Compare commits

...

125 commits

Author SHA1 Message Date
a0fdaebbf4 [#85] Add s3 lifecycler
Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>
2024-11-06 22:54:58 +03:00
10e5bed2af
[#79] storage: Take User-Agent from NODE_VERSION
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-10-31 10:39:00 +03:00
7152f59232 [#88] Remove nats service
It was removed from node in TrueCloudLab/frostfs-node#1161.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-10-31 07:38:50 +00:00
636be7352e [#84] Make targets for issuing credentials
Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
2024-10-17 12:37:26 +03:00
d0c32731f2 [#80] Update frostfs-service components to v0.30.*
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-16 08:18:01 +00:00
7538bd9b17 [#83] Honor IPV4_PREFIX in morph_chain config
Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
2024-09-10 16:45:06 +03:00
2e67acbcb2 [#78] env: Restore version format
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-06 14:37:48 +03:00
439a9e71cf [#81] env: Fix typo
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-09-06 14:09:08 +03:00
dd382f8ce0 [#68] service/morph: Add volume for morph_chain
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 11:54:57 +00:00
044cf99e8d [#70] Makefile: Make bootstrap idempotent
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 11:54:57 +00:00
ae658469a5 [#69] service/ir: Add support -q flag in healthcheck
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 06:25:04 +00:00
155042343b [#69] service/storage: Add support -q flag in healthcheck
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-19 06:25:04 +00:00
f94fa284ec [#76] Update frostfs-core components to v0.42.9
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-08-17 05:51:34 +03:00
d03be14312 [#75] Makefile: Add subjects for storage and client wallets to FrostfsID
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-08-16 10:41:57 +03:00
0be22a9375
[#73] Update HTTP gate docs
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
2024-07-08 10:56:42 +03:00
2b6122192a [#67] services/ir: Remove deprecated flag in healthcheck
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-05-08 11:35:37 +03:00
773ea2339b [#66] Update frostfs-* to v0.38.5
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2024-04-15 20:16:51 +03:00
47b4917e7b [#65] services: Fix docker-compose warnings
There were multiple warning like this one.
```
WARN[0000] /secret/services/rest_gate/docker-compose.yml: `version` is obsolete
```

According to docker-compose spec, the parameter is indeed purely informative:
https://github.com/compose-spec/compose-spec/blob/master/spec.md#version-and-name-top-level-elements

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-04-04 11:47:33 +03:00
Airat Arifullin
8edfcb364d [#64] adm: Create default Allow policy for root namespace
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-02-26 08:03:13 +00:00
19e5cec49f [#63] Use SIGTERM to stop Go services
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2024-02-20 15:54:23 +03:00
0f6f2722c2 [#61] Update frostfs-s3-gw
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:30:01 +03:00
9654b77236 [#61] Update frostfs-http-gw
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:11:58 +03:00
dfad34fdea [#61] Update frostfs-node components with contracts
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-12-14 17:11:52 +03:00
1077c9d358 [#59] .env: Update neo-go to v0.104.0
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-12-06 14:09:11 +03:00
40454b5507 [#56] Add loki
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
2023-11-15 16:08:15 +03:00
9c9ec639f0 [#58] Update neo-go to v0.103.0
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-10-25 13:15:07 +03:00
de8b58911e [#47] prometheus: Don't bind port to localhost
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-10-06 10:37:41 +03:00
c2e2b6442c [#47] grafana: Don't bind port to localhost
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-10-06 10:37:41 +03:00
4413251994 [#20] Add frostfs-cli configurations
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2023-09-13 16:28:48 +03:00
e254eba6a8 [#52] frostfs-adm.yml: Allow maintenance mode by default
It is a DEV-env after all.

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-25 14:10:54 +03:00
90bd39d717 [#43] grafana: FSTree bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:49 +03:00
fdcf71d5b6 [#49] grafana: Add metabase bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:45 +03:00
f0c3c02943 [#49] grafana: Blobovnicza bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:42 +03:00
4a6b481618 [#49] grafana: Writecache bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:39 +03:00
42e6349276 [#49] grafana: Storage engine bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:35 +03:00
eba763ff79 [#49] grafana: Server bucket distribution
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-25 11:31:31 +03:00
b7ac6f30cf [#50] services/ir: Take all contract hashes from NNS
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-21 10:22:19 +03:00
6eedab3d83 [#48] grafana: Fix blobovnicza board
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-18 13:40:03 +03:00
731976cc57 [#44] grafana: Add Client dashboard
Client dashboard shows outgoing requests.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-14 12:33:18 +00:00
51053e3317 [#46] .forgejo: Update DCO action
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-08-11 13:48:36 +00:00
04260ad0d8 [#38] grafana: Fix writecache boards
Stack count and size dashborads.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-07 13:59:42 +03:00
9bb0385b85 [#38] grafana: Add morph dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-06 15:15:54 +03:00
b6f47cb2c2 [#38] grafana: Add GC dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-06 13:44:37 +03:00
d8df46b4d1 [#38] grafana: Add engine dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-05 21:16:47 +03:00
cc963b78b5 [#38] grafana: Add fstree dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 15:03:48 +03:00
acd32cb877 [#38] grafana: Add blobovnizca dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 14:50:04 +03:00
0231b2bbf0 [#38] grafana: Add blobstore dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 14:34:54 +03:00
1408558631 [#38] grafana: Fix units
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-04 13:59:12 +03:00
8218440525 [#38] grafana: Add metabase dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 16:11:35 +03:00
201855e729 [#38] grafana: Add epoch dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:57:07 +03:00
74d43f48f2 [#38] grafana: Add object service dashboards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:48:53 +03:00
d76cc2e48a [#38] grafana: Add replicator dashbords
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-03 15:31:19 +03:00
d5ee290740 [#38] grafana: Add node instance state
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-02 16:14:29 +03:00
4f9285251f [#38] grafana: Add writecache boards
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-02 15:06:03 +03:00
f749581c4e [#38] grafana: Add tree service row
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-01 18:11:57 +03:00
2efc0442f1 [#38] grafana: Add instance to panels
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-08-01 16:14:18 +03:00
7de23fe789 [#38] grafana: Fix config
Allow to acces grafana anonymous.
Change home page.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:06:51 +03:00
3abb217d30 [#38] grafana: Change start order
Start grafana right after prometheus.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:06:15 +03:00
584fa43ca7 [#38] grafana: Add overview board
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:05:40 +03:00
2744f675aa [#38] grafana: Add storage dashboard
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-07-31 12:05:23 +03:00
3400bb5736 [#37] Add grafana service to visualize prometheus metrics
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-07-24 15:47:25 +03:00
d08b338e06 [#36] prometheus: Add IR metrics
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-06-14 12:39:48 +03:00
c31b7d9c84 [#1] Update README
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
8eca14f331 [#1] Update CONTRIBUTING
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
463521d511 [#1] Update S3 gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
656833d37e [#1] Update REST gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
aded88f09a [#1] Update HTTP gateway description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
5050dff55a [#1] Update morph service description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
e551fac84d [#1] Update notary service description
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
6b0ce07808 [#1] Update cert generation scripts
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
80dc0faae9 [#1] Use frostfs.info hosted locode URL
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
c50ea0ea5c [#1] Add DCO check for forgejo runner
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-06-07 17:27:28 +03:00
dc2a2862d4 [#34] Bump FrostFS versions
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-05-30 15:55:23 +03:00
ee4d5ee6a6 [#32] storage: Enable writecache by default
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-05-25 07:30:54 +00:00
5534204706 [#33] s3: Use all storage nodes as tree service
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-05-25 07:30:38 +00:00
26e290efcb [#31] jaeger: Use badger as storage backend
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-05-23 13:25:17 +03:00
2452e4469b [#29] Remove prepare.ir make target
Signed-off-by: Alejandro Lopez <a.lopez@yadro.com>
2023-05-16 11:58:23 +03:00
cbed3ce798 [#27] Fix step make prepare.ir
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2023-05-10 12:31:06 +03:00
45b98196cc [#24] Update frostfsid id
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
2023-05-04 17:42:48 +03:00
7171e152e0 [#22] morph_chain: Do not use deprecated config fields
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-03 12:34:46 +03:00
53007be047 [#22] Makefile: Remove unneeded escape
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-03 12:34:44 +03:00
f57a739c3f [#22] .env: Update neo-go to v0.101.1
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-03 12:34:41 +03:00
1b6b2d1259 [#21] Update FrostFS Core components to the latest master
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-05-03 08:16:00 +00:00
045b55250a [#18] bin: Remove passwd.exp
It was here from older times

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-02 17:01:46 +00:00
6d6aaefaec [#18] bin: Replace some commands with frostfs-adm
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-02 17:01:46 +00:00
db0ebb7349 [#18] Makefile: Split long for line
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-02 17:01:46 +00:00
976f16803d [#18] frostfs-adm.yml: Add alphabet-wallets
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-05-02 17:01:46 +00:00
c7b4a8eb01 [#17] storage: Enable tracing
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-04-11 16:31:35 +03:00
11ff8a81cc [#16] dev-env: Enable metrics for services.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-04-10 09:40:41 +03:00
dca6ff620a [#16] dev-env: Add prometheus
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-04-10 09:40:33 +03:00
69cbe189cb .env: Update neo-go to v0.100.1
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
2023-03-27 15:35:36 +03:00
b3a81ca14a [#14] Add Issue Template
Add bug report and feature request templates

Signed-off-by: Liza <e.chichindaeva@yadro.com>
2023-03-23 12:20:42 +03:00
93435bfb63 [#13] dev-env: Add tracing support
Add Jaeger service as tracing collector.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2023-03-17 18:39:40 +03:00
37507199e2 [#1] Deploy free containers because main chain is not available
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-02-07 12:18:05 +03:00
69bd34f2f6 [#1] Update env prefixes in builds
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-02-07 12:18:05 +03:00
Pavel Karpy
9645cf7793 [#241] rest: Provide common params with .yml file
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
2023-02-07 11:47:34 +03:00
Pavel Karpy
f549ef7d39 [#241] http: Provide common params with .yml file
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
2023-02-07 11:47:34 +03:00
Pavel Karpy
94ca437180 [#241] ir: Provide common params with .yml file
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
2023-02-07 11:47:34 +03:00
Pavel Karpy
1659a76b5d [#241] s3: Provide common params with .yml file
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
2023-02-07 11:47:34 +03:00
Pavel Karpy
b5fb2a9543 [#241] node: Provide common params with .yml file
Signed-off-by: Pavel Karpy <p.karpy@yadro.com>
2023-02-07 11:47:34 +03:00
36f775668d [TrueCloudLab#1] Use latest frostfs contracts
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-01-24 11:19:00 +03:00
fc999d0a63 [TrueCloudLab#1] Remove coredns
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-01-24 11:19:00 +03:00
769410a29f [TrueCloudLab#1] Remove mainchain related components
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-01-24 11:19:00 +03:00
a9c05c1a98 [TrueCloudLab#1] Update core images
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-01-24 11:19:00 +03:00
42847315af Change logo
Signed-off-by: Stanislav Bogatyrev <s.bogatyrev@yadro.com>
2023-01-07 18:14:53 +03:00
09533ec3f7 [TrueCloudLab#1] Update Makefile, scripts and compose files
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2022-12-29 18:02:22 +03:00
ffe5012ab6 [TrueCloudLab#1] Update docs
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2022-12-29 18:02:22 +03:00
6838092a50 [TrueCloudLab#1] Use frostfs gates
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2022-12-29 18:02:22 +03:00
Pavel Karpy
1099cdcef8 [#242] gitignore: Add VSCode settings
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-11-30 17:08:32 +03:00
anastasia prasolova
d8e825443e [#238]: Remove interactive password input from setup scripts
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2022-11-18 16:25:08 +03:00
anastasia prasolova
79a11641ed [#236]: Hardcode morph_chain RPC bind address
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2022-11-10 15:14:13 +03:00
anastasia prasolova
f7fb6d5142 [#235]: Suppress output of certificates generation on make up
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2022-11-10 15:13:09 +03:00
Evgenii Stratonikov
a2de0822fa [#233] Update gateways to v0.25.0
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-11-02 13:57:50 +03:00
Evgenii Stratonikov
1a7dcda7f5 [#234] Update neofs-* to v0.34.0
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-11-02 13:57:50 +03:00
Angira Kekteeva
9d2cc54f40 [#231] Makefile: Fix SSL_CONFIG var assignment
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-27 13:08:42 +03:00
Angira Kekteeva
f55dc15476 [#172] Fix grep: warning: stray \ before #
https://lists.gnu.org/archive/html/info-gnu/2022-09/msg00001.html

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-26 19:08:08 +03:00
Angira Kekteeva
5dc86e2aac [#172] Makefile: Add filter to help target
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-26 19:08:08 +03:00
Angira Kekteeva
f7ead4b014 [#172] Makefile: Fix SSL_CONFIG var assignment
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-26 19:08:08 +03:00
Angira Kekteeva
b0087a5357 [#172] Makefile: Fix comments of targets
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-26 19:08:08 +03:00
Angira Kekteeva
f8d2708e1a [#172] Makefile: Fix help regex
Made it print targets with / symbol

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-10-26 19:08:08 +03:00
Evgenii Stratonikov
86a36a3ff4 Update neofs-* to v0.33.0
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-10-24 19:24:03 +03:00
Denis Kirillov
55c1add70c [#225] makefile: pull only enabled services
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-10-20 18:29:34 +03:00
anastasia prasolova
3a13c5398c Fix CODEOWNERS file
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2022-10-16 20:29:52 +03:00
anastasia prasolova
daab798d41 Add CODEOWNERS file
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
2022-10-16 20:28:26 +03:00
Evgenii Stratonikov
20a4e9f1ee [#226] morph_chain: Allow to use contracts from directory
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-10-11 15:59:22 +03:00
115 changed files with 1189 additions and 1419 deletions

View file

@ -1,5 +1,4 @@
# Services start/stop order # Services start/stop order
# Will start from top to bottom and stop in reverse # Will start from top to bottom and stop in reverse
nats
ir ir
storage storage

View file

@ -1,5 +1,7 @@
# Services start/stop order # Services start/stop order
# Will start from top to bottom and stop in reverse # Will start from top to bottom and stop in reverse
basenet basenet
chain
morph_chain morph_chain
jaeger
prometheus
grafana

View file

@ -1,5 +1,6 @@
.docker .docker
.github .github
.forgejo
vendor vendor
tmp tmp
.secrets .secrets

82
.env
View file

@ -1,5 +1,5 @@
# Basenet settings # Basenet settings
LOCAL_DOMAIN=neofs.devenv LOCAL_DOMAIN=frostfs.devenv
IPV4_PREFIX=192.168.130 IPV4_PREFIX=192.168.130
CA_CERTS_TRUSTED_STORE=/etc/ssl/certs CA_CERTS_TRUSTED_STORE=/etc/ssl/certs
@ -8,53 +8,63 @@ BASTION_VERSION=10
BASTION_IMAGE=debian BASTION_IMAGE=debian
# NeoGo privnet # NeoGo privnet
#CHAIN_PATH="/path/to/devenv.dump.gz" NEOGO_VERSION=0.104.0
CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.15.5/devenv_mainchain_notary_disabled.gz"
NEOGO_VERSION=0.99.2
NEOGO_IMAGE=nspccdev/neo-go NEOGO_IMAGE=nspccdev/neo-go
# NeoFS InnerRing nodes # FrostFS InnerRing nodes
IR_VERSION=0.32.0 IR_VERSION=0.42.9
IR_IMAGE=nspccdev/neofs-ir IR_IMAGE=git.frostfs.info/truecloudlab/frostfs-ir
# NeoFS Storage nodes # FrostFS Storage nodes
NODE_VERSION=0.32.0 NODE_VERSION=0.42.9
NODE_IMAGE=nspccdev/neofs-storage NODE_IMAGE=git.frostfs.info/truecloudlab/frostfs-storage
# NATS Server
NATS_VERSION=2.7.2
NATS_IMAGE=nats
# HTTP Gate # HTTP Gate
HTTP_GW_VERSION=0.24.0 HTTP_GW_VERSION=0.30.2
HTTP_GW_IMAGE=nspccdev/neofs-http-gw HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
# REST Gate # REST Gate
REST_GW_VERSION=0.4.0 REST_GW_VERSION=c9c85e90
REST_GW_IMAGE=nspccdev/neofs-rest-gw REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
# S3 Gate # S3 Gate
S3_GW_VERSION=0.24.0 S3_GW_VERSION=0.31.0-rc.4
S3_GW_IMAGE=nspccdev/neofs-s3-gw S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
# Coredns # Lifecycler
COREDNS_VERSION=v016 S3_LIFECYCLER_VERSION=0.1.3
COREDNS_IMAGE=nspccdev/coredns S3_LIFECYCLER_IMAGE=truecloudlab/frostfs-s3-lifecycler
# NeoFS LOCODE database # FrostFS LOCODE database
LOCODE_DB_URL=https://github.com/nspcc-dev/neofs-locode-db/releases/download/v0.2.1/locode_db.gz LOCODE_DB_URL=https://git.frostfs.info/attachments/a2e8def7-52b6-49f1-89cd-a056712e8e54
#LOCODE_DB_PATH=/path/to/locode_db #LOCODE_DB_PATH=/path/to/locode_db
# NeoFS CLI binary # FrostFS CLI binary
NEOFS_CLI_URL=https://github.com/nspcc-dev/neofs-node/releases/download/v0.32.0/neofs-cli-amd64.tar.gz FROSTFS_CLI_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-cli
#NEOFS_CLI_PATH=/path/to/neofs-cli-binary #FROSTFS_CLI_PATH=/path/to/frostfs-cli-binary
# NeoFS ADM tool binary # FrostFS ADM tool binary
NEOFS_ADM_VERSION=v0.32.0 FROSTFS_ADM_VERSION=498f9955ea
NEOFS_ADM_URL=https://github.com/nspcc-dev/neofs-node/releases/download/${NEOFS_ADM_VERSION}/neofs-adm-amd64.tar.gz FROSTFS_ADM_URL=https://git.frostfs.info/TrueCloudLab/frostfs-node/releases/download/v${NODE_VERSION}/frostfs-adm
#NEOFS_ADM_PATH=/path/to/neofs-adm-binary #FROSTFS_ADM_PATH=/path/to/frostfs-adm-binary
# Compiled NeoFS Smart Contracts # Compiled FrostFS Smart Contracts
NEOFS_CONTRACTS_VERSION=v0.15.5 FROSTFS_CONTRACTS_VERSION=694daebb19
NEOFS_CONTRACTS_URL=https://github.com/nspcc-dev/neofs-contract/releases/download/${NEOFS_CONTRACTS_VERSION}/neofs-contract-${NEOFS_CONTRACTS_VERSION}.tar.gz FROSTFS_CONTRACTS_URL=https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/download/v0.19.2/frostfs-contract-v0.19.2.tar.gz
#NEOFS_CONTRACTS_PATH=/path/to/unpacked/neofs-contracts-dir #FROSTFS_CONTRACTS_PATH=/path/to/unpacked/frostfs-contracts-dir
# Jaeger tracing
JAEGER_VERSION=1.42.0
JAEGER_IMAGE=jaegertracing/all-in-one
# Prometheus monitoring
PROMETHEUS_VERSION=v2.43.0
PROMETHEUS_IMAGE=prom/prometheus
# Grafana versions
GRAFANA_VERSION=9.5.6
GRAFANA_IMAGE=grafana/grafana
# Loki versions
LOKI_VERSION=2.9.1
LOKI_IMAGE=grafana/loki

