Compare commits
42 commits
documentat
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
64405257a5 | ||
|
1eddbd86a3 | ||
|
cf68868bf8 | ||
|
fced928089 | ||
|
84b39abeb1 | ||
|
b837de83cc | ||
|
8ba6173232 | ||
|
6c322f9fbd | ||
|
fd9ef0ebef | ||
|
ec3e9457b3 | ||
|
e6eb37aefa | ||
|
5f402ebc7a | ||
|
f8ae8792e9 | ||
|
499e0f62da | ||
|
734e06f704 | ||
|
f16039dc37 | ||
|
ca8a827ca7 | ||
|
b5328aa0dc | ||
|
b1a2e9706e | ||
|
782ffb3483 | ||
|
fd7c1b6bc2 | ||
|
1befeb34d3 | ||
|
56dbf8ba3a | ||
|
baba45bf00 | ||
|
33f3eeb8df | ||
|
4f4a9c9aab | ||
|
dd1a889e52 | ||
|
410936047c | ||
|
8b8e97b085 | ||
|
45a5049ae5 | ||
|
3ebda8fb5d | ||
|
3c6952b22c | ||
|
d04ff02c45 | ||
|
c5dc75d685 | ||
|
2849405dcc | ||
|
7def73d24c | ||
|
531f74888d | ||
|
0d197cd793 | ||
|
bf89578fde | ||
|
a9b058255e | ||
|
77ee9dc39d | ||
|
409586c45e |
84 changed files with 22928 additions and 355 deletions
12
.github/ISSUE_TEMPLATE/Bug_report.md
vendored
12
.github/ISSUE_TEMPLATE/Bug_report.md
vendored
|
@ -36,12 +36,12 @@ Make sure that you're including the specific container your issue is in regards
|
|||
|
||||
<!-- Post your Unique LBC wallet RECEIVING address so that we can tip you ASAP -->
|
||||
## This is my LBC wallet address for tips
|
||||
bQmvEEfu3TsfcVEPy3SCY1L38gcvXHBiEs
|
||||
{REPLACE ME WITH YOUR LBC RECIEVING ADDRESS}
|
||||
|
||||
**Checklist**:
|
||||
<!-- Make sure you have completed the following steps (put an "X" between of brackets): -->
|
||||
~~- [] I included a `debugpaste` link debugpastes only last 90 days from last time they were loaded in a browser.[Inclusion of debugpaste is WIP]~~
|
||||
- [] I made sure there are no duplicates of this report [(Use Search)](https://github.com/lbryio/lbry-docker/issues?utf8=%E2%9C%93&q=is%3Aissue)
|
||||
- [] I made sure I am using an up-to-date version of the container.
|
||||
- [] I Made sure the bug/error is not caused by any other application.
|
||||
- [] I have updated the wallet address in this issue from the one included to my own as I like getting paid for doing good and fun things in this world such as contributing to LBRY.
|
||||
|
||||
- [ ] I made sure there are no duplicates of this report [(Use Search)](https://github.com/lbryio/lbry-docker/issues?utf8=%E2%9C%93&q=is%3Aissue)
|
||||
- [ ] I made sure I am using an up-to-date version of the container.
|
||||
- [ ] I Made sure the bug/error is not caused by any other application.
|
||||
- [ ] I have updated the wallet address in this issue from the one included to my own as I like getting paid for doing good and fun things in this world such as contributing to LBRY.
|
||||
|
|
63
README.md
63
README.md
|
@ -1,64 +1,38 @@
|
|||
# lbry-Docker
|
||||
|
||||
## Tags
|
||||
<!-- Document tags and link to their Dockerfiles here. -->
|
||||
Document tags and link to their Dockerfiles here.
|
||||
|
||||
## Scope
|
||||
This repository aims to track and maintain most of the Dockerfiles within the LBRY Inc ecosystem.
|
||||
This repository is in flux as it travels towards [version 1.0](https://github.com/lbryio/lbry-docker/projects/1); however its goal is to make development for and adoption of any of the LBRY appliances trivial. You should be able to clone pull fork your way to a better LBRY without having to do much more than some light reading of a README to get started.
|
||||
|
||||
Currently it supports the following in various form factors:
|
||||
* Lbrycrd
|
||||
* Lbrynet
|
||||
* Chainquery
|
||||
|
||||
If you see an architecture that you have a use case for that you don't see in this list and it's stopping you from innovating on the LBRY blockchain search and bump an existing request or create a feature request ASAP on the issue tracker and we will do our best to support your architecture or build requirements.
