forked from TrueCloudLab/frostfs-dev-env
Compare commits
90 commits
Author | SHA1 | Date | |
---|---|---|---|
a0fdaebbf4 | |||
10e5bed2af | |||
7152f59232 | |||
636be7352e | |||
d0c32731f2 | |||
7538bd9b17 | |||
2e67acbcb2 | |||
439a9e71cf | |||
dd382f8ce0 | |||
044cf99e8d | |||
ae658469a5 | |||
155042343b | |||
f94fa284ec | |||
d03be14312 | |||
0be22a9375 | |||
2b6122192a | |||
773ea2339b | |||
47b4917e7b | |||
|
8edfcb364d | ||
19e5cec49f | |||
0f6f2722c2 | |||
9654b77236 | |||
dfad34fdea | |||
1077c9d358 | |||
40454b5507 | |||
9c9ec639f0 | |||
de8b58911e | |||
c2e2b6442c | |||
4413251994 | |||
e254eba6a8 | |||
90bd39d717 | |||
fdcf71d5b6 | |||
f0c3c02943 | |||
4a6b481618 | |||
42e6349276 | |||
eba763ff79 | |||
b7ac6f30cf | |||
6eedab3d83 | |||
731976cc57 | |||
51053e3317 | |||
04260ad0d8 | |||
9bb0385b85 | |||
b6f47cb2c2 | |||
d8df46b4d1 | |||
cc963b78b5 | |||
acd32cb877 | |||
0231b2bbf0 | |||
1408558631 | |||
8218440525 | |||
201855e729 | |||
74d43f48f2 | |||
d76cc2e48a | |||
d5ee290740 | |||
4f9285251f | |||
f749581c4e | |||
2efc0442f1 | |||
7de23fe789 | |||
3abb217d30 | |||
584fa43ca7 | |||
2744f675aa | |||
3400bb5736 | |||
d08b338e06 | |||
c31b7d9c84 | |||
8eca14f331 | |||
463521d511 | |||
656833d37e | |||
aded88f09a | |||
5050dff55a | |||
e551fac84d | |||
6b0ce07808 | |||
80dc0faae9 | |||
c50ea0ea5c | |||
dc2a2862d4 | |||
ee4d5ee6a6 | |||
5534204706 | |||
26e290efcb | |||
2452e4469b | |||
cbed3ce798 | |||
45b98196cc | |||
7171e152e0 | |||
53007be047 | |||
f57a739c3f | |||
1b6b2d1259 | |||
045b55250a | |||
6d6aaefaec | |||
db0ebb7349 | |||
976f16803d | |||
c7b4a8eb01 | |||
11ff8a81cc | |||
dca6ff620a |
83 changed files with 590 additions and 556 deletions
|
@ -1,5 +1,4 @@
|
||||||
# Services start/stop order
|
# Services start/stop order
|
||||||
# Will start from top to bottom and stop in reverse
|
# Will start from top to bottom and stop in reverse
|
||||||
nats
|
|
||||||
ir
|
ir
|
||||||
storage
|
storage
|
||||||
|
|
|
@ -3,3 +3,5 @@
|
||||||
basenet
|
basenet
|
||||||
morph_chain
|
morph_chain
|
||||||
jaeger
|
jaeger
|
||||||
|
prometheus
|
||||||
|
grafana
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
.docker
|
.docker
|
||||||
.github
|
.github
|
||||||
|
.forgejo
|
||||||
vendor
|
vendor
|
||||||
tmp
|
tmp
|
||||||
.secrets
|
.secrets
|
||||||
|
|
46
.env
46
.env
|
@ -8,23 +8,19 @@ BASTION_VERSION=10
|
||||||
BASTION_IMAGE=debian
|
BASTION_IMAGE=debian
|
||||||
|
|
||||||
# NeoGo privnet
|
# NeoGo privnet
|
||||||
NEOGO_VERSION=0.100.1
|
NEOGO_VERSION=0.104.0
|
||||||
NEOGO_IMAGE=nspccdev/neo-go
|
NEOGO_IMAGE=nspccdev/neo-go
|
||||||
|
|
||||||
# FrostFS InnerRing nodes
|
# FrostFS InnerRing nodes
|
||||||
IR_VERSION=5ffa8268
|
IR_VERSION=0.42.9
|
||||||
IR_IMAGE=truecloudlab/frostfs-ir
|
IR_IMAGE=git.frostfs.info/truecloudlab/frostfs-ir
|
||||||
|
|
||||||
# FrostFS Storage nodes
|
# FrostFS Storage nodes
|
||||||
NODE_VERSION=5ffa8268
|
NODE_VERSION=0.42.9
|
||||||
NODE_IMAGE=truecloudlab/frostfs-storage
|
NODE_IMAGE=git.frostfs.info/truecloudlab/frostfs-storage
|
||||||
|
|
||||||
# NATS Server
|
|
||||||
NATS_VERSION=2.7.2
|
|
||||||
NATS_IMAGE=nats
|
|
||||||
|
|
||||||
# HTTP Gate
|
# HTTP Gate
|
||||||
HTTP_GW_VERSION=6abd500b
|
HTTP_GW_VERSION=0.30.2
|
||||||
HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
|
HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
|
||||||
|
|
||||||
# REST Gate
|
# REST Gate
|
||||||
|
@ -32,27 +28,43 @@ REST_GW_VERSION=c9c85e90
|
||||||
REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
|
REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
|
||||||
|
|
||||||
# S3 Gate
|
# S3 Gate
|
||||||
S3_GW_VERSION=000d9ed4
|
S3_GW_VERSION=0.31.0-rc.4
|
||||||
S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
|
S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
|
||||||
|
|
||||||
|
# Lifecycler
|
||||||
|
S3_LIFECYCLER_VERSION=0.1.3
|
||||||
|
S3_LIFECYCLER_IMAGE=truecloudlab/frostfs-s3-lifecycler
|
||||||
|
|
||||||
# FrostFS LOCODE database
|
# FrostFS LOCODE database
|
||||||
LOCODE_DB_URL=https://github.com/nspcc-dev/neofs-locode-db/releases/download/v0.3.0/locode_db.gz
|
LOCODE_DB_URL=https://git.frostfs.info/attachments/a2e8def7-52b6-49f1-89cd-a056712e8e54
|
||||||
#LOCODE_DB_PATH=/path/to/locode_db
|
#LOCODE_DB_PATH=/path/to/locode_db
|
||||||
|
|
||||||
# FrostFS CLI binary
|
# FrostFS CLI binary
|
||||||
FROSTFS_CLI_URL=https://http.t5.fs.neo.org/AQgse8bPCZx4zScMuAKxowJdZPbKHp8NDcp15o6VUNmk/C6BNLpYg5gWLHp3DrXozSxxGLDahBuSBCyJoYSSR1M3Q
|
FROSTFS_CLI_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-cli
|
||||||
#FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary
|
#FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary
|
||||||
|
|
||||||
# FrostFS ADM tool binary
|
# FrostFS ADM tool binary
|
||||||
FROSTFS_ADM_VERSION=e3554425
|
FROSTFS_ADM_VERSION=498f9955ea
|
||||||
FROSTFS_ADM_URL=https://http.t5.fs.neo.org/AQgse8bPCZx4zScMuAKxowJdZPbKHp8NDcp15o6VUNmk/sXZxy9vbFyJiLhN9qTSXozXK7SN9H8ZC6dpvAt59Zaj
|
FROSTFS_ADM_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-adm
|
||||||
#FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary
|
#FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary
|
||||||
|
|
||||||
# Compiled FrostFS Smart Contracts
|
# Compiled FrostFS Smart Contracts
|
||||||
FROSTFS_CONTRACTS_VERSION=4f3c08f5
|
FROSTFS_CONTRACTS_VERSION=694daebb19
|
||||||
FROSTFS_CONTRACTS_URL=https://http.t5.fs.neo.org/AQgse8bPCZx4zScMuAKxowJdZPbKHp8NDcp15o6VUNmk/c1nGtturFrSeygYP3AyNHDDLNbs7HhJiH2BQkgZxEmZ
|
FROSTFS_CONTRACTS_URL=https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/download/v0.19.2/frostfs-contract-v0.19.2.tar.gz
|
||||||
#FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir
|
#FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir
|
||||||
|
|
||||||
# Jaeger tracing
|
# Jaeger tracing
|
||||||
JAEGER_VERSION=1.42.0
|
JAEGER_VERSION=1.42.0
|
||||||
JAEGER_IMAGE=jaegertracing/all-in-one
|
JAEGER_IMAGE=jaegertracing/all-in-one
|
||||||
|
|
||||||
|
# Prometheus monitoring
|
||||||
|
PROMETHEUS_VERSION=v2.43.0
|
||||||
|
PROMETHEUS_IMAGE=prom/prometheus
|
||||||
|
|
||||||
|
# Grafana versions
|
||||||
|
GRAFANA_VERSION=9.5.6
|
||||||
|
GRAFANA_IMAGE=grafana/grafana
|
||||||
|
|
||||||
|
# Loki versions
|
||||||
|
LOKI_VERSION=2.9.1
|
||||||
|
LOKI_IMAGE=grafana/loki
|
||||||
|
|
21
.forgejo/workflows/dco.yml
Normal file
21
.forgejo/workflows/dco.yml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
name: DCO action
|
||||||
|
on: [pull_request]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
dco:
|
||||||
|
name: DCO
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Setup Go
|
||||||
|
uses: actions/setup-go@v3
|
||||||
|
with:
|
||||||
|
go-version: '1.21'
|
||||||
|
|
||||||
|
- name: Run commit format checker
|
||||||
|
uses: https://git.frostfs.info/TrueCloudLab/dco-go@v2
|
||||||
|
with:
|
||||||
|
from: 'origin/${{ github.event.pull_request.base.ref }}'
|
1
.gitattributes
vendored
Normal file
1
.gitattributes
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
/services/grafana/provisioning/dashboards/* -diff -merge
|
21
.github/workflows/dco.yml
vendored
21
.github/workflows/dco.yml
vendored
|
@ -1,21 +0,0 @@
|
||||||
name: DCO check
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- master
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
commits_check_job:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
name: Commits Check
|
|
||||||
steps:
|
|
||||||
- name: Get PR Commits
|
|
||||||
id: 'get-pr-commits'
|
|
||||||
uses: tim-actions/get-pr-commits@master
|
|
||||||
with:
|
|
||||||
token: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
- name: DCO Check
|
|
||||||
uses: tim-actions/dco@master
|
|
||||||
with:
|
|
||||||
commits: ${{ steps.get-pr-commits.outputs.commits }}
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -15,4 +15,3 @@ sites/*
|
||||||
# Runtime generation keys
|
# Runtime generation keys
|
||||||
services/storage/*tls.crt
|
services/storage/*tls.crt
|
||||||
services/storage/*tls.key
|
services/storage/*tls.key
|
||||||
services/nats/*.pem
|
|
||||||
|
|
|
@ -3,3 +3,4 @@
|
||||||
http_gate
|
http_gate
|
||||||
s3_gate
|
s3_gate
|
||||||
rest_gate
|
rest_gate
|
||||||
|
s3_lifecycler
|
||||||
|
|
|
@ -3,8 +3,8 @@
|
||||||
First, thank you for contributing! We love and encourage pull requests from
|
First, thank you for contributing! We love and encourage pull requests from
|
||||||
everyone. Please follow the guidelines:
|
everyone. Please follow the guidelines:
|
||||||
|
|
||||||
- Check the open [issues](https://github.com/TrueCloudLab/frostfs-dev-env/issues) and
|
- Check the open [issues](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/issues) and
|
||||||
[pull requests](https://github.com/TrueCloudLab/frostfs-dev-env/pulls) for existing
|
[pull requests](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/pulls) for existing
|
||||||
discussions.
|
discussions.
|
||||||
|
|
||||||
- Open an issue first, to discuss a new feature or enhancement.
|
- Open an issue first, to discuss a new feature or enhancement.
|
||||||
|
@ -25,19 +25,19 @@ Start by forking the `frostfs-dev-env` repository, make changes in a branch and
|
||||||
send a pull request. We encourage pull requests to discuss code changes. Here
|
send a pull request. We encourage pull requests to discuss code changes. Here
|
||||||
are the steps in details:
|
are the steps in details:
|
||||||
|
|
||||||
### Set up your GitHub Repository
|
### Set up your git repository
|
||||||
Fork [FrostFS node upstream](https://github.com/TrueCloudLab/frostfs-dev-env/fork) source
|
Fork [FrostFS node upstream](https://git.frostfs.info/repo/fork/24) source
|
||||||
repository to your own personal repository. Copy the URL of your fork (you will
|
repository to your own personal repository. Copy the URL of your fork (you will
|
||||||
need it for the `git clone` command below).
|
need it for the `git clone` command below).