View file

@ -0,0 +1,21 @@
name: DCO action
on: [pull_request]
jobs:
dco:
name: DCO
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version: '1.21'
- name: Run commit format checker
uses: https://git.frostfs.info/TrueCloudLab/dco-go@v2
with:
from: 'origin/${{ github.event.pull_request.base.ref }}'

1
.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
/services/grafana/provisioning/dashboards/* -diff -merge

1
.github/CODEOWNERS vendored Normal file
View file

@ -0,0 +1 @@
* @alexvanin @fyrchik

45
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View file

@ -0,0 +1,45 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: community, triage, bug
assignees: ''
---
<!--- Provide a general summary of the issue in the Title above -->
## Expected Behavior
<!--- If you're describing a bug, tell us what should happen -->
<!--- If you're suggesting a change/improvement, tell us how it should work -->
## Current Behavior
<!--- If describing a bug, tell us what happens instead of the expected behavior -->
<!--- If suggesting a change/improvement, explain the difference from current behavior -->
## Possible Solution
<!--- Not obligatory -->
<!--- If no reason/fix/additions for the bug can be suggested, -->
<!--- uncomment the following phrase: -->
<!--- No fix can be suggested by a QA engineer. Further solutions shall be up to developers. -->
## Steps to Reproduce (for bugs)
<!--- Provide a link to a live example, or an unambiguous set of steps to -->
<!--- reproduce this bug. -->
1.
## Context
<!--- How has this issue affected you? What are you trying to accomplish? -->
<!--- Providing context helps us come up with a solution that is most useful in the real world -->
## Regression
<!-- Is this issue a regression? (Yes / No) -->
<!-- If Yes, optionally please include version or commit id or PR# that caused this regression, if you have these details. -->
## Your Environment
<!--- Include as many relevant details about the environment you experienced the bug in -->
* Version used:
* Server setup and configuration:
* Operating System and version (`uname -a`):

1
.github/ISSUE_TEMPLATE/config.yml vendored Normal file
View file

@ -0,0 +1 @@
blank_issues_enabled: false

View file

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: community, triage
assignees: ''
---
## Is your feature request related to a problem? Please describe.
<!--- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
## Describe the solution you'd like
<!--- A clear and concise description of what you want to happen. -->
## Describe alternatives you've considered
<!--- A clear and concise description of any alternative solutions or features you've considered. -->
## Additional context
<!--- Add any other context or screenshots about the feature request here. -->

189
.github/logo.svg vendored
View file

@ -1,129 +1,70 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <?xml version="1.0" encoding="utf-8"?>
<svg <!-- Generator: Adobe Illustrator 25.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
xmlns:dc="http://purl.org/dc/elements/1.1/" <svg version="1.1" id="Слой_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
xmlns:cc="http://creativecommons.org/ns#" viewBox="0 0 184.2 51.8" style="enable-background:new 0 0 184.2 51.8;" xml:space="preserve">
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" <style type="text/css">
xmlns:svg="http://www.w3.org/2000/svg" .st0{display:none;}
xmlns="http://www.w3.org/2000/svg" .st1{display:inline;}
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" .st2{fill:#01E397;}
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" .st3{display:inline;fill:#010032;}
sodipodi:docname="logo_fs.svg" .st4{display:inline;fill:#00E599;}
inkscape:version="1.0 (4035a4fb49, 2020-05-01)" .st5{display:inline;fill:#00AF92;}
id="svg57" .st6{fill:#00C3E5;}
version="1.1" </style>
viewBox="0 0 105 25" <g id="Layer_2">
height="25mm" <g id="Layer_1-2" class="st0">
width="105mm"> <g class="st1">
<defs <path class="st2" d="M146.6,18.3v7.2h10.9V29h-10.9v10.7h-4V14.8h18v3.5H146.6z"/>
id="defs51"> <path class="st2" d="M180,15.7c1.7,0.9,3,2.2,4,3.8l-3,2.7c-0.6-1.3-1.5-2.4-2.6-3.3c-1.3-0.7-2.8-1-4.3-1
<clipPath c-1.4-0.1-2.8,0.3-4,1.1c-0.9,0.5-1.5,1.5-1.4,2.6c0,1,0.5,1.9,1.4,2.4c1.5,0.8,3.2,1.3,4.9,1.5c1.9,0.3,3.7,0.8,5.4,1.6
clipPathUnits="userSpaceOnUse" c1.2,0.5,2.2,1.3,2.9,2.3c0.6,1,1,2.2,0.9,3.4c0,1.4-0.5,2.7-1.3,3.8c-0.9,1.2-2.1,2.1-3.5,2.6c-1.7,0.6-3.4,0.9-5.2,0.8
id="clipPath434"> c-5,0-8.6-1.6-10.7-5l2.9-2.8c0.7,1.4,1.8,2.5,3.1,3.3c1.5,0.7,3.1,1.1,4.7,1c1.5,0.1,2.9-0.2,4.2-0.9c0.9-0.5,1.5-1.5,1.5-2.6
<path c0-0.9-0.5-1.8-1.3-2.2c-1.5-0.7-3.1-1.2-4.8-1.5c-1.9-0.3-3.7-0.8-5.5-1.5c-1.2-0.5-2.2-1.4-3-2.4c-0.6-1-1-2.2-0.9-3.4
d="M 0,0 H 1366 V 768 H 0 Z" c0-1.4,0.4-2.7,1.2-3.8c0.8-1.2,2-2.2,3.3-2.8c1.6-0.7,3.4-1.1,5.2-1C176.1,14.3,178.2,14.8,180,15.7z"/>
id="path432" />
</clipPath>
</defs>
<sodipodi:namedview
inkscape:window-maximized="0"
inkscape:window-y="0"
inkscape:window-x="130"
inkscape:window-height="1040"
inkscape:window-width="1274"
height="50mm"
units="mm"
showgrid="false"
inkscape:document-rotation="0"
inkscape:current-layer="layer1"
inkscape:document-units="mm"
inkscape:cy="344.49897"
inkscape:cx="468.64708"
inkscape:zoom="0.7"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
borderopacity="1.0"
bordercolor="#666666"
pagecolor="#ffffff"
id="base" />
<metadata
id="metadata54">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
id="layer1"
inkscape:groupmode="layer"
inkscape:label="Layer 1">
<g
id="g424"
transform="matrix(0.35277777,0,0,-0.35277777,63.946468,10.194047)">
<path
d="m 0,0 v -8.093 h 12.287 v -3.94 H 0 V -24.067 H -4.534 V 3.898 H 15.677 V 0 Z"
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path426" />
</g> </g>
<g <path class="st3" d="M73.3,16.3c1.9,1.9,2.9,4.5,2.7,7.1v15.9h-4V24.8c0-2.6-0.5-4.5-1.6-5.7c-1.2-1.2-2.8-1.8-4.5-1.7
transform="matrix(0.35277777,0,0,-0.35277777,-315.43002,107.34005)" c-1.3,0-2.5,0.3-3.7,0.8c-1.2,0.7-2.2,1.7-2.9,2.9c-0.8,1.5-1.1,3.2-1.1,4.9v13.3h-4V15.1l3.6,1.5v1.7c0.8-1.5,2.1-2.6,3.6-3.3
id="g428"> c1.5-0.8,3.2-1.2,4.9-1.1C68.9,13.8,71.3,14.7,73.3,16.3z"/>
<g <path class="st3" d="M104.4,28.3H85.6c0.1,2.2,1,4.3,2.5,5.9c1.5,1.4,3.5,2.2,5.6,2.1c1.6,0.1,3.2-0.2,4.6-0.9
id="g430" c1.1-0.6,2-1.6,2.5-2.8l3.3,1.8c-0.9,1.7-2.3,3.1-4,4c-2,1-4.2,1.5-6.4,1.4c-3.7,0-6.7-1.1-8.8-3.4s-3.2-5.5-3.2-9.6s1-7.2,3-9.5
clip-path="url(#clipPath434)"> s5-3.4,8.7-3.4c2.1-0.1,4.2,0.5,6.1,1.5c1.6,1,3,2.5,3.8,4.2c0.9,1.8,1.3,3.9,1.3,5.9C104.6,26.4,104.6,27.4,104.4,28.3z
<g M88.1,19.3c-1.4,1.5-2.2,3.4-2.4,5.5h15.1c-0.2-2-1-3.9-2.3-5.5c-1.4-1.3-3.2-2-5.1-1.9C91.5,17.3,89.6,18,88.1,19.3z"/>
id="g436" <path class="st3" d="M131,17.3c2.2,2.3,3.2,5.5,3.2,9.5s-1,7.3-3.2,9.6s-5.1,3.4-8.8,3.4s-6.7-1.1-8.9-3.4s-3.2-5.5-3.2-9.6
transform="translate(1112.874,278.2981)"> s1.1-7.2,3.2-9.5s5.1-3.4,8.9-3.4S128.9,15,131,17.3z M116.2,19.9c-1.5,2-2.2,4.4-2.1,6.9c-0.2,2.5,0.6,5,2.1,7
<path c1.5,1.7,3.7,2.7,6,2.6c2.3,0.1,4.4-0.9,5.9-2.6c1.5-2,2.3-4.5,2.1-7c0.1-2.5-0.6-4.9-2.1-6.9c-1.5-1.7-3.6-2.7-5.9-2.6
d="M 0,0 C 1.822,-0.932 3.354,-2.359 4.597,-4.28 L 1.165,-7.373 c -0.791,1.695 -1.779,2.924 -2.966,3.686 -1.186,0.763 -2.768,1.145 -4.745,1.145 -1.949,0 -3.461,-0.389 -4.534,-1.166 -1.074,-0.777 -1.61,-1.772 -1.61,-2.987 0,-1.13 0.523,-2.027 1.568,-2.69 1.045,-0.664 2.909,-1.236 5.593,-1.716 2.514,-0.452 4.512,-1.024 5.995,-1.716 1.483,-0.693 2.564,-1.554 3.242,-2.585 0.677,-1.031 1.016,-2.309 1.016,-3.834 0,-1.639 -0.466,-3.079 -1.398,-4.322 -0.932,-1.243 -2.239,-2.197 -3.919,-2.86 -1.681,-0.664 -3.623,-0.996 -5.826,-0.996 -5.678,0 -9.689,1.892 -12.033,5.678 l 3.178,3.178 c 0.903,-1.695 2.068,-2.939 3.495,-3.729 1.426,-0.791 3.199,-1.186 5.318,-1.186 2.005,0 3.58,0.345 4.724,1.038 1.144,0.692 1.716,1.674 1.716,2.945 0,1.017 -0.516,1.835 -1.547,2.457 -1.031,0.621 -2.832,1.172 -5.402,1.653 -2.571,0.479 -4.618,1.073 -6.143,1.779 -1.526,0.706 -2.635,1.582 -3.326,2.627 -0.693,1.045 -1.039,2.316 -1.039,3.813 0,1.582 0.438,3.023 1.314,4.322 0.875,1.299 2.14,2.33 3.792,3.093 1.653,0.763 3.58,1.144 5.783,1.144 C -4.018,1.398 -1.822,0.932 0,0" C119.9,17.2,117.7,18.2,116.2,19.9z"/>
style="fill:#00e396;fill-opacity:1;fill-rule:nonzero;stroke:none" <polygon class="st4" points="0,9.1 0,43.7 22.5,51.8 22.5,16.9 46.8,7.9 24.8,0 "/>
id="path438" /> <polygon class="st5" points="24.3,17.9 24.3,36.8 46.8,44.9 46.8,9.6 "/>
</g> </g>
<g <g>
id="g440" <g>
transform="translate(993.0239,277.5454)"> <path class="st6" d="M41.6,17.5H28.2v6.9h10.4v3.3H28.2v10.2h-3.9V14.2h17.2V17.5z"/>
<path <path class="st6" d="M45.8,37.9v-18h3.3l0.4,3.2c0.5-1.2,1.2-2.1,2.1-2.7c0.9-0.6,2.1-0.9,3.5-0.9c0.4,0,0.7,0,1.1,0.1
d="m 0,0 c 2.054,-1.831 3.083,-4.465 3.083,-7.902 v -17.935 h -4.484 v 16.366 c 0,2.914 -0.626,5.024 -1.877,6.332 -1.253,1.308 -2.924,1.962 -5.016,1.962 -1.495,0 -2.896,-0.327 -4.204,-0.981 -1.308,-0.654 -2.381,-1.719 -3.222,-3.194 -0.841,-1.477 -1.261,-3.335 -1.261,-5.576 v -14.909 h -4.484 V 1.328 l 4.086,-1.674 0.118,-1.84 c 0.933,1.681 2.222,2.923 3.867,3.727 1.643,0.803 3.493,1.205 5.548,1.205 C -4.671,2.746 -2.055,1.83 0,0" c0.4,0.1,0.7,0.2,0.9,0.3l-0.5,3.4c-0.3-0.1-0.6-0.2-0.9-0.2C55.4,23,54.9,23,54.4,23c-0.7,0-1.5,0.2-2.2,0.6
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none" c-0.7,0.4-1.3,1-1.8,1.8s-0.7,1.8-0.7,3v9.5H45.8z"/>
id="path442" /> <path class="st6" d="M68.6,19.6c1.8,0,3.3,0.4,4.6,1.1c1.3,0.7,2.4,1.8,3.1,3.2s1.1,3.1,1.1,5c0,1.9-0.4,3.6-1.1,5
</g> c-0.8,1.4-1.8,2.5-3.1,3.2c-1.3,0.7-2.9,1.1-4.6,1.1s-3.3-0.4-4.6-1.1c-1.3-0.7-2.4-1.8-3.2-3.2c-0.8-1.4-1.2-3.1-1.2-5
<g c0-1.9,0.4-3.6,1.2-5s1.8-2.5,3.2-3.2C65.3,19.9,66.8,19.6,68.6,19.6z M68.6,22.6c-1.1,0-2,0.2-2.8,0.7c-0.8,0.5-1.3,1.2-1.7,2.1
id="g444" s-0.6,2.1-0.6,3.5c0,1.3,0.2,2.5,0.6,3.4s1,1.7,1.7,2.2s1.7,0.7,2.8,0.7c1.1,0,2-0.2,2.7-0.7c0.7-0.5,1.3-1.2,1.7-2.2
transform="translate(1027.9968,264.0386)"> s0.6-2.1,0.6-3.4c0-1.4-0.2-2.5-0.6-3.5s-1-1.6-1.7-2.1C70.6,22.8,69.6,22.6,68.6,22.6z"/>
<path <path class="st6" d="M89.2,38.3c-1.8,0-3.4-0.3-4.9-1c-1.5-0.7-2.7-1.7-3.5-3l2.7-2.3c0.5,1,1.3,1.8,2.3,2.4
d="m 0,0 h -21.128 c 0.261,-2.84 1.205,-5.044 2.83,-6.613 1.625,-1.57 3.727,-2.355 6.305,-2.355 2.054,0 3.763,0.356 5.128,1.065 1.363,0.71 2.288,1.738 2.774,3.083 l 3.755,-1.961 c -1.121,-1.981 -2.616,-3.495 -4.484,-4.54 -1.868,-1.046 -4.259,-1.569 -7.173,-1.569 -4.223,0 -7.538,1.289 -9.948,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.149,8.127 3.447,10.705 2.298,2.578 5.557,3.867 9.779,3.867 2.615,0 4.876,-0.58 6.782,-1.738 1.905,-1.158 3.343,-2.728 4.315,-4.707 C -0.262,7.827 0.224,5.605 0.224,3.139 0.224,2.092 0.149,1.046 0,0 m -18.298,10.144 c -1.513,-1.457 -2.438,-3.512 -2.775,-6.165 h 16.982 c -0.3,2.615 -1.159,4.661 -2.578,6.137 -1.42,1.476 -3.307,2.214 -5.661,2.214 -2.466,0 -4.455,-0.728 -5.968,-2.186" c1,0.6,2.2,0.9,3.6,0.9c1.1,0,2-0.2,2.6-0.6c0.6-0.4,1-0.9,1-1.6c0-0.5-0.2-0.9-0.5-1.2s-0.9-0.6-1.7-0.8l-3.8-0.8
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none" c-1.9-0.4-3.3-1-4.1-1.9c-0.8-0.9-1.2-1.9-1.2-3.3c0-1,0.3-1.9,0.9-2.7c0.6-0.8,1.4-1.5,2.5-2s2.5-0.8,4-0.8c1.8,0,3.3,0.3,4.6,1
id="path446" /> c1.3,0.6,2.2,1.5,2.9,2.7l-2.7,2.2c-0.5-1-1.1-1.7-2-2.1c-0.9-0.5-1.8-0.7-2.8-0.7c-0.8,0-1.4,0.1-2,0.3c-0.6,0.2-1,0.5-1.3,0.8
</g> c-0.3,0.3-0.4,0.7-0.4,1.2c0,0.5,0.2,0.9,0.5,1.3s1,0.6,1.9,0.8l4.1,0.9c1.7,0.3,2.9,0.9,3.7,1.7c0.7,0.8,1.1,1.8,1.1,2.9
<g c0,1.2-0.3,2.2-0.9,3c-0.6,0.9-1.5,1.6-2.6,2C92.1,38.1,90.7,38.3,89.2,38.3z"/>
id="g448" <path class="st6" d="M112.8,19.9v3H99.3v-3H112.8z M106.6,14.6v17.9c0,0.9,0.2,1.5,0.7,1.9c0.5,0.4,1.1,0.6,1.9,0.6
transform="translate(1057.8818,276.4246)"> c0.6,0,1.2-0.1,1.7-0.3c0.5-0.2,0.9-0.5,1.3-0.8l0.9,2.8c-0.6,0.5-1.2,0.9-2,1.1c-0.8,0.3-1.7,0.4-2.7,0.4c-1,0-2-0.2-2.8-0.5
<path s-1.5-0.9-2-1.6c-0.5-0.8-0.7-1.7-0.8-3V15.7L106.6,14.6z"/>
d="m 0,0 c 2.41,-2.578 3.615,-6.147 3.615,-10.705 0,-4.558 -1.205,-8.126 -3.615,-10.704 -2.41,-2.578 -5.726,-3.867 -9.948,-3.867 -4.222,0 -7.537,1.289 -9.947,3.867 -2.41,2.578 -3.615,6.146 -3.615,10.704 0,4.558 1.205,8.127 3.615,10.705 2.41,2.578 5.725,3.867 9.947,3.867 C -5.726,3.867 -2.41,2.578 0,0 m -16.617,-2.858 c -1.607,-1.906 -2.41,-4.522 -2.41,-7.847 0,-3.326 0.803,-5.94 2.41,-7.846 1.607,-1.905 3.83,-2.858 6.669,-2.858 2.839,0 5.063,0.953 6.67,2.858 1.606,1.906 2.41,4.52 2.41,7.846 0,3.325 -0.804,5.941 -2.41,7.847 C -4.885,-0.953 -7.109,0 -9.948,0 c -2.839,0 -5.062,-0.953 -6.669,-2.858" <path d="M137.9,17.5h-13.3v6.9h10.4v3.3h-10.4v10.2h-3.9V14.2h17.2V17.5z"/>
style="fill:#000033;fill-opacity:1;fill-rule:nonzero;stroke:none" <path d="M150.9,13.8c2.1,0,4,0.4,5.5,1.2c1.6,0.8,2.9,2,4,3.5l-2.6,2.5c-0.9-1.4-1.9-2.4-3.1-3c-1.1-0.6-2.5-0.9-4-0.9
id="path450" /> c-1.2,0-2.1,0.2-2.8,0.5c-0.7,0.3-1.3,0.7-1.6,1.2c-0.3,0.5-0.5,1.1-0.5,1.7c0,0.7,0.3,1.4,0.8,1.9c0.5,0.6,1.5,1,2.9,1.3
</g> l4.8,1.1c2.3,0.5,3.9,1.3,4.9,2.3c1,1,1.4,2.3,1.4,3.9c0,1.5-0.4,2.7-1.2,3.8c-0.8,1.1-1.9,1.9-3.3,2.5s-3.1,0.9-5,0.9
</g> c-1.7,0-3.2-0.2-4.5-0.6c-1.3-0.4-2.5-1-3.5-1.8c-1-0.7-1.8-1.6-2.5-2.6l2.7-2.7c0.5,0.8,1.1,1.6,1.9,2.2
</g> c0.8,0.7,1.7,1.2,2.7,1.5c1,0.4,2.2,0.5,3.4,0.5c1.1,0,2.1-0.1,2.9-0.4c0.8-0.3,1.4-0.7,1.8-1.2c0.4-0.5,0.6-1.1,0.6-1.9
<g c0-0.7-0.2-1.3-0.7-1.8c-0.5-0.5-1.3-0.9-2.6-1.2l-5.2-1.2c-1.4-0.3-2.6-0.8-3.6-1.3c-0.9-0.6-1.6-1.3-2.1-2.1s-0.7-1.8-0.7-2.8
id="g452" c0-1.3,0.4-2.6,1.1-3.7c0.7-1.1,1.8-2,3.2-2.6C147.3,14.1,148.9,13.8,150.9,13.8z"/>
transform="matrix(0.35277777,0,0,-0.35277777,5.8329581,6.5590171)">
<path
d="m 0,0 0.001,-38.946 25.286,-9.076 V -8.753 L 52.626,1.321 27.815,10.207 Z"
style="fill:#00e599;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path454" />
</g>
<g
id="g456"
transform="matrix(0.35277777,0,0,-0.35277777,15.479008,10.041927)">
<path
d="M 0,0 V -21.306 L 25.293,-30.364 25.282,9.347 Z"
style="fill:#00b091;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="path458" />
</g> </g>
</g> </g>
</g>
</svg> </svg>

