Compare commits
1 commit
master
...
feat/grpc-
Author | SHA1 | Date | |
---|---|---|---|
6679ad81fe |
66 changed files with 277 additions and 357 deletions
|
@ -1,4 +1,5 @@
|
|||
# Services start/stop order
|
||||
# Will start from top to bottom and stop in reverse
|
||||
nats
|
||||
ir
|
||||
storage
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
.docker
|
||||
.github
|
||||
.forgejo
|
||||
vendor
|
||||
tmp
|
||||
|
|
40
.env
40
.env
|
@ -8,43 +8,49 @@ BASTION_VERSION=10
|
|||
BASTION_IMAGE=debian
|
||||
|
||||
# NeoGo privnet
|
||||
NEOGO_VERSION=0.106.3
|
||||
NEOGO_VERSION=0.101.1
|
||||
NEOGO_IMAGE=nspccdev/neo-go
|
||||
|
||||
# FrostFS InnerRing nodes
|
||||
IR_VERSION=0.44.4
|
||||
IR_IMAGE=git.frostfs.info/truecloudlab/frostfs-ir
|
||||
IR_VERSION=365a7ca0
|
||||
IR_IMAGE=truecloudlab/frostfs-ir
|
||||
|
||||
# FrostFS Storage nodes
|
||||
NODE_VERSION=0.44.4
|
||||
NODE_IMAGE=git.frostfs.info/truecloudlab/frostfs-storage
|
||||
NODE_VERSION=365a7ca0
|
||||
NODE_IMAGE=truecloudlab/frostfs-storage
|
||||
|
||||
# NATS Server
|
||||
NATS_VERSION=2.7.2
|
||||
NATS_IMAGE=nats
|
||||
|
||||
# HTTP Gate
|
||||
HTTP_GW_VERSION=0.32.0
|
||||
HTTP_GW_VERSION=0.27.0-rc.1-15-g1776db28
|
||||
HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
|
||||
|
||||
# S3 Gate
|
||||
S3_GW_VERSION=0.32.0
|
||||
S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
|
||||
# REST Gate
|
||||
REST_GW_VERSION=c9c85e90
|
||||
REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
|
||||
|
||||
# Lifecycler
|
||||
S3_LIFECYCLER_VERSION=0.1.3
|
||||
S3_LIFECYCLER_IMAGE=truecloudlab/frostfs-s3-lifecycler
|
||||
# S3 Gate
|
||||
S3_GW_VERSION=0.27.0-rc.1-30-gce929468
|
||||
S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
|
||||
|
||||
# FrostFS LOCODE database
|
||||
LOCODE_DB_URL=https://git.frostfs.info/attachments/a2e8def7-52b6-49f1-89cd-a056712e8e54
|
||||
#LOCODE_DB_PATH=/path/to/locode_db
|
||||
|
||||
# FrostFS CLI binary
|
||||
FROSTFS_CLI_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-cli
|
||||
FROSTFS_CLI_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/BbngJDdRJEDJTJk7qptq3SxKqrJqtvVYWU6R5AaFGbtG
|
||||
#FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary
|
||||
|
||||
# FrostFS ADM tool binary
|
||||
FROSTFS_ADM_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-adm
|
||||
FROSTFS_ADM_VERSION=eca5c210
|
||||
FROSTFS_ADM_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/2GxarAjGUb3RevxvqFGYT3hDQxNNaHzK6aFxhJCAMehq
|
||||
#FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary
|
||||
|
||||
# Compiled FrostFS Smart Contracts
|
||||
FROSTFS_CONTRACTS_URL=https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/download/v0.21.1/frostfs-contract-v0.21.1.tar.gz
|
||||
FROSTFS_CONTRACTS_VERSION=8537293e
|
||||
FROSTFS_CONTRACTS_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/6ccZoj4HxoN1G1qvJAX2Qw9p2D6qdyzAjNMaNkEKYQpA
|
||||
#FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir
|
||||
|
||||
# Jaeger tracing
|
||||
|
@ -58,7 +64,3 @@ PROMETHEUS_IMAGE=prom/prometheus
|
|||
# Grafana versions
|
||||
GRAFANA_VERSION=9.5.6
|
||||
GRAFANA_IMAGE=grafana/grafana
|
||||
|
||||
# Loki versions
|
||||
LOKI_VERSION=2.9.1
|
||||
LOKI_IMAGE=grafana/loki
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
name: DCO action
|
||||
on: [pull_request]
|
||||
|
||||
jobs:
|
||||
|
@ -13,9 +12,9 @@ jobs:
|
|||
- name: Setup Go
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version: '1.21'
|
||||
go-version: '1.20'
|
||||
|
||||
- name: Run commit format checker
|
||||
uses: https://git.frostfs.info/TrueCloudLab/dco-go@v2
|
||||
uses: https://git.alexvan.in/alexvanin/dco-go@v1
|
||||
with:
|
||||
from: 'origin/${{ github.event.pull_request.base.ref }}'
|
||||
from: dca6ff62
|
||||
|
|
1
.github/CODEOWNERS
vendored
Normal file
1
.github/CODEOWNERS
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
* @alexvanin @fyrchik
|
0
.forgejo/logo.svg → .github/logo.svg
vendored
0
.forgejo/logo.svg → .github/logo.svg
vendored
Before Width: | Height: | Size: 5.5 KiB After Width: | Height: | Size: 5.5 KiB |
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -15,3 +15,4 @@ sites/*
|
|||
# Runtime generation keys
|
||||
services/storage/*tls.crt
|
||||
services/storage/*tls.key
|
||||
services/nats/*.pem
|
||||
|
|
|
@ -2,4 +2,4 @@
|
|||
# Will start from top to bottom and stop in reverse
|
||||
http_gate
|
||||
s3_gate
|
||||
s3_lifecycler
|
||||
rest_gate
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
.* @alexvanin @fyrchik
|
||||
.forgejo/.* @potyarkin
|
||||
Makefile @potyarkin
|
20
Makefile
20
Makefile
|
@ -60,7 +60,6 @@ get: $(foreach SVC, $(GET_SVCS), get.$(SVC))