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
$ git clone https://github.com/TrueCloudLab/frostfs-dev-env
|
$ git clone https://git.frostfs.info/<username>/frostfs-dev-env.git
|
||||||
```
|
```
|
||||||
|
|
||||||
### Set up git remote as ``upstream``
|
### Set up git remote as ``upstream``
|
||||||
```sh
|
```sh
|
||||||
$ cd frostfs-dev-env
|
$ cd frostfs-dev-env
|
||||||
$ git remote add upstream https://github.com/TrueCloudLab/frostfs-dev-env
|
$ git remote add upstream https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
|
||||||
$ git fetch upstream
|
$ git fetch upstream
|
||||||
$ git merge upstream/master
|
$ git merge upstream/master
|
||||||
...
|
...
|
||||||
|
@ -55,8 +55,7 @@ $ git checkout -b feature/123-something_awesome
|
||||||
### Test your changes
|
### Test your changes
|
||||||
After your code changes, make sure
|
After your code changes, make sure
|
||||||
|
|
||||||
- To add test cases for the new code.
|
- To run `make up` to check dev-env is not broken.
|
||||||
- To run `make lint`
|
|
||||||
- To squash your commits into a single commit or a series of logically separated
|
- To squash your commits into a single commit or a series of logically separated
|
||||||
commits run `git rebase -i`. It's okay to force update your pull request.
|
commits run `git rebase -i`. It's okay to force update your pull request.
|
||||||
|
|
||||||
|
@ -86,8 +85,8 @@ $ git push origin feature/123-something_awesome
|
||||||
```
|
```
|
||||||
|
|
||||||
### Create a Pull Request
|
### Create a Pull Request
|
||||||
Pull requests can be created via GitHub. Refer to [this
|
Pull requests can be created via Forgejo. Refer to [this
|
||||||
document](https://help.github.com/articles/creating-a-pull-request/) for
|
document](https://docs.codeberg.org/collaborating/pull-requests-and-git-flow/) for
|
||||||
detailed steps on how to create a pull request. After a Pull Request gets peer
|
detailed steps on how to create a pull request. After a Pull Request gets peer
|
||||||
reviewed and approved, it will be merged.
|
reviewed and approved, it will be merged.
|
||||||
|
|
||||||
|
|
34
Makefile
34
Makefile
|
@ -43,7 +43,7 @@ HOSTS_LINES = $(shell grep -Rl IPV4_PREFIX ./services/* | grep .hosts)
|
||||||
MORPH_CHAIN_PROTOCOL = './services/morph_chain/protocol.privnet.yml'
|
MORPH_CHAIN_PROTOCOL = './services/morph_chain/protocol.privnet.yml'
|
||||||
|
|
||||||
# List of grepped environment variables from *.env
|
# List of grepped environment variables from *.env
|
||||||
GREP_DOTENV = $(shell find . -name '*.env' -exec grep -rhv -e '^\#' -e '^$$' {} + | sort -u )
|
GREP_DOTENV = $(shell find . -name '*.env' -exec grep -rhv -e '^#' -e '^$$' {} + | sort -u )
|
||||||
|
|
||||||
# Pull all required Docker images
|
# Pull all required Docker images
|
||||||
.PHONY: pull
|
.PHONY: pull
|
||||||
|
@ -60,14 +60,15 @@ get: $(foreach SVC, $(GET_SVCS), get.$(SVC))
|
||||||
.PHONY: up
|
.PHONY: up
|
||||||
up: up/basic
|
up: up/basic
|
||||||
@$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
@$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||||
|
./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/s3-wallet.json | head -1 | awk '{print $1}'` || die "Couldn't set s3-gw wallet as proxy wallet"
|
||||||
@echo "Full FrostFS Developer Environment is ready"
|
@echo "Full FrostFS Developer Environment is ready"
|
||||||
|
|
||||||
# Build up FrostFS
|
# Build up FrostFS
|
||||||
.PHONY: up/basic
|
.PHONY: up/basic
|
||||||
up/basic: up/bootstrap
|
up/basic: up/bootstrap
|
||||||
@$(foreach SVC, $(START_BASIC), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
@$(foreach SVC, $(START_BASIC), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||||
@./bin/tick.sh
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph force-new-epoch
|
||||||
@./bin/config.sh string SystemDNS container
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config SystemDNS=container --force
|
||||||
@echo "Basic FrostFS Developer Environment is ready"
|
@echo "Basic FrostFS Developer Environment is ready"
|
||||||
|
|
||||||
# Start bootstrap services
|
# Start bootstrap services
|
||||||
|
@ -75,9 +76,26 @@ up/basic: up/bootstrap
|
||||||
up/bootstrap: get vendor/hosts
|
up/bootstrap: get vendor/hosts
|
||||||
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||||
@source ./bin/helper.sh
|
@source ./bin/helper.sh
|
||||||
@./vendor/frostfs-adm --config frostfs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || die "Failed to initialize Alphabet wallets"
|
@./vendor/frostfs-adm --config frostfs-adm.yml morph init --contracts vendor/contracts
|
||||||
@for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || die "Failed to transfer GAS to alphabet wallets"; done
|
echo "Set rule chain to policy contract"
|
||||||
@echo "FrostFS sidechain environment is deployed"
|
@./vendor/frostfs-adm --config frostfs-adm.yml morph \
|
||||||
|
ape add-rule-chain --target-type namespace --target-name "" \
|
||||||
|
--rule 'allow Container.* *' --chain-id "allow_container_ops"
|
||||||
|
@for f in ./services/storage/wallet*.json; do \
|
||||||
|
echo "Transfer GAS to wallet $${f}" \
|
||||||
|
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 \
|
||||||
|
|| die "Failed to transfer GAS to alphabet wallets"; \
|
||||||
|
done
|
||||||
|
@echo "Create frostfsid subject for ./wallets/wallet.json"; \
|
||||||
|
if [ -n "$$(./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid list-subjects --namespace '')" ]; then \
|
||||||
|
echo "Subject already exists"; \
|
||||||
|
else \
|
||||||
|
subj_key=`docker container exec -it morph_chain neo-go wallet dump-keys -w /wallets/wallet.json | tail -1 | tr -d ' \r\n'` \
|
||||||
|
&& echo "Subject key: $${subj_key}" \
|
||||||
|
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid create-subject --namespace "" --subject-key $${subj_key} --subject-name walletsubject \
|
||||||
|
|| die "Failed to create subject for the wallet"; \
|
||||||
|
fi
|
||||||
|
echo "FrostFS sidechain environment is deployed"
|
||||||
|
|
||||||
# Build up certain service
|
# Build up certain service
|
||||||
.PHONY: up/%
|
.PHONY: up/%
|
||||||
|
@ -132,7 +150,7 @@ hosts: vendor/hosts
|
||||||
.PHONY: clean
|
.PHONY: clean
|
||||||
.ONESHELL:
|
.ONESHELL:
|
||||||
clean:
|
clean:
|
||||||
@rm -rf vendor/* services/storage/s04tls.* services/nats/*.pem
|
@rm -rf vendor/* services/storage/s04tls.*
|
||||||
@> .int_test.env
|
@> .int_test.env
|
||||||
@for svc in $(PULL_SVCS)
|
@for svc in $(PULL_SVCS)
|
||||||
do
|
do
|
||||||
|
@ -148,7 +166,7 @@ clean:
|
||||||
.PHONY: env
|
.PHONY: env
|
||||||
env:
|
env:
|
||||||
@$(foreach envvar,$(GREP_DOTENV),echo $(envvar);)
|
@$(foreach envvar,$(GREP_DOTENV),echo $(envvar);)
|
||||||
@echo MORPH_BLOCK_TIME=$(shell grep 'SecondsPerBlock' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')s
|
@echo MORPH_BLOCK_TIME=$(shell grep 'TimePerBlock' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')s
|
||||||
@echo MORPH_MAGIC=$(shell grep 'Magic' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')
|
@echo MORPH_MAGIC=$(shell grep 'Magic' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')
|
||||||
|
|
||||||
# Restart storage nodes with clean volumes
|
# Restart storage nodes with clean volumes
|
||||||
|
|
81
README.md
81
README.md
|
@ -27,7 +27,7 @@ Make sure you have installed all of the following prerequisites on your machine:
|
||||||
Clone repo:
|
Clone repo:
|
||||||
|
|
||||||
```
|
```
|
||||||
$ git clone https://github.com/TrueCloudLab/frostfs-dev-env.git
|
$ git clone https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
|
||||||
```
|
```
|
||||||
|
|
||||||
Run next commands from project's root:
|
Run next commands from project's root:
|
||||||
|
@ -57,17 +57,6 @@ Run all services with command:
|
||||||
$ make up
|
$ make up
|
||||||
```
|
```
|
||||||
|
|
||||||
When all services are up, you need to make GAS deposit for test wallet to be
|
|
||||||
able to pay for FrostFS operations. Test wallet is located in
|
|
||||||
`wallets/wallet.json` with the corresponding key in `wallets/wallet.key`. The
|
|
||||||
password is empty.
|
|
||||||
|
|
||||||
```
|
|
||||||
$ make prepare.ir
|
|
||||||
password >
|
|
||||||
fa6ba62bffb04030d303dcc95bda7413e03aa3c7e6ca9c2f999d65db9ec9b82c
|
|
||||||
```
|
|
||||||
|
|
||||||
Also, you should add self-signed node (`s04.frostfs.devenv`) certificate to trusted
|
Also, you should add self-signed node (`s04.frostfs.devenv`) certificate to trusted
|
||||||
store (default location might be changed using `CA_CERTS_TRUSTED_STORE`
|
store (default location might be changed using `CA_CERTS_TRUSTED_STORE`
|
||||||
variable). This step is required for client services (frostfs-http-gw,
|
variable). This step is required for client services (frostfs-http-gw,
|
||||||
|
@ -82,12 +71,7 @@ password of inner ring wallet is `one`. See examples in `make help`.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ make update.epoch_duration val=30
|
$ make update.epoch_duration val=30
|
||||||
Changing EpochDuration configration value to 30
|
Waiting for transactions to persist...
|
||||||
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
|
|
||||||
Sent invocation transaction dbb8c1145b6d10f150135630e13bb0dc282023163f5956c6945a60db0cb45cb0
|
|
||||||
Updating FrostFS epoch to 2
|
|
||||||
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
|
|
||||||
Sent invocation transaction 0e6eb5e190f36332e5e5f4e866c7e100826e285fd949e11c085e15224f343ba6
|
|
||||||
```
|
```
|
||||||
|
|
||||||
For instructions on how to set up DevEnv on macOS, please refer [the
|
For instructions on how to set up DevEnv on macOS, please refer [the
|
||||||
|
@ -123,7 +107,7 @@ Maybe you will find the answer for your question in [F.A.Q.](docs/faq.md)
|
||||||
|
|
||||||
## Using FrostFS Admin Tool in `dev-env`
|
## Using FrostFS Admin Tool in `dev-env`
|
||||||
|
|
||||||
Devenv supports FrostFS network management via [frostfs-adm](https://github.com/TrueCloudLab/frostfs-node/tree/master/cmd/frostfs-adm).
|
Devenv supports FrostFS network management via [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/src/branch/master/cmd/frostfs-adm).
|
||||||
`services/ir` contains the Alphabet wallet in a proper format, specify it
|
`services/ir` contains the Alphabet wallet in a proper format, specify it
|
||||||
with `--alphabet-wallets` flag.
|
with `--alphabet-wallets` flag.
|
||||||
|
|
||||||
|
@ -153,6 +137,65 @@ Display addresses and host names for each running service, if available.