Before

Width:  |  Height:  |  Size: 6.5 KiB

After

Width:  |  Height:  |  Size: 5.5 KiB

View file

@ -1,21 +0,0 @@
name: DCO check
on:
pull_request:
branches:
- master
jobs:
commits_check_job:
runs-on: ubuntu-latest
name: Commits Check
steps:
- name: Get PR Commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: DCO Check
uses: tim-actions/dco@master
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}

10
.gitignore vendored
View file

@ -1,9 +1,17 @@
# IDE
.idea .idea
.vscode
# Vendoring
vendor vendor
temp
tmp tmp
.secrets .secrets
sites/* sites/*
!sites/.gitkeep !sites/.gitkeep
# Runtime generation keys
services/storage/*tls.crt services/storage/*tls.crt
services/storage/*tls.key services/storage/*tls.key
services/nats/*.pem

View file

@ -3,4 +3,4 @@
http_gate http_gate
s3_gate s3_gate
rest_gate rest_gate
coredns s3_lifecycler

View file

@ -3,8 +3,8 @@
First, thank you for contributing! We love and encourage pull requests from First, thank you for contributing! We love and encourage pull requests from
everyone. Please follow the guidelines: everyone. Please follow the guidelines:
- Check the open [issues](https://github.com/nspcc-dev/neofs-dev-env/issues) and - Check the open [issues](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/issues) and
[pull requests](https://github.com/nspcc-dev/neofs-dev-env/pulls) for existing [pull requests](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/pulls) for existing
discussions. discussions.
- Open an issue first, to discuss a new feature or enhancement. - Open an issue first, to discuss a new feature or enhancement.
@ -21,23 +21,23 @@ everyone. Please follow the guidelines:
## Development Workflow ## Development Workflow
Start by forking the `neofs-dev-env` repository, make changes in a branch and then Start by forking the `frostfs-dev-env` repository, make changes in a branch and then
send a pull request. We encourage pull requests to discuss code changes. Here send a pull request. We encourage pull requests to discuss code changes. Here
are the steps in details: are the steps in details:
### Setup your GitHub Repository ### Set up your git repository
Fork [NeoFS node upstream](https://github.com/nspcc-dev/neofs-dev-env/fork) source Fork [FrostFS node upstream](https://git.frostfs.info/repo/fork/24) source
repository to your own personal repository. Copy the URL of your fork (you will repository to your own personal repository. Copy the URL of your fork (you will
need it for the `git clone` command below). need it for the `git clone` command below).
```sh ```sh
$ git clone https://github.com/nspcc-dev/neofs-dev-env $ git clone https://git.frostfs.info/<username>/frostfs-dev-env.git
``` ```
### Set up git remote as ``upstream`` ### Set up git remote as ``upstream``
```sh ```sh
$ cd neofs-dev-env $ cd frostfs-dev-env
$ git remote add upstream https://github.com/nspcc-dev/neofs-dev-env $ git remote add upstream https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
$ git fetch upstream $ git fetch upstream
$ git merge upstream/master $ git merge upstream/master
... ...
@ -55,8 +55,7 @@ $ git checkout -b feature/123-something_awesome
### Test your changes ### Test your changes
After your code changes, make sure After your code changes, make sure
- To add test cases for the new code. - To run `make up` to check dev-env is not broken.
- To run `make lint`
- To squash your commits into a single commit or a series of logically separated - To squash your commits into a single commit or a series of logically separated
commits run `git rebase -i`. It's okay to force update your pull request. commits run `git rebase -i`. It's okay to force update your pull request.
@ -86,8 +85,8 @@ $ git push origin feature/123-something_awesome
``` ```
### Create a Pull Request ### Create a Pull Request
Pull requests can be created via GitHub. Refer to [this Pull requests can be created via Forgejo. Refer to [this
document](https://help.github.com/articles/creating-a-pull-request/) for document](https://docs.codeberg.org/collaborating/pull-requests-and-git-flow/) for
detailed steps on how to create a pull request. After a Pull Request gets peer detailed steps on how to create a pull request. After a Pull Request gets peer
reviewed and approved, it will be merged. reviewed and approved, it will be merged.
@ -103,7 +102,7 @@ contributors".
To sign your work, just add a line like this at the end of your commit message: To sign your work, just add a line like this at the end of your commit message:
``` ```
Signed-off-by: Samii Sakisaka <samii@nspcc.ru> Signed-off-by: Samii Sakisaka <samii@frostfs.info>
``` ```
This can easily be done with the `--signoff` option to `git commit`. This can easily be done with the `--signoff` option to `git commit`.

View file

@ -10,8 +10,8 @@ include .env
# help target # help target
include help.mk include help.mk
# update NeoFS global config targets # update FrostFS global config targets
include neofs_config.mk include frostfs_config.mk
# Targets to get required artifacts and external resources for each service # Targets to get required artifacts and external resources for each service
include services/*/artifacts.mk include services/*/artifacts.mk
@ -19,29 +19,31 @@ include services/*/artifacts.mk
# Targets helpful to prepare service environment # Targets helpful to prepare service environment
include services/*/prepare.mk include services/*/prepare.mk
# List of services to run
START_SVCS = $(shell cat .services | grep -v '#')
START_BASIC = $(shell cat .basic_services | grep -ve '#')
START_BOOTSTRAP = $(shell cat .bootstrap_services | grep -v '#')
STOP_SVCS = $(shell tac .services | grep -v '#')
STOP_BASIC = $(shell tac .basic_services | grep -v '#')
STOP_BOOTSTRAP = $(shell tac .bootstrap_services | grep -v '#')
# Enabled services dirs
ENABLED_SVCS_DIRS = $(shell echo "${START_BOOTSTRAP} ${START_BASIC} ${START_SVCS}" | sed 's|[^ ]* *|./services/&|g')
# Services that require artifacts # Services that require artifacts
GET_SVCS = $(shell grep -Rl "get.*:" ./services/* | sort -u | grep artifacts.mk | xargs -I {} dirname {} | xargs basename -a) GET_SVCS = $(shell grep -Rl "get.*:" ./services/* | sort -u | grep artifacts.mk | xargs -I {} dirname {} | xargs basename -a)
# Services that require pulling images # Services that require pulling images
PULL_SVCS = $(shell find ./services -type f -name 'docker-compose.yml' | sort -u | xargs -I {} dirname {} | xargs basename -a) PULL_SVCS = $(shell find ${ENABLED_SVCS_DIRS} -type f -name 'docker-compose.yml' | sort -u | xargs -I {} dirname {} | xargs basename -a)
# List of services to run
START_SVCS = $(shell cat .services | grep -v \\\#)
START_BASIC = $(shell cat .basic_services | grep -v \\\#)
START_BOOTSTRAP = $(shell cat .bootstrap_services | grep -v \\\#)
STOP_SVCS = $(shell tac .services | grep -v \\\#)
STOP_BASIC = $(shell tac .basic_services | grep -v \\\#)
STOP_BOOTSTRAP = $(shell tac .bootstrap_services | grep -v \\\#)
# List of hosts available in devenv # List of hosts available in devenv
HOSTS_LINES = $(shell grep -Rl IPV4_PREFIX ./services/* | grep .hosts) HOSTS_LINES = $(shell grep -Rl IPV4_PREFIX ./services/* | grep .hosts)
# Paths to protocol.privnet.yml # Paths to protocol.privnet.yml
MORPH_CHAIN_PROTOCOL = './services/morph_chain/protocol.privnet.yml' MORPH_CHAIN_PROTOCOL = './services/morph_chain/protocol.privnet.yml'
CHAIN_PROTOCOL = './services/chain/protocol.privnet.yml'
# List of grepped environment variables from *.env # List of grepped environment variables from *.env
GREP_DOTENV = $(shell find . -name '*.env' -exec grep -rhv -e '^\#' -e '^$$' {} + | sort -u ) GREP_DOTENV = $(shell find . -name '*.env' -exec grep -rhv -e '^#' -e '^$$' {} + | sort -u )
# Pull all required Docker images # Pull all required Docker images
.PHONY: pull .PHONY: pull
@ -49,7 +51,7 @@ pull:
$(foreach SVC, $(PULL_SVCS), $(shell cd services/$(SVC) && docker-compose pull)) $(foreach SVC, $(PULL_SVCS), $(shell cd services/$(SVC) && docker-compose pull))
@: @:
# Get all services artifacs # Get all services artifacts
.PHONY: get .PHONY: get
get: $(foreach SVC, $(GET_SVCS), get.$(SVC)) get: $(foreach SVC, $(GET_SVCS), get.$(SVC))
@: @:
@ -58,23 +60,42 @@ get: $(foreach SVC, $(GET_SVCS), get.$(SVC))
.PHONY: up .PHONY: up
up: up/basic up: up/basic
@$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) @$(foreach SVC, $(START_SVCS), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
@echo "Full NeoFS Developer Environment is ready" ./vendor/frostfs-adm morph proxy-add-account --config frostfs-adm.yml --account=`docker container exec morph_chain neo-go wallet dump-keys -w /wallets/s3-wallet.json | head -1 | awk '{print $1}'` || die "Couldn't set s3-gw wallet as proxy wallet"
@echo "Full FrostFS Developer Environment is ready"
# Build up NeoFS # Build up FrostFS
.PHONY: up/basic .PHONY: up/basic
up/basic: up/bootstrap up/basic: up/bootstrap
@$(foreach SVC, $(START_BASIC), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) @$(foreach SVC, $(START_BASIC), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
@./bin/tick.sh @./vendor/frostfs-adm -c ./frostfs-adm.yml morph force-new-epoch
@./bin/config.sh string SystemDNS container @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config SystemDNS=container --force
@echo "Basic NeoFS Developer Environment is ready" @echo "Basic FrostFS Developer Environment is ready"
# Start bootstrap services # Start bootstrap services
.PHONY: up/bootstrap .PHONY: up/bootstrap
up/bootstrap: get vendor/hosts up/bootstrap: get vendor/hosts
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) @$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
@./vendor/neofs-adm --config neofs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || exit 1 @source ./bin/helper.sh
@for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/neofs-adm -c neofs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || exit 1; done @./vendor/frostfs-adm --config frostfs-adm.yml morph init --contracts vendor/contracts
@echo "NeoFS sidechain environment is deployed" echo "Set rule chain to policy contract"
@./vendor/frostfs-adm --config frostfs-adm.yml morph \
ape add-rule-chain --target-type namespace --target-name "" \
--rule 'allow Container.* *' --chain-id "allow_container_ops"
@for f in ./services/storage/wallet*.json; do \
echo "Transfer GAS to wallet $${f}" \
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 \
|| die "Failed to transfer GAS to alphabet wallets"; \
done
@echo "Create frostfsid subject for ./wallets/wallet.json"; \
if [ -n "$$(./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid list-subjects --namespace '')" ]; then \
echo "Subject already exists"; \
else \
subj_key=`docker container exec -it morph_chain neo-go wallet dump-keys -w /wallets/wallet.json | tail -1 | tr -d ' \r\n'` \
&& echo "Subject key: $${subj_key}" \
&& ./vendor/frostfs-adm -c frostfs-adm.yml morph frostfsid create-subject --namespace "" --subject-key $${subj_key} --subject-name walletsubject \
|| die "Failed to create subject for the wallet"; \
fi
echo "FrostFS sidechain environment is deployed"
# Build up certain service # Build up certain service
.PHONY: up/% .PHONY: up/%
@ -85,7 +106,7 @@ up/%: get vendor/hosts
# Stop environment # Stop environment
.PHONY: down .PHONY: down
down: down/add down/basic down/bootstrap down: down/add down/basic down/bootstrap
@echo "Full NeoFS Developer Environment is down" @echo "Full FrostFS Developer Environment is down"
.PHONY: down/add .PHONY: down/add
down/add: down/add:
@ -106,6 +127,7 @@ down/bootstrap:
down/%: down/%:
@docker-compose -f services/$*/docker-compose.yml down @docker-compose -f services/$*/docker-compose.yml down
# Generate changes for /etc/hosts
.PHONY: vendor/hosts .PHONY: vendor/hosts
.ONESHELL: .ONESHELL:
vendor/hosts: vendor/hosts:
@ -119,7 +141,7 @@ vendor/hosts:
done < $${file}; done < $${file};
done > $@ done > $@
# Display changes for /etc/hosts # Generate and display changes for /etc/hosts
.PHONY: hosts .PHONY: hosts
hosts: vendor/hosts hosts: vendor/hosts
@cat vendor/hosts @cat vendor/hosts
@ -128,7 +150,7 @@ hosts: vendor/hosts
.PHONY: clean .PHONY: clean
.ONESHELL: .ONESHELL:
clean: clean:
@rm -rf vendor/* services/storage/s04tls.* services/nats/*.pem @rm -rf vendor/* services/storage/s04tls.*
@> .int_test.env @> .int_test.env
@for svc in $(PULL_SVCS) @for svc in $(PULL_SVCS)
do do
@ -144,8 +166,7 @@ clean:
.PHONY: env .PHONY: env
env: env:
@$(foreach envvar,$(GREP_DOTENV),echo $(envvar);) @$(foreach envvar,$(GREP_DOTENV),echo $(envvar);)
@echo MORPH_BLOCK_TIME=$(shell grep 'SecondsPerBlock' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')s @echo MORPH_BLOCK_TIME=$(shell grep 'TimePerBlock' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')s
@echo MAINNET_BLOCK_TIME=$(shell grep 'SecondsPerBlock' $(CHAIN_PROTOCOL) | awk '{print $$2}')s
@echo MORPH_MAGIC=$(shell grep 'Magic' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}') @echo MORPH_MAGIC=$(shell grep 'Magic' $(MORPH_CHAIN_PROTOCOL) | awk '{print $$2}')
# Restart storage nodes with clean volumes # Restart storage nodes with clean volumes

