diff --git a/geth_and_k8s/k8s/certificate.yaml b/geth_and_k8s/k8s/certificate.yaml new file mode 100644 index 0000000..f12dd19 --- /dev/null +++ b/geth_and_k8s/k8s/certificate.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: +kind: Certificate +metadata: + labels: + env: staging + app: + runtime-component: web +spec: + dnsNames: + - + secretName: diff --git a/geth_and_k8s/k8s/deployment.yaml b/geth_and_k8s/k8s/deployment.yaml new file mode 100644 index 0000000..529a49e --- /dev/null +++ b/geth_and_k8s/k8s/deployment.yaml @@ -0,0 +1,114 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + name: web + env: staging + app: + runtime-component: web + annotations: + +spec: + replicas: 1 + selector: + matchLabels: + name: web + template: + metadata: + labels: + name: web + env: staging + app: + annotations: + seccomp.security.alpha.kubernetes.io/pod: runtime/default + spec: + automountServiceAccountToken: true + containers: + - name: web + image: + ports: + - name: http + containerPort: 8545 + envFrom: + - configMapRef: + name: application-state + env: + - name: SHOULD_INITIALIZE + value: "YES" + - name: ENABLING_MINING + value: "YES" + - name: ENV + value: staging + - name: APP_ENV + value: staging + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: TRACE_PROXY_ADDR + value: http://$(NODE_IP):8096/ + - name: STATSD_ADDR + value: 127.0.0.1:8125 + - name: STATSD_IMPLEMENTATION + value: datadog + - name: IDENTITY_CLIENT_ID + valueFrom: + secretKeyRef: + name: identity-config + key: clientId + optional: true + - name: IDENTITY_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: identity-config + key: clientSecret + optional: true + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 1500m + memory: 512Mi + volumeMounts: + - name: ejson-keys + readOnly: true + mountPath: /key + - name: data + mountPath: /data + readinessProbe: + httpGet: + port: 8545 + httpHeaders: + - name: X-Forwarded-Proto + value: https + path: / + initialDelaySeconds: 20 + timeoutSeconds: 3 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - CHOWN + - DAC_OVERRIDE + - KILL + - SETGID + - SETUID + drop: + - ALL + privileged: false + volumes: + - name: ejson-keys + secret: + secretName: ejson-keys + - name: data + persistentVolumeClaim: + claimName: web + strategy: + type: Recreate + progressDeadlineSeconds: 120 \ No newline at end of file diff --git a/geth_and_k8s/k8s/ingress.yaml b/geth_and_k8s/k8s/ingress.yaml new file mode 100644 index 0000000..34d1203 --- /dev/null +++ b/geth_and_k8s/k8s/ingress.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + labels: + name: web + env: staging + app: + runtime-component: web + annotations: + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: "false" +spec: + rules: + - host: + http: + paths: + - backend: + serviceName: web + servicePort: 80 + tls: + - hosts: + - + secretName: \ No newline at end of file diff --git a/geth_and_k8s/k8s/manifest.yaml b/geth_and_k8s/k8s/manifest.yaml new file mode 100644 index 0000000..df3bbdd --- /dev/null +++ b/geth_and_k8s/k8s/manifest.yaml @@ -0,0 +1,20 @@ +--- +kind: RuntimeManifest +apiVersion: +metadata: + name: +runtimeInfo: + appName: + env: staging + appImage: + domains: + - +defaultBaseSource: +components: +- name: web + baseSource: + resources: + - base: deployment.yaml + - base: service.yaml + - base: certificate.yaml + - base: ingress.yaml diff --git a/geth_and_k8s/k8s/service.yaml b/geth_and_k8s/k8s/service.yaml new file mode 100644 index 0000000..fccd331 --- /dev/null +++ b/geth_and_k8s/k8s/service.