|
||||||
|
|
||||||
Clean up `vendor` directory.
|
Clean up `vendor` directory.
|
||||||
|
|
||||||
|
### s3cred
|
||||||
|
|
||||||
|
Registers user wallet and issues s3 credentials.
|
||||||
|
|
||||||
|
Usage and default parameter values:
|
||||||
|
```sh
|
||||||
|
make s3cred [password=""] [contract_password=s3] [wallet=/user_wallet.json] [gate_public_key=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf]
|
||||||
|
```
|
||||||
|
|
||||||
|
As soon as the storage node is in the network map (see above) you can generate S3
|
||||||
|
credentials:
|
||||||
|
|
||||||
|
``` sh
|
||||||
|
$ make s3cred
|
||||||
|
{
|
||||||
|
"access_key_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p",
|
||||||
|
"secret_access_key": "d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f",
|
||||||
|
"owner_private_key": "140947599afd9ca89af4b358c3176eb046e554d942a0dc99a8e06f3e43c8f4ad",
|
||||||
|
"wallet_public_key": "0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6",
|
||||||
|
"container_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Running without any parameters will result in defaults which are based on the private key from
|
||||||
|
`/user-wallet.json` file and `/wallet.json` contract wallet.
|
||||||
|
|
||||||
|
Now let's configure an S3 client (AWS CLI will be used as example):
|
||||||
|
|
||||||
|
``` sh
|
||||||
|
$ aws configure
|
||||||
|
AWS Access Key ID []: EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p
|
||||||
|
AWS Secret Access Key []: d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f
|
||||||
|
Default region name []: us-east-1
|
||||||
|
Default output format []: json
|
||||||
|
```
|
||||||
|
|
||||||
|
If you need to create credentials for different users, put user wallets to `wallets` dir and specify them via `wallet` parameter.
|
||||||
|
Pass wallet password in `password` parameter if it's not default. The same is for `contract_wallet` and `gate_public_key` params.
|
||||||
|
|
||||||
|
```sh
|
||||||
|
$ make s3cred wallet=custom_wallet.json password=test
|
||||||
|
{
|
||||||
|
"access_key_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys904W7xXFNKqem2ACvTRWRYJsZMCUikYFSokN7pPJziWyDi",
|
||||||
|
"secret_access_key": "21bb64fafa32c82417fd8b97ac56cc8a085998a3852632d52fe7042453daa440",
|
||||||
|
"owner_private_key": "10f6f9d7a47bb0bf68363ad8a99fe69f1493f8b6e1665b3e4e83feb2d5c7ee39",
|
||||||
|
"wallet_public_key": "03e38759973a6bb722baabc2dd84036a39f0b2f53d32fec45a4dacde8a50fe4b70",
|
||||||
|
"container_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys9"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
To get credentials from custom wallet, place it in `wallets` dir before start.
|
||||||
|
|
||||||
|
### cred
|
||||||
|
|
||||||
|
Usage and default parameter values:
|
||||||
|
```sh
|
||||||
|
make cred [password=""] [contract_password=s3] [wallet=/user_wallet.json]
|
||||||
|
```
|
||||||
|
The same as `s3cred`, but it doesn't issues s3 credentials.
|
||||||
|
|
||||||
## Contributing
|
## Contributing
|
||||||
|
|
||||||
Feel free to contribute to this project after reading the [contributing
|
Feel free to contribute to this project after reading the [contributing
|
||||||
|
|
|
@ -1,50 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
echo "Running bin/config.sh"
|
|
||||||
|
|
||||||
# Source env settings
|
|
||||||
. .env
|
|
||||||
. services/ir/.ir.env
|
|
||||||
source bin/helper.sh
|
|
||||||
|
|
||||||
# NeoGo binary path.
|
|
||||||
NEOGO="${NEOGO:-docker exec morph_chain neo-go}"
|
|
||||||
|
|
||||||
# Wallet files to change config value
|
|
||||||
WALLET="${WALLET:-services/morph_chain/node-wallet.json}"
|
|
||||||
CONFIG_IMG="${CONFIG_IMG:-/wallets/config.yml}"
|
|
||||||
|
|
||||||
NETMAP_ADDR=$(bin/resolve.sh netmap.frostfs) || die "Failed to resolve 'netmap.frostfs' domain name"
|
|
||||||
|
|
||||||
# FrostFS configuration record: variable type [string|int|etc],
|
|
||||||
# key is a string and value is a constant of given type
|
|
||||||
TYPE=${1}
|
|
||||||
KEY=${2}
|
|
||||||
VALUE="${3}"
|
|
||||||
|
|
||||||
[ -z "$TYPE" ] && echo "Empty config value type" && exit 1
|
|
||||||
[ -z "$KEY" ] && echo "Empty config key" && exit 1
|
|
||||||
[ -z "$VALUE" ] && echo "Empty config value" && exit 1
|
|
||||||
|
|
||||||
# Internal variables
|
|
||||||
if [[ -z "${FROSTFS_NOTARY_DISABLED}" ]]; then
|
|
||||||
ADDR=$(jq -r .accounts[2].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
|
|
||||||
else
|
|
||||||
ADDR=$(jq -r .accounts[0].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Change config value in side chain
|
|
||||||
echo "Changing ${KEY} configration value to ${VALUE}"
|
|
||||||
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
${NEOGO} contract invokefunction \
|
|
||||||
--wallet-config ${CONFIG_IMG} \
|
|
||||||
-a ${ADDR} --force \
|
|
||||||
-r http://morph-chain.${LOCAL_DOMAIN}:30333 \
|
|
||||||
${NETMAP_ADDR} \
|
|
||||||
setConfig bytes:beefcafe \
|
|
||||||
string:${KEY} \
|
|
||||||
${TYPE}:${VALUE} -- ${ADDR} || exit 1
|
|
||||||
|
|
||||||
# Update epoch to apply new configuration value
|
|
||||||
./bin/tick.sh
|
|
|
@ -1,23 +0,0 @@
|
||||||
#!/usr/bin/expect
|
|
||||||
|
|
||||||
set passwd [lindex $argv 0]
|
|
||||||
set args [lrange $argv 1 end]
|
|
||||||
|
|
||||||
spawn -noecho {*}$args
|
|
||||||
expect -re {^.*assword.*$}
|
|
||||||
|
|
||||||
if { $passwd == "-"} {
|
|
||||||
send -- "\r"
|
|
||||||
} else {
|
|
||||||
send -- "$passwd\r"
|
|
||||||
}
|
|
||||||
|
|
||||||
expect {
|
|
||||||
"Relay transaction" {
|
|
||||||
send "y\r"
|
|
||||||
exp_continue
|
|
||||||
}
|
|
||||||
EOF
|
|
||||||
}
|
|
||||||
lassign [wait] pid spawnid os_error_flag value
|
|
||||||
exit $value
|
|
|
@ -1,22 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# Source env settings
|
|
||||||
. .env
|
|
||||||
source bin/helper.sh
|
|
||||||
|
|
||||||
# NeoGo binary path.
|
|
||||||
NEOGO="${NEOGO:-docker exec morph_chain neo-go}"
|
|
||||||
# NNS contract script hash
|
|
||||||
output=$(curl -s --data '{ "id": 1, "jsonrpc": "2.0", "method": "getcontractstate", "params": [1] }' \
|
|
||||||
"http://morph-chain.${LOCAL_DOMAIN}:30333/") \
|
|
||||||
|| die "Cannot fetch NNS contract state"
|
|
||||||
|
|
||||||
NNS_ADDR=$(jq -r '.result.hash' <<< "$output") \
|
|
||||||
|| die "Cannot parse NNS contract hash: $NNS_ADDR"
|
|
||||||
|
|
||||||
${NEOGO} contract testinvokefunction \
|
|
||||||
-r "http://morph-chain.${LOCAL_DOMAIN}:30333" \
|
|
||||||
"${NNS_ADDR}" resolve string:"${1}" int:16 \
|
|
||||||
| jq -r '.stack[0].value | if type=="array" then .[0].value else . end' \
|
|
||||||
| base64 -d \
|
|
||||||
|| die "Cannot invoke 'NNS.resolve' $output"
|
|
49
bin/tick.sh
49
bin/tick.sh
|
@ -1,49 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
echo "Running bin/tick.sh"
|
|
||||||
|
|
||||||
# Source env settings
|
|
||||||
. .env
|
|
||||||
. services/ir/.ir.env
|
|
||||||
source bin/helper.sh
|
|
||||||
|
|
||||||
# NeoGo binary path.
|
|
||||||
NEOGO="${NEOGO:-docker exec morph_chain neo-go}"
|
|
||||||
|
|
||||||
# Wallet files to change config value
|
|
||||||
WALLET="${WALLET:-services/morph_chain/node-wallet.json}"
|
|
||||||
CONFIG_IMG="${CONFIG_IMG:-/wallets/config.yml}"
|
|
||||||
|
|
||||||
# Internal variables
|
|
||||||
if [[ -z "${FROSTFS_NOTARY_DISABLED}" ]]; then
|
|
||||||
ADDR=$(jq -r .accounts[2].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
|
|
||||||
else
|
|
||||||
ADDR=$(jq -r .accounts[0].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Grep Morph block time
|
|
||||||
SIDECHAIN_PROTO="${SIDECHAIN_PROTO:-services/morph_chain/protocol.privnet.yml}"
|
|
||||||
BLOCK_DURATION=$(grep SecondsPerBlock < "$SIDECHAIN_PROTO" | awk '{print $2}') \
|
|
||||||
|| die "Cannot fetch block duration"
|
|
||||||
NETMAP_ADDR=$(bin/resolve.sh netmap.frostfs) || die "Cannot resolve netmap.frostfs"
|
|
||||||
|
|
||||||
# Fetch current epoch value
|
|
||||||
EPOCH=$(${NEOGO} contract testinvokefunction \
|
|
||||||
-r "http://morph-chain.${LOCAL_DOMAIN}:30333" "${NETMAP_ADDR}" epoch \
|
|
||||||
| grep 'value' | awk -F'"' '{ print $4 }') \
|
|
||||||
|| die "Cannot fetch epoch from netmap contract"
|
|
||||||
|
|
||||||
echo "Updating FrostFS epoch to $((EPOCH+1))"
|
|
||||||
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
${NEOGO} contract invokefunction \
|
|
||||||
--wallet-config ${CONFIG_IMG} \
|
|
||||||
-a ${ADDR} --force \
|
|
||||||
-r http://morph-chain.${LOCAL_DOMAIN}:30333 \
|
|
||||||
${NETMAP_ADDR} \
|
|
||||||
newEpoch int:$((EPOCH+1)) -- ${ADDR}:Global \
|
|
||||||
|| die "Cannot increment an epoch"
|
|
||||||
|
|
||||||
# Wait one Morph block to ensure the transaction broadcasted
|
|
||||||
# shellcheck disable=SC2086
|
|
||||||
sleep $BLOCK_DURATION
|
|
4
configs/s01-cli.yml
Normal file
4
configs/s01-cli.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
wallet: services/storage/wallet01.json
|
||||||
|
password: ""
|
||||||
|
rpc-endpoint: s01.frostfs.devenv:8080
|
||||||
|
endpoint: s01.frostfs.devenv:8081
|
4
configs/s02-cli.yml
Normal file
4
configs/s02-cli.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
wallet: services/storage/wallet02.json
|
||||||
|
password: ""
|
||||||
|
rpc-endpoint: s02.frostfs.devenv:8080
|
||||||
|
endpoint: s02.frostfs.devenv:8081
|
4
configs/s03-cli.yml
Normal file
4
configs/s03-cli.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
wallet: services/storage/wallet03.json
|
||||||
|
password: ""
|
||||||
|
rpc-endpoint: s03.frostfs.devenv:8080
|
||||||
|
endpoint: s03.frostfs.devenv:8081
|
4
configs/s04-cli.yml
Normal file
4
configs/s04-cli.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
wallet: services/storage/wallet04.json
|
||||||
|
password: ""
|
||||||
|
rpc-endpoint: s04.frostfs.devenv:8080
|
||||||
|
endpoint: s04.frostfs.devenv:8081
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
Protocol Gateway to access data in FrostFS using HTTP protocol.
|
Protocol Gateway to access data in FrostFS using HTTP protocol.