105
README.md
View file

@ -1,14 +1,14 @@
<p align="center"> <p align="center">
<img src="./.github/logo.svg" width="500px" alt="NeoFS"> <img src="./.github/logo.svg" width="500px" alt="FrostFS logo">
</p> </p>
<p align="center"> <p align="center">
<a href="https://fs.neo.org">NeoFS</a> local Development and Testing environment <a href="https://frostfs.info">FrostFS</a> local Development and Testing environment
</p> </p>
--- ---
## Overview ## Overview
Tools to set up local NeoFS network and N3 privnets. Devenv, for short. Tools to set up local FrostFS network and N3 privnets. Devenv, for short.
## Prerequisites ## Prerequisites
@ -27,7 +27,7 @@ Make sure you have installed all of the following prerequisites on your machine:
Clone repo: Clone repo:
``` ```
$ git clone https://github.com/nspcc-dev/neofs-dev-env.git $ git clone https://git.frostfs.info/TrueCloudLab/frostfs-dev-env.git
``` ```
Run next commands from project's root: Run next commands from project's root:
@ -42,11 +42,11 @@ been added already, there is no need to run it separately.
``` ```
$ make hosts $ make hosts
192.168.130.10 bastion.neofs.devenv 192.168.130.10 bastion.frostfs.devenv
192.168.130.50 main-chain.neofs.devenv 192.168.130.50 main-chain.frostfs.devenv
192.168.130.61 ir01.neofs.devenv 192.168.130.61 ir01.frostfs.devenv
... ...
192.168.130.74 s04.neofs.devenv 192.168.130.74 s04.frostfs.devenv
``` ```
This command shows addresses and hostnames of components. Add `make hosts` This command shows addresses and hostnames of components. Add `make hosts`
@ -57,37 +57,21 @@ Run all services with command:
$ make up $ make up
``` ```
When all services are up, you need to make GAS deposit for test wallet to be Also, you should add self-signed node (`s04.frostfs.devenv`) certificate to trusted
able to pay for NeoFS operations. Test wallet is located in
`wallets/wallet.json` with the corresponding key in `wallets/wallet.key`. The
password is empty.
```
$ make prepare.ir
password >
fa6ba62bffb04030d303dcc95bda7413e03aa3c7e6ca9c2f999d65db9ec9b82c
```
Also you should add self-signed node (`s04.neofs.devenv`) certificate to trusted
store (default location might be changed using `CA_CERTS_TRUSTED_STORE` store (default location might be changed using `CA_CERTS_TRUSTED_STORE`
variable). This step is required for client services (neofs-http-gw, variable). This step is required for client services (frostfs-http-gw,
neofs-s3-gw) to interact with the node: frostfs-s3-gw) to interact with the node:
``` ```
$ sudo make prepare.storage $ sudo make prepare.storage
``` ```
Change NeoFS global configuration values with `make update.*` commands. The Change FrostFS global configuration values with `make update.*` commands. The
password of inner ring wallet is `one`. See examples in `make help`. password of inner ring wallet is `one`. See examples in `make help`.
``` ```
$ make update.epoch_duration val=30 $ make update.epoch_duration val=30
Changing EpochDuration configration value to 30 Waiting for transactions to persist...
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
Sent invocation transaction dbb8c1145b6d10f150135630e13bb0dc282023163f5956c6945a60db0cb45cb0
Updating NeoFS epoch to 2
Enter account NNudMSGzEoktFzdYGYoNb3bzHzbmM1genF password >
Sent invocation transaction 0e6eb5e190f36332e5e5f4e866c7e100826e285fd949e11c085e15224f343ba6
``` ```
For instructions on how to set up DevEnv on macOS, please refer [the For instructions on how to set up DevEnv on macOS, please refer [the
@ -121,9 +105,9 @@ You can find more information on each service in `docs` directory.
Maybe you will find the answer for your question in [F.A.Q.](docs/faq.md) Maybe you will find the answer for your question in [F.A.Q.](docs/faq.md)
## Using NeoFS Admin Tool in `dev-env` ## Using FrostFS Admin Tool in `dev-env`
Devenv supports NeoFS network management via [neofs-adm](https://github.com/nspcc-dev/neofs-node/tree/master/cmd/neofs-adm). Devenv supports FrostFS network management via [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/src/branch/master/cmd/frostfs-adm).
`services/ir` contains the Alphabet wallet in a proper format, specify it `services/ir` contains the Alphabet wallet in a proper format, specify it
with `--alphabet-wallets` flag. with `--alphabet-wallets` flag.
@ -153,6 +137,65 @@ Display addresses and host names for each running service, if available.
Clean up `vendor` directory. Clean up `vendor` directory.
### s3cred
Registers user wallet and issues s3 credentials.
Usage and default parameter values:
```sh
make s3cred [password=""] [contract_password=s3] [wallet=/user_wallet.json] [gate_public_key=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf]
```
As soon as the storage node is in the network map (see above) you can generate S3
credentials:
``` sh
$ make s3cred
{
"access_key_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p",
"secret_access_key": "d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f",
"owner_private_key": "140947599afd9ca89af4b358c3176eb046e554d942a0dc99a8e06f3e43c8f4ad",
"wallet_public_key": "0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6",
"container_id": "EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT"
}
```
Running without any parameters will result in defaults which are based on the private key from
`/user-wallet.json` file and `/wallet.json` contract wallet.
Now let's configure an S3 client (AWS CLI will be used as example):
``` sh
$ aws configure
AWS Access Key ID []: EXArWh8x1zeHG3851s1RtoCo7dowxF6rhLGA15nbMffT0AKRSjJ5fmcqf3Ht2VCAkfmPQUVARghRB77xHCA1BoN2p
AWS Secret Access Key []: d70c1dba83f0f90bb231f06f1ce0e0dfbcfb122f4b4345a3c18d3869c359b79f
Default region name []: us-east-1
Default output format []: json
```
If you need to create credentials for different users, put user wallets to `wallets` dir and specify them via `wallet` parameter.
Pass wallet password in `password` parameter if it's not default. The same is for `contract_wallet` and `gate_public_key` params.
```sh
$ make s3cred wallet=custom_wallet.json password=test
{
"access_key_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys904W7xXFNKqem2ACvTRWRYJsZMCUikYFSokN7pPJziWyDi",
"secret_access_key": "21bb64fafa32c82417fd8b97ac56cc8a085998a3852632d52fe7042453daa440",
"owner_private_key": "10f6f9d7a47bb0bf68363ad8a99fe69f1493f8b6e1665b3e4e83feb2d5c7ee39",
"wallet_public_key": "03e38759973a6bb722baabc2dd84036a39f0b2f53d32fec45a4dacde8a50fe4b70",
"container_id": "jHhL5B33o16R4jQsb8wm9A3RRdS6KrTB5N4bja9Jys9"
}
```
To get credentials from custom wallet, place it in `wallets` dir before start.
### cred
Usage and default parameter values:
```sh
make cred [password=""] [contract_password=s3] [wallet=/user_wallet.json]
```
The same as `s3cred`, but it doesn't issues s3 credentials.
## Contributing ## Contributing
Feel free to contribute to this project after reading the [contributing Feel free to contribute to this project after reading the [contributing

View file

@ -1,49 +0,0 @@
#!/usr/bin/env bash
# Source env settings
. .env
. services/ir/.ir.env
source bin/helper.sh
# NeoGo binary path.
NEOGO="${NEOGO:-docker exec -it main_chain neo-go}"
# Wallet files to change config value
WALLET="${WALLET:-services/chain/node-wallet.json}"
WALLET_IMG="${WALLET_IMG:-wallets/node-wallet.json}"
# Wallet password that would be entered automatically; '-' means no password
PASSWD="one"
NETMAP_ADDR=$(bin/resolve.sh netmap.neofs)
# NeoFS configuration record: variable type [string|int|etc],
# key is a string and value is a constant of given type
TYPE=${1}
KEY=${2}
VALUE="${3}"
[ -z "$TYPE" ] && echo "Empty config value type" && exit 1
[ -z "$KEY" ] && echo "Empty config key" && exit 1
[ -z "$VALUE" ] && echo "Empty config value" && exit 1
# Internal variables
if [[ -z "${NEOFS_NOTARY_DISABLED}" ]]; then
ADDR=$(jq -r .accounts[2].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
else
ADDR=$(jq -r .accounts[0].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
fi
# Change config value in side chain
echo "Changing ${KEY} configration value to ${VALUE}"
# shellcheck disable=SC2086
./bin/passwd.exp ${PASSWD} ${NEOGO} contract invokefunction \
-w ${WALLET_IMG} \
-a ${ADDR} \
-r http://morph-chain.${LOCAL_DOMAIN}:30333 \
${NETMAP_ADDR} \
setConfig bytes:beefcafe \
string:${KEY} \
${TYPE}:${VALUE} -- ${ADDR} || exit 1
# Update epoch to apply new configuration value
./bin/tick.sh

View file

@ -1,34 +0,0 @@
#!/usr/bin/env bash
# Source env settings
. .env
. services/ir/.ir.env
source bin/helper.sh
# NeoGo binary path.
NEOGO="${NEOGO:-docker exec -it main_chain neo-go}"
# Wallet file to use for deposit GAS from
WALLET="${WALLET:-wallets/wallet.json}"
# Wallet password that would be entered automatically; '-' means no password
PASSWD="-"
# How much GAS to deposit. First cli argument or 50 by default
DEPOSIT="${1:-50}"
# Internal variables
ADDR=$(jq -r .accounts[0].address < "${WALLET}" \
|| die "Cannot get address from wallet: ${WALLET}")
CONTRACT_ADDR=$(${NEOGO} util convert "${NEOFS_IR_CONTRACTS_NEOFS}" \
| grep 'LE ScriptHash to Address' \
| awk '{print $5}' \
| grep -oP "[A-z0-9]+" \
|| die "Cannot parse contract address: ${NEOFS_IR_CONTRACTS_NEOFS}")
# Make deposit
# shellcheck disable=SC2086
./bin/passwd.exp ${PASSWD} ${NEOGO} wallet nep17 transfer \
-w ${WALLET} \
-r http://main-chain.${LOCAL_DOMAIN}:30333 \
--from ${ADDR} \
--to ${CONTRACT_ADDR} \
--token GAS \
--amount ${DEPOSIT}

View file

@ -1,23 +0,0 @@
#!/usr/bin/expect
set passwd [lindex $argv 0]
set args [lrange $argv 1 end]
spawn -noecho {*}$args
expect -re {^.*assword.*$}
if { $passwd == "-"} {
send -- "\r"
} else {
send -- "$passwd\r"
}
expect {
"Relay transaction" {
send "y\r"
exp_continue
}
EOF
}
lassign [wait] pid spawnid os_error_flag value
exit $value

View file

@ -1,22 +0,0 @@
#!/usr/bin/env bash
# Source env settings
. .env
source bin/helper.sh
# NeoGo binary path.
NEOGO="${NEOGO:-docker exec -t morph_chain neo-go}"
# NNS contract script hash
output=$(curl -s --data '{ "id": 1, "jsonrpc": "2.0", "method": "getcontractstate", "params": [1] }' \
"http://morph-chain.${LOCAL_DOMAIN}:30333/") \
|| die "Cannot fetch NNS contract state"
NNS_ADDR=$(jq -r '.result.hash' <<< "$output") \
|| die "Cannot parse NNS contract hash: $NNS_ADDR"
${NEOGO} contract testinvokefunction \
-r "http://morph-chain.${LOCAL_DOMAIN}:30333" \
"${NNS_ADDR}" resolve string:"${1}" int:16 \
| jq -r '.stack[0].value | if type=="array" then .[0].value else . end' \
| base64 -d \
|| die "Cannot invoke 'NNS.resolve' $output"

View file

@ -1,50 +0,0 @@
#!/usr/bin/env bash
# Source env settings
. .env
. services/ir/.ir.env
source bin/helper.sh
# NeoGo binary path.
NEOGO="${NEOGO:-docker exec -it main_chain neo-go}"
NEOGO_NONINTERACTIVE="${NEOGO_NONINTERACTIVE:-docker exec -t main_chain neo-go}"
# Wallet files to change config value
WALLET="${WALLET:-services/chain/node-wallet.json}"
WALLET_IMG="${WALLET_IMG:-wallets/node-wallet.json}"
# Wallet password that would be entered automatically; '-' means no password
PASSWD="one"
# Internal variables
if [[ -z "${NEOFS_NOTARY_DISABLED}" ]]; then
ADDR=$(jq -r .accounts[2].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
else
ADDR=$(jq -r .accounts[0].address < "${WALLET}" || die "Cannot get address from ${WALLET}")
fi
# Grep Morph block time
SIDECHAIN_PROTO="${SIDECHAIN_PROTO:-services/morph_chain/protocol.privnet.yml}"
BLOCK_DURATION=$(grep SecondsPerBlock < "$SIDECHAIN_PROTO" | awk '{print $2}') \
|| die "Cannot fetch block duration"
NETMAP_ADDR=$(bin/resolve.sh netmap.neofs) || die "Cannot resolve netmap.neofs"
# Fetch current epoch value
EPOCH=$(${NEOGO_NONINTERACTIVE} contract testinvokefunction \
-r "http://morph-chain.${LOCAL_DOMAIN}:30333" "${NETMAP_ADDR}" epoch \
| grep 'value' | awk -F'"' '{ print $4 }') \
|| die "Cannot fetch epoch from netmap contract"
echo "Updating NeoFS epoch to $((EPOCH+1))"
# shellcheck disable=SC2086
./bin/passwd.exp ${PASSWD} ${NEOGO} contract invokefunction \
-w ${WALLET_IMG} \
-a ${ADDR} \
-r http://morph-chain.${LOCAL_DOMAIN}:30333 \
${NETMAP_ADDR} \
newEpoch int:$((EPOCH+1)) -- ${ADDR}:Global
# Wait one Morph block to ensure the transaction broadcasted
# shellcheck disable=SC2086
sleep $BLOCK_DURATION

4
configs/s01-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet01.json
password: ""
rpc-endpoint: s01.frostfs.devenv:8080
endpoint: s01.frostfs.devenv:8081

4
configs/s02-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet02.json
password: ""
rpc-endpoint: s02.frostfs.devenv:8080
endpoint: s02.frostfs.devenv:8081

4
configs/s03-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet03.json
password: ""
rpc-endpoint: s03.frostfs.devenv:8080
endpoint: s03.frostfs.devenv:8081

4
configs/s04-cli.yml Normal file
View file

@ -0,0 +1,4 @@
wallet: services/storage/wallet04.json
password: ""
rpc-endpoint: s04.frostfs.devenv:8080
endpoint: s04.frostfs.devenv:8081

View file

@ -7,7 +7,7 @@ host machine, so all programs running on host can connect to services exposed to
## .env settings ## .env settings
### LOCAL_DOMAIN=neofs.devenv ### LOCAL_DOMAIN=frostfs.devenv
Domain to use for all containers exposed to `basenet_internet`. Domain to use for all containers exposed to `basenet_internet`.
@ -28,7 +28,7 @@ devenv services.
Run shell in bastion: Run shell in bastion:
``` ```
neofs-dev-env$ docker exec -ti bastion /bin/bash frostfs-dev-env$ docker exec -ti bastion /bin/bash
root@bastion:/# ip a sh root@bastion:/# ip a sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

