add scripts, genesis file, k8s deployment scaffold

geth_and_k8s/k8s/certificate.yaml

@@ -0,0 +1,12 @@
+---
+apiVersion:
+kind: Certificate
+metadata:
+  labels:
+    env: staging
+    app:
+    runtime-component: web
+spec:
+  dnsNames:
+  -
+  secretName: 

geth_and_k8s/k8s/deployment.yaml

@@ -0,0 +1,114 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    name: web
+    env: staging
+    app:
+    runtime-component: web
+  annotations:
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: web
+  template:
+    metadata:
+      labels:
+        name: web
+        env: staging
+        app:
+      annotations:
+        seccomp.security.alpha.kubernetes.io/pod: runtime/default
+    spec:
+      automountServiceAccountToken: true
+      containers:
+      - name: web
+        image:
+        ports:
+        - name: http
+          containerPort: 8545
+        envFrom:
+        - configMapRef:
+            name: application-state
+        env:
+        - name: SHOULD_INITIALIZE
+          value: "YES"
+        - name: ENABLING_MINING
+          value: "YES"
+        - name: ENV
+          value: staging
+        - name: APP_ENV
+          value: staging
+        - name: NODE_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: spec.nodeName
+        - name: NODE_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        - name: TRACE_PROXY_ADDR
+          value: http://$(NODE_IP):8096/
+        - name: STATSD_ADDR
+          value: 127.0.0.1:8125
+        - name: STATSD_IMPLEMENTATION
+          value: datadog
+        - name: IDENTITY_CLIENT_ID
+          valueFrom:
+            secretKeyRef:
+              name: identity-config
+              key: clientId
+              optional: true
+        - name: IDENTITY_CLIENT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: identity-config
+              key: clientSecret
+              optional: true
+        resources:
+          limits:
+            cpu: 2000m
+            memory: 1Gi
+          requests:
+            cpu: 1500m
+            memory: 512Mi
+        volumeMounts:
+        - name: ejson-keys
+          readOnly: true
+          mountPath: /key
+        - name: data
+          mountPath: /data
+        readinessProbe:
+          httpGet:
+            port: 8545
+            httpHeaders:
+            - name: X-Forwarded-Proto
+              value: https
+            path: /
+          initialDelaySeconds: 20
+          timeoutSeconds: 3
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            add:
+            - CHOWN
+            - DAC_OVERRIDE
+            - KILL
+            - SETGID
+            - SETUID
+            drop:
+            - ALL
+          privileged: false
+      volumes:
+      - name: ejson-keys
+        secret:
+          secretName: ejson-keys
+      - name: data
+        persistentVolumeClaim:
+          claimName: web
+  strategy:
+    type: Recreate
+  progressDeadlineSeconds: 120

geth_and_k8s/k8s/ingress.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  labels:
+    name: web
+    env: staging
+    app:
+    runtime-component: web
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "false"
+spec:
+  rules:
+  - host:
+    http:
+      paths:
+      - backend:
+          serviceName: web
+          servicePort: 80
+  tls:
+  - hosts:
+    -
+    secretName:

geth_and_k8s/k8s/manifest.yaml

@@ -0,0 +1,20 @@
+---
+kind: RuntimeManifest
+apiVersion:
+metadata:
+  name:
+runtimeInfo:
+  appName:
+  env: staging
+  appImage:
+  domains:
+  -
+defaultBaseSource:
+components:
+- name: web
+  baseSource:
+  resources:
+  - base: deployment.yaml
+  - base: service.yaml
+  - base: certificate.yaml
+  - base: ingress.yaml

geth_and_k8s/k8s/service.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    name: web
+    env: staging
+    app:
+    runtime-component: web
+spec:
+  selector:
+    name: web
+    env: staging
+    app:
+  ports:
+  - name: http
+    port: 80
+    targetPort: 8545

