zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
Browse Source

Dockerfile, localnode, sentry node scripts changes 

- Updated Dockerfile and created build-docker target
- Changed localnode docker image to set permissions to more permissive (docker has different user than host system)
- Added sentry node terraform and ansible script
pull/1471/head
Greg Szabo 6 years ago
parent
b3904b8da8
commit
8bdfe15de9
7 changed files with 49 additions and 55 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -0
      DOCKER/.gitignore
  2. +19
    -42
      DOCKER/Dockerfile
  3. +18
    -9
      Makefile
  4. +2
    -0
      networks/local/localnode/wrapper.sh
  5. +4
    -2
      networks/remote/ansible/config.yml
  6. +3
    -1
      networks/remote/ansible/roles/config/tasks/main.yml
  7. +2
    -1
      networks/remote/ansible/roles/unsafe_reset/tasks/main.yml

+ 1
- 0
DOCKER/.gitignore View File

@ -0,0 +1 @@
tendermint

+ 19
- 42
DOCKER/Dockerfile View File

@ -1,45 +1,22 @@
FROM alpine:3.7
MAINTAINER Greg Szabo <greg@tendermint.com>
#Default home for tendermint. The node command will look for $TMHOME/config/genesis.json at initialization.
ENV TMHOME /tendermint
RUN apk update && \
apk upgrade && \
apk --no-cache add curl jq && \
addgroup tmuser && \
adduser -S -G tmuser tmuser -h "$TMHOME"
USER tmuser
VOLUME [ $TMHOME ]
WORKDIR $TMHOME
EXPOSE 46656 46657
ENTRYPOINT ["/usr/bin/tendermint"]
CMD ["node", "--moniker=`hostname`"]
STOPSIGNAL SIGTERM
# This is the release of tendermint to pull in.
ENV TM_VERSION 0.17.1
ENV TM_SHA256SUM d57008c63d2d9176861137e38ed203da486febf20ae7d388fb810a75afff8f24
# Tendermint will be looking for genesis file in /tendermint (unless you change
# `genesis_file` in config.toml). You can put your config.toml and private
# validator file into /tendermint.
#
# The /tendermint/data dir is used by tendermint to store state.
ENV DATA_ROOT /tendermint
ENV TMHOME $DATA_ROOT
# Set user right away for determinism
RUN addgroup tmuser && \
adduser -S -G tmuser tmuser
# Create directory for persistence and give our user ownership
RUN mkdir -p $DATA_ROOT && \
chown -R tmuser:tmuser $DATA_ROOT
# jq and curl used for extracting `pub_key` from private validator while
# deploying tendermint with Kubernetes. It is nice to have bash so the users
# could execute bash commands.
RUN apk add --no-cache bash curl jq
RUN apk add --no-cache openssl && \
wget https://github.com/tendermint/tendermint/releases/download/v${TM_VERSION}/tendermint_${TM_VERSION}_linux_amd64.zip && \
echo "${TM_SHA256SUM} tendermint_${TM_VERSION}_linux_amd64.zip" | sha256sum -c && \
unzip -d /bin tendermint_${TM_VERSION}_linux_amd64.zip && \
apk del openssl && \
rm -f tendermint_${TM_VERSION}_linux_amd64.zip
# Expose the data directory as a volume since there's mutable state in there
VOLUME $DATA_ROOT
# p2p port
EXPOSE 46656
# rpc port
EXPOSE 46657
ENTRYPOINT ["tendermint"]
ARG BINARY=tendermint
COPY $BINARY /usr/bin/tendermint
CMD ["node", "--moniker=`hostname`"]

+ 18
- 9
Makefile View File

@ -178,6 +178,14 @@ metalinter_all:
@echo "--> Running linter (all)"
gometalinter.v2 --vendor --deadline=600s --enable-all --disable=lll ./...
###########################################################
### Docker image
build-docker:
cp build/tendermint DOCKER/tendermint
docker build --label=tendermint --tag="tendermint/tendermint" DOCKER
rm -rf DOCKER/tendermint
###########################################################
### Local testnet using docker
@ -199,22 +207,23 @@ docker-stop:
# Server management
server-setup:
@if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi
@if ! [ -f $(HOME)/.ssh/id_rsa.pub ]; then ssh-keygen ; fi
cd networks/remote/terraform && terraform init && terraform apply -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub"
# @if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --n 4 --o . ; fi
build/tendermint testnet --n 4 --o build/
cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet --ssh-common-args '-o StrictHostKeyChecking=False' install.yml
$(MAKE) server-config
server-destroy:
cd networks/remote/terraform && terraform destroy
@if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --v 0 --n 4 --o . ; fi
cd networks/remote/ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/digital_ocean.py -l remotenet install.yml
@echo "Next step: Add your validator setup in the genesis.json and config.tml files and run \"make server-config\". (Public key of validator, chain ID, peer IP and node ID.)"
# Configuration management
server-config:
cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet reconfig.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build
cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet config.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build
server-destroy:
@if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi
cd networks/remote/terraform && terraform destroy -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub"
# To avoid unintended conflicts with file names, always add to .PHONY
# unless there is a reason not to.
# https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
.PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop
.PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop build-docker server-setup server-config server-destroy

+ 2
- 0
networks/local/localnode/wrapper.sh View File

@ -31,3 +31,5 @@ else
"$BINARY" "$@"
fi
chmod 777 -R /tendermint

networks/remote/ansible/reconfig.yml → networks/remote/ansible/config.yml View File


+ 3
- 1
networks/remote/ansible/roles/config/tasks/main.yml View File

@ -7,9 +7,11 @@
mode: 0755
- name: Copy config
when: item <= N and ansible_hostname == 'remotenet-node' ~ item
copy:
src: "{{CONFIGDIR}}/node0/"
src: "{{CONFIGDIR}}/node{{item}}/"
dest: "/home/{{service}}/.{{service}}/"
owner: "{{service}}"
group: "{{service}}"
loop: [ 0, 1, 2, 3, 4, 5, 6, 7 ]

+ 2
- 1
networks/remote/ansible/roles/unsafe_reset/tasks/main.yml View File

@ -1,3 +1,4 @@
- command: "{{service}} node unsafe_reset_all"
- command: "{{service}} unsafe_reset_all {{ (service != 'tendermint') | ternary('node','') }} --home /home/{{service}}/.{{service}}"
become_user: "{{service}}"
become: yes

Write Preview
Loading…
Cancel
Save