Compare commits

..

87 commits

Author SHA1 Message Date
90147c7108 [#95] Output errors during make clean
It happens that a volume may not be deleted during `make clean`.
For example, if the volume is being used by a container.
If this happens, there are no errors printed to stdout.
And old volumes may cause errors during subsequent `make up`

Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
2024-12-27 12:18:25 +00:00
c4d4fecb89
[#96] s3_lifecycler: Fix docker-compose warnings
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-12-27 10:43:20 +03:00
d34d842700 [#93] Remove frostfs-rest-gw from dev-env
This repo is being archived and not maintained at the moment.

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
b08bb663f9 [#93] Update gateway components
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
d29d50a002 [#93] Update frostfs-contract to the latest version
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
6a5817e15c [#93] Register storage nodes in proxy contract during bootstrap
This allows to send APE requests to the nodes right after `make up` command

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
4db8ca356d [#93] Remove unused env variables
These variables were used when binaries
were available in public storage network

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
e1b8fe7919 [#93] Update frostfs-node to the latest version
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
98484b9739 [#93] Update neo-go to the latest version used by frostfs-node
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2024-12-25 08:44:00 +00:00
0f9000bce6 [#91] Refine CODEOWNERS settings
Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
2024-12-20 16:19:17 +00:00
df6859d246 [#92] docs: Update contract list
Contract list got outdated: it was mentioning NeoFS, Audit and Reputation

Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
2024-12-13 18:10:57 +03:00
326578f0ab [#90] Stop using obsolete .github directory
This commit is a part of multi-repo cleanup effort:
TrueCloudLab/frostfs-infra#136

Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
2024-12-10 11:16:44 +00:00
a0fdaebbf4 [#85] Add s3 lifecycler
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
2024-11-06 22:54:58 +03:00
10e5bed2af
[#79] storage: Take User-Agent from NODE_VERSION
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-10-31 10:39:00 +03:00
7152f59232 [#88] Remove nats service
It was removed from node in TrueCloudLab/frostfs-node#1161.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-10-31 07:38:50 +00:00
636be7352e [#84] Make targets for issuing credentials
Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
2024-10-17 12:37:26 +03:00
d0c32731f2 [#80] Update frostfs-service components to v0.30.*
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-16 08:18:01 +00:00
7538bd9b17 [#83] Honor IPV4_PREFIX in morph_chain config
Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
2024-09-10 16:45:06 +03:00
2e67acbcb2 [#78] env: Restore version format
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-06 14:37:48 +03:00
439a9e71cf [#81] env: Fix typo
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-06 14:09:08 +03:00
dd382f8ce0 [#68] service/morph: Add volume for morph_chain
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 11:54:57 +00:00
044cf99e8d [#70] Makefile: Make bootstrap idempotent
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 11:54:57 +00:00
ae658469a5 [#69] service/ir: Add support -q flag in healthcheck
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 06:25:04 +00:00
155042343b [#69] service/storage: Add support -q flag in healthcheck
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 06:25:04 +00:00
f94fa284ec [#76] Update frostfs-core components to v0.42.9
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-17 05:51:34 +03:00
d03be14312 [#75] Makefile: Add subjects for storage and client wallets to FrostfsID
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-08-16 10:41:57 +03:00
0be22a9375
[#73] Update HTTP gate docs
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
2024-07-08 10:56:42 +03:00
2b6122192a [#67] services/ir: Remove deprecated flag in healthcheck
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-08 11:35:37 +03:00
773ea2339b [#66] Update frostfs-* to v0.38.5
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-04-15 20:16:51 +03:00
47b4917e7b [#65] services: Fix docker-compose warnings
There were multiple warning like this one.
```
WARN[0000] /secret/services/rest_gate/docker-compose.yml: `version` is obsolete
```

According to docker-compose spec, the parameter is indeed purely informative:
https://github.com/compose-spec/compose-spec/blob/master/spec.md#version-and-name-top-level-elements

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-04-04 11:47:33 +03:00
Airat Arifullin
8edfcb364d [#64] adm: Create default Allow policy for root namespace
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-02-26 08:03:13 +00:00
19e5cec49f [#63] Use SIGTERM to stop Go services
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-02-20 15:54:23 +03:00
0f6f2722c2 [#61] Update frostfs-s3-gw
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:30:01 +03:00
9654b77236 [#61] Update frostfs-http-gw
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:11:58 +03:00
dfad34fdea [#61] Update frostfs-node components with contracts
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:11:52 +03:00
1077c9d358 [#59] .env: Update neo-go to v0.104.0
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-12-06 14:09:11 +03:00
40454b5507 [#56] Add loki
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2023-11-15 16:08:15 +03:00
9c9ec639f0 [#58] Update neo-go to v0.103.0
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-10-25 13:15:07 +03:00
de8b58911e [#47] prometheus: Don't bind port to localhost
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-10-06 10:37:41 +03:00
c2e2b6442c [#47] grafana: Don't bind port to localhost
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-10-06 10:37:41 +03:00
4413251994 [#20] Add frostfs-cli configurations
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2023-09-13 16:28:48 +03:00
e254eba6a8 [#52] frostfs-adm.yml: Allow maintenance mode by default
It is a DEV-env after all.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 14:10:54 +03:00
90bd39d717 [#43] grafana: FSTree bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:49 +03:00
fdcf71d5b6 [#49] grafana: Add metabase bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:45 +03:00
f0c3c02943 [#49] grafana: Blobovnicza bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:42 +03:00
4a6b481618 [#49] grafana: Writecache bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:39 +03:00
42e6349276 [#49] grafana: Storage engine bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:35 +03:00
eba763ff79 [#49] grafana: Server bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:31 +03:00
b7ac6f30cf [#50] services/ir: Take all contract hashes from NNS
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-21 10:22:19 +03:00
6eedab3d83 [#48] grafana: Fix blobovnicza board
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-18 13:40:03 +03:00
731976cc57 [#44] grafana: Add Client dashboard
Client dashboard shows outgoing requests.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-14 12:33:18 +00:00
51053e3317 [#46] .forgejo: Update DCO action
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-11 13:48:36 +00:00
04260ad0d8 [#38] grafana: Fix writecache boards
Stack count and size dashborads.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-07 13:59:42 +03:00
9bb0385b85 [#38] grafana: Add morph dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-06 15:15:54 +03:00
b6f47cb2c2 [#38] grafana: Add GC dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-06 13:44:37 +03:00
d8df46b4d1 [#38] grafana: Add engine dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-05 21:16:47 +03:00
cc963b78b5 [#38] grafana: Add fstree dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 15:03:48 +03:00
acd32cb877 [#38] grafana: Add blobovnizca dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 14:50:04 +03:00
0231b2bbf0 [#38] grafana: Add blobstore dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 14:34:54 +03:00
1408558631 [#38] grafana: Fix units
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 13:59:12 +03:00
8218440525 [#38] grafana: Add metabase dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 16:11:35 +03:00
201855e729 [#38] grafana: Add epoch dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:57:07 +03:00
74d43f48f2 [#38] grafana: Add object service dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:48:53 +03:00
d76cc2e48a [#38] grafana: Add replicator dashbords
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:31:19 +03:00
d5ee290740 [#38] grafana: Add node instance state
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-02 16:14:29 +03:00
4f9285251f [#38] grafana: Add writecache boards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-02 15:06:03 +03:00
f749581c4e [#38] grafana: Add tree service row
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-01 18:11:57 +03:00
2efc0442f1 [#38] grafana: Add instance to panels
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-01 16:14:18 +03:00
7de23fe789 [#38] grafana: Fix config
Allow to acces grafana anonymous.
Change home page.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:06:51 +03:00
3abb217d30 [#38] grafana: Change start order
Start grafana right after prometheus.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:06:15 +03:00
584fa43ca7 [#38] grafana: Add overview board
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:05:40 +03:00
2744f675aa [#38] grafana: Add storage dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:05:23 +03:00
3400bb5736 [#37] Add grafana service to visualize prometheus metrics
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-07-24 15:47:25 +03:00
d08b338e06 [#36] prometheus: Add IR metrics
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-06-14 12:39:48 +03:00
c31b7d9c84 [#1] Update README
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
8eca14f331 [#1] Update CONTRIBUTING
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
463521d511 [#1] Update S3 gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
656833d37e [#1] Update REST gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
aded88f09a [#1] Update HTTP gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
5050dff55a [#1] Update morph service description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
e551fac84d [#1] Update notary service description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
6b0ce07808 [#1] Update cert generation scripts
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
80dc0faae9 [#1] Use frostfs.info hosted locode URL
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
c50ea0ea5c [#1] Add DCO check for forgejo runner
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
dc2a2862d4 [#34] Bump FrostFS versions
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-05-30 15:55:23 +03:00
ee4d5ee6a6 [#32] storage: Enable writecache by default
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-05-25 07:30:54 +00:00
5534204706 [#33] s3: Use all storage nodes as tree service
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-05-25 07:30:38 +00:00
79 changed files with 464 additions and 426 deletions