|
||||
|
||||
The goals here will be to create containers that can deploy across a number of technologies namely `docker-compose`, `docker` itself, and Kubernetes k8's.
|
||||
|
||||
There will be a few edge cases where this repository will support installing these containers as a service on a machine using `cloud-init` however those come as a YMMV(your mileage may vary) warranty void if used.
|
||||
|
||||
We may suggest the use of well commented **`Shell scripts`**, Dockerfiles, and Docker-Compose which is a template that is a baseline for many other container management services such as [RancherOS](https://rancher.com/rancher-os/) and [Kubernetes](https://kubernetes.io/).
|
||||
#### Documentation is WIP
|
||||
Currently, this repository is a WIP and is under heavy construction, use at your own risk make sure you keep regular backups of your wallets. Your mileage may vary as to how far this will work for you be sure to file good and concise issues if you plan to and be mindful of we're allergic to regressions when filing PRs.
|
||||
|
||||
#### Goals
|
||||
We have a number of priorities within this docker container repository.
|
||||
Loosely defined our priorities are in the order as follows ordered highest priority to lowest.
|
||||
|
||||
1. Congruency - Containers should all behave similarly.
|
||||
2. Safety - Cautioning the user when they're in a danger zone when possible.
|
||||
3. Reliability - Only pushing functional tested containers to production allowing users to impose an update schema.
|
||||
4. Ephemerality/Statelessness - You should be able to define the entire state in a cross cloud platform way such that the container itself should contain no state and thus have no reason to rely on it's specific contents as best as possible.
|
||||
5. Works by default - As best as possible we will aim for these containers to work by default out of the box then if you wish you can find ways to improve upon what we've set out for the user on your own.
|
||||
6. Flexibility - Despite all of the above we want people to be able to utilize all of the functionalities of the appliances contained within these containers. This means if you find that our system/implementation gets in your way this is one of our priorities to fix this.
|
||||
|
||||
In summary, this repository aims for [Docker Best Practices](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/) minimalism, ephemerality, and statelessness.
|
||||
|
||||
|
||||
This repository aims for [Docker Best Practices](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/) minimalism, ephemerality, and statelessness. It will use well commented **`Shell scripts`**, Dockerfiles, and Docker-Compose which is a template that is a baseline for many other container management services such as [RancherOS](https://rancher.com/rancher-os/) and [Kubernetes](https://kubernetes.io/).
|
||||
|
||||
#### Beautiful Screenshot/Gif
|
||||
Here's an example tutorial we have for how to get some of our appliances up and running in minutes on DigitalOcean all hosted on our very own platform https://spee.ch a link to the guide is [here](https://github.com/lbryio/lbry-docker/blob/master/contrib/systemd-cloud-init.md) it contains a few lines of information and some copy paste-able code!
|
||||
|
||||
[![Video of creating lbrycrd droplet on DigitalOcean](https://spee.ch/@EnigmaCurry:d/lbrycrd-video-thumb.jpg)](https://spee.ch/@EnigmaCurry:d/lbrycrd-docker-cloud-init.mp4)
|
||||
|
||||
Since there is nothing to see here just yet, I'll entertain you with the current state of affairs with this repository.
|
||||
![image](https://spee.ch/855d1958650b850b249b9ee592ba2f4c6fc7eeec/container-unloading-gone-wrong-151175.gif)
|
||||
|
||||
## Installation
|
||||
|
||||
There are a few methods we're planning on releasing over time however two notable options are our [cloud-init](https://github.com/lbryio/lbry-docker/blob/master/contrib/systemd-cloud-init.md) install of lbrycrd and optionally chainquery on DigitalOcean.
|
||||
|
||||
Alternatively there is the [shell installer](https://github.com/lbryio/lbry-docker/blob/master/chainquery/README.md) that can run on any Ubuntu 18.04-LTS equipped machine to get you up and running with a database seed which can save you loads of time bootstrapping your instance.
|
||||
|
||||
[This is currently WIP and Not Recommended for Production](https://github.com/lbryio/lbry-docker/projects/1)
|
||||
See [Running from source](##Running-from-source) for the current instructions on how to use this.