View file

@ -1,158 +0,0 @@
# N3 main chain privnet service
A single-node N3 privnet deployment, running on
[neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 MainNet.
Contracts deployed:
- NeoFS [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/neofs)
- Processing [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/processing)
RPC available at `http://main-chain.neofs.devenv:30333`.
## .env settings
### CHAIN_URL
URL to get main chain dump. Used on artifact get stage.
### CHAIN_PATH
Path to get main chain dump. If set, overrides `CHAIN_URL`.
### NEOGO_VERSION
Version of neo-go docker container for main chain deployment.
## Main chain wallets
There is a wallet with GAS that used for contract deployment:
`wallets/wallet.json`. This wallet has one account with **empty password**.
```
$ neo-go wallet nep17 balance \
-w wallets/wallet.json \
-r http://main-chain.neofs.devenv:30333
Account NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
GAS: GasToken (d2a4cff31913016155e38e474a2c06d08be276cf)
Amount : 9978.0074623
Updated: 34
```
If you want to operate in main chain with your personal wallet (e.g. to make
a deposit in NeoFS contract), you can transfer GAS from there.
1. Create new wallet.
```
$ neo-go wallet init -a -w wallets/neofs1.json
Enter the name of the account > neofs1
Enter passphrase >
Confirm passphrase >
{
"version": "3.0",
"accounts": [
{
"address": "NXnzw3J9VvKXjM1BPAJK4QUpTtEQu4TpU6",
...
wallet successfully created, file location is wallets/neofs1.json
```
2. Transfer GAS from `wallets/wallet.json`. The password is empty.
```
$ neo-go wallet nep17 transfer \
-w wallets/wallet.json \
-r http://main-chain.neofs.devenv:30333 \
--from NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM \
--to NXnzw3J9VvKXjM1BPAJK4QUpTtEQu4TpU6 \
--amount 50 \
--token GAS
```
3. Check it's there.
```
$ neo-go wallet nep17 balance \
-w wallets/neofs1.json \
-r http://main-chain.neofs.devenv:30333
Account NXnzw3J9VvKXjM1BPAJK4QUpTtEQu4TpU6
GAS: GasToken (d2a4cff31913016155e38e474a2c06d08be276cf)
Amount : 50
Updated: 14689
```
## Claim GAS from consensus node
If there is no enough GAS on `wallets/wallet.json` account, you can claim some
GAS to consensus node's wallet and then transfer it.
Consensus node is running with `services/chain/node-wallet.json` wallet. It has
multiple accounts with the password `one`.
Claim GAS to consensus node's wallet. Use account that contains NEO tokens.
```
$ neo-go wallet claim \
-w services/chain/node-wallet.json \
-r http://main-chain.neofs.devenv:30333 \
-a NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP \
Password >
70e09bbd55846dcc7cee23905b737c63e5a80d32e387bce108bc6db8e641fb90
```
Then you can transfer GAS the same way as it was done in previous section.
```
$ neo-go wallet nep17 transfer \
-w services/chain/node-wallet.json \
-r http://main-chain.neofs.devenv:30333 \
--from NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP \
--to NXnzw3J9VvKXjM1BPAJK4QUpTtEQu4TpU6 \
--amount 50 \
--token GAS
```
## NeoFS GAS deposit
NeoFS identifies users by their Neo wallet key pair. To start using NeoFS in
devenv you need to transfer some GAS to NeoFS contract in main chain.
Invoke `bin/deposit.sh` script by running `make prepare.ir` command to transfer
50 GAS from account in `wallets/wallet.json` file. Script enters passwords
automatically with `expect` utility.
```
$ make prepare.ir
Password >
Can't find matching token in the wallet. Querying RPC-node for balances.
6713c776f4102300691d9c3c493bcd3402434f5e32e8147e0a5bc72209a1e410
```
Script converts addresses and executes this command:
```
$ neo-go wallet nep17 transfer \
-w wallets/wallet.json \
-r http://main-chain.neofs.devenv:30333 \
--from NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM \
--to NerhjaqJsJt4LxMqUbkkVMpsF2d9TtcpFv \
--token GAS \
--amount 50
```
You can specify any wallet address scripthash in the transfer's data argument,
and NeoFS deposit will be transferred to that address.
```
$ neo-go wallet nep17 transfer \
-w wallets/wallet.json \
-r http://main-chain.neofs.devenv:30333 \
--from NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM \
--to NerhjaqJsJt4LxMqUbkkVMpsF2d9TtcpFv \
--token GAS \
--amount 50 \
hash160:bd711de066e9c2f7b502c7f3f0e0a6f1c8341edd
```

View file

@ -1,9 +1,9 @@
# F.A.Q, tips and tricks # F.A.Q, tips and tricks
### How to export private key from Neo wallet for NeoFS use? ### How to export private key from Neo wallet for FrostFS use?
Private key for usage with NeoFS tools can be extracted from Neo wallet in three Private key for usage with FrostFS tools can be extracted from Neo wallet in three
simple steps. simple steps.
1. Get the key in WIF format 1. Get the key in WIF format
@ -17,7 +17,7 @@ KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr
2. Convert form WIF to HEX 2. Convert form WIF to HEX
``` ```
$ neofs-cli util keyer KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr $ frostfs-cli util keyer KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr
PrivateKey 1dd37fba80fec4e6a6f13fd708d8dcb3b29def768017052f6c930fa1c5d90bbb PrivateKey 1dd37fba80fec4e6a6f13fd708d8dcb3b29def768017052f6c930fa1c5d90bbb
PublicKey 031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a PublicKey 031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a
WIF KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr WIF KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr
@ -35,16 +35,16 @@ $ xxd wallets/wallet.key
00000010: b29d ef76 8017 052f 6c93 0fa1 c5d9 0bbb ...v.../l....... 00000010: b29d ef76 8017 052f 6c93 0fa1 c5d9 0bbb ...v.../l.......
``` ```
Later you will be able to provide wallet file in neofs-node config. Later you will be able to provide wallet file in frostfs-node config.
### How to create Neo wallet JSON file using a NeoFS key file? ### How to create Neo wallet JSON file using a FrostFS key file?
You will need `neo-go` and `neofs-cli`. You will need `neo-go` and `frostfs-cli`.
1. Get the WIF format of the private key 1. Get the WIF format of the private key
``` ```
$ neofs-cli util keyer -key ./services/ir/01.key | grep WIF | awk '{print $NF}' > temp_WIF $ frostfs-cli util keyer -key ./services/ir/01.key | grep WIF | awk '{print $NF}' > temp_WIF
``` ```
2. Init a new empty Neo wallet 2. Init a new empty Neo wallet

View file

@ -1,8 +1,8 @@
# HTTP Protocol gateway # HTTP Protocol gateway
Protocol Gateway to access data in NeoFS using HTTP protocol. Protocol Gateway to access data in FrostFS using HTTP protocol.
Source code and more information can be found in [project's GitHub repository](https://github.com/nspcc-dev/neofs-http-gate) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw)
## .env settings ## .env settings
@ -10,10 +10,10 @@ Source code and more information can be found in [project's GitHub repository](h
Image version label to use for containers. Image version label to use for containers.
If you want to use locally built image, just set it's label here. Instead of If you want to use locally built image, just set its label here. Instead of
pulling from DockerHub, the local image will be used. pulling from DockerHub, the local image will be used.
### HTTP_GW_IMAGE=nspccdev/neofs-http-gw ### HTTP_GW_IMAGE=truecloudlab/frostfs-http-gw
Image label prefix to use for containers. Image label prefix to use for containers.
@ -21,9 +21,9 @@ Image label prefix to use for containers.
- Create a new container - Create a new container
``` ```
$ neofs-cli --rpc-endpoint s01.neofs.devenv:8080 \ $ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
--key wallets/wallet.key \ --wallet wallets/wallet.key \
container create --basic-acl readonly --await \ container create --basic-acl private --await \
--policy "REP 1 SELECT 1 FROM *" --policy "REP 1 SELECT 1 FROM *"
container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP container ID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
awaiting... awaiting...
@ -32,17 +32,17 @@ container has been persisted on sidechain
``` ```
- Put an object into the newly created container - Put an object into the newly created container
``` ```
$ neofs-cli --rpc-endpoint s01.neofs.devenv:8080 \ $ frostfs-cli --rpc-endpoint s01.frostfs.devenv:8080 \
--key wallets/wallet.key \ --wallet wallets/wallet.key \
object put --file /tmp/backup.jpeg \ object put --file /tmp/backup.jpeg \
--cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP --cid 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
[/tmp/backup.jpeg] Object successfully stored [/tmp/backup.jpeg] Object successfully stored
ID: 6EPpYqSFMGWrNLvYE9mNnut1CPKuPBKyi1ixHakzqsSB ID: 6EPpYqSFMGWrNLvYE9mNnut1CPKuPBKyi1ixHakzqsSB
CID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP CID: 4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP
``` ```
- Call `curl -sSI -XGET http://http.neofs.devenv/get/<cid>/<oid>` - Call `curl -sSI -XGET http://http.frostfs.devenv/get/<cid>/<oid>`
``` ```
$ curl -sSI -XGET http://http.neofs.devenv/get/4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP/6EPpYqSFMGWrNLvYE9mNnut1CPKuPBKyi1ixHakzqsSB $ curl -sSI -XGET http://http.frostfs.devenv/get/4LfREK1cetL4PUji5fqj9SgRTSmaC5jExEDK9HKCDjdP/6EPpYqSFMGWrNLvYE9mNnut1CPKuPBKyi1ixHakzqsSB
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Thu, 03 Dec 2020 10:34:26 GMT Date: Thu, 03 Dec 2020 10:34:26 GMT
Content-Type: image/jpeg Content-Type: image/jpeg

View file

@ -1,6 +1,6 @@
# NeoFS Inner Ring # FrostFS Inner Ring
NeoFS Inner Ring (Alphabet) node. According to governance scheme, Inner Ring FrostFS Inner Ring (Alphabet) node. According to governance scheme, Inner Ring
should contain Alphabet nodes that share key with one of side chain consensus should contain Alphabet nodes that share key with one of side chain consensus
nodes. In basic setup there is a single consensus node and single Inner Ring nodes. In basic setup there is a single consensus node and single Inner Ring
(Alphabet) node. (Alphabet) node.
@ -14,6 +14,6 @@ Image version label to use for Inner Ring docker containers.
If you want to use locally built image, just set it's label here. Instead of If you want to use locally built image, just set it's label here. Instead of
pulling from DockerHub, the local image will be used. pulling from DockerHub, the local image will be used.
### IR_IMAGE=nspccdev/neofs-ir ### IR_IMAGE=truecloudlab/frostfs-ir
Image label prefix to use for Inner Ring docker containers. Image label prefix to use for Inner Ring docker containers.

View file

@ -1,72 +1,37 @@
# N3 NeoFS side chain privnet service # N3 FrostFS side chain privnet service
A single-node N3 privnet deployment, running on A single-node N3 privnet deployment, running on
[neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 NeoFS SideChain. [neo-go](https://github.com/nspcc-dev/neo-go). Represents N3 FrostFS SideChain.
Contracts deployed: Contracts deployed:
- Alphabet (AZ) [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/alphabet) - Alphabet (AZ) [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/alphabet)
- Audit [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/audit) - Audit [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/audit)
- Balance [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/balance) - Balance [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/balance)
- Container [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/container) - Container [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/container)
- Netmap [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/netmap) - Netmap [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/netmap)
- NeoFSID [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/neofsid) - NeoFSID [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/neofsid)
- Proxy [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/proxy) - Proxy [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/proxy)
- Reputation [contract](https://github.com/nspcc-dev/neofs-contract/tree/master/reputation) - Reputation [contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/src/branch/master/reputation)
RPC available at `http://morph-chain.neofs.devenv:30333`. RPC available at `http://morph-chain.frostfs.devenv:30333`.
## .env settings ## .env settings
### MORPH_CHAIN_URL
URL to get side chain dump. Used on artifact get stage.
### MORPH_CHAIN_PATH
Path to get side chain dump. If set, overrides `CHAIN_URL`.
### NEOGO_VERSION ### NEOGO_VERSION
Version of neo-go docker container for side chain deployment. Version of neo-go docker container for side chain deployment.
## Side chain wallets ## FrostFS global config
There is a wallet with GAS that used for contract deployment: FrostFS uses global configuration to store epoch duration, maximum object size,
`wallets/wallet.json`. This wallet has one account with **empty password**.
```
$ neo-go wallet nep17 balance \
-w wallets/wallet.json \
-r http://morph-chain.neofs.devenv:30333
Account NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM
GAS: GasToken (d2a4cff31913016155e38e474a2c06d08be276cf)
Amount : 189826.0515316
Updated: 3909
NEOFS: NeoFS Balance (69550190e740b93f92dbd5dea52246f550391057)
Amount : 50
Updated: 3909
```
This way you can also monitor NeoFS internal balance of your account.
## NeoFS global config
NeoFS uses global configuration to store epoch duration, maximum object size,
container fee and other network parameters. Global configuration is stored in container fee and other network parameters. Global configuration is stored in
netmap contract and managed by Inner Ring (Alphabet) nodes. netmap contract and managed by Inner Ring (Alphabet) nodes.
To change these parameters use `make update.*` commands. Command down below To change these parameters use `make update.*` commands. Command down below
changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30. changes epoch duration from 300 blocks (about 300 seconds with 1bps) to 30.
Script enters passwords automatically with `expect` utility.
``` ```
$ make update.epoch_duration val=30 $ make update.epoch_duration val=30
Changing EpochDuration configration value to 30 Waiting for transactions to persist...
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
Sent invocation transaction bdc0fa88cd6719ef6df2b9c82de423ddec6141ca24255c2d0072688083b1de9d
Updating NeoFS epoch to 20
Enter account NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP password >
Sent invocation transaction 12296e1ce24dd6c04edb9c56d0a1d0e26d3226adefb0333c74a28788f44a8d0f
``` ```
Read more about available configuration in Makefile help. Read more about available configuration in Makefile help.
@ -78,8 +43,12 @@ $ make help
... ...
update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100) update.audit_fee Update audit fee per result in fixed 12 (make update.audit_fee val=100)
update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000) update.basic_income_rate Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
update.container_alias_fee Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500) update.container_fee Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
update.eigen_trust_alpha Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2) update.eigen_trust_iterations Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30) update.epoch_duration Update epoch duration in side chain blocks (make update.epoch_duration val=30)
update.homomorphic_hashing_disable Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
update.max_object_size Update max object size in bytes (make update.max_object_size val=1000) update.max_object_size Update max object size in bytes (make update.max_object_size val=1000)
update.system_dns Update system dns to resolve container names (make update.system_dns val=container)
``` ```

View file

@ -9,64 +9,10 @@ to do these operations. Notary service calculates the exact amount of GAS
to execute transaction, therefore operations are cheaper (withdraw fee **with** to execute transaction, therefore operations are cheaper (withdraw fee **with**
notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS). notary is less than 0.5 GAS; withdraw fee **without** notary is up to 7.0 GAS).
By default, main chain service is running without notary service, and side chain Currently, frostfs-dev-env contains single chain (see morph service) and it
running with notary service. However, you can change that in configuration. enables notary service from the genesis block.
# Disable notary service in side chain To enable notary service, use neo-go configuration below.
To disable notary service in side chain do these steps.
1. Update `.env` and choose notary disabled chain dump for side chain.
```
MORPH_CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_sidechain_notary_disabled.gz"
```
Make sure to update chain dump files with `make get` target.
2. Update `service/morph_chain/protocol.privnet.yml` and disable notary settings
and state root in header.
```yaml
ProtocolConfiguration:
StateRootInHeader: false
P2PSigExtensions: false
ApplicationConfiguration:
P2PNotary:
Enabled: false
```
Chain dump without notary service does not have predefined network map.
Therefore, you need to wait about 5 minutes until new epoch tick with updated
network map.
3. Enable helper commands
To enable helper commands such as `make tick.epoch` or `make update.epoch_duration`
make sure to export non-empty `NEOFS_NOTARY_DISABLED` environment variable.
```
$ export NEOFS_NOTARY_DISABLED=1
```
Use `unset` command to return it back.
```
$ unset NEOFS_NOTARY_DISABLED
```
# Enable notary service in main chain
To enable notary service in main chain do these steps.
1. Update `.env` and choose notary enabled chain dump for main chain.
```
CHAIN_URL="https://github.com/nspcc-dev/neofs-contract/releases/download/v0.9.0/devenv_mainchain.gz"
```
Make sure to update chain dump files with `make get` target.
2. Update `service/chain/protocol.privnet.yml` and enable notary settings.
```yaml ```yaml
ProtocolConfiguration: ProtocolConfiguration:
@ -75,7 +21,3 @@ ApplicationConfiguration:
P2PNotary: P2PNotary:
Enabled: true Enabled: true
``` ```
Main chain generates a block once per 15 seconds, so Inner Ring takes about
15-30 seconds to make a notary deposit in main chain after startup. Then
neofs-dev-env is ready to work.