View file

@ -1,5 +1,4 @@
# Services start/stop order # Services start/stop order
# Will start from top to bottom and stop in reverse # Will start from top to bottom and stop in reverse
nats
ir ir
storage storage

View file

@ -4,3 +4,4 @@ basenet
morph_chain morph_chain
jaeger jaeger
prometheus prometheus
grafana

View file

@ -1,5 +1,5 @@
.docker .docker
.github .forgejo
vendor vendor
tmp tmp
.secrets .secrets

44
.env
View file

@ -8,49 +8,43 @@ BASTION_VERSION=10
BASTION_IMAGE=debian BASTION_IMAGE=debian
# NeoGo privnet # NeoGo privnet
NEOGO_VERSION=0.101.1 NEOGO_VERSION=0.106.3
NEOGO_IMAGE=nspccdev/neo-go NEOGO_IMAGE=nspccdev/neo-go
# FrostFS InnerRing nodes # FrostFS InnerRing nodes
IR_VERSION=eca5c210 IR_VERSION=0.44.4
IR_IMAGE=truecloudlab/frostfs-ir IR_IMAGE=git.frostfs.info/truecloudlab/frostfs-ir
# FrostFS Storage nodes # FrostFS Storage nodes
NODE_VERSION=eca5c210 NODE_VERSION=0.44.4
NODE_IMAGE=truecloudlab/frostfs-storage NODE_IMAGE=git.frostfs.info/truecloudlab/frostfs-storage
# NATS Server
NATS_VERSION=2.7.2
NATS_IMAGE=nats
# HTTP Gate # HTTP Gate
HTTP_GW_VERSION=6abd500b HTTP_GW_VERSION=0.32.0
HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
# REST Gate
REST_GW_VERSION=c9c85e90
REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
# S3 Gate # S3 Gate
S3_GW_VERSION=000d9ed4 S3_GW_VERSION=0.32.0
S3_GW_IMAGE=truecloudlab/frostfs-s3-gw S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
# Lifecycler
S3_LIFECYCLER_VERSION=0.1.3
S3_LIFECYCLER_IMAGE=truecloudlab/frostfs-s3-lifecycler
# FrostFS LOCODE database # FrostFS LOCODE database
LOCODE_DB_URL=https://github.com/nspcc-dev/neofs-locode-db/releases/download/v0.3.0/locode_db.gz LOCODE_DB_URL=https://git.frostfs.info/attachments/a2e8def7-52b6-49f1-89cd-a056712e8e54
#LOCODE_DB_PATH=/path/to/locode_db #LOCODE_DB_PATH=/path/to/locode_db
# FrostFS CLI binary # FrostFS CLI binary
FROSTFS_CLI_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/BbngJDdRJEDJTJk7qptq3SxKqrJqtvVYWU6R5AaFGbtG FROSTFS_CLI_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-cli
#FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary #FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary
# FrostFS ADM tool binary # FrostFS ADM tool binary
FROSTFS_ADM_VERSION=eca5c210 FROSTFS_ADM_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-adm
FROSTFS_ADM_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/2GxarAjGUb3RevxvqFGYT3hDQxNNaHzK6aFxhJCAMehq
#FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary #FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary
# Compiled FrostFS Smart Contracts # Compiled FrostFS Smart Contracts
FROSTFS_CONTRACTS_VERSION=8537293e FROSTFS_CONTRACTS_URL=https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/download/v0.21.1/frostfs-contract-v0.21.1.tar.gz
FROSTFS_CONTRACTS_URL=https://http.t5.fs.neo.org/7sm9csjtRLpr4c9QD55q9JJM73v79ohuAhTzP4fYRHFz/6ccZoj4HxoN1G1qvJAX2Qw9p2D6qdyzAjNMaNkEKYQpA
#FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir #FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir
# Jaeger tracing # Jaeger tracing
@ -60,3 +54,11 @@ JAEGER_IMAGE=jaegertracing/all-in-one
# Prometheus monitoring # Prometheus monitoring
PROMETHEUS_VERSION=v2.43.0 PROMETHEUS_VERSION=v2.43.0
PROMETHEUS_IMAGE=prom/prometheus PROMETHEUS_IMAGE=prom/prometheus
# Grafana versions
GRAFANA_VERSION=9.5.6
GRAFANA_IMAGE=grafana/grafana
# Loki versions
LOKI_VERSION=2.9.1
LOKI_IMAGE=grafana/loki

View file

Before

Width:  |  Height:  |  Size: 5.5 KiB

After

Width:  |  Height:  |  Size: 5.5 KiB

View file

@ -0,0 +1,21 @@
name: DCO action
on: [pull_request]
jobs:
dco:
name: DCO
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: '1.21'
- name: Run commit format checker
uses: https://git.frostfs.info/TrueCloudLab/dco-go@v2
with:
from: 'origin/${{ github.event.pull_request.base.ref }}'

1
.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
/services/grafana/provisioning/dashboards/* -diff -merge

1
.github/CODEOWNERS vendored
View file

@ -1 +0,0 @@
* @alexvanin @fyrchik

View file

@ -1,21 +0,0 @@
name: DCO check
on:
pull_request:
branches:
- master
jobs:
commits_check_job:
runs-on: ubuntu-latest
name: Commits Check
steps:
- name: Get PR Commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: DCO Check
uses: tim-actions/dco@master
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}

1
.gitignore vendored
View file

@ -15,4 +15,3 @@ sites/*
# Runtime generation keys # Runtime generation keys
services/storage/*tls.crt services/storage/*tls.crt
services/storage/*tls.key services/storage/*tls.key
services/nats/*.pem

View file

@ -2,4 +2,4 @@
# Will start from top to bottom and stop in reverse # Will start from top to bottom and stop in reverse
http_gate http_gate
s3_gate s3_gate
rest_gate s3_lifecycler