|
||||||
|
|
||||||
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-http-gate)
|
Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw)
|
||||||
|
|
||||||
## .env settings
|
## .env settings
|
||||||
|
|
||||||
|
@ -22,8 +22,8 @@ Image label prefix to use for containers.
|
||||||
- Create a new container
|
- Create a new container
|
||||||
```
|
```
|
||||||
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
||||||
--key wallets/wallet.key \
|
--wallet wallets/wallet.key \
|
||||||
container create --basic-acl readonly --await \
|
container create --basic-acl private --await \
|
||||||
--policy "REP 1 SELECT 1 FROM *"
|
--policy "REP 1 SELECT 1 FROM *"
|
||||||
container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
||||||
awaiting...
|
awaiting...
|
||||||
|
@ -33,7 +33,7 @@ container has been persisted on sidechain
|
||||||
- Put an object into the newly created container
|
- Put an object into the newly created container
|
||||||
```
|
```
|
||||||
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
|
||||||
--key wallets/wallet.key \
|
--wallet wallets/wallet.key \
|
||||||
object put --file /tmp/backup.jpeg \
|
object put --file /tmp/backup.jpeg \
|
||||||
--cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
--cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
|
||||||
[/tmp/backup.jpeg] Object successfully stored
|
[/tmp/backup.jpeg] Object successfully stored
|
||||||
|
|
|
@ -3,52 +3,23 @@ A single-node N3 privnet deployment, running on
|
||||||
[neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 FrostFS SideChain.
|
[neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 FrostFS SideChain.
|
||||||
|
|
||||||
Contracts deployed:
|
Contracts deployed:
|
||||||
- Alphabet (AZ) [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/alphabet)
|
- Alphabet (AZ) [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/alphabet)
|
||||||
- Audit [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/audit)
|
- Audit [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/audit)
|
||||||
- Balance [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/balance)
|
- Balance [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/balance)
|
||||||
- Container [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/container)
|
- Container [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/container)
|
||||||
- Netmap [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/netmap)
|
- Netmap [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/netmap)
|
||||||
- NeoFSID [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/neofsid)
|
- NeoFSID [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/neofsid)
|
||||||
- Proxy [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/proxy)
|
- Proxy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/proxy)
|
||||||
- Reputation [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/reputation)
|
- Reputation [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/reputation)
|
||||||
|
|
||||||
RPC available at `http://morph-chain.frostfs.devenv:30333`.
|
RPC available at `http://morph-chain.frostfs.devenv:30333`.
|
||||||
|
|
||||||
## .env settings
|
## .env settings
|
||||||
|
|
||||||
### MORPH_CHAIN_URL
|
|
||||||
|
|
||||||
URL to get side chain dump. Used on artifact get stage.
|
|
||||||
|
|
||||||
### MORPH_CHAIN_PATH
|
|
||||||
|
|
||||||
Path to get side chain dump. If set, overrides `CHAIN_URL`.
|
|
||||||
|
|
||||||
### NEOGO_VERSION
|
### NEOGO_VERSION
|
||||||
|
|
||||||
Version of neo-go docker container for side chain deployment.
|
Version of neo-go docker container for side chain deployment.
|
||||||
|
|
||||||
## Side chain wallets
|
|
||||||
|
|
||||||
There is a wallet with GAS that used for contract deployment:
|
|
||||||
`wallets/wallet.json`. This wallet has one account with **empty password**.
|
|
||||||
|
|
||||||
```
|
|
||||||
$ neo-go wallet nep17 balance \
|
|
||||||
-w wallets/wallet.json \
|
|
||||||
-r http://morph-chain.frostfs.devenv:30333
|
|
||||||
|
|
||||||
Account NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
|
|
||||||
GAS: GasToken (d2a4cff31913016155e38e474a2c06d08be276cf)
|
|
||||||
Amount : 189826.0515316
|
|
||||||
Updated: 3909
|
|
||||||
FROSTFS: FrostFS Balance (69550190e740b93f92dbd5dea52246f550391057)
|
|
||||||
Amount : 50
|
|
||||||
Updated: 3909
|
|
||||||
```
|
|
||||||
|
|
||||||
This way you can also monitor FrostFS internal balance of your account.
|
|
||||||
|
|
||||||
## FrostFS global config
|
## FrostFS global config
|
||||||
|
|
||||||
FrostFS uses global configuration to store epoch duration, maximum object size,
|
FrostFS uses global configuration to store epoch duration, maximum object size,
|
||||||
|
@ -57,16 +28,10 @@ netmap contract and managed by Inner Ring (Alphabet) nodes.
|
||||||
|
|
||||||
To change these parameters use `make update.*` commands. Command down below
|
To change these parameters use `make update.*` commands. Command down below
|
||||||
changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30.
|
changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30.
|
||||||
Script enters passwords automatically with `expect` utility.
|
|
||||||
|
|
||||||
```
|
```
|
||||||
$ make update.epoch_duration val=30
|
$ make update.epoch_duration val=30
|
||||||
Changing EpochDuration configration value to 30
|
Waiting for transactions to persist...
|
||||||
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
|
|
||||||
Sent invocation transaction bdc0fa88cd6719ef6df2b9c82de423ddec6141ca24255c2d0072688083b1de9d
|
|
||||||
Updating FrostFS epoch to 20
|
|
||||||
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
|
|
||||||
Sent invocation transaction 12296e1ce24dd6c04edb9c56d0a1d0e26d3226adefb0333c74a28788f44a8d0f
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Read more about available configuration in Makefile help.
|
Read more about available configuration in Makefile help.
|
||||||
|
@ -78,8 +43,12 @@ $ make help
|
||||||
...
|
...
|
||||||
update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100)
|
update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100)
|
||||||
update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
|
update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
|
||||||
|
update.container_alias_fee Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
|
||||||
update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
|
update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
|
||||||
|
update.eigen_trust_alpha Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
|
||||||
update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
|
update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
|
||||||
update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30)
|
update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30)
|
||||||
|
update.homomorphic_hashing_disable Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
|
||||||
update.max_object_size Update max object size in bytes (make update.max_object_size val=1000)
|
update.max_object_size Update max object size in bytes (make update.max_object_size val=1000)
|
||||||
|
update.system_dns Update system dns to resolve container names (make update.system_dns val=container)
|
||||||
```
|
```
|
||||||
|
|
|
@ -9,64 +9,10 @@ to do these operations. Notary service calculates the exact amount of GAS
|
||||||
to execute transaction, therefore operations are cheaper (withdraw fee **with**
|
to execute transaction, therefore operations are cheaper (withdraw fee **with**
|
||||||
notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS).
|
notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS).
|
||||||
|
|
||||||
By default, main chain service is running without notary service, and side chain
|
Currently, frostfs-dev-env contains single chain (see morph service) and it
|
||||||
running with notary service. However, you can change that in configuration.
|
enables notary service from the genesis block.
|
||||||
|
|
||||||
# Disable notary service in side chain
|
To enable notary service, use neo-go configuration below.
|
||||||
|
|
||||||
To disable notary service in side chain do these steps.
|
|
||||||
|
|
||||||
1. Update `.env` and choose notary disabled chain dump for side chain.
|
|
||||||
|
|
||||||
```
|
|
||||||
MORPH_CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_sidechain_notary_disabled.gz"
|
|
||||||
```
|
|
||||||
|
|
||||||
Make sure to update chain dump files with `make get` target.
|
|
||||||
|
|
||||||
2. Update `service/morph_chain/protocol.privnet.yml` and disable notary settings
|
|
||||||
and state root in header.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
ProtocolConfiguration:
|
|
||||||
StateRootInHeader: false
|
|
||||||
P2PSigExtensions: false
|
|
||||||
ApplicationConfiguration:
|
|
||||||
P2PNotary:
|
|
||||||
Enabled: false
|
|
||||||
```
|
|
||||||
|
|
||||||
Chain dump without notary service does not have predefined network map.
|
|
||||||
Therefore, you need to wait about 5 minutes until new epoch tick with updated
|
|
||||||
network map.
|
|
||||||
|
|
||||||
|
|
||||||
3. Enable helper commands
|
|
||||||
|
|
||||||
To enable helper commands such as `make tick.epoch` or `make update.epoch_duration`
|
|
||||||
make sure to export non-empty `FROSTFS_NOTARY_DISABLED` environment variable.
|
|
||||||
```
|
|
||||||
$ export FROSTFS_NOTARY_DISABLED=1
|
|
||||||
```
|
|
||||||
|
|
||||||
Use `unset` command to return it back.
|
|
||||||
```
|
|
||||||
$ unset FROSTFS_NOTARY_DISABLED
|
|
||||||
```
|
|
||||||
|
|
||||||
# Enable notary service in main chain
|
|
||||||
|
|
||||||
To enable notary service in main chain do these steps.
|
|
||||||
|
|
||||||
1. Update `.env` and choose notary enabled chain dump for main chain.
|
|
||||||
|
|
||||||
```
|
|
||||||
CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_mainchain.gz"
|
|
||||||
```
|
|
||||||
|
|
||||||
Make sure to update chain dump files with `make get` target.
|
|
||||||
|
|
||||||
2. Update `service/chain/protocol.privnet.yml` and enable notary settings.
|
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
ProtocolConfiguration:
|
ProtocolConfiguration:
|
||||||
|
@ -75,7 +21,3 @@ ApplicationConfiguration:
|
||||||
P2PNotary:
|
P2PNotary:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
```
|
```
|
||||||
|
|
||||||
Main chain generates a block once per 15 seconds, so Inner Ring takes about
|
|
||||||
15-30 seconds to make a notary deposit in main chain after startup. Then
|
|
||||||
frostfs-dev-env is ready to work.
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
REST Gateway to access data in FrostFS using REST.
|
REST Gateway to access data in FrostFS using REST.