View file

@ -1,8 +1,8 @@
# REST Gateway # REST Gateway
REST Gateway to access data in NeoFS using REST. REST Gateway to access data in FrostFS using REST.
Source code and more information can be found in [project's GitHub repository](https://github.com/nspcc-dev/neofs-rest-gw) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-rest-gw)
## .env settings ## .env settings
@ -13,7 +13,7 @@ Image version label to use for containers.
If you want to use locally built image, just set its label here. If you want to use locally built image, just set its label here.
Instead of pulling from DockerHub, the local image will be used. Instead of pulling from DockerHub, the local image will be used.
### REST_GW_IMAGE=nspccdev/neofs-rest-gw ### REST_GW_IMAGE=truecloudlab/frostfs-rest-gw
Image label prefix to use for containers. Image label prefix to use for containers.
@ -22,7 +22,7 @@ Image label prefix to use for containers.
- List container for specific owner: - List container for specific owner:
```shell ```shell
$ curl http://rest.neofs.devenv:8090/v1/containers?ownerId=NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM | jq $ curl http://rest.frostfs.devenv:8090/v1/containers?ownerId=NbUgTSFvPmsRxmGeWpuuGeJUoRoi6PErcM | jq
{ {
"containers": [ "containers": [
{ {
@ -49,7 +49,7 @@ $ curl http://rest.neofs.devenv:8090/v1/containers?ownerId=NbUgTSFvPmsRxmGeWpuuG
- Get container info: - Get container info:
```shell ```shell
$ curl http://rest.neofs.devenv:8090/v1/containers/BKcAvz8awKKy9NGsGKi1Hoxxu9AjTGvjKMNMQamvdLmX | jq $ curl http://rest.frostfs.devenv:8090/v1/containers/BKcAvz8awKKy9NGsGKi1Hoxxu9AjTGvjKMNMQamvdLmX | jq
{ {
"attributes": [ "attributes": [
{ {
@ -67,4 +67,4 @@ $ curl http://rest.neofs.devenv:8090/v1/containers/BKcAvz8awKKy9NGsGKi1Hoxxu9AjT
} }
``` ```
See all available routes http://rest.neofs.devenv:8090/v1/docs See all available routes http://rest.frostfs.devenv:8090/v1/docs

View file

@ -1,8 +1,8 @@
# S3 Protocol gateway # S3 Protocol gateway
Protocol Gateway to access data in NeoFS using AWS S3 protocol Protocol Gateway to access data in FrostFS using AWS S3 protocol
Source code and more information can be found in [project's GitHub repository](https://github.com/nspcc-dev/neofs-s3-gw) Source code and more information can be found in [project's repository](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw)
## .env settings ## .env settings
@ -10,9 +10,9 @@ Source code and more information can be found in [project's GitHub repository](h
Image version label to use for containers. Image version label to use for containers.
If you want to use locally built image, just set it's label here. Instead of If you want to use locally built image, just set its label here. Instead of
pulling from DockerHub, the local image will be used. pulling from DockerHub, the local image will be used.
### S3_GW_IMAGE=nspccdev/neofs-s3-gw ### S3_GW_IMAGE=truecloudlab/frostfs-s3-gw
Image label prefix to use for containers. Image label prefix to use for containers.

View file

@ -6,9 +6,9 @@
Image version label to use for Storage docker containers. Image version label to use for Storage docker containers.
If you want to use locally built image, just set it's label here. Instead of If you want to use locally built image, just set its label here. Instead of
pulling from DockerHub, the local image will be used. pulling from DockerHub, the local image will be used.
### NODE_IMAGE=nspccdev/neofs-ir ### NODE_IMAGE=truecloudlab/frostfs-ir
Image label prefix to use for Storage docker containers. Image label prefix to use for Storage docker containers.

View file

@ -1,14 +1,16 @@
rpc-endpoint: http://morph-chain.neofs.devenv:30333 rpc-endpoint: http://morph-chain.frostfs.devenv:30333
alphabet-wallets: ./services/ir
network: network:
max_object_size: 67108864 max_object_size: 67108864
epoch_duration: 240 epoch_duration: 240
basic_income_rate: 100000000 basic_income_rate: 100000000
homomorphic_hash_disabled: false homomorphic_hash_disabled: false
maintenance_mode_allowed: true
fee: fee:
audit: 10000 audit: 10000
candidate: 10000000000 candidate: 10000000000
container: 1000 container: 0
container_alias: 500 container_alias: 0
withdraw: 100000000 withdraw: 100000000
credentials: credentials:
az: "one" az: "one"

View file

@ -1,44 +1,40 @@
# Update epoch duration in side chain blocks (make update.epoch_duration val=30) # Update epoch duration in side chain blocks (make update.epoch_duration val=30)
update.epoch_duration: update.epoch_duration:
@./bin/config.sh int EpochDuration $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EpochDuration=$(val)
# Update max object size in bytes (make update.max_object_size val=1000) # Update max object size in bytes (make update.max_object_size val=1000)
update.max_object_size: update.max_object_size:
@./bin/config.sh int MaxObjectSize $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config MaxObjectSize=$(val)
# Update audit fee per result in fixed 12 (make update.audit_fee val=100) # Update audit fee per result in fixed 12 (make update.audit_fee val=100)
update.audit_fee: update.audit_fee:
@./bin/config.sh int AuditFee $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config AuditFee=$(val)
# Update container fee per alphabet node in fixed 12 (make update.container_fee val=500) # Update container fee per alphabet node in fixed 12 (make update.container_fee val=500)
update.container_fee: update.container_fee:
@./bin/config.sh int ContainerFee $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config ContainerFee=$(val)
# Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100) # Update container alias fee per alphabet node in fixed 12 (make update.container_alias_fee val=100)
update.container_alias_fee: update.container_alias_fee:
@./bin/config.sh int ContainerAliasFee $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config ContainerAliasFee=$(val)
# Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2) # Update amount of EigenTrust iterations (make update.eigen_trust_iterations val=2)
update.eigen_trust_iterations: update.eigen_trust_iterations:
@./bin/config.sh int EigenTrustIterations $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EigenTrustIterations=$(val)
# Update system dns to resolve container names (make update.system_dns val=container) # Update system dns to resolve container names (make update.system_dns val=container)
update.system_dns: update.system_dns:
@./bin/config.sh string SystemDNS $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config SystemDNS=$(val) --force
# Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2) # Update alpha parameter of EigenTrust algorithm in 0 <= f <= 1.0 (make update.eigen_trust_alpha val=0.2)
update.eigen_trust_alpha: update.eigen_trust_alpha:
@./bin/config.sh string EigenTrustAlpha $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config EigenTrustAlpha=$(val)
# Update basic income rate in fixed 12 (make update.basic_income_rate val=1000) # Update basic income rate in fixed 12 (make update.basic_income_rate val=1000)
update.basic_income_rate: update.basic_income_rate:
@./bin/config.sh int BasicIncomeRate $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config BasicIncomeRate=$(val)
# Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true) # Update homomorphic hashing disabled flag (make update.homomorphic_hashing_disable val=true)
update.homomorphic_hashing_disable: update.homomorphic_hashing_disable:
@./bin/config.sh bool HomomorphicHashingDisabled $(val) @./vendor/frostfs-adm -c ./frostfs-adm.yml morph set-config HomomorphicHashingDisabled=$(val)
# Tick new epoch in side chain
tick.epoch:
@./bin/tick.sh

View file

@ -1,5 +1,7 @@
.PHONY: help .PHONY: help
HELP_MAKEFILE_LIST=$(filter-out %/artifacts.mk, $(MAKEFILE_LIST))
# Show this help prompt # Show this help prompt
help: help:
@echo ' Usage:' @echo ' Usage:'
@ -8,4 +10,4 @@ help:
@echo '' @echo ''
@echo ' Targets:' @echo ' Targets:'
@echo '' @echo ''
@awk '/^#/{ comment = substr($$0,3) } comment && /^[a-zA-Z][a-zA-Z0-9._-]+ ?:/{ print " ", $$1, comment }' $(MAKEFILE_LIST) | column -t -s ':' | grep -v 'IGNORE' | sort -u @awk '/^#/{ comment = substr($$0,3) } comment && /^[a-zA-Z][a-zA-Z0-9._/-]+ ?:/{ print " ", $$1, comment }' $(HELP_MAKEFILE_LIST) | column -t -s ':' | grep -v 'IGNORE' | sort -u

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
basenet: basenet:

View file

@ -1 +0,0 @@
IPV4_PREFIX.50 main-chain.LOCAL_DOMAIN

View file

@ -1,17 +0,0 @@
# Download privnet chain dump with pre-deployed NeoFS contracts
get.chain: CHAIN_DUMP_NAME=devenv.dump.
get.chain: CHAIN_PATH?=
get.chain:
@mkdir -p ./vendor
ifeq (${CHAIN_PATH},)
@echo "⇒ Download blockchain dump from ${CHAIN_URL}"
@curl \
-sSL "${CHAIN_URL}" \
-o ./vendor/chain.gz
else
@echo "⇒ Copy local archive ${CHAIN_PATH}"
@cp ${CHAIN_PATH} ./vendor/chain.gz
endif

View file

@ -1,30 +0,0 @@
---
version: "2.4"
services:
neofs_main_chain:
image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
container_name: main_chain
command: ["node", "--config-path", "/config", "--privnet", "--debug"]
domainname: ${LOCAL_DOMAIN}
hostname: main-chain
networks:
chain_int:
internet:
ipv4_address: ${IPV4_PREFIX}.50
stop_signal: SIGKILL
env_file: [ ".int_test.env" ]
environment:
- ACC=/chain.gz
volumes:
- ./../../vendor/chain.gz:/chain.gz
- ./protocol.privnet.yml:/config/protocol.privnet.yml
- ./node-wallet.json:/wallets/node-wallet.json
- ./../../vendor/hosts:/etc/hosts
- ./../../wallets/wallet.json:/wallets/wallet.json
networks:
chain_int:
internet:
external: true
name: basenet_internet

View file

@ -1,76 +0,0 @@
{
"version": "3.0",
"name":null,
"accounts": [
{
"address": "Nhfg3TbpwogLvDGVvAvqyThbsHgoSUKwtn",
"key": "6PYM8VdX2BSm7BSXKzV4Fz6S3R9cDLLWNrD9nMjxW352jEv3fsC8N3wNLY",
"label": "",
"contract": {
"script": "DCECs2Ir9AF73+MXxYrtX0x1PyBrfbiWBG+n13S7xL9/jcJBVuezJw==",
"parameters": [
{
"name": "parameter0",
"type": "Signature"
}
],
"deployed": false
},
"lock": false,
"extra":null,
"isDefault": false
},
{
"address": "NVTiAjNgagDkTr5HTzDmQP9kPwPHN5BgVq",
"key": "6PYM8VdX2BSm7BSXKzV4Fz6S3R9cDLLWNrD9nMjxW352jEv3fsC8N3wNLY",
"label": "",
"contract": {
"script": "EwwhAhA6f33QFlWFl/eWDSfFFqQ5T9loueZRVetLAT5AQEBuDCECp7xV/oaE4BGXaNEEujB5W9zIZhnoZK3SYVZyPtGFzWIMIQKzYiv0AXvf4xfFiu1fTHU/IGt9uJYEb6fXdLvEv3+NwgwhA9kMB99j5pDOd5EuEKtRrMlEtmhgI3tgjE+PgwnnHuaZFEGe0Nw6",
"parameters": [
{
"name": "parameter0",
"type": "Signature"
},
{
"name": "parameter1",
"type": "Signature"
},
{
"name": "parameter2",
"type": "Signature"
}
],
"deployed": false
},
"lock": false,
"extra":null,
"isDefault": false
},
{
"address": "NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP",
"key": "6PYM8VdX2BSm7BSXKzV4Fz6S3R9cDLLWNrD9nMjxW352jEv3fsC8N3wNLY",
"label": "",
"contract": {
"script": "EQwhArNiK/QBe9/jF8WK7V9MdT8ga324lgRvp9d0u8S/f43CEUGe0Nw6",
"parameters": [
{
"name": "parameter0",
"type": "Signature"
}
],
"deployed": false
},
"lock": false,
"extra":null,
"isDefault": false
}
],
"scrypt": {
"n": 16384,
"r": 8,
"p": 8
},
"extra": {
"Tokens": null
}
}

View file

@ -1,59 +0,0 @@
ProtocolConfiguration:
Magic: 56753
MaxTraceableBlocks: 200000
SecondsPerBlock: 1
MemPoolSize: 50000
StandbyCommittee:
- 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
ValidatorsCount: 1
SeedList:
- 172.200.0.1:20333
VerifyBlocks: true
VerifyTransactions: true
P2PSigExtensions: false
ApplicationConfiguration:
DBConfiguration:
Type: "boltdb"
BoltDBOptions:
FilePath: "./db/privnet.bolt"
NodePort: 20333
Relay: true
DialTimeout: 3
ProtoTickInterval: 2
PingInterval: 30
PingTimeout: 90
MaxPeers: 10
AttemptConnPeers: 5
MinPeers: 0
RPC:
Enabled: true
SessionEnabled: true
EnableCORSWorkaround: false
MaxGasInvoke: 15
Port: 30333
Prometheus:
Enabled: true
Port: 20001
Pprof:
Enabled: true
Port: 20011
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"
Oracle:
Enabled: true
NeoFS:
Nodes:
- s01.neofs.devenv:8080
- s02.neofs.devenv:8080
- s03.neofs.devenv:8080
- s04.neofs.devenv:8080
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"
P2PNotary:
Enabled: false
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"

View file

@ -1 +0,0 @@
IPV4_PREFIX.53 coredns.LOCAL_DOMAIN

View file

@ -1,8 +0,0 @@
. {
nns http://192.168.130.90:30333
transfer {
to *
}
log
debug
}

View file

@ -1,24 +0,0 @@
---
version: "2.4"
services:
neofs_coredns:
image: ${COREDNS_IMAGE}:${COREDNS_VERSION}
container_name: coredns
domainname: ${LOCAL_DOMAIN}
hostname: coredns
networks:
coredns:
internet:
ipv4_address: ${IPV4_PREFIX}.53
stop_signal: SIGKILL
env_file: [ ".int_test.env" ]
volumes:
- ./Corefile:/Corefile
- ./../../vendor/hosts:/etc/hosts
networks:
coredns:
internet:
external: true
name: basenet_internet

2
services/grafana/.hosts Normal file
View file

@ -0,0 +1,2 @@
IPV4_PREFIX.122 grafana.LOCAL_DOMAIN
IPV4_PREFIX.123 loki.LOCAL_DOMAIN

View file

@ -0,0 +1,31 @@
services:
grafana:
image: ${GRAFANA_IMAGE}:${GRAFANA_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: grafana
container_name: grafana
restart: on-failure
networks:
grafana_int:
internet:
ipv4_address: ${IPV4_PREFIX}.122
volumes:
- ./../../vendor/hosts:/etc/hosts
- ./grafana.ini:/etc/grafana/grafana.ini
- ./provisioning:/etc/grafana/provisioning
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