3
CODEOWNERS Normal file
View file

@ -0,0 +1,3 @@
.* @alexvanin @fyrchik
.forgejo/.* @potyarkin
Makefile @potyarkin

View file

@ -3,8 +3,8 @@
First, thank you for contributing! We love and encourage pull requests from First, thank you for contributing! We love and encourage pull requests from
everyone. Please follow the guidelines: everyone. Please follow the guidelines:
- Check the open [issues](https://github.com/TrueCloudLab/frostfs-dev-env/issues) and - Check the open [issues](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/issues) and
[pull requests](https://github.com/TrueCloudLab/frostfs-dev-env/pulls) for existing [pull requests](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/pulls) for existing
discussions. discussions.
- Open an issue first, to discuss a new feature or enhancement. - Open an issue first, to discuss a new feature or enhancement.
@ -25,19 +25,19 @@ Start by forking the `frostfs-dev-env` repository, make changes in a branch and
send a pull request. We encourage pull requests to discuss code changes. Here send a pull request. We encourage pull requests to discuss code changes. Here
are the steps in details: are the steps in details:
### Set up your GitHub Repository ### Set up your git repository
Fork [FrostFS node upstream](https://github.com/TrueCloudLab/frostfs-dev-env/fork) source Fork [FrostFS node upstream](https://git.frostfs.info/repo/fork/24) source
repository to your own personal repository. Copy the URL of your fork (you will repository to your own personal repository. Copy the URL of your fork (you will
need it for the `git clone` command below). need it for the `git clone` command below).
```sh ```sh
$ git clone https://github.com/TrueCloudLab/frostfs-dev-env $ git clone https://git.frostfs.info/<username>/frostfs-dev-env.git
``` ```
### Set up git remote as ``upstream`` ### Set up git remote as ``upstream``
```sh ```sh
$ cd frostfs-dev-env $ cd frostfs-dev-env
$ git remote add upstream https://github.com/TrueCloudLab/frostfs-dev-env $ git remote add upstream https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
$ git fetch upstream $ git fetch upstream
$ git merge upstream/master $ git merge upstream/master
... ...
@ -55,8 +55,7 @@ $ git checkout -b feature/123-something_awesome
### Test your changes ### Test your changes
After your code changes, make sure After your code changes, make sure
- To add test cases for the new code. - To run `make up` to check dev-env is not broken.
- To run `make lint`
- To squash your commits into a single commit or a series of logically separated - To squash your commits into a single commit or a series of logically separated
commits run `git rebase -i`. It's okay to force update your pull request. commits run `git rebase -i`. It's okay to force update your pull request.
@ -86,8 +85,8 @@ $ git push origin feature/123-something_awesome
``` ```
### Create a Pull Request ### Create a Pull Request
Pull requests can be created via GitHub. Refer to [this Pull requests can be created via Forgejo. Refer to [this
document](https://help.github.com/articles/creating-a-pull-request/) for document](https://docs.codeberg.org/collaborating/pull-requests-and-git-flow/) for
detailed steps on how to create a pull request. After a Pull Request gets peer detailed steps on how to create a pull request. After a Pull Request gets peer
reviewed and approved, it will be merged. reviewed and approved, it will be merged.

View file

@ -60,6 +60,7 @@ get: $(foreach SVC, $(GET_SVCS), get.$(SVC))
.PHONY: up .PHONY: up
up: up/basic up: up/basic
@$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) @$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/s3-wallet.json | head -1 | awk '{print $1}'` || die "Couldn't set s3-gw wallet as proxy wallet"
@echo "Full FrostFS Developer Environment is ready" @echo "Full FrostFS Developer Environment is ready"
# Build up FrostFS # Build up FrostFS
@ -76,12 +77,27 @@ up/bootstrap: get vendor/hosts
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) @$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
@source ./bin/helper.sh @source ./bin/helper.sh
@./vendor/frostfs-adm --config frostfs-adm.yml morph init --contracts vendor/contracts @./vendor/frostfs-adm --config frostfs-adm.yml morph init --contracts vendor/contracts
echo "Set rule chain to policy contract"
@./vendor/frostfs-adm --config frostfs-adm.yml morph \
ape add-rule-chain --target-type namespace --target-name "" \
--rule 'allow Container.* *' --chain-id "allow_container_ops"
@for f in ./services/storage/wallet*.json; do \ @for f in ./services/storage/wallet*.json; do \
echo "Transfer GAS to wallet $${f}" \ echo "Transfer GAS to wallet $${f}" \
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 \ && ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 \
|| die "Failed to transfer GAS to alphabet wallets"; \ || die "Failed to transfer GAS to alphabet wallets"; \
echo "Register storage wallet $${f} in proxy contract" \
&& ./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/storage/$${f##*/} | head -1 | awk '{print $1}'` || die "Couldn't set storage allet as proxy wallet"
done done
@echo "FrostFS sidechain environment is deployed" @echo "Create frostfsid subject for ./wallets/wallet.json"; \
if [ -n "$$(./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid list-subjects --namespace '')" ]; then \
echo "Subject already exists"; \
else \
subj_key=`docker container exec -it morph_chain neo-go wallet dump-keys -w /wallets/wallet.json | tail -1 | tr -d ' \r\n'` \
&& echo "Subject key: $${subj_key}" \
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid create-subject --namespace "" --subject-key $${subj_key} --subject-name walletsubject \
|| die "Failed to create subject for the wallet"; \
fi
echo "FrostFS sidechain environment is deployed"
# Build up certain service # Build up certain service
.PHONY: up/% .PHONY: up/%
@ -136,14 +152,14 @@ hosts: vendor/hosts
.PHONY: clean .PHONY: clean
.ONESHELL: .ONESHELL:
clean: clean:
@rm -rf vendor/* services/storage/s04tls.* services/nats/*.pem @rm -rf vendor/* services/storage/s04tls.*
@> .int_test.env @> .int_test.env
@for svc in $(PULL_SVCS) @for svc in $(PULL_SVCS)
do do
vols=`docker-compose -f services/$${svc}/docker-compose.yml config --volumes` vols=`docker-compose -f services/$${svc}/docker-compose.yml config --volumes`
if [[ ! -z "$${vols}" ]]; then if [[ ! -z "$${vols}" ]]; then
for vol in $${vols}; do for vol in $${vols}; do
docker volume rm -f "$${svc}_$${vol}" 2> /dev/null docker volume rm -f "$${svc}_$${vol}"
done done
fi fi
done done

View file

@ -1,5 +1,5 @@
<p align="center"> <p align="center">
<img src="./.github/logo.svg" width="500px" alt="FrostFS logo"> <img src="./.forgejo/logo.svg" width="500px" alt="FrostFS logo">
</p> </p>
<p align="center"> <p align="center">
<a href="https://frostfs.info">FrostFS</a> local Development and Testing environment <a href="https://frostfs.info">FrostFS</a> local Development and Testing environment
@ -27,7 +27,7 @@ Make sure you have installed all of the following prerequisites on your machine:
Clone repo: Clone repo:
``` ```
$ git clone https://github.com/TrueCloudLab/frostfs-dev-env.git $ git clone https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
``` ```
Run next commands from project's root: Run next commands from project's root:
@ -71,12 +71,7 @@ password of inner ring wallet is `one`. See examples in `make help`.
``` ```
$ make update.epoch_duration val=30 $ make update.epoch_duration val=30
Changing EpochDuration configration value to 30 Waiting for transactions to persist...
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
Sent invocation transaction dbb8c1145b6d10f150135630e13bb0dc282023163f5956c6945a60db0cb45cb0
Updating FrostFS epoch to 2
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
Sent invocation transaction 0e6eb5e190f36332e5e5f4e866c7e100826e285fd949e11c085e15224f343ba6
``` ```
For instructions on how to set up DevEnv on macOS, please refer [the For instructions on how to set up DevEnv on macOS, please refer [the
@ -112,7 +107,7 @@ Maybe you will find the answer for your question in [F.A.Q.](docs/faq.md)
## Using FrostFS Admin Tool in `dev-env` ## Using FrostFS Admin Tool in `dev-env`
Devenv supports FrostFS network management via [frostfs-adm](https://github.com/TrueCloudLab/frostfs-node/tree/master/cmd/frostfs-adm). Devenv supports FrostFS network management via [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/src/branch/master/cmd/frostfs-adm).
`services/ir` contains the Alphabet wallet in a proper format, specify it `services/ir` contains the Alphabet wallet in a proper format, specify it
with `--alphabet-wallets` flag. with `--alphabet-wallets` flag.
@ -142,6 +137,65 @@ Display addresses and host names for each running service, if available.
Clean up `vendor` directory. Clean up `vendor` directory.
### s3cred
Registers user wallet and issues s3 credentials.
Usage and default parameter values:
```sh
make s3cred [password=""] [contract_password=s3] [wallet=/user_wallet.json] [gate_public_key=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf]
```
As soon as the storage node is in the network map (see above) you can generate S3
credentials:
``` sh
$ make s3cred
{
"access_key_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p",
"secret_access_key": "d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f",
"owner_private_key": "140947599afd9ca89af4b358c3176eb046e554d942a0dc99a8e06f3e43c8f4ad",
"wallet_public_key": "0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6",
"container_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT"
}
```
Running without any parameters will result in defaults which are based on the private key from
`/user-wallet.json` file and `/wallet.json` contract wallet.
Now let's configure an S3 client (AWS CLI will be used as example):
``` sh
$ aws configure
AWS Access Key ID []: EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p
AWS Secret Access Key []: d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f
Default region name []: us-east-1
Default output format []: json
```
If you need to create credentials for different users, put user wallets to `wallets` dir and specify them via `wallet` parameter.
Pass wallet password in `password` parameter if it's not default. The same is for `contract_wallet` and `gate_public_key` params.
```sh
$ make s3cred wallet=custom_wallet.json password=test
{
"access_key_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys904W7xXFNKqem2ACvTRWRYJsZMCUikYFSokN7pPJziWyDi",
"secret_access_key": "21bb64fafa32c82417fd8b97ac56cc8a085998a3852632d52fe7042453daa440",
"owner_private_key": "10f6f9d7a47bb0bf68363ad8a99fe69f1493f8b6e1665b3e4e83feb2d5c7ee39",
"wallet_public_key": "03e38759973a6bb722baabc2dd84036a39f0b2f53d32fec45a4dacde8a50fe4b70",
"container_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys9"
}
```
To get credentials from custom wallet, place it in `wallets` dir before start.
### cred
Usage and default parameter values:
```sh
make cred [password=""] [contract_password=s3] [wallet=/user_wallet.json]
```
The same as `s3cred`, but it doesn't issues s3 credentials.
## Contributing ## Contributing
Feel free to contribute to this project after reading the [contributing Feel free to contribute to this project after reading the [contributing