|
||||
|
||||
#### Currently supported platforms
|
||||
|
||||
**X86_64 CPU architecture**
|
||||
Lbrynet production & compiler, Lbrycrd, Chainqery are currently supported.
|
||||
Lbrynet, Lbrycrd, Chainqery are currently supported.
|
||||
|
||||
**Some arm architectures**
|
||||
Lbrynet armhf and arm64 compilers
|
||||
|
||||
**More will be added on request and over time**
|
||||
|
||||
## Usage
|
||||
You may see above [the installation section above](https://github.com/lbryio/lbry-docker#installation) to obtain container specific instructions.
|
||||
For now, I don't recommend using this container cluster however you're welcomed to [contribute](#contributing) if you feel up to the task.
|
||||
|
||||
|
||||
## Running from source
|
||||
Running this stuff from source should be possible if you have both [Docker](https://docs.docker.com/install/) and [docker-compose](https://docs.docker.com/compose/install/) both installed. If these are both installed, you can proceed to run the following from within your development directory.
|
||||
|
@ -78,7 +52,18 @@ Keep in mind [I am](https://github.com/leopere/) preferential to receiving patch
|
|||
* Have an LBC wallet ready as we want you to have some for the help! Hell, why not post it in your Commit or Merge Request for all I care but take your tips!
|
||||
|
||||
## Getting Support
|
||||
Sometimes we just aren't omniscient omnipresent or even omnipotent. So since this is the case despite our constant striving for these goals we're aware that things are imperfect so when you find these imperfections please reach out to us! You can become a contributor without even knowing how to code a damn thing! Just open a Git Issue so long as it's not a duplicate its a huge help to us and often times it'll earn you some LBC if you're a part of our community.
|
||||
|
||||
<!-- #### Debugpaste [WIP]
|
||||
I'll be including a function to get a self destructing debugpaste of your LBRY appliances logs you'll be able to execute something similar to the following in all containers to export raw logs to a paste service where you can then either modify them removing sensitive data or just take that URL and create a new issue after you [(Use Issue Search)](https://github.com/lbryio/lbry-docker/issues?utf8=%E2%9C%93&q=is%3Aissue) to make sure there isn't already an open thread for your issue.
|
||||
|
||||
#### Example debugpaste
|
||||
```
|
||||
cd chainquery/
|
||||
docker-compose exec chainquery debugpaste
|
||||
https://haste.nixc.us/ocatumatozaq.nginx
|
||||
```
|
||||
You can then take output given in the response from the debugpaste command and put that into your github issue (This may be automated at some point to some degree).
|
||||
-->
|
||||
|
||||
#### Creating an Issue
|
||||
Please be sure to fill out the [issue template](https://github.com/lbryio/lbry-docker/issues/new) as best as possible. This will help us answer your questions faster and fix things quicker if we have quality reports.
|
||||
|
|
2
chainquery/.dockerignore
Normal file
2
chainquery/.dockerignore
Normal file
|
@ -0,0 +1,2 @@
|
|||
chainquery.z*
|
||||
data/*
|
|
@ -3,21 +3,24 @@
|
|||
FROM ubuntu:18.04 as prep
|
||||
LABEL MAINTAINER="leopere [at] nixc [dot] us"
|
||||
RUN apt-get update && \
|
||||
apt-get -y install unzip curl && \
|
||||
apt-get -y install unzip curl busybox-static && \
|
||||
apt-get autoclean -y && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
WORKDIR /
|
||||
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
||||
COPY ./stuff/start.sh start
|
||||
RUN curl -L -o /chainquery.zip $(curl -s https://api.github.com/repos/lbryio/chainquery/releases | grep -F 'Linux_x86_64.zip' | grep download | head -n 1 | cut -d'"' -f4) && \
|
||||
unzip /chainquery.zip && \
|
||||
rm /chainquery.zip
|
||||
COPY ./stuff/healthcheck.sh healthcheck
|
||||
RUN curl --progress-bar -L -o /chainquery https://build.lbry.io/chainquery/branch-master/chainquery && \
|
||||
chmod +x /chainquery /start /healthcheck
|
||||
|
||||
FROM ubuntu:18.04 as app
|
||||
ADD https://raw.githubusercontent.com/lbryio/chainquery/master/config/default/chainqueryconfig.toml /etc/lbry/chainqueryconfig.toml.orig
|
||||
RUN adduser chainquery --gecos GECOS --shell /bin/bash --disabled-password --home /home/chainquery && \
|
||||
chown -R chainquery:chainquery /etc/lbry
|
||||
COPY --from=prep /chainquery /start /usr/bin/
|
||||
COPY --from=prep ./healthcheck /chainquery /start /bin/busybox /usr/bin/
|
||||
HEALTHCHECK --interval=1m --timeout=30s \
|
||||
CMD healthcheck
|
||||
EXPOSE 6300
|
||||
USER chainquery
|
||||
STOPSIGNAL SIGINT
|
||||
CMD ["start"]
|
||||
|
|
|
@ -8,16 +8,13 @@ services:
|
|||
###########
|
||||
## MYSQL ##
|
||||
###########
|
||||
## MariaDB is currently not supported and neither is later versions of MySQL this may change.
|
||||
## https://hub.docker.com/r/_/mariadb/
|
||||
## Work is underway to support percona
|
||||
mysql:
|
||||
image: mysql:5.7.23
|
||||
restart: always
|
||||
networks:
|
||||
lbry-network:
|
||||
ipv4_address: 10.6.1.10
|
||||
aliases:
|
||||
- mysql
|
||||
env_file:
|
||||
- ../environment/chainquery.env
|
||||
expose:
|
||||
|
@ -26,6 +23,10 @@ services:
|
|||
## and not share it with everyone at least eventually.
|
||||
ports:
|
||||
- 3306:3306
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", 'mysql --database=$$MYSQL_DATABASE --password=$$MYSQL_ROOT_PASSWORD --execute="SELECT count(table_name) > 0 FROM information_schema.tables;" --skip-column-names -B']
|
||||
interval: 5s
|
||||
retries: 12
|
||||
volumes:
|
||||
- ../persist/chainquery/db:/var/lib/mysql
|
||||
## This one may need to be tweaked based on where you run this docker-compose from.
|
||||
|
@ -35,14 +36,16 @@ services:
|
|||
## Chainquery ##
|
||||
################
|
||||
chainquery:
|
||||
image: lbryio/lbry-docker:linux-x86_64-production
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile-linux-x86_64-production
|
||||
restart: always
|
||||
networks:
|
||||
lbry-network:
|
||||
ipv4_address: 10.6.1.3
|
||||
env_file:
|
||||
- env
|
||||
- ../environment/lbrycrd.env
|
||||
- ../environment/chainquery.env
|
||||
labels:
|
||||
- "traefik.expose=false"
|
||||
expose:
|
||||
|
@ -52,5 +55,5 @@ services:
|
|||
depends_on:
|
||||
- mysql
|
||||
## TODO: Uncomment this in a docker-compose.override.yml to allow for external configurations.
|
||||
volumes:
|
||||
- ../persist/chainquery/config/chainqueryconfig.toml:/etc/chainquery/chainqueryconfig.toml
|
||||
#volumes:
|
||||
# - ../persist/chainquery/config/chainqueryconfig.toml:/etc/chainquery/chainqueryconfig.toml
|
||||
|
|
|
@ -1,3 +1,2 @@
|
|||
#!/usr/bin/env bash
|
||||
## TODO: Implement this at some point it requires CURL in the container.
|
||||
curl http://localhost:6300/api/status
|
||||
#!/bin/sh
|
||||
busybox wget -O- http://localhost:6300/api/status
|
||||
|
|
|
@ -1,51 +1,32 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
## Config setup
|
||||
# Override defaults with environment variables
|
||||
CONFIGFILE="${CONFIGFILE:-/etc/lbry/chainqueryconfig.toml}"
|
||||
DEBUGMODE="${DEBUGMODE:-false}"
|
||||
RPC_USER="${RPC_USER:-lbry}"
|
||||
RPC_PASSWORD="${RPC_PASSWORD:-lbry}"
|
||||
RPC_HOST="${RPC_HOST:-localhost}"
|
||||
RPC_PORT="${RPC_PORT:-9245}"
|
||||
MYSQL_SERVER="${MYSQL_SERVER:-localhost}"
|
||||
MYSQL_PORT="${MYSQL_PORT:-3306}"
|
||||
MYSQL_USER="${MYSQL_USER:-lbry}"
|
||||
MYSQL_PASSWORD="${MYSQL_PASSWORD:-lbry}"
|
||||
MYSQL_DATABASE="${MYSQL_DATABASE:-chainquery}"
|
||||
|
||||
## Setup Values
|
||||
DEBUGMODE=$(echo "debugmode=$DEBUGMODE")
|
||||
LBRYCRDURL=$(echo "lbrycrdurl=\"rpc://$RPC_USER:$RPC_PASSWORD@10.5.1.2:9245\"")
|
||||
MYSQLDSN=$(echo "mysqldsn=\"$MYSQL_USER:$MYSQL_PASSWORD@tcp($MYSQL_SERVER:3306)/$MYSQL_DATABASE\"")
|
||||
APIMYSQLDSN=$(echo "apimysqldsn=\"$MYSQL_USER:$MYSQL_PASSWORD@tcp($MYSQL_SERVER:3306)/$MYSQL_DATABASE\"")
|
||||
|
||||
## Setup Defaults
|
||||
DEBUGMODE_DEFAULT='#DEFAULT-debugmode=false'
|
||||
LBRYCRDURL_DEFAULT='#DEFAULT-lbrycrdurl="rpc://lbry:lbry@localhost:9245"'
|
||||
MYSQLDSN_DEFAULT='#DEFAULT-mysqldsn="lbry:lbry@tcp(localhost:3306)/chainquery"'
|
||||
APIMYSQLDSN_DEFAULT='#DEFAULT-apimysqldsn="lbry:lbry@tcp(localhost:3306)/chainquery"'
|
||||
|
||||
## Add setup value variable name to this list to get processed on container start
|
||||
CONFIG_SETTINGS=(
|
||||
DEBUGMODE
|
||||
LBRYCRDURL
|
||||
MYSQLDSN
|
||||
APIMYSQLDSN
|
||||
)
|
||||
|
||||
function set_configs() {
|
||||
## Set configs on container start if not already set.
|
||||
for i in "${!CONFIG_SETTINGS[@]}"; do
|
||||
## Indirect references http://tldp.org/LDP/abs/html/ivr.html
|
||||
eval FROM_STRING=\$"${CONFIG_SETTINGS[$i]}_DEFAULT"
|
||||
eval TO_STRING=\$${CONFIG_SETTINGS[$i]}
|
||||
## TODO: Add a bit more magic to make sure that you're only configuring things if not set by config mounts.
|
||||
sed -i "s~$FROM_STRING~"$TO_STRING"~g" /etc/lbry/chainqueryconfig.toml
|
||||
done
|
||||
echo "Reading config for debugging."
|
||||
cat /etc/lbry/chainqueryconfig.toml
|
||||
exec_chainquery() {
|
||||
CONFIG_DIR=$(dirname "${CONFIGFILE}")
|
||||
exec chainquery serve --configpath "$CONFIG_DIR"
|
||||
}
|
||||
|
||||
if [[ ! -f /etc/lbry/chainqueryconfig.toml ]]; then
|
||||
echo "[INFO]: Did not find chainqueryconfig.toml"
|
||||
echo " Installing default and configuring with provided environment variables if any."
|
||||
## Install fresh copy of config file.
|
||||
echo "cp -v /etc/lbry/chainqueryconfig.toml.orig /etc/lbry/chainqueryconfig.toml"
|
||||
cp -v /etc/lbry/chainqueryconfig.toml.orig /etc/lbry/chainqueryconfig.toml
|
||||
ls -lAh /etc/lbry/
|
||||
set_configs
|
||||
else
|
||||
if [[ -f "$CONFIGFILE" ]]; then
|
||||
echo "[INFO]: Found a copy of chainqueryconfig.toml in /etc/lbry"
|
||||
exec_chainquery
|
||||
fi
|
||||
|
||||
## For now keeping this simple. Potentially eventually add all command args as envvars for the Dockerfile or use safe way to add args via docker-compose.yml
|
||||
chainquery serve --configpath "/etc/lbry/"
|
||||