|
|||
.PHONY: up
|
||||
up: up/basic
|
||||
@$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||
./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/s3-wallet.json | head -1 | awk '{print $1}'` || die "Couldn't set s3-gw wallet as proxy wallet"
|
||||
@echo "Full FrostFS Developer Environment is ready"
|
||||
|
||||
# Build up FrostFS
|
||||
|
@ -77,27 +76,12 @@ up/bootstrap: get vendor/hosts
|
|||
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||
@source ./bin/helper.sh
|
||||
@./vendor/frostfs-adm --config frostfs-adm.yml morph init --contracts vendor/contracts
|
||||
echo "Set rule chain to policy contract"
|
||||
@./vendor/frostfs-adm --config frostfs-adm.yml morph \
|
||||
ape add-rule-chain --target-type namespace --target-name "" \
|
||||
--rule 'allow Container.* *' --chain-id "allow_container_ops"
|
||||
@for f in ./services/storage/wallet*.json; do \
|
||||
echo "Transfer GAS to wallet $${f}" \
|
||||
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 \
|
||||
|| die "Failed to transfer GAS to alphabet wallets"; \
|
||||
echo "Register storage wallet $${f} in proxy contract" \
|
||||
&& ./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/storage/$${f##*/} | head -1 | awk '{print $1}'` || die "Couldn't set storage allet as proxy wallet"
|
||||
done
|
||||
@echo "Create frostfsid subject for ./wallets/wallet.json"; \
|
||||
if [ -n "$$(./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid list-subjects --namespace '')" ]; then \
|
||||
echo "Subject already exists"; \
|
||||
else \
|
||||
subj_key=`docker container exec -it morph_chain neo-go wallet dump-keys -w /wallets/wallet.json | tail -1 | tr -d ' \r\n'` \
|
||||
&& echo "Subject key: $${subj_key}" \
|
||||
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid create-subject --namespace "" --subject-key $${subj_key} --subject-name walletsubject \
|
||||
|| die "Failed to create subject for the wallet"; \
|
||||
fi
|
||||
echo "FrostFS sidechain environment is deployed"
|
||||
@echo "FrostFS sidechain environment is deployed"
|
||||
|
||||
# Build up certain service
|
||||
.PHONY: up/%
|
||||
|
@ -152,7 +136,7 @@ hosts: vendor/hosts
|
|||
.PHONY: clean
|
||||
.ONESHELL:
|
||||
clean:
|
||||
@rm -rf vendor/* services/storage/s04tls.*
|
||||
@rm -rf vendor/* services/storage/s04tls.* services/nats/*.pem
|
||||
@> .int_test.env
|
||||
@for svc in $(PULL_SVCS)
|
||||
do
|
||||
|
|
61
README.md
61
README.md
|
@ -1,5 +1,5 @@
|
|||
<p align="center">
|
||||
<img src="./.forgejo/logo.svg" width="500px" alt="FrostFS logo">
|
||||
<img src="./.github/logo.svg" width="500px" alt="FrostFS logo">
|
||||
</p>
|
||||
<p align="center">
|
||||
<a href="https://frostfs.info">FrostFS</a> local Development and Testing environment
|
||||
|
@ -137,65 +137,6 @@ Display addresses and host names for each running service, if available.
|
|||
|
||||
Clean up `vendor` directory.
|
||||
|
||||
### s3cred
|
||||
|
||||
Registers user wallet and issues s3 credentials.
|
||||
|
||||
Usage and default parameter values:
|
||||
```sh
|
||||
make s3cred [password=""] [contract_password=s3] [wallet=/user_wallet.json] [gate_public_key=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf]
|
||||
```
|
||||
|
||||
As soon as the storage node is in the network map (see above) you can generate S3
|
||||
credentials:
|
||||
|
||||
``` sh
|
||||
$ make s3cred
|
||||
{
|
||||
"access_key_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p",
|
||||
"secret_access_key": "d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f",
|
||||
"owner_private_key": "140947599afd9ca89af4b358c3176eb046e554d942a0dc99a8e06f3e43c8f4ad",
|
||||
"wallet_public_key": "0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6",
|
||||
"container_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT"
|
||||
}
|
||||
```
|
||||
Running without any parameters will result in defaults which are based on the private key from
|
||||
`/user-wallet.json` file and `/wallet.json` contract wallet.
|
||||
|
||||
Now let's configure an S3 client (AWS CLI will be used as example):
|
||||
|
||||
``` sh
|
||||
$ aws configure
|
||||
AWS Access Key ID []: EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p
|
||||
AWS Secret Access Key []: d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f
|
||||
Default region name []: us-east-1
|
||||
Default output format []: json
|
||||
```
|
||||
|
||||
If you need to create credentials for different users, put user wallets to `wallets` dir and specify them via `wallet` parameter.
|
||||
Pass wallet password in `password` parameter if it's not default. The same is for `contract_wallet` and `gate_public_key` params.
