-
Notifications
You must be signed in to change notification settings - Fork 849
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BOUNTY-4] Add NAT Kubernetes Support #410
[BOUNTY-4] Add NAT Kubernetes Support #410
Conversation
Signed-off-by: Karim TAAM <[email protected]>
Signed-off-by: Karim TAAM <[email protected]>
@@ -590,7 +597,7 @@ public Runner build() { | |||
final NatMethod detectedNatMethod = | |||
Optional.of(natMethod) | |||
.filter(not(isEqual(NatMethod.AUTO))) | |||
.orElse(NatService.autoDetectNatMethod(new DockerDetector())); | |||
.orElse(NatService.autoDetectNatMethod(new DockerDetector(), new KubernetesDetector())); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What happens if it would return the NatMethod
for both of these? Do we want Docker
to be returned even if Kubernetes
would be detected?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The first method detected would be the one selected. In the order they are declared. However in that case Kubernetes would be detected. The detection method for docker and kubernetes are mutually exclusive.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The detection method for docker and kubernetes are mutually exclusive.
I understand that only one would end up being selected but is it possible a misconfigured docker container inside a kubernetes "pod" (or whatever the term is haha), could succeed on the docker detector and not go on to the kubernetes detector? I ask because my intuition tells me that we should attempt to detect if we're in kubernetes first since it's the case that is a less general case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The detection method for docker and kubernetes are mutually exclusive.
I understand that only one would end up being selected but is it possible a misconfigured docker container inside a kubernetes "pod" (or whatever the term is haha), could succeed on the docker detector and not go on to the kubernetes detector? I ask because my intuition tells me that we should attempt to detect if we're in kubernetes first since it's the case that is a less general case.
Ok I can create a new PR in order to change the order and put kubernetes detector first.
nat/src/main/java/org/hyperledger/besu/nat/kubernetes/KubernetesDetector.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Karim TAAM <[email protected]>
Signed-off-by: Karim TAAM <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
* Plugin error stack traces (hyperledger#369) Because of how the Log4J2 api works exception stack traces were not being printed. Update to use the explicit "throwable" overloaded methods. Signed-off-by: Danno Ferrin <[email protected]> * VM Trace fixes (hyperledger#372) * correct refund addresses * correct returned memory from static precompiled calls. * update integration test * precompiles sometimes get plain old CALLs Signed-off-by: Danno Ferrin <[email protected]> * Validate private transaction before sending to enclave (hyperledger#356) Signed-off-by: Jason Frame <[email protected]> * Trace API fixes (hyperledger#377) - Correct Reporting of reverts in nested call - correct reporting and handling of value transfer in nested calls - correct handling of precompiles via DELEGATECALL & CALLCODE - Addition of precompiled contract gas costs - Re-work handling of storage writes - Initial handling of gas refunds - fix bug in DELEGATECALL tests, we don't need gas in the stack * this has a cascading effect on balances in diff tests - rework depth detection in flat trace - two new tests blocks Signed-off-by: Danno Ferrin <[email protected]> * [BOUNTY-2] Add NAT Docker Support (hyperledger#368) * add docker detection Signed-off-by: Karim TAAM <[email protected]> * add port mapping detection Signed-off-by: Karim TAAM <[email protected]> * add tests and refactor ip detection Signed-off-by: Karim TAAM <[email protected]> * clean RunnerBuilder Signed-off-by: Karim TAAM <[email protected]> * clean useless modification Signed-off-by: Karim TAAM <[email protected]> * spotless Signed-off-by: Karim TAAM <[email protected]> * resolve tests issues Signed-off-by: Karim TAAM <[email protected]> * streamline auto detection Signed-off-by: Ratan Rai Sur <[email protected]> Co-authored-by: Abdelhamid Bakhta <[email protected]> Co-authored-by: Ratan Rai Sur <[email protected]> * [PIE-1798] Priv RPC acceptance tests with stub enclave. (hyperledger#330) * [PIE-1798] Added some Privacy RPC ATs with a stub enclave. Signed-off-by: Mark Terry <[email protected]> * More specific task metrics names (hyperledger#389) A prior refactoring had accidentally removed the specific task names from the metrics labels. Signed-off-by: Danno