|
||||||
|
|
||||||
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-rest-gw)
|
Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-rest-gw)
|
||||||
|
|
||||||
## .env settings
|
## .env settings
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
Protocol Gateway to access data in FrostFS using AWS S3 protocol
|
Protocol Gateway to access data in FrostFS using AWS S3 protocol
|
||||||
|
|
||||||
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-s3-gw)
|
Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw)
|
||||||
|
|
||||||
## .env settings
|
## .env settings
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
rpc-endpoint: http://morph-chain.frostfs.devenv:30333
|
rpc-endpoint: http://morph-chain.frostfs.devenv:30333
|
||||||
|
alphabet-wallets: ./services/ir
|
||||||
network:
|
network:
|
||||||
max_object_size: 67108864
|
max_object_size: 67108864
|
||||||
epoch_duration: 240
|
epoch_duration: 240
|
||||||
basic_income_rate: 100000000
|
basic_income_rate: 100000000
|
||||||
homomorphic_hash_disabled: false
|
homomorphic_hash_disabled: false
|
||||||
|
maintenance_mode_allowed: true
|
||||||
fee:
|
fee:
|
||||||
audit: 10000
|
audit: 10000
|
||||||
candidate: 10000000000
|
candidate: 10000000000
|
||||||
|
|
|
@ -1,44 +1,40 @@
|
||||||
# Update epoch duration in side chain blocks (make update.epoch_duration val=30)
|
# Update epoch duration in side chain blocks (make update.epoch_duration val=30)
|
||||||
update.epoch_duration:
|
update.epoch_duration:
|
||||||
@./bin/config.sh int EpochDuration $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EpochDuration=$(val)
|
||||||
|
|
||||||
# Update max object size in bytes (make update.max_object_size val=1000)
|
# Update max object size in bytes (make update.max_object_size val=1000)
|
||||||
update.max_object_size:
|
update.max_object_size:
|
||||||
@./bin/config.sh int MaxObjectSize $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config MaxObjectSize=$(val)
|
||||||
|
|
||||||
# Update audit fee per result in fixed 12 (make update.audit_fee val=100)
|
# Update audit fee per result in fixed 12 (make update.audit_fee val=100)
|
||||||
update.audit_fee:
|
update.audit_fee:
|
||||||
@./bin/config.sh int AuditFee $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config AuditFee=$(val)
|
||||||
|
|
||||||
# Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
|
# Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
|
||||||
update.container_fee:
|
update.container_fee:
|
||||||
@./bin/config.sh int ContainerFee $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config ContainerFee=$(val)
|
||||||
|
|
||||||
# Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
|
# Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
|
||||||
update.container_alias_fee:
|
update.container_alias_fee:
|
||||||
@./bin/config.sh int ContainerAliasFee $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config ContainerAliasFee=$(val)
|
||||||
|
|
||||||
# Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
|
# Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
|
||||||
update.eigen_trust_iterations:
|
update.eigen_trust_iterations:
|
||||||
@./bin/config.sh int EigenTrustIterations $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EigenTrustIterations=$(val)
|
||||||
|
|
||||||
|
|
||||||
# Update system dns to resolve container names (make update.system_dns val=container)
|
# Update system dns to resolve container names (make update.system_dns val=container)
|
||||||
update.system_dns:
|
update.system_dns:
|
||||||
@./bin/config.sh string SystemDNS $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config SystemDNS=$(val) --force
|
||||||
|
|
||||||
# Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
|
# Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
|
||||||
update.eigen_trust_alpha:
|
update.eigen_trust_alpha:
|
||||||
@./bin/config.sh string EigenTrustAlpha $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EigenTrustAlpha=$(val)
|
||||||
|
|
||||||
# Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
|
# Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
|
||||||
update.basic_income_rate:
|
update.basic_income_rate:
|
||||||
@./bin/config.sh int BasicIncomeRate $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config BasicIncomeRate=$(val)
|
||||||
|
|
||||||
# Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
|
# Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
|
||||||
update.homomorphic_hashing_disable:
|
update.homomorphic_hashing_disable:
|
||||||
@./bin/config.sh bool HomomorphicHashingDisabled $(val)
|
@./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config HomomorphicHashingDisabled=$(val)
|
||||||
|
|
||||||
# Tick new epoch in side chain
|
|
||||||
tick.epoch:
|
|
||||||
@./bin/tick.sh
|
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
basenet:
|
basenet:
|
||||||
|
|
2
services/grafana/.hosts
Normal file
2
services/grafana/.hosts
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
IPV4_PREFIX.122 grafana.LOCAL_DOMAIN
|
||||||
|
IPV4_PREFIX.123 loki.LOCAL_DOMAIN
|
31
services/grafana/docker-compose.yml
Normal file
31
services/grafana/docker-compose.yml
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
services:
|
||||||
|
grafana:
|
||||||
|
image: ${GRAFANA_IMAGE}:${GRAFANA_VERSION}
|
||||||
|
domainname: ${LOCAL_DOMAIN}
|
||||||
|
hostname: grafana
|
||||||
|
container_name: grafana
|
||||||
|
restart: on-failure
|
||||||
|
networks:
|
||||||
|
grafana_int:
|
||||||
|
internet:
|
||||||
|
ipv4_address: ${IPV4_PREFIX}.122
|
||||||
|
volumes:
|
||||||
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
|
- ./grafana.ini:/etc/grafana/grafana.ini
|
||||||
|
- ./provisioning:/etc/grafana/provisioning
|
||||||
|
stop_signal: SIGKILL
|
||||||
|
env_file: [ ".env", ".int_test.env" ]
|
||||||
|
|
||||||
|
loki:
|
||||||
|
image: ${LOKI_IMAGE}:${LOKI_VERSION}
|
||||||
|
command: -config.file=/etc/loki/local-config.yaml
|
||||||
|
networks:
|
||||||
|
grafana_int:
|
||||||
|
internet:
|
||||||
|
ipv4_address: ${IPV4_PREFIX}.123
|
||||||
|
|
||||||
|
networks:
|
||||||
|
grafana_int:
|
||||||
|
internet:
|
||||||
|
external: true
|
||||||
|
name: basenet_internet
|
7
services/grafana/grafana.ini
Normal file
7
services/grafana/grafana.ini
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
[auth.anonymous]
|
||||||
|
enabled = true
|
||||||
|
org_name = Main Org.
|
||||||
|
org_role = Editor
|
||||||
|
|
||||||
|
[dashboards]
|
||||||
|
default_home_dashboard_path= /etc/grafana/provisioning/dashboards/overview.json
|
BIN
services/grafana/provisioning/dashboards/14061_rev1.json
Normal file
BIN
services/grafana/provisioning/dashboards/14061_rev1.json
Normal file
Binary file not shown.
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/dashboard.yml
Normal file
BIN
services/grafana/provisioning/dashboards/dashboard.yml
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/engine-buckets.json
Normal file
BIN
services/grafana/provisioning/dashboards/engine-buckets.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/fstree-buckets.json
Normal file
BIN
services/grafana/provisioning/dashboards/fstree-buckets.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/grpc-buckets.json
Normal file
BIN
services/grafana/provisioning/dashboards/grpc-buckets.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/metabase-buckets.json
Normal file
BIN
services/grafana/provisioning/dashboards/metabase-buckets.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/overview.json
Normal file
BIN
services/grafana/provisioning/dashboards/overview.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/storage-node-logs.json
Normal file
BIN
services/grafana/provisioning/dashboards/storage-node-logs.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/storage-node.json
Normal file
BIN
services/grafana/provisioning/dashboards/storage-node.json
Normal file
Binary file not shown.
BIN
services/grafana/provisioning/dashboards/writecache-buckets.json
Normal file
BIN
services/grafana/provisioning/dashboards/writecache-buckets.json
Normal file
Binary file not shown.
13
services/grafana/provisioning/datasources/datasource.yml
Normal file
13
services/grafana/provisioning/datasources/datasource.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
apiVersion: 1
|
||||||
|
|
||||||
|
datasources:
|
||||||
|
- name: Prometheus
|
||||||
|
type: prometheus
|
||||||
|
access: proxy
|
||||||
|
orgId: 1
|
||||||
|
url: http://prometheus:9090
|
||||||
|
- name: Loki
|
||||||
|
type: loki
|
||||||
|
access: proxy
|
||||||
|
orgId: 1
|
||||||
|
url: http://loki:3100
|
|
@ -1,6 +1,10 @@
|
||||||
logger:
|
logger:
|
||||||
level: debug
|
level: debug
|
||||||
|
|
||||||
|
prometheus:
|
||||||
|
enabled: true
|
||||||
|
address: :9090
|
||||||
|
|
||||||
rebalance_timer: 5m # Interval to check nodes health
|
rebalance_timer: 5m # Interval to check nodes health
|
||||||
|
|
||||||
connect_timeout: 60s # Timeout to dial node
|
connect_timeout: 60s # Timeout to dial node
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
http_gate:
|
http_gate:
|
||||||
image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION}
|
image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION}
|
||||||
|
@ -21,6 +20,7 @@ services:
|
||||||
command: [ "frostfs-http-gw", "--config", "/etc/frostfs/http/config.yml" ]
|
command: [ "frostfs-http-gw", "--config", "/etc/frostfs/http/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
- HTTP_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
|
- HTTP_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
|
||||||
|
- HTTP_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080
|
||||||
- HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
- HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
||||||
- HTTP_GW_PEERS_0_WEIGHT=0.2
|
- HTTP_GW_PEERS_0_WEIGHT=0.2
|
||||||
- HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
- HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
||||||
|
|
|
@ -1,3 +1 @@
|
||||||
FROSTFS_IR_CONTRACTS_FROSTFSID=1943e9bb78a0fe2fe0c95fd2677eec2da6aa4aa5
|
|
||||||
|
|
||||||
FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512
|
FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512
|
||||||
|
|
|
@ -25,7 +25,6 @@ endif
|
||||||
# Download FrostFS CLI
|
# Download FrostFS CLI
|
||||||
.ONESHELL:
|
.ONESHELL:
|
||||||
get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli
|
get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli
|
||||||
get.cli: FROSTFS_CLI_ARCHIVE_FILE=${FROSTFS_CLI_FILE}.tar.gz
|
|
||||||
get.cli: FROSTFS_CLI_PATH?=
|
get.cli: FROSTFS_CLI_PATH?=
|
||||||
get.cli:
|
get.cli:
|
||||||
@mkdir -p ./vendor
|
@mkdir -p ./vendor
|
||||||
|
@ -34,10 +33,8 @@ ifeq (${FROSTFS_CLI_PATH},)
|
||||||
@echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}"
|
@echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}"
|
||||||
@curl \
|
@curl \
|
||||||
-ksSL "${FROSTFS_CLI_URL}" \
|
-ksSL "${FROSTFS_CLI_URL}" \
|
||||||
-o ${FROSTFS_CLI_ARCHIVE_FILE}
|
-o ${FROSTFS_CLI_FILE}
|
||||||
@tar -xvf ${FROSTFS_CLI_ARCHIVE_FILE} -C ./vendor | xargs -I {} \
|
@chmod +x ${FROSTFS_CLI_FILE}
|
||||||
mv ./vendor/{} ${FROSTFS_CLI_FILE}
|
|
||||||
@rm ${FROSTFS_CLI_ARCHIVE_FILE}
|
|
||||||
else
|
else
|
||||||
@echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}"
|
@echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}"
|
||||||
@cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE}
|
@cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
ir01:
|
ir01:
|
||||||
|
@ -13,19 +12,19 @@ services:
|
||||||
ir_int:
|
ir_int:
|
||||||
internet:
|
internet:
|
||||||
ipv4_address: ${IPV4_PREFIX}.61
|
ipv4_address: ${IPV4_PREFIX}.61
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
volumes:
|
volumes:
|
||||||
- ./az.json:/wallet.json
|
- ./az.json:/wallet.json
|
||||||
- ./az.key:/wallet01.key
|
- ./az.key:/wallet01.key
|
||||||
- ./../../vendor/hosts:/etc/hosts
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
- ./../../vendor/locode_db:/locode/db
|
- ./../../vendor/locode_db:/locode/db
|
||||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
|
||||||
- ./cfg:/etc/frostfs/ir
|
- ./cfg:/etc/frostfs/ir
|
||||||
env_file: [ ".env", ".ir.env", ".int_test.env" ]
|
env_file: [ ".env", ".ir.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ]
|