4
configs/s01-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet01.json
password: ""
rpc-endpoint: s01.frostfs.devenv:8080
endpoint: s01.frostfs.devenv:8081

4
configs/s02-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet02.json
password: ""
rpc-endpoint: s02.frostfs.devenv:8080
endpoint: s02.frostfs.devenv:8081

4
configs/s03-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet03.json
password: ""
rpc-endpoint: s03.frostfs.devenv:8080
endpoint: s03.frostfs.devenv:8081

4
configs/s04-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet04.json
password: ""
rpc-endpoint: s04.frostfs.devenv:8080
endpoint: s04.frostfs.devenv:8081

View file

@ -2,7 +2,7 @@
Protocol Gateway to access data in FrostFS using HTTP protocol. Protocol Gateway to access data in FrostFS using HTTP protocol.
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-http-gate) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw)
## .env settings ## .env settings
@ -22,8 +22,8 @@ Image label prefix to use for containers.
- Create a new container - Create a new container
``` ```
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \ $ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
--key wallets/wallet.key \ --wallet wallets/wallet.key \
container create --basic-acl readonly --await \ container create --basic-acl private --await \
--policy "REP 1 SELECT 1 FROM *" --policy "REP 1 SELECT 1 FROM *"
container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
awaiting... awaiting...
@ -33,7 +33,7 @@ container has been persisted on sidechain
- Put an object into the newly created container - Put an object into the newly created container
``` ```
$ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \ $ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
--key wallets/wallet.key \ --wallet wallets/wallet.key \
object put --file /tmp/backup.jpeg \ object put --file /tmp/backup.jpeg \
--cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP --cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
[/tmp/backup.jpeg] Object successfully stored [/tmp/backup.jpeg] Object successfully stored