|
||||
|
||||
```sh
|
||||
$ make s3cred wallet=custom_wallet.json password=test
|
||||
{
|
||||
"access_key_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys904W7xXFNKqem2ACvTRWRYJsZMCUikYFSokN7pPJziWyDi",
|
||||
"secret_access_key": "21bb64fafa32c82417fd8b97ac56cc8a085998a3852632d52fe7042453daa440",
|
||||
"owner_private_key": "10f6f9d7a47bb0bf68363ad8a99fe69f1493f8b6e1665b3e4e83feb2d5c7ee39",
|
||||
"wallet_public_key": "03e38759973a6bb722baabc2dd84036a39f0b2f53d32fec45a4dacde8a50fe4b70",
|
||||
"container_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys9"
|
||||
}
|
||||
```
|
||||
|
||||
To get credentials from custom wallet, place it in `wallets` dir before start.
|
||||
|
||||
### cred
|
||||
|
||||
Usage and default parameter values:
|
||||
```sh
|
||||
make cred [password=""] [contract_password=s3] [wallet=/user_wallet.json]
|
||||
```
|
||||
The same as `s3cred`, but it doesn't issues s3 credentials.
|
||||
|
||||
## Contributing
|
||||
|
||||
Feel free to contribute to this project after reading the [contributing
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
wallet: services/storage/wallet01.json
|
||||
password: ""
|
||||
rpc-endpoint: s01.frostfs.devenv:8080
|
||||
endpoint: s01.frostfs.devenv:8081
|
|
@ -1,4 +0,0 @@
|
|||
wallet: services/storage/wallet02.json
|
||||
password: ""
|
||||
rpc-endpoint: s02.frostfs.devenv:8080
|
||||
endpoint: s02.frostfs.devenv:8081
|
|
@ -1,4 +0,0 @@
|
|||
wallet: services/storage/wallet03.json
|
||||
password: ""
|
||||
rpc-endpoint: s03.frostfs.devenv:8080
|
||||
endpoint: s03.frostfs.devenv:8081
|
|
@ -1,4 +0,0 @@
|
|||
wallet: services/storage/wallet04.json
|
||||
password: ""
|
||||
rpc-endpoint: s04.frostfs.devenv:8080
|
||||
endpoint: s04.frostfs.devenv:8081
|
|
@ -22,8 +22,8 @@ Image label prefix to use for containers.
|
|||
- Create a new container
|
||||
```
|
||||
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
||||
--wallet wallets/wallet.key \
|
||||
container create --basic-acl private --await \
|
||||
--key wallets/wallet.key \
|
||||
container create --basic-acl readonly --await \
|
||||
--policy "REP 1 SELECT 1 FROM *"
|
||||
container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
||||
awaiting...
|
||||
|
@ -33,7 +33,7 @@ container has been persisted on sidechain
|
|||
- Put an object into the newly created container
|
||||
```
|
||||
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
||||
--wallet wallets/wallet.key \
|
||||
--key wallets/wallet.key \
|
||||
object put --file /tmp/backup.jpeg \
|
||||
--cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
||||
[/tmp/backup.jpeg] Object successfully stored
|
||||
|
|
|
@ -4,16 +4,14 @@ A single-node N3 privnet deployment, running on
|
|||
|
||||
Contracts deployed:
|
||||
- Alphabet (AZ) [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/alphabet)
|
||||
- Audit [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/audit)
|
||||
- Balance [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/balance)
|
||||
- Container [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/container)
|
||||
- FrostFS [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/frostfs)
|
||||
- FrostFSID [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/frostfsid)
|
||||
- NNS [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/nns)
|
||||
- Netmap [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/netmap)
|
||||
- Policy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/policy)
|
||||
- Processing [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/processing)
|
||||
- NeoFSID [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/neofsid)
|
||||
- Proxy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/proxy)
|
||||
|
||||
- Reputation [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/reputation)
|
||||
|
||||
RPC available at `http://morph-chain.frostfs.devenv:30333`.
|
||||
|
||||
## .env settings
|
||||
|
|
|
@ -5,7 +5,6 @@ network:
|
|||
epoch_duration: 240
|
||||
basic_income_rate: 100000000
|
||||
homomorphic_hash_disabled: false
|
||||
maintenance_mode_allowed: true
|
||||
fee:
|
||||
audit: 10000
|
||||
candidate: 10000000000
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
|
||||
basenet:
|
||||
|
|
|
@ -1,2 +1 @@
|
|||
IPV4_PREFIX.122 grafana.LOCAL_DOMAIN
|
||||
IPV4_PREFIX.123 loki.LOCAL_DOMAIN
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
version: '2.4'
|
||||
services:
|
||||
grafana:
|
||||
image: ${GRAFANA_IMAGE}:${GRAFANA_VERSION}
|
||||
|
@ -13,17 +14,11 @@ services:
|
|||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./grafana.ini:/etc/grafana/grafana.ini