command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ]
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
test: ["CMD-SHELL", "/frostfs-cli control ir healthcheck -q --wallet /wallet01.key --endpoint \"$$FROSTFS_IR_CONTROL_GRPC_ENDPOINT\""]
|
||||||
interval: 2s
|
interval: 2s
|
||||||
timeout: 1s
|
timeout: 1s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
/frostfs-cli control healthcheck \
|
|
||||||
--endpoint "$FROSTFS_IR_CONTROL_GRPC_ENDPOINT" \
|
|
||||||
--wallet /wallet01.key --ir |
|
|
||||||
grep "Health status: READY"
|
|
|
@ -1,4 +0,0 @@
|
||||||
# Deposit GAS from default wallet to FrostFS privnet contract
|
|
||||||
prepare.ir:
|
|
||||||
@./bin/config.sh int ContainerFee 0
|
|
||||||
@./bin/config.sh int ContainerAliasFee 0
|
|
|
@ -1,4 +1,3 @@
|
||||||
version: '2.4'
|
|
||||||
services:
|
services:
|
||||||
jaeger:
|
jaeger:
|
||||||
image: ${JAEGER_IMAGE}:${JAEGER_VERSION}
|
image: ${JAEGER_IMAGE}:${JAEGER_VERSION}
|
||||||
|
@ -20,7 +19,10 @@ services:
|
||||||
env_file: [ ".env", ".jaeger.env", ".int_test.env" ]
|
env_file: [ ".env", ".jaeger.env", ".int_test.env" ]
|
||||||
environment:
|
environment:
|
||||||
- COLLECTOR_OTLP_ENABLED=true
|
- COLLECTOR_OTLP_ENABLED=true
|
||||||
- MEMORY_MAX_TRACES=100000
|
- SPAN_STORAGE_TYPE=badger
|
||||||
|
- BADGER_EPHEMERAL=false
|
||||||
|
- BADGER_DIRECTORY_VALUE=/badger/data
|
||||||
|
- BADGER_DIRECTORY_KEY=/badger/key
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
jaeger_int:
|
jaeger_int:
|
||||||
|
|
|
@ -20,15 +20,12 @@ endif
|
||||||
|
|
||||||
# Download FrostFS ADM tool
|
# Download FrostFS ADM tool
|
||||||
get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm
|
get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm
|
||||||
get.adm: FROSTFS_ADM_ARCHIVE=frostfs-adm.tar.gz
|
|
||||||
get.adm:
|
get.adm:
|
||||||
|
|
||||||
ifeq (${FROSTFS_ADM_PATH},)
|
ifeq (${FROSTFS_ADM_PATH},)
|
||||||
@echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}"
|
@echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}"
|
||||||
@curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_ARCHIVE}
|
@curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_DEST}
|
||||||
@tar -xvf ${FROSTFS_ADM_ARCHIVE} -C ./vendor | xargs -I {} \
|
@chmod +x ${FROSTFS_ADM_DEST}
|
||||||
mv ./vendor/{} ${FROSTFS_ADM_DEST}
|
|
||||||
@rm ${FROSTFS_ADM_ARCHIVE}
|
|
||||||
else
|
else
|
||||||
@echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}"
|
@echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}"
|
||||||
@cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST}
|
@cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
frostfs_morph_chain:
|
frostfs_morph_chain:
|
||||||
image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
|
image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
|
||||||
|
@ -20,9 +19,14 @@ services:
|
||||||
- ./config.yml:/wallets/config.yml
|
- ./config.yml:/wallets/config.yml
|
||||||
- ./../../vendor/hosts:/etc/hosts
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
- ./../../wallets/wallet.json:/wallets/wallet.json
|
- ./../../wallets/wallet.json:/wallets/wallet.json
|
||||||
|
- ./../s3_gate/wallet.json:/wallets/s3-wallet.json
|
||||||
|
- chains:/chains
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
chain_int:
|
chain_int:
|
||||||
internet:
|
internet:
|
||||||
external: true
|
external: true
|
||||||
name: basenet_internet
|
name: basenet_internet
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
chains:
|
||||||
|
|
|
@ -1,50 +1,56 @@
|
||||||
ProtocolConfiguration:
|
ProtocolConfiguration:
|
||||||
Magic: 15405
|
Magic: 15405
|
||||||
MaxTraceableBlocks: 200000
|
MaxTraceableBlocks: 200000
|
||||||
SecondsPerBlock: 1
|
TimePerBlock: 1s
|
||||||
MemPoolSize: 50000
|
MemPoolSize: 50000
|
||||||
StandbyCommittee:
|
StandbyCommittee:
|
||||||
- 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
|
- 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
|
||||||
ValidatorsCount: 1
|
ValidatorsCount: 1
|
||||||
SeedList:
|
SeedList:
|
||||||
- 172.200.0.1:20333
|
- 172.200.0.1:20333
|
||||||
VerifyBlocks: true
|
|
||||||
VerifyTransactions: true
|
VerifyTransactions: true
|
||||||
StateRootInHeader: true
|
StateRootInHeader: true
|
||||||
P2PSigExtensions: true
|
P2PSigExtensions: true
|
||||||
|
|
||||||
ApplicationConfiguration:
|
ApplicationConfiguration:
|
||||||
|
SkipBlockVerification: false
|
||||||
DBConfiguration:
|
DBConfiguration:
|
||||||
Type: "boltdb"
|
Type: "boltdb"
|
||||||
BoltDBOptions:
|
BoltDBOptions:
|
||||||
FilePath: "./db/morph.bolt"
|
FilePath: "/chains/morph.bolt"
|
||||||
NodePort: 20333
|
P2P:
|
||||||
Relay: true
|
Addresses:
|
||||||
DialTimeout: 3
|
- ":20333"
|
||||||
ProtoTickInterval: 2
|
DialTimeout: 3s
|
||||||
PingInterval: 30
|
ProtoTickInterval: 2s
|
||||||
PingTimeout: 90
|
PingInterval: 30s
|
||||||
|
PingTimeout: 90s
|
||||||
MaxPeers: 10
|
MaxPeers: 10
|
||||||
AttemptConnPeers: 5
|
AttemptConnPeers: 5
|
||||||
MinPeers: 0
|
MinPeers: 0
|
||||||
|
Relay: true
|
||||||
|
Consensus:
|
||||||
|
Enabled: true
|
||||||
|
UnlockWallet:
|
||||||
|
Path: "./wallets/node-wallet.json"
|
||||||
|
Password: "one"
|
||||||
RPC:
|
RPC:
|
||||||
Address: 192.168.130.90
|
Addresses:
|
||||||
|
- ":30333"
|
||||||
Enabled: true
|
Enabled: true
|
||||||
SessionEnabled: true
|
SessionEnabled: true
|
||||||
EnableCORSWorkaround: false
|
EnableCORSWorkaround: false
|
||||||
MaxGasInvoke: 100
|
MaxGasInvoke: 100
|
||||||
Port: 30333
|
|
||||||
P2PNotary:
|
P2PNotary:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
UnlockWallet:
|
UnlockWallet:
|
||||||
Path: "./wallets/node-wallet.json"
|
Path: "./wallets/node-wallet.json"
|
||||||
Password: "one"
|
Password: "one"
|
||||||
Prometheus:
|
Prometheus:
|
||||||
|
Addresses:
|
||||||
|
- ":20001"
|
||||||
Enabled: true
|
Enabled: true
|
||||||
Port: 20001
|
|
||||||
Pprof:
|
Pprof:
|
||||||
|
Addresses:
|
||||||
|
- ":20011"
|
||||||
Enabled: true
|
Enabled: true
|
||||||
Port: 20011
|
|
||||||
UnlockWallet:
|
|
||||||
Path: "./wallets/node-wallet.json"
|
|
||||||
Password: "one"
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
IPV4_PREFIX.101 nats.LOCAL_DOMAIN
|
|
|
@ -1,7 +0,0 @@
|
||||||
# Create new TLS certs for NATS server and clients
|
|
||||||
|
|
||||||
NATS_DIR=$(abspath services/nats)
|
|
||||||
|
|
||||||
get.nats:
|
|
||||||
@echo "⇒ Creating certs for NATS server and clients"
|
|
||||||
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null
|
|
|
@ -1,31 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
|
||||||
nats:
|
|
||||||
image: ${NATS_IMAGE}:${NATS_VERSION}
|
|
||||||
domainname: ${LOCAL_DOMAIN}
|
|
||||||
hostname: nats
|
|
||||||
container_name: nats
|
|
||||||
restart: on-failure
|
|
||||||
dns:
|
|
||||||
- ${IPV4_PREFIX}.101
|
|
||||||
networks:
|
|
||||||
nats_int:
|
|
||||||
internet:
|
|
||||||
ipv4_address: ${IPV4_PREFIX}.101
|
|
||||||
volumes:
|
|
||||||
- ./../../vendor/hosts:/etc/hosts
|
|
||||||
- ./nats.conf:/etc/nats/frostfs-nats-server.conf
|
|
||||||
- ./server-cert.pem:/certs/server-cert.pem
|
|
||||||
- ./server-key.pem:/certs/server-key.pem
|
|
||||||
- ./ca-cert.pem:/certs/ca-cert.pem
|
|
||||||
stop_signal: SIGKILL
|
|
||||||
env_file: [ ".env", ".int_test.env" ]
|
|
||||||
command: ["-c", "/etc/nats/frostfs-nats-server.conf"]
|
|
||||||
|
|
||||||
networks:
|
|
||||||
nats_int:
|
|
||||||
internet:
|
|
||||||
external: true
|
|
||||||
name: basenet_internet
|
|
|
@ -1,49 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
source bin/helper.sh
|
|
||||||
|
|
||||||
WORKDIR=$(dirname "$0")
|
|
||||||
LOCAL_DOMAIN=$1
|
|
||||||
|
|
||||||
CA_KEY=$WORKDIR/ca-key.pem
|
|
||||||
CA_CRT=$WORKDIR/ca-cert.pem
|
|
||||||
|
|
||||||
SRV_KEY=$WORKDIR/server-key.pem
|
|
||||||
SRV_REQ=$WORKDIR/server-req.csr
|
|
||||||
SRV_CRT=$WORKDIR/server-cert.pem
|
|
||||||
|
|
||||||
CLI_KEY=$WORKDIR/client-key.pem
|
|
||||||
CLI_REQ=$WORKDIR/client-req.csr
|
|
||||||
CLI_CRT=$WORKDIR/client-cert.pem
|
|
||||||
|
|
||||||
SUBJ="/O=NSPCC"
|
|
||||||
|
|
||||||
if [[ ! -f $CA_KEY || ! -f $CA_CRT ]]; then
|
|
||||||
openssl req -newkey rsa:4096 -x509 -days 365 -nodes -keyout $CA_KEY -out $CA_CRT -subj $SUBJ 2>&1 ||
|
|
||||||
die "CA certificate was not created"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -f $SRV_KEY || ! -f $SRV_CRT ]]; then
|
|
||||||
openssl req -newkey rsa:4096 -nodes -keyout $SRV_KEY -out $SRV_REQ -subj $SUBJ 2>&1 ||
|
|
||||||
die "Server certificate was not created"
|
|
||||||
|
|
||||||
openssl x509 -req -days 365 -set_serial 01 -in $SRV_REQ -out $SRV_CRT -CA $CA_CRT -CAkey $CA_KEY \
|
|
||||||
-extensions san -extfile <(printf "[san]\nsubjectAltName=DNS:nats.$LOCAL_DOMAIN") 2>&1 || {
|
|
||||||
rm $SRV_REQ
|
|
||||||
die "Server certificate was not signed by CA"
|
|
||||||
}
|
|
||||||
|
|
||||||
rm $SRV_REQ
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -f $CLI_KEY || ! -f $CLI_CRT ]]; then
|
|
||||||
openssl req -newkey rsa:4096 -nodes -keyout $CLI_KEY -out $CLI_REQ -subj $SUBJ 2>&1 ||
|
|
||||||
die "Client certificate was not created"
|
|
||||||
|
|
||||||
openssl x509 -req -days 365 -set_serial 01 -in $CLI_REQ -out $CLI_CRT -CA $CA_CRT -CAkey $CA_KEY 2>&1 || {
|
|
||||||
rm $CLI_REQ
|
|
||||||
die "Client certificate was not signed by CA"
|
|
||||||
}
|
|
||||||
|
|
||||||
rm $CLI_REQ
|
|
||||||
fi
|
|
|
@ -1,15 +0,0 @@
|
||||||
port: 4222
|
|
||||||
monitor_port: 8222
|
|
||||||
|
|
||||||
jetstream {
|
|
||||||
store_dir=nats
|
|
||||||
max_memory_store: 1GB
|
|
||||||
max_file_store: 2GB
|
|
||||||
}
|
|
||||||
|
|
||||||
tls {
|
|
||||||
cert_file: /certs/server-cert.pem
|
|
||||||
key_file: /certs/server-key.pem
|
|
||||||
ca_file: /certs/ca-cert.pem
|
|
||||||
verify: true
|
|
||||||
}
|
|
1
services/prometheus/.env
Symbolic link
1
services/prometheus/.env
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../../.env
|
1
services/prometheus/.hosts
Normal file
1
services/prometheus/.hosts
Normal file
|
@ -0,0 +1 @@
|
||||||
|
IPV4_PREFIX.121 prometheus.LOCAL_DOMAIN
|
1
services/prometheus/.int_test.env
Symbolic link
1
services/prometheus/.int_test.env
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../../.int_test.env
|
0
services/prometheus/.prometheus.env
Normal file
0
services/prometheus/.prometheus.env
Normal file
24
services/prometheus/docker-compose.yml
Normal file
24
services/prometheus/docker-compose.yml
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
services:
|
||||||
|
prometheus:
|
||||||
|
image: ${PROMETHEUS_IMAGE}:${PROMETHEUS_VERSION}
|
||||||
|
domainname: ${LOCAL_DOMAIN}
|
||||||
|
hostname: prometheus
|
||||||
|
container_name: prometheus
|
||||||
|
restart: on-failure
|
||||||
|
networks:
|
||||||
|
prometheus_int:
|
||||||
|
internet:
|
||||||
|
ipv4_address: ${IPV4_PREFIX}.121
|
||||||
|
volumes:
|
||||||
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
|
- ./prometheus.yml:/etc/prometheus/prometheus.yml
|
||||||
|
command:
|
||||||
|
- --config.file=/etc/prometheus/prometheus.yml
|
||||||
|
stop_signal: SIGKILL
|
||||||
|
env_file: [ ".env", ".prometheus.env", ".int_test.env" ]
|
||||||
|
|
||||||
|
networks:
|
||||||
|
prometheus_int:
|
||||||
|
internet:
|
||||||
|
external: true
|
||||||
|
name: basenet_internet
|
22
services/prometheus/prometheus.yml
Normal file
22
services/prometheus/prometheus.yml
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
global:
|
||||||
|
scrape_interval: 15s
|
||||||
|
|
||||||
|
scrape_configs:
|
||||||
|
- job_name: 'node'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['s01.frostfs.devenv:9090', 's02.frostfs.devenv:9090', 's03.frostfs.devenv:9090', 's04.frostfs.devenv:9090']
|
||||||
|
- job_name: 'http-gw'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['http.frostfs.devenv:9090']
|
||||||
|
- job_name: 'rest-gw'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['rest.frostfs.devenv:9090']
|
||||||
|
- job_name: 's3-gw'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['s3.frostfs.devenv:9090']
|
||||||
|
- job_name: 'neo-go'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['morph-chain.frostfs.devenv:20001']
|
||||||
|
- job_name: 'inner-ring'
|
||||||
|
static_configs:
|
||||||
|
- targets: ['ir01.frostfs.devenv:9090']
|
|
@ -1,3 +1,7 @@
|
||||||
|
prometheus:
|
||||||
|
enabled: true
|
||||||
|
address: :9090
|
||||||
|
|
||||||
server:
|
server:
|
||||||
# The IP and port to listen on.
|
# The IP and port to listen on.
|
||||||
listen-address: 0.0.0.0:8090
|
listen-address: 0.0.0.0:8090
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
rest_gate:
|
rest_gate:
|
||||||
image: ${REST_GW_IMAGE}:${REST_GW_VERSION}
|
image: ${REST_GW_IMAGE}:${REST_GW_VERSION}
|
||||||
|
@ -16,7 +15,8 @@ services:
|
||||||
- ./wallet.json:/wallet.json
|
- ./wallet.json:/wallet.json
|
||||||
- ./../../vendor/hosts:/etc/hosts
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
- ./cfg:/etc/frostfs/rest
|
- ./cfg:/etc/frostfs/rest
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".int_test.env" ]
|
env_file: [ ".env", ".int_test.env" ]
|
||||||
command: [ "frostfs-rest-gw", "--config", "/etc/frostfs/rest/config.yml" ]
|
command: [ "frostfs-rest-gw", "--config", "/etc/frostfs/rest/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
logger:
|
logger:
|
||||||
level: debug
|
level: debug
|
||||||
|
|
||||||
|
prometheus:
|
||||||
|
enabled: true
|
||||||
|
address: :9090
|
||||||
|
|
||||||
# Interval to check node health
|
# Interval to check node health
|
||||||
rebalance_interval: 30s
|
rebalance_interval: 30s
|
||||||
|
|
||||||
|
@ -29,3 +33,17 @@ server:
|
||||||
wallet:
|
wallet:
|
||||||
path: /wallet.json # Path to wallet
|
path: /wallet.json # Path to wallet
|
||||||
passphrase: "s3" # Passphrase to decrypt wallet
|
passphrase: "s3" # Passphrase to decrypt wallet
|
||||||
|
|
||||||
|
features:
|
||||||
|
md5:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
control:
|
||||||
|
grpc:
|
||||||
|
endpoint: localhost:16515
|
||||||
|
|
||||||
|
frostfsid:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
policy:
|
||||||
|
enabled: false
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
s3_gate:
|
s3_gate:
|
||||||
image: ${S3_GW_IMAGE}:${S3_GW_VERSION}
|
image: ${S3_GW_IMAGE}:${S3_GW_VERSION}
|
||||||
|
@ -13,19 +12,26 @@ services:
|
||||||
internet:
|
internet:
|
||||||
ipv4_address: ${IPV4_PREFIX}.82
|
ipv4_address: ${IPV4_PREFIX}.82
|
||||||
volumes:
|
volumes:
|
||||||
|
# Gate wallet
|
||||||
- ./wallet.json:/wallet.json
|
- ./wallet.json:/wallet.json
|
||||||
|
# Custom user wallets
|
||||||
|
- ./wallets:/wallets
|
||||||
|
# Default user wallet
|
||||||
|
- ./../../wallets/wallet.json:/wallets/wallet.json
|
||||||
- ./tls.key:/tls.key
|
- ./tls.key:/tls.key
|
||||||
- ./tls.crt:/tls.crt
|
- ./tls.crt:/tls.crt
|
||||||
- ./../../vendor/hosts:/etc/hosts
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
- ./cfg:/etc/frostfs/s3
|
- ./cfg:/etc/frostfs/s3
|
||||||
stop_signal: SIGKILL
|
- ./issue-creds.sh:/usr/bin/issue-creds.sh
|
||||||
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".s3.env", ".int_test.env" ]
|
env_file: [ ".env", ".s3.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ]
|
command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
- S3_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
|
- S3_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
|
||||||
- S3_GW_SERVER_0_ADDRESS=s3.${LOCAL_DOMAIN}:8080
|
- S3_GW_SERVER_0_ADDRESS=s3.${LOCAL_DOMAIN}:8080
|
||||||
- S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN}
|
- S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN}
|
||||||
- S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080
|
- S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080 s02.${LOCAL_DOMAIN}:8080 s03.${LOCAL_DOMAIN}:8080 s04.${LOCAL_DOMAIN}:8080
|
||||||
- S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
- S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
||||||
- S3_GW_PEERS_0_WEIGHT=0.2
|
- S3_GW_PEERS_0_WEIGHT=0.2
|
||||||
- S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
- S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
||||||
|
@ -34,6 +40,8 @@ services:
|
||||||
- S3_GW_PEERS_2_WEIGHT=0.2
|
- S3_GW_PEERS_2_WEIGHT=0.2
|
||||||
- S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
- S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
||||||
- S3_GW_PEERS_3_WEIGHT=0.2
|
- S3_GW_PEERS_3_WEIGHT=0.2
|
||||||
|
- AUTHMATE_WALLET_PASSPHRASE=
|
||||||
|
- AUTHMATE_WALLET_CONTRACT_PASSPHRASE=s3
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
s3_gate_int:
|
s3_gate_int:
|
||||||
|
|
41
services/s3_gate/issue-creds.sh
Executable file
41
services/s3_gate/issue-creds.sh
Executable file
|
@ -0,0 +1,41 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
initUser() {
|
||||||
|
/bin/frostfs-s3-authmate register-user \
|
||||||
|
--wallet $WALLET_PATH \
|
||||||
|
--rpc-endpoint http://morph-chain.frostfs.devenv:30333 \
|
||||||
|
--username $USERNAME \
|
||||||
|
--contract-wallet /wallet.json 1> /dev/null && touch $WALLET_CACHE/$USERNAME
|
||||||
|
}
|
||||||
|
|
||||||
|
issueCreds() {
|
||||||
|
/bin/frostfs-s3-authmate issue-secret \
|
||||||
|
--wallet $WALLET_PATH \
|
||||||
|
--peer s01.frostfs.devenv:8080 \
|
||||||
|
--gate-public-key $S3_GATE_PUBLIC_KEY \
|
||||||
|
--container-placement-policy "REP 3"
|
||||||
|
}
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
WALLET_PATH=/wallets/$2
|
||||||
|
if [[ -z "$2" ]]; then
|
||||||
|
WALLET_PATH=/wallets/wallet.json
|
||||||
|
fi
|
||||||
|
|
||||||
|
S3_GATE_PUBLIC_KEY=$3
|
||||||
|
if [[ -z "$3" ]]; then
|
||||||
|
S3_GATE_PUBLIC_KEY=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf
|
||||||
|
fi
|
||||||
|
|
||||||
|
WALLET_CACHE=/data/wallets
|
||||||
|
mkdir -p $WALLET_CACHE
|
||||||
|
|
||||||
|
USERNAME=$(echo $WALLET_PATH | md5sum | cut -d' ' -f1)
|
||||||
|
if [ ! -e $WALLET_CACHE/$USERNAME ]; then
|
||||||
|
initUser
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $1 == "s3" ]; then
|
||||||
|
issueCreds
|
||||||
|
fi
|
14
services/s3_gate/prepare.mk
Normal file
14
services/s3_gate/prepare.mk
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
.PHONY: s3cred register
|
||||||
|
|
||||||
|
password?=
|
||||||
|
contract_password?=s3
|
||||||
|
gate_public_key?=
|
||||||
|
wallet?=
|
||||||
|
|
||||||
|
# Register wallet & generate S3 credentials
|
||||||
|
s3cred:
|
||||||
|
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh s3 "$(wallet)" "$(gate_public_key)"
|
||||||
|
|
||||||
|
# Only registers user wallet
|
||||||
|
register:
|
||||||
|
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh native "$(wallet)"
|
1
services/s3_lifecycler/.env
Symbolic link
1
services/s3_lifecycler/.env
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../../.env
|
1
services/s3_lifecycler/.hosts
Normal file
1
services/s3_lifecycler/.hosts
Normal file
|
@ -0,0 +1 @@
|
||||||
|
IPV4_PREFIX.84 lifecycler.LOCAL_DOMAIN
|
1
services/s3_lifecycler/.int_test.env
Symbolic link
1
services/s3_lifecycler/.int_test.env
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../../.int_test.env
|
42
services/s3_lifecycler/cfg/config.yml
Normal file
42
services/s3_lifecycler/cfg/config.yml
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
logger:
|
||||||
|
level: debug
|
||||||
|
|
||||||
|
prometheus:
|
||||||
|
enabled: true
|
||||||
|
address: :9090
|
||||||
|
|
||||||
|
lifecycle:
|
||||||
|
job_fetcher_buffer: 1000
|
||||||
|
executor_pool_size: 100
|
||||||
|
|
||||||
|
frostfs:
|
||||||
|
stream_timeout: 10s
|
||||||
|
connect_timeout: 10s
|
||||||
|
healthcheck_timeout: 15s
|
||||||
|
rebalance_interval: 60s
|
||||||
|
pool_error_threshold: 100
|
||||||
|
tree_pool_max_attempts: 4
|
||||||
|
|
||||||
|
credential:
|
||||||
|
use: wallets
|
||||||
|
source:
|
||||||
|
wallets:
|
||||||
|
- path: /wallet.json
|
||||||
|
address: NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7
|
||||||
|
passphrase: "cycle"
|
||||||
|
- path: /user-wallet.json
|
||||||
|
address: NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
|
||||||
|
passphrase: ""
|
||||||
|
|
||||||
|
morph:
|
||||||
|
reconnect_clients_interval: 30s
|
||||||
|
dial_timeout: 5s
|
||||||
|
contract:
|
||||||
|
netmap: netmap.frostfs
|
||||||
|
frostfsid: frostfsid.frostfs
|
||||||
|
container: container.frostfs
|
||||||
|
|
||||||
|
# Wallet configuration
|
||||||
|
wallet:
|
||||||
|
path: /wallet.json # Path to wallet
|
||||||
|
passphrase: "cycle" # Passphrase to decrypt wallet
|
38
services/s3_lifecycler/docker-compose.yml
Normal file
38
services/s3_lifecycler/docker-compose.yml
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
version: "2.4"
|
||||||
|
services:
|
||||||
|
s3_lifecycler:
|
||||||
|
image: ${S3_LIFECYCLER_IMAGE}:${S3_LIFECYCLER_VERSION}
|
||||||
|
domainname: ${LOCAL_DOMAIN}
|
||||||
|
hostname: s3_lifecycler
|
||||||
|
container_name: s3_lifecycler
|
||||||
|
restart: on-failure
|
||||||
|
networks:
|
||||||
|
s3_lifecycler_int:
|
||||||
|
internet:
|
||||||
|
ipv4_address: ${IPV4_PREFIX}.84
|
||||||
|
volumes:
|
||||||
|
- ./wallet.json:/wallet.json
|
||||||
|
- ./../../vendor/hosts:/etc/hosts
|
||||||
|
- ./cfg:/etc/frostfs/s3-lifecycler
|
||||||
|
- ./../../wallets/wallet.json:/user-wallet.json
|
||||||
|
stop_signal: SIGKILL
|
||||||
|
env_file: [ ".env", ".int_test.env" ]
|
||||||
|
command: [ "frostfs-s3-lifecycler", "--config", "/etc/frostfs/s3-lifecycler/config.yml" ]
|
||||||
|
environment:
|
||||||
|
- S3_LIFECYCLER_MORPH_RPC_ENDPOINT_0_ADDRESS=ws://morph-chain:30333/ws
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_0_WEIGHT=0.2
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_1_WEIGHT=0.2
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_2_WEIGHT=0.2
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
|
||||||
|
- S3_LIFECYCLER_FROSTFS_PEERS_3_WEIGHT=0.2
|
||||||
|
|
||||||
|
networks:
|
||||||
|
s3_lifecycler_int:
|
||||||
|
internet:
|
||||||
|
external: true
|
||||||
|
name: basenet_internet
|
30
services/s3_lifecycler/wallet.json
Normal file
30
services/s3_lifecycler/wallet.json
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{
|
||||||
|
"version": "1.0",
|
||||||
|
"accounts": [
|
||||||
|
{
|
||||||
|
"address": "NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7",
|
||||||
|
"key": "6PYR3XurAyTzVeDG5WV2Z8vnGdySw3mTLuKjr6Nwo7tae64SJ7XjZSMMPQ",
|
||||||
|
"label": "lifecycler",
|
||||||
|
"contract": {
|
||||||
|