View file

@ -3,52 +3,25 @@ A single-node N3 privnet deployment, running on
[neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 FrostFS SideChain. [neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 FrostFS SideChain.
Contracts deployed: Contracts deployed:
- Alphabet (AZ) [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/alphabet) - Alphabet (AZ) [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/alphabet)
- Audit [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/audit) - Balance [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/balance)
- Balance [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/balance) - Container [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/container)
- Container [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/container) - FrostFS [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/frostfs)
- Netmap [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/netmap) - FrostFSID [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/frostfsid)
- NeoFSID [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/neofsid) - NNS [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/nns)
- Proxy [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/proxy) - Netmap [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/netmap)
- Reputation [contract](https://github.com/TrueCloudLab/frostfs-contract/tree/master/reputation) - Policy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/policy)
- Processing [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/processing)
- Proxy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/proxy)
RPC available at `http://morph-chain.frostfs.devenv:30333`. RPC available at `http://morph-chain.frostfs.devenv:30333`.
## .env settings ## .env settings
### MORPH_CHAIN_URL
URL to get side chain dump. Used on artifact get stage.
### MORPH_CHAIN_PATH
Path to get side chain dump. If set, overrides `CHAIN_URL`.
### NEOGO_VERSION ### NEOGO_VERSION
Version of neo-go docker container for side chain deployment. Version of neo-go docker container for side chain deployment.
## Side chain wallets
There is a wallet with GAS that used for contract deployment:
`wallets/wallet.json`. This wallet has one account with **empty password**.
```
$ neo-go wallet nep17 balance \
-w wallets/wallet.json \
-r http://morph-chain.frostfs.devenv:30333
Account NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
GAS: GasToken (d2a4cff31913016155e38e474a2c06d08be276cf)
Amount : 189826.0515316
Updated: 3909
FROSTFS: FrostFS Balance (69550190e740b93f92dbd5dea52246f550391057)
Amount : 50
Updated: 3909
```
This way you can also monitor FrostFS internal balance of your account.
## FrostFS global config ## FrostFS global config
FrostFS uses global configuration to store epoch duration, maximum object size, FrostFS uses global configuration to store epoch duration, maximum object size,
@ -57,16 +30,10 @@ netmap contract and managed by Inner Ring (Alphabet) nodes.
To change these parameters use `make update.*` commands. Command down below To change these parameters use `make update.*` commands. Command down below
changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30. changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30.
Script enters passwords automatically with `expect` utility.
``` ```
$ make update.epoch_duration val=30 $ make update.epoch_duration val=30
Changing EpochDuration configration value to 30 Waiting for transactions to persist...
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
Sent invocation transaction bdc0fa88cd6719ef6df2b9c82de423ddec6141ca24255c2d0072688083b1de9d
Updating FrostFS epoch to 20
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
Sent invocation transaction 12296e1ce24dd6c04edb9c56d0a1d0e26d3226adefb0333c74a28788f44a8d0f
``` ```
Read more about available configuration in Makefile help. Read more about available configuration in Makefile help.
@ -76,10 +43,14 @@ $ make help
... ...
Targets: Targets:
... ...
update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100) update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100)
update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000) update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500) update.container_alias_fee Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2) update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30) update.eigen_trust_alpha Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
update.max_object_size Update max object size in bytes (make update.max_object_size val=1000) update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30)
update.homomorphic_hashing_disable Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
update.max_object_size Update max object size in bytes (make update.max_object_size val=1000)
update.system_dns Update system dns to resolve container names (make update.system_dns val=container)
``` ```

View file

@ -7,66 +7,12 @@ create containers, approve balance changes, update network map, tick epochs,
etc. With notary service, it takes up to seven times fewer transactions etc. With notary service, it takes up to seven times fewer transactions
to do these operations. Notary service calculates the exact amount of GAS to do these operations. Notary service calculates the exact amount of GAS
to execute transaction, therefore operations are cheaper (withdraw fee **with** to execute transaction, therefore operations are cheaper (withdraw fee **with**
notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS). notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS).
By default, main chain service is running without notary service, and side chain Currently, frostfs-dev-env contains single chain (see morph service) and it
running with notary service. However, you can change that in configuration. enables notary service from the genesis block.
# Disable notary service in side chain To enable notary service, use neo-go configuration below.
To disable notary service in side chain do these steps.
1. Update `.env` and choose notary disabled chain dump for side chain.
```
MORPH_CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_sidechain_notary_disabled.gz"
```
Make sure to update chain dump files with `make get` target.
2. Update `service/morph_chain/protocol.privnet.yml` and disable notary settings
and state root in header.
```yaml
ProtocolConfiguration:
StateRootInHeader: false
P2PSigExtensions: false
ApplicationConfiguration:
P2PNotary:
Enabled: false
```
Chain dump without notary service does not have predefined network map.
Therefore, you need to wait about 5 minutes until new epoch tick with updated
network map.
3. Enable helper commands
To enable helper commands such as `make tick.epoch` or `make update.epoch_duration`
make sure to export non-empty `FROSTFS_NOTARY_DISABLED` environment variable.
```
$ export FROSTFS_NOTARY_DISABLED=1
```
Use `unset` command to return it back.
```
$ unset FROSTFS_NOTARY_DISABLED
```
# Enable notary service in main chain
To enable notary service in main chain do these steps.
1. Update `.env` and choose notary enabled chain dump for main chain.
```
CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_mainchain.gz"
```
Make sure to update chain dump files with `make get` target.
2. Update `service/chain/protocol.privnet.yml` and enable notary settings.
```yaml ```yaml
ProtocolConfiguration: ProtocolConfiguration:
@ -75,7 +21,3 @@ ApplicationConfiguration:
P2PNotary: P2PNotary:
Enabled: true Enabled: true
``` ```
Main chain generates a block once per 15 seconds, so Inner Ring takes about
15-30 seconds to make a notary deposit in main chain after startup. Then
frostfs-dev-env is ready to work.

View file

@ -2,7 +2,7 @@
REST Gateway to access data in FrostFS using REST. REST Gateway to access data in FrostFS using REST.
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-rest-gw) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-rest-gw)
## .env settings ## .env settings

View file

@ -2,7 +2,7 @@
Protocol Gateway to access data in FrostFS using AWS S3 protocol Protocol Gateway to access data in FrostFS using AWS S3 protocol
Source code and more information can be found in [project's GitHub repository](https://github.com/TrueCloudLab/frostfs-s3-gw) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw)
## .env settings ## .env settings

View file

@ -5,6 +5,7 @@ network:
epoch_duration: 240 epoch_duration: 240
basic_income_rate: 100000000 basic_income_rate: 100000000
homomorphic_hash_disabled: false homomorphic_hash_disabled: false
maintenance_mode_allowed: true
fee: fee:
audit: 10000 audit: 10000
candidate: 10000000000 candidate: 10000000000

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
basenet: basenet:

2
services/grafana/.hosts Normal file
View file

@ -0,0 +1,2 @@
IPV4_PREFIX.122 grafana.LOCAL_DOMAIN
IPV4_PREFIX.123 loki.LOCAL_DOMAIN

View file

@ -0,0 +1,31 @@
services:
grafana:
image: ${GRAFANA_IMAGE}:${GRAFANA_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: grafana