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: v1 +kind: Service +metadata: + labels: + name: web + env: staging + app: + runtime-component: web +spec: + selector: + name: web + env: staging + app: + ports: + - name: http + port: 80 + targetPort: 8545 diff --git a/geth_and_k8s/scripts/create_docker.sh b/geth_and_k8s/scripts/create_docker.sh new file mode 100755 index 0000000..0bca405 --- /dev/null +++ b/geth_and_k8s/scripts/create_docker.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +set -ex + +PORT=${PORT:-18545} + +echo "Building local blockchain container" + +docker build -t . + +echo "Starting blockchain network on port $PORT (use rpc URL http://localhost:$PORT)" + +docker run -it --rm \ + -v $(pwd)/genesis.json:/genesis.json \ + -v $(pwd)/data:/data \ + -p $PORT:8545 \ + diff --git a/geth_and_k8s/scripts/entrypoint.sh b/geth_and_k8s/scripts/entrypoint.sh new file mode 100644 index 0000000..e899615 --- /dev/null +++ b/geth_and_k8s/scripts/entrypoint.sh @@ -0,0 +1,69 @@ +#!/usr/bin/env bash + +set -ex + +GETH_DATADIR=${GETH_DATADIR:-"/data"} + +geth_init() { + ls -al "$GETH_DATADIR" + + if [[ -d "$GETH_DATADIR/keystore" ]]; then + echo "Chain already initialized" + return 0 + fi + + echo "Initializing using Genesis" + geth init --datadir "$GETH_DATADIR" /genesis.json +} + +geth_custom_start() { + echo "Starting node with custom arguments $@" + exec geth $@ +} + +geth_normal_start() { + echo "Starting node" + local identity=${GETH_IDENTITY:-""} + local http_corsdomain=${GETH_HTTP_CORSDOMAIN:-"http://localhost:3000"} + local http_vhosts=${GETH_HTTP_VHOSTS:-"localhost"} + local networkid=${GETH_NETWORKID:-"137"} + local enable_mining=${ENABLING_MINING:-"YES"} + + local mining_args="" + if [[ "$enable_mining" == "YES" ]]; then + local miner_etherbase=${GETH_MINER_ETHERBASE:-""} + local miner_threads=${GETH_MINER_THREADS:-1} + mining_args="$mining_args --mine" + mining_args="$mining_args --miner.threads $miner_threads" + mining_args="$mining_args --miner.etherbase $miner_etherbase" + fi + + exec geth \ + --identity "$identity" \ + --nodiscover \ + --http \ + --http.addr 0.0.0.0 \ + --http.corsdomain "$http_corsdomain" \ + --http.vhosts "$http_vhosts" \ + --networkid "$networkid" \ + --datadir "$GETH_DATADIR" \ + $mining_args \ + "$@" +} + +main() { + local should_initialize=${SHOULD_INITIALIZE:-"YES"} + local custom_start=${CUSTOM_START:-"NO"} + + if [[ "$should_initialize" == "YES" ]]; then + geth_init + fi + + if [[ "$custom_start" == "YES" ]]; then + geth_custom_start "$@" + else + geth_normal_start "$@" + fi +} + +main "$@" diff --git a/geth_and_k8s/scripts/genesis.dockerfile b/geth_and_k8s/scripts/genesis.dockerfile new file mode 100644 index 0000000..180f634 --- /dev/null +++ b/geth_and_k8s/scripts/genesis.dockerfile @@ -0,0 +1,8 @@ +FROM ethereum/client-go:stable + +RUN apk add --no-cache bash + +COPY entrypoint.sh /entrypoint.sh +COPY genesis.json /genesis.json + +ENTRYPOINT /entrypoint.sh diff --git a/geth_and_k8s/scripts/genesis.json b/geth_and_k8s/scripts/genesis.json new file mode 100644 index 0000000..6953019 --- /dev/null +++ b/geth_and_k8s/scripts/genesis.json @@ -0,0 +1,29 @@ +{ + "config": { + "chainId": 137, + "homesteadBlock": 0, + "eip150Block": 0, + "eip155Block": 0, + "eip158Block": 0, + "byzantiumBlock": 0, + "constantinopleBlock": 0, + "petersburgBlock": 0 + }, + "difficulty": "0x400", + "gasLimit":"0x2100000", + "nonce": "0x000000000fab0042", + "alloc": { + "3282791d6fd713f1e94f4bfd565eaa78b3a0599d": { + "balance": "1337000000000000000000" + }, + "64D2ea7000e831E03e6B930AC348fD90D4ACE2B8": { + "balance": "1337000000000000000000" + }, + "2ee8D80de1c389f1254e94bc44D2d1Bc391eD402": { + "balance": "1337000000000000000000" + }, + "Ac03BB73b6a9e108530AFf4Df5077c2B3D481e5A": { + "balance": "1337000000000000000000" + } + } +}