cat << EOF >> "${CONFIGFILE}"
|
||||
DEBUGMODE="${DEBUGMODE}"
|
||||
LBRYCRDURL="rpc://${RPC_USER}:${RPC_PASSWORD}@${RPC_HOST}:${RPC_PORT}"
|
||||
MYSQLDSN="${MYSQL_USER}:${MYSQL_PASSWORD}@tcp(${MYSQL_SERVER}:${MYSQL_PORT})/$MYSQL_DATABASE"
|
||||
APIMYSQLDSN="${MYSQL_USER}:${MYSQL_PASSWORD}@tcp(${MYSQL_SERVER}:${MYSQL_PORT})/$MYSQL_DATABASE"
|
||||
EOF
|
||||
exec_chainquery
|
||||
|
|
5
contrib/k8s-lbry/.gitignore
vendored
Normal file
5
contrib/k8s-lbry/.gitignore
vendored
Normal file
|
@ -0,0 +1,5 @@
|
|||
*.tgz
|
||||
values-dev.yaml
|
||||
values-staging.yaml
|
||||
values-production.yaml
|
||||
completion.bash.inc
|
4
contrib/k8s-lbry/.helmignore
Normal file
4
contrib/k8s-lbry/.helmignore
Normal file
|
@ -0,0 +1,4 @@
|
|||
index.yaml
|
||||
kick-ascii
|
||||
.gitignore
|
||||
completion.bash.inc
|
11
contrib/k8s-lbry/Chart.yaml
Normal file
11
contrib/k8s-lbry/Chart.yaml
Normal file
|
@ -0,0 +1,11 @@
|
|||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: LBRY on Kubernetes with Helm
|
||||
name: k8s-lbry
|
||||
version: 0.1.5
|
||||
maintainers:
|
||||
- email: ryan@enigmacurry.com
|
||||
name: EnigmaCurry
|
||||
- email: leopere [at] nixc [dot] us
|
||||
name: Leopere
|
||||
home: https://github.com/lbryio/lbry-docker/tree/master/contrib/k8s-lbry
|
876
contrib/k8s-lbry/README.md
Normal file
876
contrib/k8s-lbry/README.md
Normal file
|
@ -0,0 +1,876 @@
|
|||
# LBRY on Kubernetes with Helm
|
||||
|
||||
Contributing Author: [EnigmaCurry](https://www.enigmacurry.com)
|
||||
|
||||
Last Update: June 14 2019
|
||||
|
||||
Deploy [lbrycrd](https://github.com/lbryio/lbrycrd), [lbrynet](https://github.com/lbryio/lbry), [chainquery](https://github.com/lbryio/chainquery), [mysql](https://www.mysql.com), and [spee.ch](https://github.com/lbryio/spee.ch) on your [Kubernetes](https://kubernetes.io/) cluster.
|
||||
|
||||
[![asciicast](https://lbryio.github.io/lbry-docker/contrib/k8s-lbry/kick-ascii/cast/k8s-lbry.png)](https://lbryio.github.io/lbry-docker/contrib/k8s-lbry/kick-ascii/?cast=k8s-lbry&bg=lbry.png)
|
||||
|
||||
<!-- Regenerate Table of contents with markdown-toc npm library -->
|
||||
<!-- run: npx markdown-toc -i README.md -->
|
||||
|
||||
<!-- toc -->
|
||||
|
||||
- [Requirements](#requirements)
|
||||
- [Security Notice](#security-notice)
|
||||
- [Installation](#installation)
|
||||
* [Create a project directory](#create-a-project-directory)
|
||||
* [Setup alias and tab completion](#setup-alias-and-tab-completion)
|
||||
* [k8s-lbry setup](#k8s-lbry-setup)
|
||||
* [k8s-lbry install-nginx-ingress](#k8s-lbry-install-nginx-ingress)
|
||||
* [k8s-lbry install-cert-manager](#k8s-lbry-install-cert-manager)
|
||||
* [k8s-lbry install](#k8s-lbry-install)
|
||||
* [k8s-lbry upgrade](#k8s-lbry-upgrade)
|
||||
- [Services](#services)
|
||||
* [lbrycrd](#lbrycrd)
|
||||
* [chainquery](#chainquery)
|
||||
+ [MySQL for chainquery](#mysql-for-chainquery)
|
||||
+ [Start chainquery](#start-chainquery)
|
||||
+ [Startup chainquery with a database snapshot](#startup-chainquery-with-a-database-snapshot)
|
||||
* [lbrynet API service (not for spee.ch)](#lbrynet-api-service-not-for-speech)
|
||||
+ [IMPORTANT - Backup your cluster wallet](#important---backup-your-cluster-wallet)
|
||||
* [spee.ch (and lbrynet sidecar and mysql)](#speech-and-lbrynet-sidecar-and-mysql)
|
||||
+ [IMPORTANT - Backup your speech wallet](#important---backup-your-speech-wallet)
|
||||
+ [Fund your speech wallet](#fund-your-speech-wallet)
|
||||
+ [Create a thumbnail channel](#create-a-thumbnail-channel)
|
||||