container_name: grafana
restart: on-failure
networks:
grafana_int:
internet:
ipv4_address: ${IPV4_PREFIX}.122
volumes:
- ./../../vendor/hosts:/etc/hosts
- ./grafana.ini:/etc/grafana/grafana.ini
- ./provisioning:/etc/grafana/provisioning
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
loki:
image: ${LOKI_IMAGE}:${LOKI_VERSION}
command: -config.file=/etc/loki/local-config.yaml
networks:
grafana_int:
internet:
ipv4_address: ${IPV4_PREFIX}.123
networks:
grafana_int:
internet:
external: true
name: basenet_internet

View file

@ -0,0 +1,7 @@
[auth.anonymous]
enabled = true
org_name = Main Org.
org_role = Editor
[dashboards]
default_home_dashboard_path= /etc/grafana/provisioning/dashboards/overview.json

Binary file not shown.

Binary file not shown.

View file

@ -0,0 +1,13 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
access: proxy
orgId: 1
url: http://prometheus:9090
- name: Loki
type: loki
access: proxy
orgId: 1
url: http://loki:3100

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
http_gate: http_gate:
image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION} image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION}
@ -21,6 +20,7 @@ services:
command: [ "frostfs-http-gw", "--config", "/etc/frostfs/http/config.yml" ] command: [ "frostfs-http-gw", "--config", "/etc/frostfs/http/config.yml" ]
environment: environment:
- HTTP_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333 - HTTP_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
- HTTP_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080
- HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 - HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- HTTP_GW_PEERS_0_WEIGHT=0.2 - HTTP_GW_PEERS_0_WEIGHT=0.2
- HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080 - HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080

View file

@ -1,3 +1 @@
FROSTFS_IR_CONTRACTS_FROSTFSID=27407c76feabc407908f3d09a3d845d45e7c981a
FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512 FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512

View file

@ -25,7 +25,6 @@ endif
# Download FrostFS CLI # Download FrostFS CLI
.ONESHELL: .ONESHELL:
get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli
get.cli: FROSTFS_CLI_ARCHIVE_FILE=${FROSTFS_CLI_FILE}.tar.gz
get.cli: FROSTFS_CLI_PATH?= get.cli: FROSTFS_CLI_PATH?=
get.cli: get.cli:
@mkdir -p ./vendor @mkdir -p ./vendor
@ -34,10 +33,8 @@ ifeq (${FROSTFS_CLI_PATH},)
@echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}" @echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}"
@curl \ @curl \
-ksSL "${FROSTFS_CLI_URL}" \ -ksSL "${FROSTFS_CLI_URL}" \
-o ${FROSTFS_CLI_ARCHIVE_FILE} -o ${FROSTFS_CLI_FILE}
@tar -xvf ${FROSTFS_CLI_ARCHIVE_FILE} -C ./vendor | xargs -I {} \ @chmod +x ${FROSTFS_CLI_FILE}
mv ./vendor/{} ${FROSTFS_CLI_FILE}
@rm ${FROSTFS_CLI_ARCHIVE_FILE}
else else
@echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}" @echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}"
@cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE} @cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE}

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
ir01: ir01:
@ -13,19 +12,19 @@ services:
ir_int: ir_int:
internet: internet:
ipv4_address: ${IPV4_PREFIX}.61 ipv4_address: ${IPV4_PREFIX}.61
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
volumes: volumes:
- ./az.json:/wallet.json - ./az.json:/wallet.json
- ./az.key:/wallet01.key - ./az.key:/wallet01.key
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./../../vendor/locode_db:/locode/db - ./../../vendor/locode_db:/locode/db
- ./../../vendor/frostfs-cli:/frostfs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./healthcheck.sh:/healthcheck.sh
- ./cfg:/etc/frostfs/ir - ./cfg:/etc/frostfs/ir
env_file: [ ".env", ".ir.env", ".int_test.env" ] env_file: [ ".env", ".ir.env", ".int_test.env" ]
command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ] command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ]
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control ir healthcheck -q --wallet /wallet01.key --endpoint \"$$FROSTFS_IR_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View file

@ -1,6 +0,0 @@
#!/bin/sh
/frostfs-cli control healthcheck \
--endpoint "$FROSTFS_IR_CONTROL_GRPC_ENDPOINT" \
--wallet /wallet01.key --ir |
grep "Health status: READY"

View file

@ -1,4 +1,3 @@
version: '2.4'
services: services:
jaeger: jaeger:
image: ${JAEGER_IMAGE}:${JAEGER_VERSION} image: ${JAEGER_IMAGE}:${JAEGER_VERSION}

View file

@ -20,15 +20,12 @@ endif
# Download FrostFS ADM tool # Download FrostFS ADM tool
get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm
get.adm: FROSTFS_ADM_ARCHIVE=frostfs-adm.tar.gz
get.adm: get.adm:
ifeq (${FROSTFS_ADM_PATH},) ifeq (${FROSTFS_ADM_PATH},)
@echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}" @echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}"
@curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_ARCHIVE} @curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_DEST}
@tar -xvf ${FROSTFS_ADM_ARCHIVE} -C ./vendor | xargs -I {} \ @chmod +x ${FROSTFS_ADM_DEST}
mv ./vendor/{} ${FROSTFS_ADM_DEST}
@rm ${FROSTFS_ADM_ARCHIVE}
else else
@echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}" @echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}"
@cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST} @cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST}

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
frostfs_morph_chain: frostfs_morph_chain:
image: ${NEOGO_IMAGE}:${NEOGO_VERSION} image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
@ -20,9 +19,18 @@ services:
- ./config.yml:/wallets/config.yml - ./config.yml:/wallets/config.yml
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./../../wallets/wallet.json:/wallets/wallet.json - ./../../wallets/wallet.json:/wallets/wallet.json
- ./../s3_gate/wallet.json:/wallets/s3-wallet.json
- ./../storage/wallet01.json:/wallets/storage/wallet01.json
- ./../storage/wallet02.json:/wallets/storage/wallet02.json
- ./../storage/wallet03.json:/wallets/storage/wallet03.json
- ./../storage/wallet04.json:/wallets/storage/wallet04.json
- chains:/chains
networks: networks:
chain_int: chain_int:
internet: internet:
external: true external: true
name: basenet_internet name: basenet_internet
volumes:
chains:

View file

@ -11,13 +11,14 @@ ProtocolConfiguration:
VerifyTransactions: true VerifyTransactions: true
StateRootInHeader: true StateRootInHeader: true
P2PSigExtensions: true P2PSigExtensions: true
Hardforks: {}
ApplicationConfiguration: ApplicationConfiguration:
SkipBlockVerification: false SkipBlockVerification: false
DBConfiguration: DBConfiguration:
Type: "boltdb" Type: "boltdb"
BoltDBOptions: BoltDBOptions:
FilePath: "./db/morph.bolt" FilePath: "/chains/morph.bolt"
P2P: P2P:
Addresses: Addresses:
- ":20333" - ":20333"
@ -29,9 +30,14 @@ ApplicationConfiguration:
AttemptConnPeers: 5 AttemptConnPeers: 5
MinPeers: 0 MinPeers: 0
Relay: true Relay: true
Consensus:
Enabled: true
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"
RPC: RPC:
Addresses: Addresses:
- "192.168.130.90:30333" - ":30333"
Enabled: true Enabled: true
SessionEnabled: true SessionEnabled: true
EnableCORSWorkaround: false EnableCORSWorkaround: false
@ -49,6 +55,3 @@ ApplicationConfiguration:
Addresses: Addresses:
- ":20011" - ":20011"
Enabled: true Enabled: true
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"

View file

@ -1 +0,0 @@
IPV4_PREFIX.101 nats.LOCAL_DOMAIN

View file

@ -1,7 +0,0 @@
# Create new TLS certs for NATS server and clients
NATS_DIR=$(abspath services/nats)
get.nats:
@echo "⇒ Creating certs for NATS server and clients"
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null

View file

@ -1,31 +0,0 @@
---
version: "2.4"
services:
nats:
image: ${NATS_IMAGE}:${NATS_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: nats
container_name: nats
restart: on-failure
dns:
- ${IPV4_PREFIX}.101
networks:
nats_int:
internet:
ipv4_address: ${IPV4_PREFIX}.101
volumes:
- ./../../vendor/hosts:/etc/hosts
- ./nats.conf:/etc/nats/frostfs-nats-server.conf
- ./server-cert.pem:/certs/server-cert.pem
- ./server-key.pem:/certs/server-key.pem
- ./ca-cert.pem:/certs/ca-cert.pem
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
command: ["-c", "/etc/nats/frostfs-nats-server.conf"]
networks:
nats_int:
internet:
external: true
name: basenet_internet

View file

@ -1,49 +0,0 @@
#!/bin/bash
source bin/helper.sh
WORKDIR=$(dirname "$0")
LOCAL_DOMAIN=$1
CA_KEY=$WORKDIR/ca-key.pem
CA_CRT=$WORKDIR/ca-cert.pem
SRV_KEY=$WORKDIR/server-key.pem
SRV_REQ=$WORKDIR/server-req.csr
SRV_CRT=$WORKDIR/server-cert.pem
CLI_KEY=$WORKDIR/client-key.pem
CLI_REQ=$WORKDIR/client-req.csr
CLI_CRT=$WORKDIR/client-cert.pem
SUBJ="/O=NSPCC"
if [[ ! -f $CA_KEY || ! -f $CA_CRT ]]; then
openssl req -newkey rsa:4096 -x509 -days 365 -nodes -keyout $CA_KEY -out $CA_CRT -subj $SUBJ 2>&1 ||
die "CA certificate was not created"