geth_and_k8s/scripts/create_docker.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+set -ex
+
+PORT=${PORT:-18545}
+
+echo "Building local blockchain container"
+
+docker build -t <docker container alias> .
+
+echo "Starting blockchain network on port $PORT (use rpc URL http://localhost:$PORT)"
+
+docker run -it --rm \
+    -v $(pwd)/genesis.json:/genesis.json \
+    -v $(pwd)/data:/data \
+    -p $PORT:8545 \
+    <docker container alias>

geth_and_k8s/scripts/entrypoint.sh

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+
+set -ex
+
+GETH_DATADIR=${GETH_DATADIR:-"/data"}
+
+geth_init() {
+    ls -al "$GETH_DATADIR"
+
+    if [[ -d "$GETH_DATADIR/keystore" ]]; then
+        echo "Chain already initialized"
+        return 0
+    fi
+
+    echo "Initializing using Genesis"
+    geth init --datadir "$GETH_DATADIR" /genesis.json
+}
+
+geth_custom_start() {
+    echo "Starting node with custom arguments $@"
+    exec geth $@
+}
+
+geth_normal_start() {
+    echo "Starting node"
+    local identity=${GETH_IDENTITY:-"<docker container alias>"}
+    local http_corsdomain=${GETH_HTTP_CORSDOMAIN:-"http://localhost:3000"}
+    local http_vhosts=${GETH_HTTP_VHOSTS:-"localhost"}
+    local networkid=${GETH_NETWORKID:-"137"}
+    local enable_mining=${ENABLING_MINING:-"YES"}
+
+    local mining_args=""
+    if [[ "$enable_mining" == "YES" ]]; then
+        local miner_etherbase=${GETH_MINER_ETHERBASE:-"<add etherbase>"}
+        local miner_threads=${GETH_MINER_THREADS:-1}
+        mining_args="$mining_args --mine"
+        mining_args="$mining_args --miner.threads $miner_threads"
+        mining_args="$mining_args --miner.etherbase $miner_etherbase"
+    fi
+
+    exec geth \
+        --identity "$identity" \
+        --nodiscover \
+        --http \
+        --http.addr 0.0.0.0 \
+        --http.corsdomain "$http_corsdomain" \
+        --http.vhosts "$http_vhosts" \
+        --networkid "$networkid" \
+        --datadir "$GETH_DATADIR" \
+        $mining_args \
+        "$@"
+}
+
+main() {
+    local should_initialize=${SHOULD_INITIALIZE:-"YES"}
+    local custom_start=${CUSTOM_START:-"NO"}
+
+    if [[ "$should_initialize" == "YES" ]]; then
+        geth_init
+    fi
+
+    if [[ "$custom_start" == "YES" ]]; then
+        geth_custom_start "$@"
+    else
+        geth_normal_start "$@"
+    fi
+}
+
+main "$@"

geth_and_k8s/scripts/genesis.dockerfile

@@ -0,0 +1,8 @@
+FROM ethereum/client-go:stable
+
+RUN apk add --no-cache bash
+
+COPY entrypoint.sh /entrypoint.sh
+COPY genesis.json /genesis.json
+
+ENTRYPOINT /entrypoint.sh

geth_and_k8s/scripts/genesis.json

@@ -0,0 +1,29 @@
+{
+    "config": {
+      "chainId": 137,
+      "homesteadBlock": 0,
+      "eip150Block": 0,
+      "eip155Block": 0,
+      "eip158Block": 0,
+      "byzantiumBlock": 0,
+      "constantinopleBlock": 0,
+      "petersburgBlock": 0
+    },
+    "difficulty": "0x400",
+    "gasLimit":"0x2100000",
+    "nonce": "0x000000000fab0042",
+    "alloc": {
+        "3282791d6fd713f1e94f4bfd565eaa78b3a0599d": {
+          "balance": "1337000000000000000000"
+        },
+        "64D2ea7000e831E03e6B930AC348fD90D4ACE2B8": {
+          "balance": "1337000000000000000000"
+        },
+        "2ee8D80de1c389f1254e94bc44D2d1Bc391eD402": {
+            "balance": "1337000000000000000000"
+        },
+        "Ac03BB73b6a9e108530AFf4Df5077c2B3D481e5A": {
+          "balance": "1337000000000000000000"
+        }
+    }
+}