loki:
image: ${LOKI_IMAGE}:${LOKI_VERSION}
command: -config.file=/etc/loki/local-config.yaml
networks:
grafana_int:
internet:
ipv4_address: ${IPV4_PREFIX}.123
networks:
grafana_int:
internet:
external: true
name: basenet_internet

View file

@ -0,0 +1,7 @@
[auth.anonymous]
enabled = true
org_name = Main Org.
org_role = Editor
[dashboards]
default_home_dashboard_path= /etc/grafana/provisioning/dashboards/overview.json

Binary file not shown.

Binary file not shown.

View file

@ -0,0 +1,13 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
access: proxy
orgId: 1
url: http://prometheus:9090
- name: Loki
type: loki
access: proxy
orgId: 1
url: http://loki:3100

View file

@ -1,9 +0,0 @@
HTTP_GW_LISTEN_ADDRESS=0.0.0.0:80
HTTP_GW_LOGGER_LEVEL=info
HTTP_GW_REBALANCE_TIMER=5m
HTTP_GW_CONNECT_TIMEOUT=60s
HTTP_GW_REQUEST_TIMEOUT=300s
HTTP_GW_RESOLVE_ORDER=dns

View file

@ -0,0 +1,24 @@
logger:
level: debug
prometheus:
enabled: true
address: :9090
rebalance_timer: 5m # Interval to check nodes health
connect_timeout: 60s # Timeout to dial node
request_timeout: 300s # Timeout to check node health during rebalance
# The order in which resolvers are used to find an container id by name
resolve_order:
- nns
server:
- address: 0.0.0.0:80
# Wallet settings
wallet:
path: /wallet.json # Path to wallet
passphrase: one # Passphrase to decrypt wallet

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
http_gate: http_gate:
image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION} image: ${HTTP_GW_IMAGE}:${HTTP_GW_VERSION}
@ -8,8 +7,6 @@ services:
hostname: http_gate hostname: http_gate
container_name: http_gate container_name: http_gate
restart: on-failure restart: on-failure
dns:
- ${IPV4_PREFIX}.53
networks: networks:
http_gate_int: http_gate_int:
internet: internet:
@ -17,11 +14,13 @@ services:
volumes: volumes:
- ./wallet.json:/wallet.json - ./wallet.json:/wallet.json
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./cfg:/etc/frostfs/http
stop_signal: SIGKILL stop_signal: SIGKILL
env_file: [ ".env", ".http.env", ".int_test.env" ] env_file: [ ".env", ".http.env", ".int_test.env" ]
command: [ "frostfs-http-gw", "--config", "/etc/frostfs/http/config.yml" ]
environment: environment:
- HTTP_GW_WALLET_PATH=/wallet.json - HTTP_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
- HTTP_GW_WALLET_PASSPHRASE=one - HTTP_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080
- HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 - HTTP_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- HTTP_GW_PEERS_0_WEIGHT=0.2 - HTTP_GW_PEERS_0_WEIGHT=0.2
- HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080 - HTTP_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080

View file

@ -1,44 +1 @@
NEOFS_IR_LOGGER_LEVEL=debug FROSTFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512
# Profiler section
NEOFS_IR_PPROF_ENABLED=true
## Server address. Empty value disables profiler
NEOFS_IR_PPROF_ADDRESS=:6060
## Timeout to shut down the HTTP server
## Default: 30s
#NEOFS_IR_PROFILER_SHUTDOWN_TIMEOUT=1m
# Application metrics section
NEOFS_IR_PROMETHEUS_ENABLED=true
## Server address. Empty value disables metrics gathering
NEOFS_IR_PROMETHEUS_ADDRESS=:9090
## Timeout to shut down the HTTP server
## Default: 30s
#NEOFS_IR_METRICS_SHUTDOWN_TIMEOUT=1m
# Toggling the sidechain-only mode
NEOFS_IR_WITHOUT_MAINNET=false
NEOFS_IR_MAINNET_ENDPOINT_CLIENT_0_ADDRESS=ws://main-chain:30333/ws
NEOFS_IR_MORPH_ENDPOINT_CLIENT_0_ADDRESS=ws://morph-chain:30333/ws
NEOFS_IR_TIMERS_EMIT=50
NEOFS_IR_TIMERS_STOP_ESTIMATION_DIV=4
NEOFS_IR_TIMERS_COLLECT_BASIC_INCOME_DIV=2
NEOFS_IR_TIMERS_DISTRIBUTE_BASIC_INCOME_MUL=3
NEOFS_IR_TIMERS_DISTRIBUTE_BASIC_INCOME_DIV=4
NEOFS_IR_EMIT_STORAGE_AMOUNT=1000000000
NEOFS_IR_NETMAP_CLEANER_ENABLED=true
NEOFS_IR_CONTRACTS_NEOFS=913c08e0faa2b94516ac7effaea7a9363e492228
NEOFS_IR_CONTRACTS_PROCESSING=ab239aa64ff6419419390038682a58b3e7dd0e86
NEOFS_IR_MORPH_VALIDATORS=02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
NEOFS_IR_AUDIT_PDP_MAX_SLEEP_INTERVAL=100ms
NEOFS_IR_SETTLEMENT_BASIC_INCOME_RATE=100000000
NEOFS_IR_SETTLEMENT_AUDIT_FEE=100000
NEOFS_IR_LOCODE_DB_PATH=/locode/db
NEOFS_IR_CONTROL_GRPC_ENDPOINT=127.0.0.1:16512

View file

@ -1,42 +1,41 @@
# Get NeoFS LOCODE database # Get FrostFS IR artifacts (LOCODE database and FrostFS CLI)
LOCODE_DB_ARCHIVE_PATH=./vendor LOCODE_DB_ARCHIVE_PATH=./vendor
LOCODE_DB_ARCHIVE_FILE=locode_db.gz LOCODE_DB_ARCHIVE_FILE=locode_db.gz
get.ir: get.locode get.cli get.ir: get.locode get.cli
# Get FrostFS LOCODE database
get.locode: LOCODE_DB_PATH?= get.locode: LOCODE_DB_PATH?=
get.locode: get.locode:
@mkdir -p ${LOCODE_DB_ARCHIVE_PATH} @mkdir -p ${LOCODE_DB_ARCHIVE_PATH}
ifeq (${LOCODE_DB_PATH},) ifeq (${LOCODE_DB_PATH},)
@echo "⇒ Download NeoFS LOCODE database from ${LOCODE_DB_URL}" @echo "⇒ Download FrostFS LOCODE database from ${LOCODE_DB_URL}"
@curl \ @curl \
-sSL "${LOCODE_DB_URL}" \ -sSL "${LOCODE_DB_URL}" \
-o ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE} -o ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE}
else else
@echo "⇒ Copy local archive of NeoFS LOCODE database from ${LOCODE_DB_PATH}" @echo "⇒ Copy local archive of FrostFS LOCODE database from ${LOCODE_DB_PATH}"
@cp ${LOCODE_DB_PATH} ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE} @cp ${LOCODE_DB_PATH} ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE}
endif endif
gzip -dfk ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE} gzip -dfk ${LOCODE_DB_ARCHIVE_PATH}/${LOCODE_DB_ARCHIVE_FILE}
# Download FrostFS CLI
.ONESHELL: .ONESHELL:
get.cli: NEOFS_CLI_FILE=./vendor/neofs-cli get.cli: FROSTFS_CLI_FILE=./vendor/frostfs-cli
get.cli: NEOFS_CLI_ARCHIVE_FILE=${NEOFS_CLI_FILE}.tar.gz get.cli: FROSTFS_CLI_PATH?=
get.cli: NEOFS_CLI_PATH?=
get.cli: get.cli:
@mkdir -p ./vendor @mkdir -p ./vendor
ifeq (${NEOFS_CLI_PATH},) ifeq (${FROSTFS_CLI_PATH},)
@echo "⇒ Download NeoFS CLI binary from ${NEOFS_CLI_URL}" @echo "⇒ Download FrostFS CLI binary from ${FROSTFS_CLI_URL}"
@curl \ @curl \
-sSL "${NEOFS_CLI_URL}" \ -ksSL "${FROSTFS_CLI_URL}" \
-o ${NEOFS_CLI_ARCHIVE_FILE} -o ${FROSTFS_CLI_FILE}
@tar -xvf ${NEOFS_CLI_ARCHIVE_FILE} -C ./vendor | xargs -I {} \ @chmod +x ${FROSTFS_CLI_FILE}
mv ./vendor/{} ${NEOFS_CLI_FILE}
@rm ${NEOFS_CLI_ARCHIVE_FILE}
else else
@echo "⇒ Copy local binary from ${NEOFS_CLI_PATH}" @echo "⇒ Copy local binary from ${FROSTFS_CLI_PATH}"
@cp ${NEOFS_CLI_PATH} ${NEOFS_CLI_FILE} @cp ${FROSTFS_CLI_PATH} ${FROSTFS_CLI_FILE}
endif endif

View file

@ -0,0 +1,76 @@
# Logger section
logger:
level: debug # Minimum enabled logging level
# Wallet settings
wallet:
path: /wallet.json # Path to NEP-6 NEO wallet file
address: Nhfg3TbpwogLvDGVvAvqyThbsHgoSUKwtn # Account address in the wallet; ignore to use default address
password: one # Account password in the wallet
# Profiler section
pprof:
enabled: true
address: :6060 # Endpoint for application pprof profiling; disabled by default
shutdown_timeout: 30s # Timeout for profiling HTTP server graceful shutdown
# Application metrics section
prometheus:
enabled: true
address: :9090 # Endpoint for application prometheus metrics; disabled by default
shutdown_timeout: 30s # Timeout for metrics HTTP server graceful shutdown
# Toggling the sidechain-only mode
without_mainnet: true
# Neo main chain RPC settings
mainnet:
endpoint:
client: # List of websocket RPC endpoints in mainchain; ignore if mainchain is disabled
- address: ws://main-chain:30333/ws
# Neo side chain RPC settings
morph:
endpoint:
client: # List of websocket RPC endpoints in sidechain
- address: ws://morph-chain:30333/ws
validators: # List of hex-encoded 33-byte public keys of sidechain validators to vote for at application startup
- 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
# Network time settings
timers:
emit: 50 # Number of sidechain blocks between GAS emission cycles; disabled by default
stop_estimation:
mul: 1 # Multiplier in x/y relation of when to stop basic income estimation within the epoch
div: 4 # Divider in x/y relation of when to stop basic income estimation within the epoch
collect_basic_income:
mul: 1 # Multiplier in x/y relation of when to start basic income asset collection within the epoch
div: 2 # Divider in x/y relation of when to start basic income asset collecting within the epoch
distribute_basic_income:
mul: 3 # Multiplier in x/y relation of when to start basic income asset distribution within the epoch
div: 4 # Divider in x/y relation of when to start basic income asset distribution within the epoch
# Storage node GAS emission settings
emit:
storage:
amount: 1000000000 # Fixed8 value of sidechain GAS emitted to all storage nodes once per GAS emission cycle; disabled by default
# Storage node removal settings
netmap_cleaner:
enabled: true # Enable voting for removing stale storage nodes from network map
threshold: 3 # Number of FrostFS epoch without bootstrap request from storage node before it considered stale
# Audit settings
audit:
pdp:
max_sleep_interval: 100ms # Maximum timeout between object.RangeHash requests to the storage node
# Settlement settings
settlement:
basic_income_rate: 100000000 # Optional: override basic income rate value from network config; applied only in debug mode
audit_fee: 100000 # Optional: override audit fee value from network config; applied only in debug mode
# LOCODE database
locode:
db:
path: /locode/db # Path to UN/LOCODE database file

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
ir01: ir01:
@ -13,21 +12,19 @@ services:
ir_int: ir_int:
internet: internet:
ipv4_address: ${IPV4_PREFIX}.61 ipv4_address: ${IPV4_PREFIX}.61
stop_signal: SIGKILL stop_signal: SIGTERM
stop_grace_period: 15s
volumes: volumes:
- ./az.json:/wallet.json - ./az.json:/wallet.json
- ./az.key:/wallet01.key - ./az.key:/wallet01.key
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./../../vendor/locode_db:/locode/db - ./../../vendor/locode_db:/locode/db
- ./../../vendor/neofs-cli:/neofs-cli - ./../../vendor/frostfs-cli:/frostfs-cli
- ./healthcheck.sh:/healthcheck.sh - ./cfg:/etc/frostfs/ir
env_file: [ ".env", ".ir.env", ".int_test.env" ] env_file: [ ".env", ".ir.env", ".int_test.env" ]
environment: command: [ "frostfs-ir", "--config", "/etc/frostfs/ir/config.yml" ]
- NEOFS_IR_WALLET_PATH=/wallet.json
- NEOFS_IR_WALLET_ADDRESS=Nhfg3TbpwogLvDGVvAvqyThbsHgoSUKwtn
- NEOFS_IR_WALLET_PASSWORD=one
healthcheck: healthcheck:
test: ["CMD-SHELL", "/healthcheck.sh"] test: ["CMD-SHELL", "/frostfs-cli control ir healthcheck -q --wallet /wallet01.key --endpoint \"$$FROSTFS_IR_CONTROL_GRPC_ENDPOINT\""]
interval: 2s interval: 2s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View file

@ -1,6 +0,0 @@
#!/bin/sh
/neofs-cli control healthcheck \
--endpoint "$NEOFS_IR_CONTROL_GRPC_ENDPOINT" \
--wallet /wallet01.key --ir |
grep "Health status: READY"

View file

@ -1,3 +0,0 @@
# Deposit GAS from default wallet to NeoFS privnet contract
prepare.ir:
@./bin/deposit.sh

1
services/jaeger/.hosts Normal file
View file

@ -0,0 +1 @@
IPV4_PREFIX.120 jaeger.LOCAL_DOMAIN

View file

View file

@ -0,0 +1,31 @@
services:
jaeger:
image: ${JAEGER_IMAGE}:${JAEGER_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: jaeger
container_name: jaeger
restart: on-failure
networks:
jaeger_int:
internet:
ipv4_address: ${IPV4_PREFIX}.120
volumes:
- ./../../vendor/hosts:/etc/hosts
ports:
- '4317:4317' #OTLP over gRPC
- '4318:4318' #OTLP over HTTP
- '16686:16686' #frontend
stop_signal: SIGKILL
env_file: [ ".env", ".jaeger.env", ".int_test.env" ]
environment:
- COLLECTOR_OTLP_ENABLED=true
- SPAN_STORAGE_TYPE=badger
- BADGER_EPHEMERAL=false
- BADGER_DIRECTORY_VALUE=/badger/data
- BADGER_DIRECTORY_KEY=/badger/key
networks:
jaeger_int:
internet:
external: true
name: basenet_internet

View file

@ -1,32 +1,32 @@
# Download NeoFS Contracts and Adm tool to deploy environment # Download FrostFS Contracts and Adm tool to deploy environment
get.morph_chain: get.contracts get.adm get.morph_chain: get.contracts get.adm
get.contracts: NEOFS_CONTRACTS_DEST=./vendor/contracts # Download FrostFS Contracts
get.contracts: NEOFS_CONTRACTS_ARCHIVE=neofs-contracts.tar.gz get.contracts: FROSTFS_CONTRACTS_DEST=./vendor/contracts
get.contracts: FROSTFS_CONTRACTS_ARCHIVE=frostfs-contracts.tar.gz
get.contracts: get.contracts:
@mkdir -p ${NEOFS_CONTRACTS_DEST} @mkdir -p ${FROSTFS_CONTRACTS_DEST}
ifeq (${NEOFS_CONTRACTS_PATH},) ifeq (${FROSTFS_CONTRACTS_PATH},)
@echo "⇒ Download compiled NeoFS contracts from ${NEOFS_CONTRACTS_URL}" @echo "⇒ Download compiled FrostFS contracts from ${FROSTFS_CONTRACTS_URL}"
@curl -sSL ${NEOFS_CONTRACTS_URL} -o ${NEOFS_CONTRACTS_ARCHIVE} @curl -ksSL ${FROSTFS_CONTRACTS_URL} -o ${FROSTFS_CONTRACTS_ARCHIVE}
@tar -xf ${NEOFS_CONTRACTS_ARCHIVE} -C ${NEOFS_CONTRACTS_DEST} --strip-components 1 @tar -xf ${FROSTFS_CONTRACTS_ARCHIVE} -C ${FROSTFS_CONTRACTS_DEST} --strip-components 1
@rm ${NEOFS_CONTRACTS_ARCHIVE} @rm ${FROSTFS_CONTRACTS_ARCHIVE}
else else
@echo "⇒ Copy compiled contracts from ${NEOFS_CONTRACTS_PATH}" @echo "⇒ Copy compiled contracts from ${FROSTFS_CONTRACTS_PATH}"
@cp -r ${NEOFS_CONTRACTS_PATH} ${NEOFS_CONTRACTS_DEST} @cp -r ${FROSTFS_CONTRACTS_PATH}/* ${FROSTFS_CONTRACTS_DEST}
endif endif
get.adm: NEOFS_ADM_DEST=./vendor/neofs-adm # Download FrostFS ADM tool