|
||||
- ./provisioning:/etc/grafana/provisioning
|
||||
ports:
|
||||
- '3000:3000'
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".int_test.env" ]
|
||||
|
||||
loki:
|
||||
image: ${LOKI_IMAGE}:${LOKI_VERSION}
|
||||
command: -config.file=/etc/loki/local-config.yaml
|
||||
networks:
|
||||
grafana_int:
|
||||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.123
|
||||
|
||||
networks:
|
||||
grafana_int:
|
||||
internet:
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -6,8 +6,3 @@ datasources:
|
|||
access: proxy
|
||||
orgId: 1
|
||||
url: http://prometheus:9090
|
||||
- name: Loki
|
||||
type: loki
|
||||
access: proxy
|
||||
orgId: 1
|
||||
url: http://loki:3100
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
http_gate:
|
||||
image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION}
|
||||
|
|
|
@ -1 +1,3 @@
|
|||
FROSTFS_IR_CONTRACTS_FROSTFSID=27407c76feabc407908f3d09a3d845d45e7c981a
|
||||
|
||||
FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512
|
||||
|
|
|
@ -25,6 +25,7 @@ endif
|
|||
# Download FrostFS CLI
|
||||
.ONESHELL:
|
||||
get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli
|
||||
get.cli: FROSTFS_CLI_ARCHIVE_FILE=${FROSTFS_CLI_FILE}.tar.gz
|
||||
get.cli: FROSTFS_CLI_PATH?=
|
||||
get.cli:
|
||||
@mkdir -p ./vendor
|
||||
|
@ -33,8 +34,10 @@ ifeq (${FROSTFS_CLI_PATH},)
|
|||
@echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}"
|
||||
@curl \
|
||||
-ksSL "${FROSTFS_CLI_URL}" \
|
||||
-o ${FROSTFS_CLI_FILE}
|
||||
@chmod +x ${FROSTFS_CLI_FILE}
|
||||
-o ${FROSTFS_CLI_ARCHIVE_FILE}
|
||||
@tar -xvf ${FROSTFS_CLI_ARCHIVE_FILE} -C ./vendor | xargs -I {} \
|
||||
mv ./vendor/{} ${FROSTFS_CLI_FILE}
|
||||
@rm ${FROSTFS_CLI_ARCHIVE_FILE}
|
||||
else
|
||||
@echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}"
|
||||
@cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
|
||||
ir01:
|
||||
|
@ -12,19 +13,19 @@ services:
|
|||
ir_int:
|
||||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.61
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
volumes:
|
||||
- ./az.json:/wallet.json
|
||||
- ./az.key:/wallet01.key
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./../../vendor/locode_db:/locode/db
|
||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||
- ./healthcheck.sh:/healthcheck.sh
|
||||
- ./cfg:/etc/frostfs/ir
|
||||
env_file: [ ".env", ".ir.env", ".int_test.env" ]
|
||||
command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ]
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "/frostfs-cli control ir healthcheck -q --wallet /wallet01.key --endpoint \"$$FROSTFS_IR_CONTROL_GRPC_ENDPOINT\""]
|
||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
|
6
services/ir/healthcheck.sh
Executable file
6
services/ir/healthcheck.sh
Executable file
|
@ -0,0 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
/frostfs-cli control healthcheck \
|
||||
--endpoint "$FROSTFS_IR_CONTROL_GRPC_ENDPOINT" \
|
||||
--wallet /wallet01.key --ir |
|
||||
grep "Health status: READY"
|
|
@ -1,3 +1,4 @@
|
|||
version: '2.4'
|
||||
services:
|
||||
jaeger:
|
||||
image: ${JAEGER_IMAGE}:${JAEGER_VERSION}
|
||||
|
|
|
@ -20,12 +20,15 @@ endif
|
|||
|
||||
# Download FrostFS ADM tool
|
||||
get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm
|
||||
get.adm: FROSTFS_ADM_ARCHIVE=frostfs-adm.tar.gz
|
||||
get.adm:
|
||||
|
||||
ifeq (${FROSTFS_ADM_PATH},)
|
||||
@echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}"
|
||||
@curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_DEST}
|
||||
@chmod +x ${FROSTFS_ADM_DEST}
|
||||
@curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_ARCHIVE}
|
||||
@tar -xvf ${FROSTFS_ADM_ARCHIVE} -C ./vendor | xargs -I {} \
|
||||
mv ./vendor/{} ${FROSTFS_ADM_DEST}
|
||||
@rm ${FROSTFS_ADM_ARCHIVE}
|
||||
else
|
||||
@echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}"
|
||||
@cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
frostfs_morph_chain:
|
||||
image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
|
||||
|
@ -19,18 +20,9 @@ services:
|
|||
- ./config.yml:/wallets/config.yml
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./../../wallets/wallet.json:/wallets/wallet.json
|
||||
- ./../s3_gate/wallet.json:/wallets/s3-wallet.json
|
||||
- ./../storage/wallet01.json:/wallets/storage/wallet01.json
|
||||
- ./../storage/wallet02.json:/wallets/storage/wallet02.json
|
||||
- ./../storage/wallet03.json:/wallets/storage/wallet03.json
|
||||
- ./../storage/wallet04.json:/wallets/storage/wallet04.json
|
||||
- chains:/chains
|
||||
|
||||
networks:
|
||||
chain_int:
|
||||
internet:
|
||||
external: true
|
||||