+ [Finish speech setup](#finish-speech-setup)
|
||||
- [Extra commands that k8s-lbry (run.sh) provides](#extra-commands-that-k8s-lbry-runsh-provides)
|
||||
* [k8s-lbry helm](#k8s-lbry-helm)
|
||||
* [k8s-lbry kubectl](#k8s-lbry-kubectl)
|
||||
* [k8s-lbry logs](#k8s-lbry-logs)
|
||||
* [k8s-lbry shell](#k8s-lbry-shell)
|
||||
* [k8s-lbry shell-pvc](#k8s-lbry-shell-pvc)
|
||||
* [k8s-lbry restart](#k8s-lbry-restart)
|
||||
* [k8s-lbry lbrynet](#k8s-lbry-lbrynet)
|
||||
* [k8s-lbry chainquery-mysql-client](#k8s-lbry-chainquery-mysql-client)
|
||||
* [k8s-lbry speech-mysql-client](#k8s-lbry-speech-mysql-client)
|
||||
* [k8s-lbry lbrynet-copy-wallet](#k8s-lbry-lbrynet-copy-wallet-)
|
||||
* [k8s-lbry package](#k8s-lbry-package)
|
||||
- [TLS / SSL / HTTPS](#tls--ssl--https)
|
||||
- [Cloud specific notes](#cloud-specific-notes)
|
||||
* [AWS](#aws)
|
||||
* [minikube](#minikube)
|
||||
- [Uninstall](#uninstall)
|
||||
|
||||
<!-- tocstop -->
|
||||
|
||||
## Requirements
|
||||
|
||||
* A Kubernetes cluster.
|
||||
* Tested on DigitalOcean managed Kubernetes cluster on nodes with 8GB of RAM,
|
||||
on kubernetes 1.14.1.
|
||||
* Tested on AWS with [Charmed Kubenetes
|
||||
Distribution](https://www.ubuntu.com/kubernetes/docs/quickstart) - See
|
||||
[AWS specific notes](#aws).
|
||||
* Tested on
|
||||
[minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) for a
|
||||
self-contained virtual machine running kubernetes in VirtualBox - - See
|
||||
[minikube specific notes](#minikube).
|
||||
* Local development machine dependencies:
|
||||
* [GNU Bash](https://www.gnu.org/software/bash/) and friends. If you're on
|
||||
Linux or Mac, you should be good to go.
|
||||
* [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
|
||||
* Tested with kubectl v1.14.0
|
||||
* [helm](https://github.com/helm/helm/releases)
|
||||
* Tested with helm v2.13.1
|
||||
* Optional: for TLS / HTTPs support, you will also need an internet domain
|
||||
name, and the ability to update its DNS.
|
||||
|
||||
Your cloud provider should have instructions for setting up `kubectl` to talk to
|
||||
your cluster. This usually involves downloading a config file and putting it in
|
||||
`$HOME/.kube/config`. (The file has to be renamed `config` and put in the
|
||||
`$HOME/.kube` directory.)
|
||||
|
||||
Test that your `kubectl` can talk to your cluster, by querying for a list of
|
||||
running nodes:
|
||||
|
||||
```
|
||||
kubectl get nodes
|
||||
```
|
||||
|
||||
If everything is working, you should see a list of one or more nodes running and
|
||||
showing `STATUS=Ready`
|
||||
|
||||
## Security Notice
|
||||
|
||||
Any cryptocurrency wallet that is online is a security concern. For any
|
||||
real-world production deployment, you will need to review this architecture
|
||||
closely to see if it fits with your chosen platform and network environment.
|
||||
|
||||
This system is currently designed for a kubernetes cluster that has a single
|
||||
administrator (or possibly a small team of trusted users). It will not support
|
||||
untrusted multi-tenancy out of the box.
|
||||
|
||||
All of the services are created in their own namespace, but no [Security
|
||||
Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) have
|
||||
been applied to the pods.
|
||||
|
||||
The Helm configuration file contains *all* of the configuration for the system,
|
||||
*including passwords* in plain text.
|
||||
|
||||
The lbrynet SDK wallets are individually stored unencrypted in their own
|
||||
persistent volumes.