get.adm: NEOFS_ADM_ARCHIVE=neofs-adm.tar.gz get.adm: FROSTFS_ADM_DEST=./vendor/frostfs-adm
get.adm: get.adm:
ifeq (${NEOFS_ADM_PATH},) ifeq (${FROSTFS_ADM_PATH},)
@echo "⇒ Download NeoFS ADM binary from ${NEOFS_ADM_URL}" @echo "⇒ Download FrostFS ADM binary from ${FROSTFS_ADM_URL}"
@curl -sSL ${NEOFS_ADM_URL} -o ${NEOFS_ADM_ARCHIVE} @curl -skSL ${FROSTFS_ADM_URL} -o ${FROSTFS_ADM_DEST}
@tar -xvf ${NEOFS_ADM_ARCHIVE} -C ./vendor | xargs -I {} \ @chmod +x ${FROSTFS_ADM_DEST}
mv ./vendor/{} ${NEOFS_ADM_DEST}
@rm ${NEOFS_ADM_ARCHIVE}
else else
@echo "⇒ Copy neofs-adm binary from ${NEOFS_ADM_PATH}" @echo "⇒ Copy frostfs-adm binary from ${FROSTFS_ADM_PATH}"
@cp ${NEOFS_ADM_PATH} ${NEOFS_ADM_DEST} @cp ${FROSTFS_ADM_PATH} ${FROSTFS_ADM_DEST}
endif endif

View file

@ -0,0 +1,4 @@
---
Path: "/wallets/node-wallet.json"
Password: "one"

View file

@ -1,8 +1,7 @@
--- ---
version: "2.4"
services: services:
neofs_morph_chain: frostfs_morph_chain:
image: ${NEOGO_IMAGE}:${NEOGO_VERSION} image: ${NEOGO_IMAGE}:${NEOGO_VERSION}
container_name: morph_chain container_name: morph_chain
command: ["node", "--config-path", "/config", "--privnet", "--debug"] command: ["node", "--config-path", "/config", "--privnet", "--debug"]
@ -17,11 +16,17 @@ services:
volumes: volumes:
- ./protocol.privnet.yml:/config/protocol.privnet.yml - ./protocol.privnet.yml:/config/protocol.privnet.yml
- ./node-wallet.json:/wallets/node-wallet.json - ./node-wallet.json:/wallets/node-wallet.json
- ./config.yml:/wallets/config.yml
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
- ./../../wallets/wallet.json:/wallets/wallet.json - ./../../wallets/wallet.json:/wallets/wallet.json
- ./../s3_gate/wallet.json:/wallets/s3-wallet.json
- chains:/chains
networks: networks:
chain_int: chain_int:
internet: internet:
external: true external: true
name: basenet_internet name: basenet_internet
volumes:
chains:

View file

@ -1,49 +1,56 @@
ProtocolConfiguration: ProtocolConfiguration:
Magic: 15405 Magic: 15405
MaxTraceableBlocks: 200000 MaxTraceableBlocks: 200000
SecondsPerBlock: 1 TimePerBlock: 1s
MemPoolSize: 50000 MemPoolSize: 50000
StandbyCommittee: StandbyCommittee:
- 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2 - 02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2
ValidatorsCount: 1 ValidatorsCount: 1
SeedList: SeedList:
- 172.200.0.1:20333 - 172.200.0.1:20333
VerifyBlocks: true
VerifyTransactions: true VerifyTransactions: true
StateRootInHeader: true StateRootInHeader: true
P2PSigExtensions: true P2PSigExtensions: true
ApplicationConfiguration: ApplicationConfiguration:
SkipBlockVerification: false
DBConfiguration: DBConfiguration:
Type: "boltdb" Type: "boltdb"
BoltDBOptions: BoltDBOptions:
FilePath: "./db/morph.bolt" FilePath: "/chains/morph.bolt"
NodePort: 20333 P2P:
Relay: true Addresses:
DialTimeout: 3 - ":20333"
ProtoTickInterval: 2 DialTimeout: 3s
PingInterval: 30 ProtoTickInterval: 2s
PingTimeout: 90 PingInterval: 30s
PingTimeout: 90s
MaxPeers: 10 MaxPeers: 10
AttemptConnPeers: 5 AttemptConnPeers: 5
MinPeers: 0 MinPeers: 0
Relay: true
Consensus:
Enabled: true
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"
RPC: RPC:
Addresses:
- ":30333"
Enabled: true Enabled: true
SessionEnabled: true SessionEnabled: true
EnableCORSWorkaround: false EnableCORSWorkaround: false
MaxGasInvoke: 100 MaxGasInvoke: 100
Port: 30333
P2PNotary: P2PNotary:
Enabled: true Enabled: true
UnlockWallet: UnlockWallet:
Path: "./wallets/node-wallet.json" Path: "./wallets/node-wallet.json"
Password: "one" Password: "one"
Prometheus: Prometheus:
Addresses:
- ":20001"
Enabled: true Enabled: true
Port: 20001
Pprof: Pprof:
Addresses:
- ":20011"
Enabled: true Enabled: true
Port: 20011
UnlockWallet:
Path: "./wallets/node-wallet.json"
Password: "one"

View file

@ -1 +0,0 @@
IPV4_PREFIX.101 nats.LOCAL_DOMAIN

View file

@ -1,7 +0,0 @@
# Create new tls certs
NATS_DIR=$(abspath services/nats)
get.nats:
@echo "⇒ Creating certs for NATS server and clients"
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN}

View file

@ -1,31 +0,0 @@
---
version: "2.4"
services:
nats:
image: ${NATS_IMAGE}:${NATS_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: nats
container_name: nats
restart: on-failure
dns:
- ${IPV4_PREFIX}.101
networks:
nats_int:
internet:
ipv4_address: ${IPV4_PREFIX}.101
volumes:
- ./../../vendor/hosts:/etc/hosts
- ./nats.conf:/etc/nats/neofs-nats-server.conf
- ./server-cert.pem:/certs/server-cert.pem
- ./server-key.pem:/certs/server-key.pem
- ./ca-cert.pem:/certs/ca-cert.pem
stop_signal: SIGKILL
env_file: [ ".env", ".int_test.env" ]
command: ["-c", "/etc/nats/neofs-nats-server.conf"]
networks:
nats_int:
internet:
external: true
name: basenet_internet

View file

@ -1,49 +0,0 @@
#!/bin/bash
source bin/helper.sh
WORKDIR=$(dirname "$0")
LOCAL_DOMAIN=$1
CA_KEY=$WORKDIR/ca-key.pem
CA_CRT=$WORKDIR/ca-cert.pem
SRV_KEY=$WORKDIR/server-key.pem
SRV_REQ=$WORKDIR/server-req.csr
SRV_CRT=$WORKDIR/server-cert.pem
CLI_KEY=$WORKDIR/client-key.pem
CLI_REQ=$WORKDIR/client-req.csr
CLI_CRT=$WORKDIR/client-cert.pem
SUBJ="/O=NSPCC"
if [[ ! -f $CA_KEY || ! -f $CA_CRT ]]; then
openssl req -newkey rsa:4096 -x509 -days 365 -nodes -keyout $CA_KEY -out $CA_CRT -subj $SUBJ 2>&1 ||
die "CA certificate was not created"
fi
if [[ ! -f $SRV_KEY || ! -f $SRV_CRT ]]; then
openssl req -newkey rsa:4096 -nodes -keyout $SRV_KEY -out $SRV_REQ -subj $SUBJ 2>&1 ||
die "Server certificate was not created"
openssl x509 -req -days 365 -set_serial 01 -in $SRV_REQ -out $SRV_CRT -CA $CA_CRT -CAkey $CA_KEY \
-extensions san -extfile <(printf "[san]\nsubjectAltName=DNS:nats.$LOCAL_DOMAIN") 2>&1 || {
rm $SRV_REQ
die "Server certificate was not signed by CA"
}
rm $SRV_REQ
fi
if [[ ! -f $CLI_KEY || ! -f $CLI_CRT ]]; then
openssl req -newkey rsa:4096 -nodes -keyout $CLI_KEY -out $CLI_REQ -subj $SUBJ 2>&1 ||
die "Client certificate was not created"
openssl x509 -req -days 365 -set_serial 01 -in $CLI_REQ -out $CLI_CRT -CA $CA_CRT -CAkey $CA_KEY 2>&1 || {
rm $CLI_REQ
die "Client certificate was not signed by CA"
}
rm $CLI_REQ
fi

View file

@ -1,15 +0,0 @@
port: 4222
monitor_port: 8222
jetstream {
store_dir=nats
max_memory_store: 1GB
max_file_store: 2GB
}
tls {
cert_file: /certs/server-cert.pem
key_file: /certs/server-key.pem
ca_file: /certs/ca-cert.pem
verify: true
}

View file

@ -0,0 +1 @@
IPV4_PREFIX.121 prometheus.LOCAL_DOMAIN

View file

View file

@ -0,0 +1,24 @@
services:
prometheus:
image: ${PROMETHEUS_IMAGE}:${PROMETHEUS_VERSION}
domainname: ${LOCAL_DOMAIN}
hostname: prometheus
container_name: prometheus
restart: on-failure
networks:
prometheus_int:
internet:
ipv4_address: ${IPV4_PREFIX}.121
volumes:
- ./../../vendor/hosts:/etc/hosts
- ./prometheus.yml:/etc/prometheus/prometheus.yml
command:
- --config.file=/etc/prometheus/prometheus.yml
stop_signal: SIGKILL
env_file: [ ".env", ".prometheus.env", ".int_test.env" ]
networks:
prometheus_int:
internet:
external: true
name: basenet_internet

View file

@ -0,0 +1,22 @@
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'node'
static_configs:
- targets: ['s01.frostfs.devenv:9090', 's02.frostfs.devenv:9090', 's03.frostfs.devenv:9090', 's04.frostfs.devenv:9090']
- job_name: 'http-gw'
static_configs:
- targets: ['http.frostfs.devenv:9090']
- job_name: 'rest-gw'
static_configs:
- targets: ['rest.frostfs.devenv:9090']
- job_name: 's3-gw'
static_configs:
- targets: ['s3.frostfs.devenv:9090']
- job_name: 'neo-go'
static_configs:
- targets: ['morph-chain.frostfs.devenv:20001']
- job_name: 'inner-ring'
static_configs:
- targets: ['ir01.frostfs.devenv:9090']

View file

@ -0,0 +1,12 @@
prometheus:
enabled: true
address: :9090
server:
# The IP and port to listen on.
listen-address: 0.0.0.0:8090
# Wallet settings
wallet:
path: /wallet.json # Path to wallet
passphrase: one # Password to decrypt wallet

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
rest_gate: rest_gate:
image: ${REST_GW_IMAGE}:${REST_GW_VERSION} image: ${REST_GW_IMAGE}:${REST_GW_VERSION}
@ -15,16 +14,16 @@ services:
volumes: volumes:
- ./wallet.json:/wallet.json - ./wallet.json:/wallet.json
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
stop_signal: SIGKILL - ./cfg:/etc/frostfs/rest
stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".int_test.env" ] env_file: [ ".env", ".int_test.env" ]
command: [ "frostfs-rest-gw", "--config", "/etc/frostfs/rest/config.yml" ]
environment: environment:
- REST_GW_WALLET_PATH=/wallet.json - REST_GW_POOL_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- REST_GW_WALLET_PASSPHRASE=one - REST_GW_POOL_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
- REST_GW_LISTEN_ADDRESS=0.0.0.0:8090 - REST_GW_POOL_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
- REST_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 - REST_GW_POOL_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
- REST_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
- REST_GW_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080
- REST_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
networks: networks:
rest_gate_int: rest_gate_int:

View file

@ -1,8 +0,0 @@
S3_GW_REBALANCE_INTERVAL=30s
S3_GW_HEALTHCHECK_TIMEOUT=15s
S3_GW_CONNECT_TIMEOUT=10s
S3_GW_LOGGER_LEVEL=debug
S3_GW_MAX_CLIENTS_COUNT=100
S3_GW_MAX_CLIENTS_DEADLINE=30s

View file

@ -0,0 +1,49 @@
logger:
level: debug
prometheus:
enabled: true
address: :9090
# Interval to check node health
rebalance_interval: 30s
# Timeout to check node health during rebalance
healthcheck_timeout: 15s
# Timeout to connect to a node
connect_timeout: 10s
# Limits for processing of clients' requests
max_clients_count: 100
# Deadline after which the gate sends error `RequestTimeout` to a client
max_clients_deadline: 30s
resolve_order:
- nns
server:
- tls:
enabled: true
cert_file: /tls.crt
key_file: /tls.key
# Wallet configuration
wallet:
path: /wallet.json # Path to wallet
passphrase: "s3" # Passphrase to decrypt wallet
features:
md5:
enabled: true
control:
grpc:
endpoint: localhost:16515
frostfsid:
enabled: false
policy:
enabled: false

View file

@ -1,6 +1,5 @@
--- ---
version: "2.4"
services: services:
s3_gate: s3_gate:
image: ${S3_GW_IMAGE}:${S3_GW_VERSION} image: ${S3_GW_IMAGE}:${S3_GW_VERSION}
@ -8,27 +7,31 @@ services:
hostname: s3_gate hostname: s3_gate
container_name: s3_gate container_name: s3_gate
restart: on-failure restart: on-failure
dns:
- ${IPV4_PREFIX}.53
networks: networks:
s3_gate_int: s3_gate_int:
internet: internet:
ipv4_address: ${IPV4_PREFIX}.82 ipv4_address: ${IPV4_PREFIX}.82
volumes: volumes:
# Gate wallet
- ./wallet.json:/wallet.json - ./wallet.json:/wallet.json
# Custom user wallets
- ./wallets:/wallets
# Default user wallet
- ./../../wallets/wallet.json:/wallets/wallet.json
- ./tls.key:/tls.key - ./tls.key:/tls.key
- ./tls.crt:/tls.crt - ./tls.crt:/tls.crt
- ./../../vendor/hosts:/etc/hosts - ./../../vendor/hosts:/etc/hosts
stop_signal: SIGKILL - ./cfg:/etc/frostfs/s3
- ./issue-creds.sh:/usr/bin/issue-creds.sh
stop_signal: SIGTERM
stop_grace_period: 15s
env_file: [ ".env", ".s3.env", ".int_test.env" ] env_file: [ ".env", ".s3.env", ".int_test.env" ]
command: [ "frostfs-s3-gw", "--config", "/etc/frostfs/s3/config.yml" ]
environment: environment:
- S3_GW_WALLET_PATH=/wallet.json - S3_GW_RPC_ENDPOINT=http://morph-chain.${LOCAL_DOMAIN}:30333
- S3_GW_WALLET_PASSPHRASE=s3 - S3_GW_SERVER_0_ADDRESS=s3.${LOCAL_DOMAIN}:8080
- S3_GW_TLS_KEY_FILE=/tls.key
- S3_GW_TLS_CERT_FILE=/tls.crt
- S3_GW_LISTEN_ADDRESS=s3.${LOCAL_DOMAIN}:8080
- S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN} - S3_GW_LISTEN_DOMAINS=s3.${LOCAL_DOMAIN}
- S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080 - S3_GW_TREE_SERVICE=s01.${LOCAL_DOMAIN}:8080 s02.${LOCAL_DOMAIN}:8080 s03.${LOCAL_DOMAIN}:8080 s04.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_0_WEIGHT=0.2 - S3_GW_PEERS_0_WEIGHT=0.2
- S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080
@ -37,6 +40,8 @@ services:
- S3_GW_PEERS_2_WEIGHT=0.2 - S3_GW_PEERS_2_WEIGHT=0.2
- S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080 - S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080
- S3_GW_PEERS_3_WEIGHT=0.2 - S3_GW_PEERS_3_WEIGHT=0.2
- AUTHMATE_WALLET_PASSPHRASE=
- AUTHMATE_WALLET_CONTRACT_PASSPHRASE=s3
networks: networks:
s3_gate_int: s3_gate_int:

41
services/s3_gate/issue-creds.sh Executable file
View file

@ -0,0 +1,41 @@
#!/bin/bash
initUser() {
/bin/frostfs-s3-authmate register-user \
--wallet $WALLET_PATH \
--rpc-endpoint http://morph-chain.frostfs.devenv:30333 \
--username $USERNAME \
--contract-wallet /wallet.json 1> /dev/null && touch $WALLET_CACHE/$USERNAME
}
issueCreds() {
/bin/frostfs-s3-authmate issue-secret \
--wallet $WALLET_PATH \
--peer s01.frostfs.devenv:8080 \
--gate-public-key $S3_GATE_PUBLIC_KEY \
--container-placement-policy "REP 3"
}
set -e
WALLET_PATH=/wallets/$2
if [[ -z "$2" ]]; then
WALLET_PATH=/wallets/wallet.json
fi
S3_GATE_PUBLIC_KEY=$3
if [[ -z "$3" ]]; then
S3_GATE_PUBLIC_KEY=0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf
fi
WALLET_CACHE=/data/wallets
mkdir -p $WALLET_CACHE
USERNAME=$(echo $WALLET_PATH | md5sum | cut -d' ' -f1)
if [ ! -e $WALLET_CACHE/$USERNAME ]; then
initUser
fi
if [ $1 == "s3" ]; then
issueCreds
fi

Some files were not shown because too many files have changed in this diff Show more