name: basenet_internet
|
||||
|
||||
volumes:
|
||||
chains:
|
||||
|
|
|
@ -11,14 +11,13 @@ ProtocolConfiguration:
|
|||
VerifyTransactions: true
|
||||
StateRootInHeader: true
|
||||
P2PSigExtensions: true
|
||||
Hardforks: {}
|
||||
|
||||
ApplicationConfiguration:
|
||||
SkipBlockVerification: false
|
||||
DBConfiguration:
|
||||
Type: "boltdb"
|
||||
BoltDBOptions:
|
||||
FilePath: "/chains/morph.bolt"
|
||||
FilePath: "./db/morph.bolt"
|
||||
P2P:
|
||||
Addresses:
|
||||
- ":20333"
|
||||
|
@ -30,14 +29,9 @@ ApplicationConfiguration:
|
|||
AttemptConnPeers: 5
|
||||
MinPeers: 0
|
||||
Relay: true
|
||||
Consensus:
|
||||
Enabled: true
|
||||
UnlockWallet:
|
||||
Path: "./wallets/node-wallet.json"
|
||||
Password: "one"
|
||||
RPC:
|
||||
Addresses:
|
||||
- ":30333"
|
||||
- "192.168.130.90:30333"
|
||||
Enabled: true
|
||||
SessionEnabled: true
|
||||
EnableCORSWorkaround: false
|
||||
|
@ -55,3 +49,6 @@ ApplicationConfiguration:
|
|||
Addresses:
|
||||
- ":20011"
|
||||
Enabled: true
|
||||
UnlockWallet:
|
||||
Path: "./wallets/node-wallet.json"
|
||||
Password: "one"
|
||||
|
|
1
services/nats/.hosts
Normal file
1
services/nats/.hosts
Normal file
|
@ -0,0 +1 @@
|
|||
IPV4_PREFIX.101 nats.LOCAL_DOMAIN
|
7
services/nats/artifacts.mk
Normal file
7
services/nats/artifacts.mk
Normal file
|
@ -0,0 +1,7 @@
|
|||
# Create new TLS certs for NATS server and clients
|
||||
|
||||
NATS_DIR=$(abspath services/nats)
|
||||
|
||||
get.nats:
|
||||
@echo "⇒ Creating certs for NATS server and clients"
|
||||
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null
|
31
services/nats/docker-compose.yml
Normal file
31
services/nats/docker-compose.yml
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
nats:
|
||||
image: ${NATS_IMAGE}:${NATS_VERSION}
|
||||
domainname: ${LOCAL_DOMAIN}
|
||||
hostname: nats
|
||||
container_name: nats
|
||||
restart: on-failure
|
||||
dns:
|
||||
- ${IPV4_PREFIX}.101
|
||||
networks:
|
||||
nats_int:
|
||||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.101
|
||||
volumes:
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./nats.conf:/etc/nats/frostfs-nats-server.conf
|
||||
- ./server-cert.pem:/certs/server-cert.pem
|
||||
- ./server-key.pem:/certs/server-key.pem
|
||||
- ./ca-cert.pem:/certs/ca-cert.pem
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".int_test.env" ]
|
||||
command: ["-c", "/etc/nats/frostfs-nats-server.conf"]
|
||||
|
||||
networks:
|
||||
nats_int:
|
||||
internet:
|
||||
external: true
|
||||
name: basenet_internet
|
49
services/nats/generate_cert.sh
Executable file
49
services/nats/generate_cert.sh
Executable file
|
@ -0,0 +1,49 @@
|
|||
#!/bin/bash
|
||||
|
||||
source bin/helper.sh
|
||||
|
||||
WORKDIR=$(dirname "$0")
|
||||
LOCAL_DOMAIN=$1
|
||||
|
||||
CA_KEY=$WORKDIR/ca-key.pem
|
||||
CA_CRT=$WORKDIR/ca-cert.pem
|
||||
|
||||
SRV_KEY=$WORKDIR/server-key.pem
|
||||
SRV_REQ=$WORKDIR/server-req.csr
|
||||
SRV_CRT=$WORKDIR/server-cert.pem
|
||||
|
||||
CLI_KEY=$WORKDIR/client-key.pem
|
||||
CLI_REQ=$WORKDIR/client-req.csr
|
||||
CLI_CRT=$WORKDIR/client-cert.pem
|
||||
|
||||
SUBJ="/O=TrueCloudLab"
|
||||
|
||||
if [[ ! -f $CA_KEY || ! -f $CA_CRT ]]; then
|
||||
openssl req -newkey rsa:4096 -x509 -days 365 -nodes -keyout $CA_KEY -out $CA_CRT -subj $SUBJ 2>&1 ||
|
||||
die "CA certificate was not created"
|
||||
fi
|
||||
|
||||
if [[ ! -f $SRV_KEY || ! -f $SRV_CRT ]]; then
|
||||
openssl req -newkey rsa:4096 -nodes -keyout $SRV_KEY -out $SRV_REQ -subj $SUBJ 2>&1 ||
|
||||
die "Server certificate was not created"
|
||||
|
||||
openssl x509 -req -days 365 -set_serial 01 -in $SRV_REQ -out $SRV_CRT -CA $CA_CRT -CAkey $CA_KEY \
|
||||
-extensions san -extfile <(printf "[san]\nsubjectAltName=DNS:nats.$LOCAL_DOMAIN") 2>&1 || {
|
||||
rm $SRV_REQ
|
||||
die "Server certificate was not signed by CA"
|
||||
}
|
||||
|
||||
rm $SRV_REQ
|
||||
fi
|
||||
|
||||
if [[ ! -f $CLI_KEY || ! -f $CLI_CRT ]]; then
|
||||
openssl req -newkey rsa:4096 -nodes -keyout $CLI_KEY -out $CLI_REQ -subj $SUBJ 2>&1 ||
|
||||
die "Client certificate was not created"
|
||||
|
||||
openssl x509 -req -days 365 -set_serial 01 -in $CLI_REQ -out $CLI_CRT -CA $CA_CRT -CAkey $CA_KEY 2>&1 || {
|
||||
rm $CLI_REQ
|
||||
die "Client certificate was not signed by CA"
|
||||
}
|
||||
|
||||
rm $CLI_REQ
|
||||
fi
|
15
services/nats/nats.conf
Normal file
15
services/nats/nats.conf
Normal file
|
@ -0,0 +1,15 @@
|
|||
port: 4222
|
||||
monitor_port: 8222
|
||||
|
||||
jetstream {
|
||||
store_dir=nats
|
||||
max_memory_store: 1GB
|
||||
max_file_store: 2GB
|
||||
}
|
||||
|
||||
tls {
|
||||
cert_file: /certs/server-cert.pem
|
||||
