fluencelabs/tendermint
1
0
Fork 0
mirror of https://github.com/fluencelabs/tendermint synced 2025-04-24 22:32:15 +00:00
Code Issues Projects Releases Wiki Activity

Dockerfile, localnode, sentry node scripts changes

Browse Source 
- Updated Dockerfile and created build-docker target
- Changed localnode docker image to set permissions to more permissive (docker has different user than host system)
- Added sentry node terraform and ansible script
This commit is contained in:
Greg Szabo 2018-04-16 11:34:01 -04:00
parent b3904b8da8
commit 8bdfe15de9
7 changed files with 48 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
DOCKER/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
tendermint

59
DOCKER/Dockerfile
View File

@ -1,45 +1,22 @@
FROM alpine:3.7 FROM alpine:3.7
MAINTAINER Greg Szabo <greg@tendermint.com>
# This is the release of tendermint to pull in. #Default home for tendermint. The node command will look for $TMHOME/config/genesis.json at initialization.
ENV TM_VERSION 0.17.1 ENV TMHOME /tendermint
ENV TM_SHA256SUM d57008c63d2d9176861137e38ed203da486febf20ae7d388fb810a75afff8f24 RUN apk update && \
apk upgrade && \
# Tendermint will be looking for genesis file in /tendermint (unless you change apk --no-cache add curl jq && \
# `genesis_file` in config.toml). You can put your config.toml and private addgroup tmuser && \
# validator file into /tendermint. adduser -S -G tmuser tmuser -h "$TMHOME"
#
# The /tendermint/data dir is used by tendermint to store state.
ENV DATA_ROOT /tendermint
ENV TMHOME $DATA_ROOT
# Set user right away for determinism
RUN addgroup tmuser && \
adduser -S -G tmuser tmuser
# Create directory for persistence and give our user ownership
RUN mkdir -p $DATA_ROOT && \
chown -R tmuser:tmuser $DATA_ROOT
# jq and curl used for extracting `pub_key` from private validator while
# deploying tendermint with Kubernetes. It is nice to have bash so the users
# could execute bash commands.
RUN apk add --no-cache bash curl jq
RUN apk add --no-cache openssl && \
wget https://github.com/tendermint/tendermint/releases/download/v${TM_VERSION}/tendermint_${TM_VERSION}_linux_amd64.zip && \
echo "${TM_SHA256SUM} tendermint_${TM_VERSION}_linux_amd64.zip" | sha256sum -c && \
unzip -d /bin tendermint_${TM_VERSION}_linux_amd64.zip && \
apk del openssl && \
rm -f tendermint_${TM_VERSION}_linux_amd64.zip
# Expose the data directory as a volume since there's mutable state in there
VOLUME $DATA_ROOT
# p2p port
EXPOSE 46656
# rpc port
EXPOSE 46657
ENTRYPOINT ["tendermint"]
USER tmuser
VOLUME [ $TMHOME ]
WORKDIR $TMHOME
EXPOSE 46656 46657
ENTRYPOINT ["/usr/bin/tendermint"]
CMD ["node", "--moniker=`hostname`"] CMD ["node", "--moniker=`hostname`"]
STOPSIGNAL SIGTERM
ARG BINARY=tendermint
COPY $BINARY /usr/bin/tendermint

27
Makefile Normal file → Executable file
View File

@ -178,6 +178,14 @@ metalinter_all:
@echo "--> Running linter (all)" @echo "--> Running linter (all)"
gometalinter.v2 --vendor --deadline=600s --enable-all --disable=lll ./... gometalinter.v2 --vendor --deadline=600s --enable-all --disable=lll ./...
###########################################################
### Docker image
build-docker:
cp build/tendermint DOCKER/tendermint
docker build --label=tendermint --tag="tendermint/tendermint" DOCKER
rm -rf DOCKER/tendermint
########################################################### ###########################################################
### Local testnet using docker ### Local testnet using docker
@ -199,22 +207,23 @@ docker-stop:
# Server management # Server management
server-setup: server-setup:
@if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi
@if ! [ -f $(HOME)/.ssh/id_rsa.pub ]; then ssh-keygen ; fi @if ! [ -f $(HOME)/.ssh/id_rsa.pub ]; then ssh-keygen ; fi
cd networks/remote/terraform && terraform init && terraform apply -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub" cd networks/remote/terraform && terraform init && terraform apply -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub"
# @if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --n 4 --o . ; fi @if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --v 0 --n 4 --o . ; fi
build/tendermint testnet --n 4 --o build/ cd networks/remote/ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/digital_ocean.py -l remotenet install.yml
cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet --ssh-common-args '-o StrictHostKeyChecking=False' install.yml @echo "Next step: Add your validator setup in the genesis.json and config.tml files and run \"make server-config\". (Public key of validator, chain ID, peer IP and node ID.)"
$(MAKE) server-config
server-destroy:
cd networks/remote/terraform && terraform destroy
# Configuration management # Configuration management
server-config: server-config:
cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet reconfig.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet config.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build
server-destroy:
@if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi
cd networks/remote/terraform && terraform destroy -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub"
# To avoid unintended conflicts with file names, always add to .PHONY # To avoid unintended conflicts with file names, always add to .PHONY
# unless there is a reason not to. # unless there is a reason not to.
# https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html # https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
.PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop .PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop build-docker server-setup server-config server-destroy

2
networks/local/localnode/wrapper.sh
View File

@ -31,3 +31,5 @@ else
"$BINARY" "$@" "$BINARY" "$@"
fi fi
chmod 777 -R /tendermint

6
networks/remote/ansible/reconfig.yml → networks/remote/ansible/config.yml
View File

@ -1,16 +1,18 @@
--- ---
#Requires BINARY and CONFIGDIR variables set. #Requires BINARY and CONFIGDIR variables set.
#N=4 hosts by default.
- hosts: all - hosts: all
user: root user: root
any_errors_fatal: true any_errors_fatal: true
gather_facts: no gather_facts: yes
vars: vars:
- service: tendermint - service: tendermint
- N: 4
roles: roles:
- stop - stop
- unsafe_reset
- config - config
- unsafe_reset
- start - start

4
networks/remote/ansible/roles/config/tasks/main.yml
View File

@ -7,9 +7,11 @@
mode: 0755 mode: 0755
- name: Copy config - name: Copy config
when: item <= N and ansible_hostname == 'remotenet-node' ~ item
copy: copy:
src: "{{CONFIGDIR}}/node0/" src: "{{CONFIGDIR}}/node{{item}}/"
dest: "/home/{{service}}/.{{service}}/" dest: "/home/{{service}}/.{{service}}/"
owner: "{{service}}" owner: "{{service}}"
group: "{{service}}" group: "{{service}}"
loop: [ 0, 1, 2, 3, 4, 5, 6, 7 ]

3
networks/remote/ansible/roles/unsafe_reset/tasks/main.yml
View File

@ -1,3 +1,4 @@
- command: "{{service}} node unsafe_reset_all" - command: "{{service}} unsafe_reset_all {{ (service != 'tendermint') | ternary('node','') }} --home /home/{{service}}/.{{service}}"
become_user: "{{service}}" become_user: "{{service}}"
become: yes