fi
if [[ ! -f $SRV_KEY || ! -f $SRV_CRT ]]; then
openssl req -newkey rsa:4096 -nodes -keyout $SRV_KEY -out $SRV_REQ -subj $SUBJ 2>&1 ||
die "Server certificate was not created"
openssl x509 -req -days 365 -set_serial 01 -in $SRV_REQ -out $SRV_CRT -CA $CA_CRT -CAkey $CA_KEY \
-extensions san -extfile <(printf "[san]\nsubjectAltName=DNS:nats.$LOCAL_DOMAIN") 2>&1 || {
rm $SRV_REQ
die "Server certificate was not signed by CA"
}
rm $SRV_REQ
fi
if [[ ! -f $CLI_KEY || ! -f $CLI_CRT ]]; then
openssl req -newkey rsa:4096 -nodes -keyout $CLI_KEY -out $CLI_REQ -subj $SUBJ 2>&1 ||
die "Client certificate was not created"
openssl x509 -req -days 365 -set_serial 01 -in $CLI_REQ -out $CLI_CRT -CA $CA_CRT -CAkey $CA_KEY 2>&1 || {
rm $CLI_REQ
die "Client certificate was not signed by CA"
}
rm $CLI_REQ
fi

View file

@ -1,15 +0,0 @@
port: 4222
monitor_port: 8222
jetstream {
store_dir=nats
max_memory_store: 1GB
max_file_store: 2GB
}
tls {
cert_file: /certs/server-cert.pem
key_file: /certs/server-key.pem
ca_file: /certs/ca-cert.pem
verify: true
}

View file

@ -1,4 +1,3 @@
version: '2.4'
services: services:
prometheus: prometheus:
image: ${PROMETHEUS_IMAGE}:${PROMETHEUS_VERSION} image: ${PROMETHEUS_IMAGE}:${PROMETHEUS_VERSION}
@ -15,8 +14,6 @@ services:
- ./prometheus.yml:/etc/prometheus/prometheus.yml - ./prometheus.yml:/etc/prometheus/prometheus.yml
command: command:
- --config.file=/etc/prometheus/prometheus.yml - --config.file=/etc/prometheus/prometheus.yml
ports:
- '9090:9090'
stop_signal: SIGKILL stop_signal: SIGKILL
env_file: [ ".env", ".prometheus.env", ".int_test.env" ] env_file: [ ".env", ".prometheus.env", ".int_test.env" ]
@ -24,4 +21,4 @@ networks:
prometheus_int: prometheus_int:
internet: internet:
external: true external: true
name: basenet_internet name: basenet_internet

View file

@ -16,4 +16,7 @@ scrape_configs:
- targets: ['s3.frostfs.devenv:9090'] - targets: ['s3.frostfs.devenv:9090']
- job_name: 'neo-go' - job_name: 'neo-go'
static_configs: static_configs:
- targets: ['morph-chain.frostfs.devenv:20001'] - targets: ['morph-chain.frostfs.devenv:20001']
- job_name: 'inner-ring'
static_configs:
- targets: ['ir01.frostfs.devenv:9090']

View file

@ -1 +0,0 @@
IPV4_PREFIX.83 rest.LOCAL_DOMAIN

View file

@ -1,12 +0,0 @@
prometheus:
enabled: true
address: :9090
server:
# The IP and port to listen on.
listen-address: 0.0.0.0:8090
# Wallet settings
wallet:
path: /wallet.json # Path to wallet
passphrase: one # Password to decrypt wallet

View file

@ -1,32 +0,0 @@
---
version: "2.4"
services:
rest_gate:
image: ${REST_GW_IMAGE}:${REST_GW_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: rest
container_name: rest_gate
restart: on-failure
networks:
rest_gate_int:
internet:
ipv4_address: ${IPV4_PREFIX}.83
volumes:
- ./wallet.json:/wallet.json
- ./../../vendor/hosts:/etc/hosts
- ./cfg:/etc/frostfs/rest
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
command: [ "frostfs-rest-gw", "--config", "/etc/frostfs/rest/config.yml" ]
environment:
- REST_GW_POOL_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- REST_GW_POOL_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
- REST_GW_POOL_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
- REST_GW_POOL_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
networks:
rest_gate_int:
internet:
external: true
name: basenet_internet

View file

@ -33,3 +33,17 @@ server:
wallet: wallet:
path: /wallet.json # Path to wallet path: /wallet.json # Path to wallet
passphrase: "s3" # Passphrase to decrypt wallet passphrase: "s3" # Passphrase to decrypt wallet
features:
md5:
enabled: true
control:
grpc:
endpoint: localhost:16515
frostfsid:
enabled: false
policy:
enabled: false

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
s3_gate: s3_gate:
image: ${S3_GW_IMAGE}:${S3_GW_VERSION} image: ${S3_GW_IMAGE}:${S3_GW_VERSION}
@ -13,19 +12,26 @@ services:
internet: internet:
ipv4_address: ${IPV4_PREFIX}.82 ipv4_address: ${IPV4_PREFIX}.82
volumes: volumes:
# Gate wallet
- ./wallet.json:/wallet.json - ./wallet.json:/wallet.json
# Custom user wallets
- ./wallets:/wallets
# Default user wallet
- ./../../wallets/wallet.json:/wallets/wallet.json
- ./tls.key:/tls.key - ./tls.key:/tls.key
- ./tls.crt:/tls.crt - ./tls.crt:/tls.crt
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./cfg:/etc/frostfs/s3 - ./cfg:/etc/frostfs/s3
stop_signal: SIGKILL - ./issue-creds.sh:/usr/bin/issue-creds.sh
stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".s3.env", ".int_test.env" ] env_file: [ ".env", ".s3.env", ".int_test.env" ]
command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ] command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ]
environment: environment:
- S3_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333 - S3_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
- S3_GW_SERVER_0_ADDRESS=s3.${LOCAL_DOMAIN}:8080 - S3_GW_SERVER_0_ADDRESS=s3.${LOCAL_DOMAIN}:8080
- S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN} - S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN}
- S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080 - S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080 s02.${LOCAL_DOMAIN}:8080 s03.${LOCAL_DOMAIN}:8080 s04.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_0_WEIGHT=0.2 - S3_GW_PEERS_0_WEIGHT=0.2
- S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
@ -34,6 +40,8 @@ services:
- S3_GW_PEERS_2_WEIGHT=0.2 - S3_GW_PEERS_2_WEIGHT=0.2
- S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_3_WEIGHT=0.2 - S3_GW_PEERS_3_WEIGHT=0.2
- AUTHMATE_WALLET_PASSPHRASE=
- AUTHMATE_WALLET_CONTRACT_PASSPHRASE=s3
networks: networks:
s3_gate_int: s3_gate_int:

41
services/s3_gate/issue-creds.sh Executable file
View file

@ -0,0 +1,41 @@
#!/bin/bash
initUser() {
/bin/frostfs-s3-authmate register-user \
--wallet $WALLET_PATH \
--rpc-endpoint http://morph-chain.frostfs.devenv:30333 \
--username $USERNAME \
--contract-wallet /wallet.json 1> /dev/null && touch $WALLET_CACHE/$USERNAME
}
issueCreds() {
/bin/frostfs-s3-authmate issue-secret \
--wallet $WALLET_PATH \
--peer s01.frostfs.devenv:8080 \
--gate-public-key $S3_GATE_PUBLIC_KEY \
--container-placement-policy "REP 3"
}
set -e
WALLET_PATH=/wallets/$2
if [[ -z "$2" ]]; then
WALLET_PATH=/wallets/wallet.json
fi
S3_GATE_PUBLIC_KEY=$3
if [[ -z "$3" ]]; then
S3_GATE_PUBLIC_KEY=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf
fi
WALLET_CACHE=/data/wallets
mkdir -p $WALLET_CACHE
USERNAME=$(echo $WALLET_PATH | md5sum | cut -d' ' -f1)
if [ ! -e $WALLET_CACHE/$USERNAME ]; then
initUser
fi
if [ $1 == "s3" ]; then
issueCreds
fi

View file

@ -0,0 +1,14 @@
.PHONY: s3cred register
password?=
contract_password?=s3
gate_public_key?=
wallet?=
# Register wallet & generate S3 credentials
s3cred:
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh s3 "$(wallet)" "$(gate_public_key)"
# Only registers user wallet
register:
@docker exec -e AUTHMATE_WALLET_PASSPHRASE="$(password)" -e AUTHMATE_WALLET_CONTRACT_PASSPHRASE="$(contract_password)" s3_gate /usr/bin/issue-creds.sh native "$(wallet)"

View file

@ -0,0 +1 @@
IPV4_PREFIX.84 lifecycler.LOCAL_DOMAIN

View file

@ -0,0 +1,42 @@
logger:
level: debug
prometheus:
enabled: true
address: :9090
lifecycle:
job_fetcher_buffer: 1000
executor_pool_size: 100
frostfs:
stream_timeout: 10s
connect_timeout: 10s
healthcheck_timeout: 15s
rebalance_interval: 60s
pool_error_threshold: 100
tree_pool_max_attempts: 4
credential:
use: wallets
source:
wallets:
- path: /wallet.json
address: NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7
passphrase: "cycle"
- path: /user-wallet.json
address: NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
passphrase: ""
morph:
reconnect_clients_interval: 30s
dial_timeout: 5s
contract:
netmap: netmap.frostfs
frostfsid: frostfsid.frostfs
container: container.frostfs
# Wallet configuration
wallet:
path: /wallet.json # Path to wallet
passphrase: "cycle" # Passphrase to decrypt wallet

View file

@ -0,0 +1,37 @@
---
services:
s3_lifecycler:
image: ${S3_LIFECYCLER_IMAGE}:${S3_LIFECYCLER_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: s3_lifecycler
container_name: s3_lifecycler
restart: on-failure
networks:
s3_lifecycler_int:
internet:
ipv4_address: ${IPV4_PREFIX}.84
volumes:
- ./wallet.json:/wallet.json
- ./../../vendor/hosts:/etc/hosts
- ./cfg:/etc/frostfs/s3-lifecycler
- ./../../wallets/wallet.json:/user-wallet.json
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
command: [ "frostfs-s3-lifecycler", "--config", "/etc/frostfs/s3-lifecycler/config.yml" ]
environment:
- S3_LIFECYCLER_MORPH_RPC_ENDPOINT_0_ADDRESS=ws://morph-chain:30333/ws
- S3_LIFECYCLER_FROSTFS_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- S3_LIFECYCLER_FROSTFS_PEERS_0_WEIGHT=0.2
- S3_LIFECYCLER_FROSTFS_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
- S3_LIFECYCLER_FROSTFS_PEERS_1_WEIGHT=0.2
- S3_LIFECYCLER_FROSTFS_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
- S3_LIFECYCLER_FROSTFS_PEERS_2_WEIGHT=0.2
- S3_LIFECYCLER_FROSTFS_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