key_file: /certs/server-key.pem
|
||||
ca_file: /certs/ca-cert.pem
|
||||
verify: true
|
||||
}
|
|
@ -1,3 +1,4 @@
|
|||
version: '2.4'
|
||||
services:
|
||||
prometheus:
|
||||
image: ${PROMETHEUS_IMAGE}:${PROMETHEUS_VERSION}
|
||||
|
@ -14,6 +15,8 @@ services:
|
|||
- ./prometheus.yml:/etc/prometheus/prometheus.yml
|
||||
command:
|
||||
- --config.file=/etc/prometheus/prometheus.yml
|
||||
ports:
|
||||
- '9090:9090'
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".prometheus.env", ".int_test.env" ]
|
||||
|
||||
|
@ -21,4 +24,4 @@ networks:
|
|||
prometheus_int:
|
||||
internet:
|
||||
external: true
|
||||
name: basenet_internet
|
||||
name: basenet_internet
|
1
services/rest_gate/.env
Symbolic link
1
services/rest_gate/.env
Symbolic link
|
@ -0,0 +1 @@
|
|||
../../.env
|
1
services/rest_gate/.hosts
Normal file
1
services/rest_gate/.hosts
Normal file
|
@ -0,0 +1 @@
|
|||
IPV4_PREFIX.83 rest.LOCAL_DOMAIN
|
1
services/rest_gate/.int_test.env
Symbolic link
1
services/rest_gate/.int_test.env
Symbolic link
|
@ -0,0 +1 @@
|
|||
../../.int_test.env
|
12
services/rest_gate/cfg/config.yml
Normal file
12
services/rest_gate/cfg/config.yml
Normal file
|
@ -0,0 +1,12 @@
|
|||
prometheus:
|
||||
enabled: true
|
||||
address: :9090
|
||||
|
||||
server:
|
||||
# The IP and port to listen on.
|
||||
listen-address: 0.0.0.0:8090
|
||||
|
||||
# Wallet settings
|
||||
wallet:
|
||||
path: /wallet.json # Path to wallet
|
||||
passphrase: one # Password to decrypt wallet
|
32
services/rest_gate/docker-compose.yml
Normal file
32
services/rest_gate/docker-compose.yml
Normal file
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
rest_gate:
|
||||
image: ${REST_GW_IMAGE}:${REST_GW_VERSION}
|
||||
domainname: ${LOCAL_DOMAIN}
|
||||
hostname: rest
|
||||
container_name: rest_gate
|
||||
restart: on-failure
|
||||
networks:
|
||||
rest_gate_int:
|
||||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.83
|
||||
volumes:
|
||||
- ./wallet.json:/wallet.json
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./cfg:/etc/frostfs/rest
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".int_test.env" ]
|
||||
command: [ "frostfs-rest-gw", "--config", "/etc/frostfs/rest/config.yml" ]
|
||||
environment:
|
||||
- REST_GW_POOL_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
||||
- REST_GW_POOL_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
||||
- REST_GW_POOL_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
|
||||
- REST_GW_POOL_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
||||
|
||||
networks:
|
||||
rest_gate_int:
|
||||
internet:
|
||||
external: true
|
||||
name: basenet_internet
|
|
@ -1,12 +1,12 @@
|
|||
{
|
||||
"version": "1.0",
|
||||
"version": "3.0",
|
||||
"accounts": [
|
||||
{
|
||||
"address": "NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7",
|
||||
"key": "6PYR3XurAyTzVeDG5WV2Z8vnGdySw3mTLuKjr6Nwo7tae64SJ7XjZSMMPQ",
|
||||
"label": "lifecycler",
|
||||
"address": "NPFCqWHfi9ixCJRu7DABRbVfXRbkSEr9Vo",
|
||||
"key": "6PYTAGjdaeicUDPqGv9mmgwb9kTwimWJJmmfNqJSDGH9qM79zSRcL9oHiB",
|
||||
"label": "REST Gateway",
|
||||
"contract": {
|
||||
"script": "DCED9z0M+WSGfXZGxYLj1yYwmgxJXE/kNA4+oWNi0q1uKCdBVuezJw==",
|
||||
"script": "DCECcuPzZCZ2VyDsm2jKEOMnU6xEWO2bF1dvOvBWTDFYB1ZBVuezJw==",
|
||||
"parameters": [
|
||||
{
|
||||
"name": "parameter0",
|
|
@ -33,17 +33,3 @@ server:
|
|||
wallet:
|
||||
path: /wallet.json # Path to wallet
|
||||
passphrase: "s3" # Passphrase to decrypt wallet
|
||||
|
||||
features:
|
||||
md5:
|
||||
enabled: true
|
||||
|
||||
control:
|
||||
grpc:
|
||||
endpoint: localhost:16515
|
||||
|
||||
frostfsid:
|
||||
enabled: false
|
||||
|
||||
policy:
|
||||
enabled: false
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
s3_gate:
|
||||
image: ${S3_GW_IMAGE}:${S3_GW_VERSION}
|
||||
|
@ -12,19 +13,12 @@ services:
|
|||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.82
|
||||
volumes:
|
||||
# Gate wallet
|
||||
- ./wallet.json:/wallet.json
|
||||
# Custom user wallets
|
||||
- ./wallets:/wallets
|
||||
# Default user wallet
|
||||
- ./../../wallets/wallet.json:/wallets/wallet.json
|
||||
- ./tls.key:/tls.key
|
||||
- ./tls.crt:/tls.crt
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./cfg:/etc/frostfs/s3
|
||||
- ./issue-creds.sh:/usr/bin/issue-creds.sh
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".s3.env", ".int_test.env" ]
|
||||
command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ]
|
||||
environment:
|
||||
|
@ -40,8 +34,6 @@ services:
|
|||
- S3_GW_PEERS_2_WEIGHT=0.2
|
||||
- S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
||||
- S3_GW_PEERS_3_WEIGHT=0.2
|
||||