Ferrin <[email protected]> * More trace fixes (hyperledger#386) * pop flat trace context when handling halts * Better detection of precompiled and non-executed contracts * correct from address when calling in init code * fix some exotic nesting cases * correct from field for init code calls at depth >1 * correct cost on a non-call * changelog and notes Signed-off-by: Danno Ferrin <[email protected]> * adding the plugin-api javadoc jar at the root level (hyperledger#378) Signed-off-by: Joshua Fernandes <[email protected]> * BESU-56: remove erroneous links to errorprone checks (hyperledger#385) Signed-off-by: Antoine Toulme <[email protected]> * Changelog entry for multi-tenancy feature (hyperledger#394) Signed-off-by: Edward Evans <[email protected]> Signed-off-by: Jason Frame <[email protected]> * 1.5 RC Changelog (hyperledger#395) * 1.5 RC changelog additions Signed-off-by: Sally MacFarlane <[email protected]> * Fixed link (hyperledger#393) Signed-off-by: Madeline <[email protected]> Co-authored-by: Edward <[email protected]> * docker changelog (hyperledger#391) * docker changelog Signed-off-by: Ratan Rai Sur <[email protected]> * address comments Signed-off-by: Ratan Rai Sur <[email protected]> Co-authored-by: MadelineMurray <[email protected]> * Added known bug to changelog (hyperledger#388) * Added known bug Signed-off-by: Madeline <[email protected]> * Added another known bug Signed-off-by: Madeline <[email protected]> * updating version to 1.4.0-rc1 (hyperledger#397) Signed-off-by: Joshua Fernandes <[email protected]> * updating verion to 1.4.1-snapshot (hyperledger#398) Signed-off-by: Joshua Fernandes <[email protected]> * [BESU-169] cache logs bloom filters automatically. (hyperledger#367) * First iteration. Draft PR. Signed-off-by: Abdelhamid Bakhta <[email protected]> * fix SPDX header Signed-off-by: Abdelhamid Bakhta <[email protected]> * Use block broadcaster to index log bloom. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Remove useless toString method Signed-off-by: Abdelhamid Bakhta <[email protected]> * spotless apply Signed-off-by: Abdelhamid Bakhta <[email protected]> * cacheLogsBloomForBlockHeader Signed-off-by: Abdelhamid Bakhta <[email protected]> * spotless apply Signed-off-by: Abdelhamid Bakhta <[email protected]> * ensurePreviousSegmentsArePresent Signed-off-by: Abdelhamid Bakhta <[email protected]> * Added CLI flag to enable / disable automatic logs bloom indexing. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Create cache directory and cache file if not exist. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Fix acceptance test Signed-off-by: Abdelhamid Bakhta <[email protected]> * Write cache for block only if block is new canonical head. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Handling of chain reorg. Signed-off-by: Abdelhamid Bakhta <[email protected]> * fix Signed-off-by: Abdelhamid Bakhta <[email protected]> * sportless apply Signed-off-by: Abdelhamid Bakhta <[email protected]> * Address PR comments. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Remove unused constant. Signed-off-by: Abdelhamid Bakhta <[email protected]> * spotless apply Signed-off-by: Abdelhamid Bakhta <[email protected]> * [BESU-25] Use Devp2p Ping packets at v5 (hyperledger#392) Broadcast that we support snappy compression Signed-off-by: Danno Ferrin <[email protected]> * Rename logs bloom indexer to log bloom cache to match CLI flag. (hyperledger#401) Changes class names, variables, and CLI flags as needed. Signed-off-by: Danno Ferrin <[email protected]> * [PIE-1798] Fail cases for multitenancy ATs (hyperledger#400) Signed-off-by: Mark Terry <[email protected]> * Private state update metadata and migration (hyperledger#404) (backport from release-1.4) Private state update metadata and migration Signed-off-by: Lucas Saldanha <[email protected]> * [PIE-2303] Automatic log bloom caching - Remove usage of pending file. (hyperledger#407) * Don't use pending file. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Don't use pending file. Signed-off-by: Abdelhamid Bakhta <[email protected]> * Create a custom error when plugin is not found. (hyperledger#409) Signed-off-by: Abdelhamid Bakhta <[email protected]> * Rename method (hyperledger#412) * rename the method isPersistingState to isPersistingPrivateState because that is what it is used for Signed-off-by: Stefan Pingel <[email protected]> * rename the method isPersistingState to isPersistingPrivateState because that is what it is used for Signed-off-by: Stefan Pingel <[email protected]> * rename the method isPersistingState to isPersistingPrivateState because that is what it is used for Signed-off-by: Stefan Pingel <[email protected]> * [BOUNTY-4] Add NAT Kubernetes Support (hyperledger#410) * add kubernetes support Signed-off-by: Karim TAAM <[email protected]> * fix review issues Signed-off-by: Karim TAAM <[email protected]> * LogBloomCache - make sure the current segment is filled (hyperledger#411) Make sure we cache the current cache segment with all of the data from the beginning of the segment. Use a flip file approach since it will be a partial file until done. Signed-off-by: Danno Ferrin <[email protected]> Co-authored-by: Abdelhamid Bakhta <[email protected]> * Reduce recaching in Transaction Log Bloom Filter Cache (hyperledger#415) Do a cursory cache check at start up (file is present and correct size) instead of re-generating the cache at startup. Signed-off-by: Danno Ferrin <[email protected]> * fix order of nat detector (hyperledger#414) Signed-off-by: Karim TAAM <[email protected]> * Update SLOAD_GAS cost to 200 in Aztlan Gas Calculator (#23) (hyperledger#382) * Update SLOAD_GAS cost to 200 in Aztlan Gas Calculator Change SLOAD_GAS cost in Aztlan Gas Calculator from 800 to 200 and update functions that use SLOAD_GAS. Signed-off-by: edwardmack <[email protected]> * Update SLOAD_GAS cost to 200 in Aztlan Gas Calculator Change SLOAD_GAS cost in Aztlan Gas Calculator from 800 to 200 and update functions that use SLOAD_GAS. Signed-off-by: edwardmack <[email protected]> Signed-off-by: Edward Mack <[email protected]> * remove overrides removed overrides of calculateStorageCost and calculateStorageRefundAmount in AztlanGasCalculator because these were causing aztlan fork not to sync with kotti testnet. Signed-off-by: Edward Mack <[email protected]> * merge Signed-off-by: Edward Mack <[email protected]> * Remove unused ExecutorService init/termination (hyperledger#419) Signed-off-by: Horacio Mijail Anton Quiles <[email protected]> Co-authored-by: CJ Hare <[email protected]> * Implement Eth/64 (hyperledger#425) Wire in the fork identifier into the status messages as Eth64. Signed-off-by: Danno Ferrin <[email protected]> * Adds priv_getcode (hyperledger#428) * Adds priv_getcode Signed-off-by: Joshua Richardson <[email protected]> * BESU-146 - check if success and return errorResponse otherwise (hyperledger#424) Signed-off-by: Anthony Buckle <[email protected]> Co-authored-by: CJ Hare <[email protected]> * fixed typos (hyperledger#429) Signed-off-by: Sally MacFarlane <[email protected]> Co-authored-by: CJ Hare <[email protected]> * roll back on ALL-CAPS.md files for TSC proposal (hyperledger#376) Signed-off-by: Felipe Faraggi <[email protected]> * updating the changelog with 1.4.0 details (hyperledger#431) Signed-off-by: Joshua Fernandes <[email protected]> * [BESU-194] Remove max pivot block resets during fast sync (hyperledger#427) * remove max pivot block resets during fast sync * increase max retry number and fix test * change logs in the handleFailure method * change logs related to suspicious number of retries Signed-off-by: Karim TAAM <[email protected]> Co-authored-by: Danno Ferrin <[email protected]> Co-authored-by: Jason Frame <[email protected]> Co-authored-by: Karim T. <[email protected]> Co-authored-by: Abdelhamid Bakhta <[email protected]> Co-authored-by: Ratan Rai Sur <[email protected]> Co-authored-by: mark-terry <[email protected]> Co-authored-by: Joshua Fernandes <[email protected]> Co-authored-by: Antoine Toulme <[email protected]> Co-authored-by: Sally MacFarlane <[email protected]> Co-authored-by: MadelineMurray <[email protected]> Co-authored-by: Edward <[email protected]> Co-authored-by: Lucas Saldanha <[email protected]> Co-authored-by: pinges <[email protected]> Co-authored-by: Horacio Mijail Antón Quiles <[email protected]> Co-authored-by: CJ Hare <[email protected]> Co-authored-by: anthonybuckle <[email protected]> Co-authored-by: Felipe Faraggi <[email protected]>
Signed-off-by: Karim TAAM [email protected]
PR description
The goal of this work is to offer developers a consistent API for performing NAT tasks, and add support for Kubernetes NAT implementation when Besu is being run from a Kubernetes cluster.
Besu will automatically detect that the client is in a kubernetes.
Besu will automatically try to detect the external IP address and the exposed ports thanks to the sdk https://github.com/kubernetes-client/java under Apache 2.0
The configuration will be in the '/opt/besu/shared/kube-config' location
Sample of script in order to define the port mapping
Create persistent volume
kubectl apply -f pv-volume.yml
Claim volume
kubectl apply -f pv-claim.yml
Copy the kube config file in the mounted directory.
Deploy Besu service.
kubectl apply -f besu-service.yml -f besu-deployment.yml