- S3_LIFECYCLER_FROSTFS_PEERS_3_WEIGHT=0.2
networks:
s3_lifecycler_int:
internet:
external: true
name: basenet_internet

View file

@ -1,12 +1,12 @@
{ {
"version": "3.0", "version": "1.0",
"accounts": [ "accounts": [
{ {
"address": "NPFCqWHfi9ixCJRu7DABRbVfXRbkSEr9Vo", "address": "NTt1rxvmEDxEuuogLxs2xgxA71qhVaUcN7",
"key": "6PYTAGjdaeicUDPqGv9mmgwb9kTwimWJJmmfNqJSDGH9qM79zSRcL9oHiB", "key": "6PYR3XurAyTzVeDG5WV2Z8vnGdySw3mTLuKjr6Nwo7tae64SJ7XjZSMMPQ",
"label": "REST Gateway", "label": "lifecycler",
"contract": { "contract": {
"script": "DCECcuPzZCZ2VyDsm2jKEOMnU6xEWO2bF1dvOvBWTDFYB1ZBVuezJw==", "script": "DCED9z0M+WSGfXZGxYLj1yYwmgxJXE/kNA4+oWNi0q1uKCdBVuezJw==",
"parameters": [ "parameters": [
{ {
"name": "parameter0", "name": "parameter0",

View file

@ -1,6 +1,11 @@
# Logger section # Logger section
logger: logger:
level: debug # Minimum enabled logging level level: debug # Minimum enabled logging level
loki:
enabled: true
endpoint: "loki.frostfs.devenv:3100/api/prom/push"
max_batch_delay: 1s
max_batch_size: 200
# Profiler section # Profiler section
pprof: pprof:
@ -14,7 +19,7 @@ prometheus:
address: :9090 # Server address address: :9090 # Server address
shutdown_timeout: 15s # Timeout for metrics HTTP server graceful shutdown shutdown_timeout: 15s # Timeout for metrics HTTP server graceful shutdown
# Application tracing section # Application tracing section
tracing: tracing:
enabled: true enabled: true
exporter: otlp_grpc exporter: otlp_grpc
@ -27,18 +32,6 @@ morph:
- address: ws://morph-chain:30333/ws - address: ws://morph-chain:30333/ws
priority: 1 priority: 1
# Common storage node settings
node:
attribute_0: "User-Agent:FrostFS/0.34"
notification:
enabled: true # Turn on object notification service
endpoint: "tls://nats.frostfs.devenv:4222" # Notification server endpoint
timeout: "6s" # Timeout for object notification client connection
default_topic: "test" # Default topic for object notifications if not found in object's meta
certificate: "/etc/frostfs-node/nats.tls.cert" # Path to TLS certificate
key: "/etc/frostfs-node/nats.tls.key" # Path to TLS key
ca: "/etc/frostfs-node/nats.ca.crt" # Path to optional CA certificate
# Tree section # Tree section
tree: tree:
enabled: true enabled: true
@ -48,7 +41,7 @@ storage:
shard: shard:
0: 0:
writecache: writecache:
enabled: false enabled: true
path: /storage/wc0 # Write-cache root directory path: /storage/wc0 # Write-cache root directory
metabase: metabase:
@ -68,7 +61,7 @@ storage:
1: 1:
writecache: writecache:
enabled: false enabled: true
path: /storage/wc1 # Write-cache root directory path: /storage/wc1 # Write-cache root directory
metabase: metabase:

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
storage01: storage01:
image: ${NODE_IMAGE}:${NODE_VERSION} image: ${NODE_IMAGE}:${NODE_VERSION}
@ -18,13 +17,10 @@ services:
- storage_s01:/storage - storage_s01:/storage
- ./../../vendor/frostfs-cli:/frostfs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./cli-cfg.yml:/cli-cfg.yml - ./cli-cfg.yml:/cli-cfg.yml
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt - ./s04tls.crt:/etc/ssl/certs/s04tls.crt
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
- ./cfg:/etc/frostfs/storage - ./cfg:/etc/frostfs/storage
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".storage.env", ".int_test.env" ] env_file: [ ".env", ".storage.env", ".int_test.env" ]
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ] command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
environment: environment:
@ -33,10 +29,11 @@ services:
- FROSTFS_NODE_ADDRESSES=s01.${LOCAL_DOMAIN}:8080 - FROSTFS_NODE_ADDRESSES=s01.${LOCAL_DOMAIN}:8080
- FROSTFS_GRPC_0_ENDPOINT=s01.${LOCAL_DOMAIN}:8080 - FROSTFS_GRPC_0_ENDPOINT=s01.${LOCAL_DOMAIN}:8080
- FROSTFS_CONTROL_GRPC_ENDPOINT=s01.${LOCAL_DOMAIN}:8081 - FROSTFS_CONTROL_GRPC_ENDPOINT=s01.${LOCAL_DOMAIN}:8081
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MOW - FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MOW
- FROSTFS_NODE_ATTRIBUTE_2=Price:22 - FROSTFS_NODE_ATTRIBUTE_2=Price:22
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5
@ -58,13 +55,10 @@ services:
- storage_s02:/storage - storage_s02:/storage
- ./../../vendor/frostfs-cli:/frostfs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./cli-cfg.yml:/cli-cfg.yml - ./cli-cfg.yml:/cli-cfg.yml
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt - ./s04tls.crt:/etc/ssl/certs/s04tls.crt
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
- ./cfg:/etc/frostfs/storage - ./cfg:/etc/frostfs/storage
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".storage.env", ".int_test.env" ] env_file: [ ".env", ".storage.env", ".int_test.env" ]
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ] command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
environment: environment:
@ -73,10 +67,11 @@ services:
- FROSTFS_NODE_ADDRESSES=s02.${LOCAL_DOMAIN}:8080 - FROSTFS_NODE_ADDRESSES=s02.${LOCAL_DOMAIN}:8080
- FROSTFS_GRPC_0_ENDPOINT=s02.${LOCAL_DOMAIN}:8080 - FROSTFS_GRPC_0_ENDPOINT=s02.${LOCAL_DOMAIN}:8080
- FROSTFS_CONTROL_GRPC_ENDPOINT=s02.${LOCAL_DOMAIN}:8081 - FROSTFS_CONTROL_GRPC_ENDPOINT=s02.${LOCAL_DOMAIN}:8081
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU LED - FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU LED
- FROSTFS_NODE_ATTRIBUTE_2=Price:33 - FROSTFS_NODE_ATTRIBUTE_2=Price:33
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5
@ -98,13 +93,10 @@ services:
- storage_s03:/storage - storage_s03:/storage
- ./../../vendor/frostfs-cli:/frostfs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./cli-cfg.yml:/cli-cfg.yml - ./cli-cfg.yml:/cli-cfg.yml
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt - ./s04tls.crt:/etc/ssl/certs/s04tls.crt
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
- ./cfg:/etc/frostfs/storage - ./cfg:/etc/frostfs/storage
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".storage.env", ".int_test.env" ] env_file: [ ".env", ".storage.env", ".int_test.env" ]
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ] command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
environment: environment:
@ -113,10 +105,11 @@ services:
- FROSTFS_NODE_ADDRESSES=s03.${LOCAL_DOMAIN}:8080 - FROSTFS_NODE_ADDRESSES=s03.${LOCAL_DOMAIN}:8080
- FROSTFS_GRPC_0_ENDPOINT=s03.${LOCAL_DOMAIN}:8080 - FROSTFS_GRPC_0_ENDPOINT=s03.${LOCAL_DOMAIN}:8080
- FROSTFS_CONTROL_GRPC_ENDPOINT=s03.${LOCAL_DOMAIN}:8081 - FROSTFS_CONTROL_GRPC_ENDPOINT=s03.${LOCAL_DOMAIN}:8081
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:SE STO - FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:SE STO
- FROSTFS_NODE_ATTRIBUTE_2=Price:11 - FROSTFS_NODE_ATTRIBUTE_2=Price:11
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5
@ -138,14 +131,11 @@ services:
- storage_s04:/storage - storage_s04:/storage
- ./../../vendor/frostfs-cli:/frostfs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./cli-cfg.yml:/cli-cfg.yml - ./cli-cfg.yml:/cli-cfg.yml
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/tls.crt - ./s04tls.crt:/tls.crt
- ./s04tls.key:/tls.key - ./s04tls.key:/tls.key
- ../nats/client-cert.pem:/etc/frostfs-node/nats.tls.cert
- ../nats/client-key.pem:/etc/frostfs-node/nats.tls.key
- ../nats/ca-cert.pem:/etc/frostfs-node/nats.ca.crt
- ./cfg:/etc/frostfs/storage - ./cfg:/etc/frostfs/storage
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".storage.env", ".int_test.env" ] env_file: [ ".env", ".storage.env", ".int_test.env" ]
command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ] command: [ "frostfs-node", "--config", "/etc/frostfs/storage/config.yml" ]
environment: environment:
@ -159,10 +149,11 @@ services:
- FROSTFS_GRPC_1_TLS_ENABLED=true - FROSTFS_GRPC_1_TLS_ENABLED=true
- FROSTFS_GRPC_1_TLS_CERTIFICATE=/tls.crt - FROSTFS_GRPC_1_TLS_CERTIFICATE=/tls.crt
- FROSTFS_GRPC_1_TLS_KEY=/tls.key - FROSTFS_GRPC_1_TLS_KEY=/tls.key
- FROSTFS_NODE_ATTRIBUTE_0=User-Agent:FrostFS/${NODE_VERSION}
- FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:FI HEL - FROSTFS_NODE_ATTRIBUTE_1=UN-LOCODE:FI HEL
- FROSTFS_NODE_ATTRIBUTE_2=Price:44 - FROSTFS_NODE_ATTRIBUTE_2=Price:44
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control healthcheck -q -c /cli-cfg.yml --endpoint \"$$FROSTFS_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View file

@ -19,7 +19,7 @@ if [[ ! -f ${CERT} ]]; then
) > ${SSL_CONFIG} ) > ${SSL_CONFIG}
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \ openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \ -subj "/C=RU/ST=SPB/L=St.Petersburg/O=TrueCloudLab/OU=TrueCloudLab/CN=s04.${LOCAL_DOMAIN}" \
-keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || { -keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || {
die "Failed to generate SSL certificate for s04" die "Failed to generate SSL certificate for s04"
} }

View file

@ -1,5 +0,0 @@
#!/bin/sh
/frostfs-cli control healthcheck -c /cli-cfg.yml \
--endpoint "$FROSTFS_CONTROL_GRPC_ENDPOINT" |
grep "Health status: READY"