- AUTHMATE_WALLET_PASSPHRASE=
|
||||
- AUTHMATE_WALLET_CONTRACT_PASSPHRASE=s3
|
||||
|
||||
networks:
|
||||
s3_gate_int:
|
||||
|
|
|
@ -1,41 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
initUser() {
|
||||
/bin/frostfs-s3-authmate register-user \
|
||||
--wallet $WALLET_PATH \
|
||||
--rpc-endpoint http://morph-chain.frostfs.devenv:30333 \
|
||||
--username $USERNAME \
|
||||
--contract-wallet /wallet.json 1> /dev/null && touch $WALLET_CACHE/$USERNAME
|
||||
}
|
||||
|
||||
issueCreds() {
|
||||
/bin/frostfs-s3-authmate issue-secret \
|
||||
--wallet $WALLET_PATH \
|
||||
--peer s01.frostfs.devenv:8080 \
|
||||
--gate-public-key $S3_GATE_PUBLIC_KEY \
|
||||
--container-placement-policy "REP 3"
|
||||
}
|
||||
|
||||
set -e
|
||||
|
||||
WALLET_PATH=/wallets/$2
|
||||
if [[ -z "$2" ]]; then
|
||||
WALLET_PATH=/wallets/wallet.json
|
||||
fi
|
||||
|
||||
S3_GATE_PUBLIC_KEY=$3
|
||||
if [[ -z "$3" ]]; then
|
||||
S3_GATE_PUBLIC_KEY=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf
|
||||
fi
|
||||
|
||||
WALLET_CACHE=/data/wallets
|
||||
mkdir -p $WALLET_CACHE
|
||||
|
||||
USERNAME=$(echo $WALLET_PATH | md5sum | cut -d' ' -f1)
|
||||
if [ ! -e $WALLET_CACHE/$USERNAME ]; then
|
||||
initUser
|
||||
fi
|
||||
|
||||
if [ $1 == "s3" ]; then
|
||||
issueCreds
|
||||
fi
|
|
@ -1,14 +0,0 @@
|
|||
.PHONY: s3cred register
|
||||
|
||||
password?=
|
||||
contract_password?=s3
|
||||
gate_public_key?=
|
||||
wallet?=
|
||||
|
||||
# Register wallet & generate S3 credentials
|
||||
s3cred:
|
||||
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh s3 "$(wallet)" "$(gate_public_key)"
|
||||
|
||||
# Only registers user wallet
|
||||
register:
|
||||
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh native "$(wallet)"
|
|
@ -1 +0,0 @@
|
|||
IPV4_PREFIX.84 lifecycler.LOCAL_DOMAIN
|
|
@ -1,42 +0,0 @@
|
|||
logger:
|
||||
level: debug
|
||||
|
||||
prometheus:
|
||||
enabled: true
|
||||
address: :9090
|
||||
|
||||
lifecycle:
|
||||
job_fetcher_buffer: 1000
|
||||
executor_pool_size: 100
|
||||
|
||||
frostfs:
|
||||
stream_timeout: 10s
|
||||
connect_timeout: 10s
|
||||
healthcheck_timeout: 15s
|
||||
rebalance_interval: 60s
|
||||
pool_error_threshold: 100
|
||||
tree_pool_max_attempts: 4
|
||||
|
||||
credential:
|
||||
use: wallets
|
||||
source:
|
||||
wallets:
|
||||
- path: /wallet.json
|
||||
address: NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7
|
||||
passphrase: "cycle"
|
||||
- path: /user-wallet.json
|
||||
address: NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
|
||||
passphrase: ""
|
||||
|
||||
morph:
|
||||
reconnect_clients_interval: 30s
|
||||
dial_timeout: 5s
|
||||
contract:
|
||||
netmap: netmap.frostfs
|
||||
frostfsid: frostfsid.frostfs
|
||||
container: container.frostfs
|
||||
|
||||
# Wallet configuration
|
||||
wallet:
|
||||
path: /wallet.json # Path to wallet
|
||||
passphrase: "cycle" # Passphrase to decrypt wallet
|
|
@ -1,38 +0,0 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
s3_lifecycler:
|
||||
image: ${S3_LIFECYCLER_IMAGE}:${S3_LIFECYCLER_VERSION}
|
||||
domainname: ${LOCAL_DOMAIN}
|
||||
hostname: s3_lifecycler
|
||||
container_name: s3_lifecycler
|
||||
restart: on-failure
|
||||
networks:
|
||||
s3_lifecycler_int:
|
||||
internet:
|
||||
ipv4_address: ${IPV4_PREFIX}.84
|
||||
volumes:
|
||||
- ./wallet.json:/wallet.json
|
||||
- ./../../vendor/hosts:/etc/hosts
|
||||
- ./cfg:/etc/frostfs/s3-lifecycler
|
||||
- ./../../wallets/wallet.json:/user-wallet.json
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".int_test.env" ]
|
||||
command: [ "frostfs-s3-lifecycler", "--config", "/etc/frostfs/s3-lifecycler/config.yml" ]
|
||||
environment:
|
||||
- S3_LIFECYCLER_MORPH_RPC_ENDPOINT_0_ADDRESS=ws://morph-chain:30333/ws
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_0_WEIGHT=0.2
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_1_WEIGHT=0.2
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_2_WEIGHT=0.2
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
||||
- S3_LIFECYCLER_FROSTFS_PEERS_3_WEIGHT=0.2
|
||||
|
||||
networks:
|
||||
s3_lifecycler_int:
|
||||
internet:
|
||||
external: true
|
||||
name: basenet_internet
|
|
@ -1,11 +1,6 @@
|
|||
# Logger section
|
||||
logger:
|
||||
level: debug # Minimum enabled logging level
|
||||
loki:
|
||||
enabled: true
|
||||
endpoint: "loki.frostfs.devenv:3100/api/prom/push"
|
||||
max_batch_delay: 1s
|
||||
max_batch_size: 200
|
||||
|
||||
# Profiler section
|
||||
pprof:
|
||||
|
@ -19,7 +14,7 @@ prometheus:
|
|||
address: :9090 # Server address
|
||||
shutdown_timeout: 15s # Timeout for metrics HTTP server graceful shutdown