"script": "DCED9z0M+WSGfXZGxYLj1yYwmgxJXE/kNA4+oWNi0q1uKCdBVuezJw==",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"name": "parameter0",
|
||||||
|
"type": "Signature"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"deployed": false
|
||||||
|
},
|
||||||
|
"lock": false,
|
||||||
|
"isDefault": false
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"scrypt": {
|
||||||
|
"n": 16384,
|
||||||
|
"r": 8,
|
||||||
|
"p": 8
|
||||||
|
},
|
||||||
|
"extra": {
|
||||||
|
"Tokens": null
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,6 +1,11 @@
|
||||||
# Logger section
|
# Logger section
|
||||||
logger:
|
logger:
|
||||||
level: debug # Minimum enabled logging level
|
level: debug # Minimum enabled logging level
|
||||||
|
loki:
|
||||||
|
enabled: true
|
||||||
|
endpoint: "loki.frostfs.devenv:3100/api/prom/push"
|
||||||
|
max_batch_delay: 1s
|
||||||
|
max_batch_size: 200
|
||||||
|
|
||||||
# Profiler section
|
# Profiler section
|
||||||
pprof:
|
pprof:
|
||||||
|
@ -14,6 +19,12 @@ prometheus:
|
||||||
address: :9090 # Server address
|
address: :9090 # Server address
|
||||||
shutdown_timeout: 15s # Timeout for metrics HTTP server graceful shutdown
|
shutdown_timeout: 15s # Timeout for metrics HTTP server graceful shutdown
|
||||||
|
|
||||||
|
# Application tracing section
|
||||||
|
tracing:
|
||||||
|
enabled: true
|
||||||
|
exporter: otlp_grpc
|
||||||
|
endpoint: "jaeger.frostfs.devenv:4317"
|
||||||
|
|
||||||
# Morph section
|
# Morph section
|
||||||
morph:
|
morph:
|
||||||
dial_timeout: 30s # Timeout for side chain NEO RPC client connection
|
dial_timeout: 30s # Timeout for side chain NEO RPC client connection
|
||||||
|
@ -21,18 +32,6 @@ morph:
|
||||||
- address: ws://morph-chain:30333/ws
|
- address: ws://morph-chain:30333/ws
|
||||||
priority: 1
|
priority: 1
|
||||||
|
|
||||||
# Common storage node settings
|
|
||||||
node:
|
|
||||||
attribute_0: "User-Agent:FrostFS/0.34"
|
|
||||||
notification:
|
|
||||||
enabled: true # Turn on object notification service
|
|
||||||
endpoint: "tls://nats.frostfs.devenv:4222" # Notification server endpoint
|
|
||||||
timeout: "6s" # Timeout for object notification client connection
|
|
||||||
default_topic: "test" # Default topic for object notifications if not found in object's meta
|
|
||||||
certificate: "/etc/frostfs-node/nats.tls.cert" # Path to TLS certificate
|
|
||||||
key: "/etc/frostfs-node/nats.tls.key" # Path to TLS key
|
|
||||||
ca: "/etc/frostfs-node/nats.ca.crt" # Path to optional CA certificate
|
|
||||||
|
|
||||||
# Tree section
|
# Tree section
|
||||||
tree:
|
tree:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
@ -42,7 +41,7 @@ storage:
|
||||||
shard:
|
shard:
|
||||||
0:
|
0:
|
||||||
writecache:
|
writecache:
|
||||||
enabled: false
|
enabled: true
|
||||||
path: /storage/wc0 # Write-cache root directory
|
path: /storage/wc0 # Write-cache root directory
|
||||||
|
|
||||||
metabase:
|
metabase:
|
||||||
|
@ -62,7 +61,7 @@ storage:
|
||||||
|
|
||||||
1:
|
1:
|
||||||
writecache:
|
writecache:
|
||||||
enabled: false
|
enabled: true
|
||||||
path: /storage/wc1 # Write-cache root directory
|
path: /storage/wc1 # Write-cache root directory
|
||||||
|
|
||||||
metabase:
|
metabase:
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
version: "2.4"
|
|
||||||
services:
|
services:
|
||||||
storage01:
|
storage01:
|
||||||
image: ${NODE_IMAGE}:${NODE_VERSION}
|
image: ${NODE_IMAGE}:${NODE_VERSION}
|
||||||
|
@ -18,13 +17,10 @@ services:
|
||||||
- storage_s01:/storage
|
- storage_s01:/storage
|
||||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||||
- ./cli-cfg.yml:/cli-cfg.yml
|
- ./cli-cfg.yml:/cli-cfg.yml
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
|
||||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
|
||||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
|
||||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
|
||||||
- ./cfg:/etc/frostfs/storage
|
- ./cfg:/etc/frostfs/storage
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -33,10 +29,11 @@ services:
|
||||||
- FROSTFS_NODE_ADDRESSES=s01.${LOCAL_DOMAIN}:8080
|
- FROSTFS_NODE_ADDRESSES=s01.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_GRPC_0_ENDPOINT=s01.${LOCAL_DOMAIN}:8080
|
- FROSTFS_GRPC_0_ENDPOINT=s01.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s01.${LOCAL_DOMAIN}:8081
|
- FROSTFS_CONTROL_GRPC_ENDPOINT=s01.${LOCAL_DOMAIN}:8081
|
||||||
|
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MOW
|
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MOW
|
||||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:22
|
- FROSTFS_NODE_ATTRIBUTE_2=Price:22
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||||
interval: 2s
|
interval: 2s
|
||||||
timeout: 1s
|
timeout: 1s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
@ -58,13 +55,10 @@ services:
|
||||||
- storage_s02:/storage
|
- storage_s02:/storage
|
||||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||||
- ./cli-cfg.yml:/cli-cfg.yml
|
- ./cli-cfg.yml:/cli-cfg.yml
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
|
||||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
|
||||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
|
||||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
|
||||||
- ./cfg:/etc/frostfs/storage
|
- ./cfg:/etc/frostfs/storage
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -73,10 +67,11 @@ services:
|
||||||
- FROSTFS_NODE_ADDRESSES=s02.${LOCAL_DOMAIN}:8080
|
- FROSTFS_NODE_ADDRESSES=s02.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_GRPC_0_ENDPOINT=s02.${LOCAL_DOMAIN}:8080
|
- FROSTFS_GRPC_0_ENDPOINT=s02.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s02.${LOCAL_DOMAIN}:8081
|
- FROSTFS_CONTROL_GRPC_ENDPOINT=s02.${LOCAL_DOMAIN}:8081
|
||||||
|
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU LED
|
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU LED
|
||||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:33
|
- FROSTFS_NODE_ATTRIBUTE_2=Price:33
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||||
interval: 2s
|
interval: 2s
|
||||||
timeout: 1s
|
timeout: 1s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
@ -98,13 +93,10 @@ services:
|
||||||
- storage_s03:/storage
|
- storage_s03:/storage
|
||||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||||
- ./cli-cfg.yml:/cli-cfg.yml
|
- ./cli-cfg.yml:/cli-cfg.yml
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
|
||||||
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
|
||||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
|
||||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
|
||||||
- ./cfg:/etc/frostfs/storage
|
- ./cfg:/etc/frostfs/storage
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -113,10 +105,11 @@ services:
|
||||||
- FROSTFS_NODE_ADDRESSES=s03.${LOCAL_DOMAIN}:8080
|
- FROSTFS_NODE_ADDRESSES=s03.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_GRPC_0_ENDPOINT=s03.${LOCAL_DOMAIN}:8080
|
- FROSTFS_GRPC_0_ENDPOINT=s03.${LOCAL_DOMAIN}:8080
|
||||||
- FROSTFS_CONTROL_GRPC_ENDPOINT=s03.${LOCAL_DOMAIN}:8081
|
- FROSTFS_CONTROL_GRPC_ENDPOINT=s03.${LOCAL_DOMAIN}:8081
|
||||||
|
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:SE STO
|
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:SE STO
|
||||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:11
|
- FROSTFS_NODE_ATTRIBUTE_2=Price:11
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||||
interval: 2s
|
interval: 2s
|
||||||
timeout: 1s
|
timeout: 1s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
@ -138,14 +131,11 @@ services:
|
||||||
- storage_s04:/storage
|
- storage_s04:/storage
|
||||||
- ./../../vendor/frostfs-cli:/frostfs-cli
|
- ./../../vendor/frostfs-cli:/frostfs-cli
|
||||||
- ./cli-cfg.yml:/cli-cfg.yml
|
- ./cli-cfg.yml:/cli-cfg.yml
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
|
||||||
- ./s04tls.crt:/tls.crt
|
- ./s04tls.crt:/tls.crt
|
||||||
- ./s04tls.key:/tls.key
|
- ./s04tls.key:/tls.key
|
||||||
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
|
|
||||||
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
|
|
||||||
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
|
|
||||||
- ./cfg:/etc/frostfs/storage
|
- ./cfg:/etc/frostfs/storage
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGTERM
|
||||||
|
stop_grace_period: 15s
|
||||||
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
env_file: [ ".env", ".storage.env", ".int_test.env" ]
|
||||||
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -159,10 +149,11 @@ services:
|
||||||
- FROSTFS_GRPC_1_TLS_ENABLED=true
|
- FROSTFS_GRPC_1_TLS_ENABLED=true
|
||||||
- FROSTFS_GRPC_1_TLS_CERTIFICATE=/tls.crt
|
- FROSTFS_GRPC_1_TLS_CERTIFICATE=/tls.crt
|
||||||
- FROSTFS_GRPC_1_TLS_KEY=/tls.key
|
- FROSTFS_GRPC_1_TLS_KEY=/tls.key
|
||||||
|
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
|
||||||
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:FI HEL
|
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:FI HEL
|
||||||
- FROSTFS_NODE_ATTRIBUTE_2=Price:44
|
- FROSTFS_NODE_ATTRIBUTE_2=Price:44
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "/healthcheck.sh"]
|
test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
|
||||||
interval: 2s
|
interval: 2s
|
||||||
timeout: 1s
|
timeout: 1s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
|
|
@ -19,7 +19,7 @@ if [[ ! -f ${CERT} ]]; then
|
||||||
) > ${SSL_CONFIG}
|
) > ${SSL_CONFIG}
|
||||||
|
|
||||||
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
||||||
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
|
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=TrueCloudLab/OU=TrueCloudLab/CN=s04.${LOCAL_DOMAIN}" \
|
||||||
-keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || {
|
-keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || {
|
||||||
die "Failed to generate SSL certificate for s04"
|
die "Failed to generate SSL certificate for s04"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
/frostfs-cli control healthcheck -c /cli-cfg.yml \
|
|
||||||
--endpoint "$FROSTFS_CONTROL_GRPC_ENDPOINT" |
|
|
||||||
grep "Health status: READY"
|
|
Loading…
Reference in a new issue