diff --git a/DOCKER/.gitignore b/DOCKER/.gitignore new file mode 100644 index 000000000..9059c6848 --- /dev/null +++ b/DOCKER/.gitignore @@ -0,0 +1 @@ +tendermint diff --git a/DOCKER/Dockerfile b/DOCKER/Dockerfile index cf45ac2f1..ecd863d88 100644 --- a/DOCKER/Dockerfile +++ b/DOCKER/Dockerfile @@ -1,45 +1,22 @@ FROM alpine:3.7 +MAINTAINER Greg Szabo + +#Default home for tendermint. The node command will look for $TMHOME/config/genesis.json at initialization. +ENV TMHOME /tendermint +RUN apk update && \ + apk upgrade && \ + apk --no-cache add curl jq && \ + addgroup tmuser && \ + adduser -S -G tmuser tmuser -h "$TMHOME" + +USER tmuser +VOLUME [ $TMHOME ] +WORKDIR $TMHOME +EXPOSE 46656 46657 +ENTRYPOINT ["/usr/bin/tendermint"] +CMD ["node", "--moniker=`hostname`"] +STOPSIGNAL SIGTERM -# This is the release of tendermint to pull in. -ENV TM_VERSION 0.17.1 -ENV TM_SHA256SUM d57008c63d2d9176861137e38ed203da486febf20ae7d388fb810a75afff8f24 - -# Tendermint will be looking for genesis file in /tendermint (unless you change -# `genesis_file` in config.toml). You can put your config.toml and private -# validator file into /tendermint. -# -# The /tendermint/data dir is used by tendermint to store state. -ENV DATA_ROOT /tendermint -ENV TMHOME $DATA_ROOT - -# Set user right away for determinism -RUN addgroup tmuser && \ - adduser -S -G tmuser tmuser - -# Create directory for persistence and give our user ownership -RUN mkdir -p $DATA_ROOT && \ - chown -R tmuser:tmuser $DATA_ROOT - -# jq and curl used for extracting `pub_key` from private validator while -# deploying tendermint with Kubernetes. It is nice to have bash so the users -# could execute bash commands. -RUN apk add --no-cache bash curl jq - -RUN apk add --no-cache openssl && \ - wget https://github.com/tendermint/tendermint/releases/download/v${TM_VERSION}/tendermint_${TM_VERSION}_linux_amd64.zip && \ - echo "${TM_SHA256SUM} tendermint_${TM_VERSION}_linux_amd64.zip" | sha256sum -c && \ - unzip -d /bin tendermint_${TM_VERSION}_linux_amd64.zip && \ - apk del openssl && \ - rm -f tendermint_${TM_VERSION}_linux_amd64.zip - -# Expose the data directory as a volume since there's mutable state in there -VOLUME $DATA_ROOT - -# p2p port -EXPOSE 46656 -# rpc port -EXPOSE 46657 - -ENTRYPOINT ["tendermint"] +ARG BINARY=tendermint +COPY $BINARY /usr/bin/tendermint -CMD ["node", "--moniker=`hostname`"] diff --git a/Makefile b/Makefile old mode 100644 new mode 100755 index 5e5b96754..809352509 --- a/Makefile +++ b/Makefile @@ -178,6 +178,14 @@ metalinter_all: @echo "--> Running linter (all)" gometalinter.v2 --vendor --deadline=600s --enable-all --disable=lll ./... +########################################################### +### Docker image + +build-docker: + cp build/tendermint DOCKER/tendermint + docker build --label=tendermint --tag="tendermint/tendermint" DOCKER + rm -rf DOCKER/tendermint + ########################################################### ### Local testnet using docker @@ -199,22 +207,23 @@ docker-stop: # Server management server-setup: + @if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi @if ! [ -f $(HOME)/.ssh/id_rsa.pub ]; then ssh-keygen ; fi cd networks/remote/terraform && terraform init && terraform apply -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub" -# @if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --n 4 --o . ; fi - build/tendermint testnet --n 4 --o build/ - cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet --ssh-common-args '-o StrictHostKeyChecking=False' install.yml - $(MAKE) server-config - -server-destroy: - cd networks/remote/terraform && terraform destroy + @if ! [ -f $(CURDIR)/build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --v 0 --n 4 --o . ; fi + cd networks/remote/ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i inventory/digital_ocean.py -l remotenet install.yml + @echo "Next step: Add your validator setup in the genesis.json and config.tml files and run \"make server-config\". (Public key of validator, chain ID, peer IP and node ID.)" # Configuration management server-config: - cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet reconfig.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build + cd networks/remote/ansible && ansible-playbook -i inventory/digital_ocean.py -l remotenet config.yml -e BINARY=$(CURDIR)/build/tendermint -e CONFIGDIR=$(CURDIR)/build + +server-destroy: + @if [ -z "$(DO_API_TOKEN)" ]; then echo "DO_API_TOKEN environment variable not set." ; false ; fi + cd networks/remote/terraform && terraform destroy -var DO_API_TOKEN="$(DO_API_TOKEN)" -var SSH_KEY_FILE="$(HOME)/.ssh/id_rsa.pub" # To avoid unintended conflicts with file names, always add to .PHONY # unless there is a reason not to. # https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html -.PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop +.PHONY: check build build_race dist install check_tools get_tools update_tools get_vendor_deps draw_deps test_cover test_apps test_persistence test_p2p test test_race test_integrations test_release test100 vagrant_test fmt build-linux docker-start docker-stop build-docker server-setup server-config server-destroy diff --git a/networks/local/localnode/wrapper.sh b/networks/local/localnode/wrapper.sh index e82741e68..83332a21c 100755 --- a/networks/local/localnode/wrapper.sh +++ b/networks/local/localnode/wrapper.sh @@ -31,3 +31,5 @@ else "$BINARY" "$@" fi +chmod 777 -R /tendermint + diff --git a/networks/remote/ansible/reconfig.yml b/networks/remote/ansible/config.yml similarity index 78% rename from networks/remote/ansible/reconfig.yml rename to networks/remote/ansible/config.yml index 08603ed7c..7b772fb70 100644 --- a/networks/remote/ansible/reconfig.yml +++ b/networks/remote/ansible/config.yml @@ -1,16 +1,18 @@ --- #Requires BINARY and CONFIGDIR variables set. +#N=4 hosts by default. - hosts: all user: root any_errors_fatal: true - gather_facts: no + gather_facts: yes vars: - service: tendermint + - N: 4 roles: - stop - - unsafe_reset - config + - unsafe_reset - start diff --git a/networks/remote/ansible/roles/config/tasks/main.yml b/networks/remote/ansible/roles/config/tasks/main.yml index 1568b5005..5186b6aec 100644 --- a/networks/remote/ansible/roles/config/tasks/main.yml +++ b/networks/remote/ansible/roles/config/tasks/main.yml @@ -7,9 +7,11 @@ mode: 0755 - name: Copy config + when: item <= N and ansible_hostname == 'remotenet-node' ~ item copy: - src: "{{CONFIGDIR}}/node0/" + src: "{{CONFIGDIR}}/node{{item}}/" dest: "/home/{{service}}/.{{service}}/" owner: "{{service}}" group: "{{service}}" + loop: [ 0, 1, 2, 3, 4, 5, 6, 7 ] diff --git a/networks/remote/ansible/roles/unsafe_reset/tasks/main.yml b/networks/remote/ansible/roles/unsafe_reset/tasks/main.yml index 6c5831986..6ac1ec55a 100644 --- a/networks/remote/ansible/roles/unsafe_reset/tasks/main.yml +++ b/networks/remote/ansible/roles/unsafe_reset/tasks/main.yml @@ -1,3 +1,4 @@ -- command: "{{service}} node unsafe_reset_all" +- command: "{{service}} unsafe_reset_all {{ (service != 'tendermint') | ternary('node','') }} --home /home/{{service}}/.{{service}}" become_user: "{{service}}" + become: yes