|
||||
|
||||
# Application tracing section
|
||||
# Application tracing section
|
||||
tracing:
|
||||
enabled: true
|
||||
exporter: otlp_grpc
|
||||
|
@ -32,6 +27,18 @@ morph:
|
|||
- address: ws://morph-chain:30333/ws
|
||||
priority: 1
|
||||
|
||||
# Common storage node settings
|
||||
node:
|
||||
attribute_0: "User-Agent:FrostFS/0.34"
|
||||
notification:
|
||||
enabled: true # Turn on object notification service
|
||||
endpoint: "tls://nats.frostfs.devenv:4222" # Notification server endpoint
|
||||
timeout: "6s" # Timeout for object notification client connection
|
||||
default_topic: "test" # Default topic for object notifications if not found in object's meta
|
||||
certificate: "/etc/frostfs-node/nats.tls.cert" # Path to TLS certificate
|
||||
key: "/etc/frostfs-node/nats.tls.key" # Path to TLS key
|
||||
ca: "/etc/frostfs-node/nats.ca.crt" # Path to optional CA certificate
|
||||
|
||||
# Tree section
|
||||
tree:
|
||||
enabled: true
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
---
|
||||
|
||||
version: "2.4"
|
||||
services:
|
||||
storage01:
|
||||
image: ${NODE_IMAGE}:${NODE_VERSION}
|
||||
|
@ -17,10 +18,13 @@ services:
|
|||
- storage_s01:/storage
|
||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||
- ./cli-cfg.yml:/cli-cfg.yml
|
||||
- ./healthcheck.sh:/healthcheck.sh
|
||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
||||
- ./cfg:/etc/frostfs/storage
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||
environment:
|
||||
|
@ -29,11 +33,10 @@ services:
|
|||
- FROSTFS_NODE_ADDRESSES=s01.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_GRPC_0_ENDPOINT=s01.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s01.${LOCAL_DOMAIN}:8081
|
||||
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MOW
|
||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:22
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
@ -55,10 +58,13 @@ services:
|
|||
- storage_s02:/storage
|
||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||
- ./cli-cfg.yml:/cli-cfg.yml
|
||||
- ./healthcheck.sh:/healthcheck.sh
|
||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
||||
- ./cfg:/etc/frostfs/storage
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||
environment:
|
||||
|
@ -67,11 +73,10 @@ services:
|
|||
- FROSTFS_NODE_ADDRESSES=s02.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_GRPC_0_ENDPOINT=s02.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s02.${LOCAL_DOMAIN}:8081
|
||||
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU LED
|
||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:33
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
@ -93,10 +98,13 @@ services:
|
|||
- storage_s03:/storage
|
||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||
- ./cli-cfg.yml:/cli-cfg.yml
|
||||
- ./healthcheck.sh:/healthcheck.sh
|
||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
||||
- ./cfg:/etc/frostfs/storage
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||
environment:
|
||||
|
@ -105,11 +113,10 @@ services:
|
|||
- FROSTFS_NODE_ADDRESSES=s03.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_GRPC_0_ENDPOINT=s03.${LOCAL_DOMAIN}:8080
|
||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s03.${LOCAL_DOMAIN}:8081
|
||||
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:SE STO
|
||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:11
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
@ -131,11 +138,14 @@ services:
|
|||
- storage_s04:/storage
|
||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||
- ./cli-cfg.yml:/cli-cfg.yml
|
||||
- ./healthcheck.sh:/healthcheck.sh
|
||||
- ./s04tls.crt:/tls.crt
|
||||
- ./s04tls.key:/tls.key
|
||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
||||
- ./cfg:/etc/frostfs/storage
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 15s
|
||||
stop_signal: SIGKILL
|
||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||
environment:
|
||||
|
@ -149,11 +159,10 @@ services:
|
|||
- FROSTFS_GRPC_1_TLS_ENABLED=true
|
||||
- FROSTFS_GRPC_1_TLS_CERTIFICATE=/tls.crt
|
||||
- FROSTFS_GRPC_1_TLS_KEY=/tls.key
|
||||
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:FI HEL
|
||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:44
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
|
5
services/storage/healthcheck.sh
Executable file
5
services/storage/healthcheck.sh
Executable file
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh
|
||||
|
||||
/frostfs-cli control healthcheck -c /cli-cfg.yml \
|
||||
--endpoint "$FROSTFS_CONTROL_GRPC_ENDPOINT" |
|
||||
grep "Health status: READY"
|
Loading…
Reference in a new issue