidatorConfig}; |
| let mut genesis_conf: GenesisConfig = PersistedConfig::read(&cfg.genesis_config_path)?; | ||
| genesis_conf.quorum_size = 1; | ||
| let (network_config, _, _) = genesis(genesis_conf).await?; | ||
| network_config.into_validator_configs().remove(0) |
crates/sui-config/src/lib.rs
Outdated
|
|
||
| #[derive(Serialize, Deserialize)] | ||
| pub struct GenesisConfig { | ||
| pub quorum_size: usize, |
There was a problem hiding this comment.
committee_size is probably better - quorum_size sounds like the k in k out of n
| network_config.authorities.push(authority); | ||
| } | ||
| let config_dir = sui_config_dir().unwrap(); | ||
| let mut network_config = NetworkConfig::generate(&config_dir, num_to_provision); |
There was a problem hiding this comment.
repeating what brandon & I discussed offline:
we’d like to keep the ability to genesis with a pre-specified validator sets (aka with their public keys). This is how it will work for testnet/mainnet and also help with debugability by keeping the same set of validator keys. People will run sui genesis with a genesis config and set up all the dbs etc etc. and we don’t need to socialize two files/config genesis.conf and network.conf
There was a problem hiding this comment.
in the end we should only need to provide validators with their own validator config.
If we want to fix the names of the validators for debug-ability there is another generate function which takes an RNG so we can just seed it
| db_path: PathBuf, | ||
| network_address: Multiaddr, | ||
| metrics_address: Multiaddr, | ||
|
|
| //TODO make narwhal config serializable | ||
| #[serde(skip_serializing)] | ||
| #[serde(default)] | ||
| narwhal_config: DebugIgnore<ConsensusParameters>, |
There was a problem hiding this comment.
curious why DebugIgnore?
There was a problem hiding this comment.
ConsensusParameters doesn't impl Debug, I plan to fix it but need to do so in the narwhal repo
| /// This is a config that is used for testing or local use as it contains the config and keys for | ||
| /// all validators |
There was a problem hiding this comment.
Today's workflow:
- we collect validator information in
genesis.conf, socialize it with all genesis validators (there's a keypair which is specific to the concerned validator) - each validator runs
sui genesisand get anetwork.conf. Thenetwork.confonly has public keys of all validators (plus a keypair of the concerned validator)
There was a problem hiding this comment.
The new workflow should be more straight forward:
- We perform genesis and generate a NetworkConfig which includes N Validator configs
- We give the corresponding validator config to each validator
There's still more work to do to get it to where we'd need for testnet/mainet. But we can't have everyone running genesis themselves. At the end of the day genesis is the initial set of objects/checkpoint that will need to be signed by everyone's private keys so we'll need to perform a ceremony for that. I heavily worked on similar logic for diem so i'm working towards a similar process here. Its going to take a few more PRs to get there though ;) |
This patch does a large rework of our validator configs. Specifically it creates a single `ValidatorConfig` which represents all of the configuration a Validator needs to start up. It also creates a light-weight `ValidatorInfo` type which contains information we expect to know about other validators (stake, public key, network address) and will eventually be read from on-chain. This is a replacement for the `AuthorityInfo` type which was a type that all validators have for all other validators but included some odd information like the on-disk path to a validator's db which other validators don't need to know about. This patch also does an initial rework of creating a `NetworkConfig` which is used when you want to create N validators to run locally. There's still some additional work that will need to be done to make this nicer for testing purposes but this is a good start.
|
@longbowlu I provided a short description in the issue you linked: #1837 |
This patch does a large rework of our validator configs. Specifically it
creates a single
ValidatorConfigwhich represents all of theconfiguration a Validator needs to start up. It also creates a
light-weight
ValidatorInfotype which contains information we expectto know about other validators (stake, public key, network address) and
will eventually be read from on-chain. This is a replacement for the
AuthorityInfotype which was a type that all validators have for allother validators but included some odd information like the on-disk path
to a validator's db which other validators don't need to know about.
This patch also does an initial rework of creating a
NetworkConfigwhich is used when you want to create N validators to run locally.
There's still some additional work that will need to be done to make
this nicer for testing purposes but this is a good start.