|
||||
|
||||
“We take security seriously. Please contact
|
||||
[security@lbry.io](mailto:security@lbry.io) regarding any security issues. Our
|
||||
PGP key is [here](https://keybase.io/lbry/key.asc) if you need it.” If you find
|
||||
vulnerabilites, especially any that might increase the risk of someone losing
|
||||
their crypto currency [Responsible
|
||||
Disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure) is
|
||||
appreciated.
|
||||
|
||||
## Installation
|
||||
|
||||
This system is installed via [Helm](https://helm.sh/docs/), the package manager
|
||||
for Kubernetes. [Helm Charts](https://helm.sh/docs/developing_charts/#charts)
|
||||
are the basis for packages in Helm. This directory is a Helm chart itself.
|
||||
|
||||
All of the helm and kubectl commands necessary to install, upgrade, and maintain
|
||||
your deployments, are wrapped in the included [`run.sh`](run.sh) script. For
|
||||
debugging purposes, this wrapper also prints to stdout the full underlying
|
||||
commands (helm, kubectl, etc) as they are run.
|
||||
|
||||
### Create a project directory
|
||||
|
||||
Create a new directory someplace to store your deployment configuration. For the
|
||||
rest of this tutorial, you will work from this directory:
|
||||
|
||||
```
|
||||
mkdir $HOME/k8s-lbry-test
|
||||
|
||||
cd $HOME/k8s-lbry-test
|
||||
```
|
||||
|
||||
Download `run.sh` to this same directory:
|
||||
|
||||
```
|
||||
curl -Lo run.sh https://raw.githubusercontent.com/lbryio/lbry-docker/master/contrib/k8s-lbry/run.sh
|
||||
|
||||
chmod a+x run.sh
|
||||
```
|
||||
|
||||
It's a good idea to always read any script you download from the internet,
|
||||
before running it.
|
||||
|
||||
### Setup alias and tab completion
|
||||
|
||||
`run.sh` can be run directly without any setup. However, without adding it to
|
||||
your `PATH`, you need to specify the full path to the script each time. Setting
|
||||
a bash alias for `run.sh` is the quickest way of setting up to run from
|
||||
anywhere, as well as activating support for bash tab completion.
|
||||
|
||||
One time setup to install alias to `$HOME/.bashrc`:
|
||||
|
||||
```
|
||||
./run.sh setup-alias
|
||||
```
|
||||
|
||||
It should prompt you if it is OK for the script to edit `$HOME/.bashrc`. Once
|
||||
you confirm, close your terminal session, then reopen it.
|
||||
|
||||
Verify the new `k8s-lbry` alias to `run.sh` is working:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get nodes
|
||||
```
|
||||
|
||||
Notice that tab completion should work throughout typing the above command.
|
||||
|
||||
### k8s-lbry setup
|
||||
|
||||
Setup will check for dependencies, update helm repositories, and create an
|
||||
initial config file (`values-dev.yaml`).
|
||||
|
||||
```
|
||||
k8s-lbry setup
|
||||
```
|
||||
|
||||
### k8s-lbry install-nginx-ingress
|
||||
|
||||
An Ingress Controller
|
||||
([nginx-ingress](https://github.com/helm/charts/tree/master/stable/nginx-ingress))
|
||||
will help you to route outside internet traffic into your cluster. nginx-ingress
|
||||
will also help terminate TLS connections (SSL) so that your containers don't
|
||||
need to worry about encryption of traffic.
|
||||
|
||||
Install nginx-ingress into the `k8s-lbry` namespace:
|
||||
|
||||
```
|
||||
k8s-lbry install-nginx-ingress
|
||||
```
|
||||
|
||||
### k8s-lbry install-cert-manager
|
||||
|
||||
[cert-manager](https://docs.cert-manager.io/en/latest/index.html) will provide
|
||||
TLS certificates (SSL) for your cluster, using [Let's
|
||||
Encrypt](https://letsencrypt.org/).
|
||||
|
||||
Install cert-manager into the `cert-manager` namespace:
|
||||
|
||||
```
|
||||
k8s-lbry install-cert-manager
|
||||
```
|
||||
|
||||
### k8s-lbry install
|
||||
|
||||
Once nginx-ingress and cert-manager are installed, the main helm chart can be
|
||||
installed. This installs lbrycrd, chainquery, lbrynet, spee.ch, and mysql,
|
||||
depending on what you enable in `values-dev.yaml`.
|
||||
|
||||
Find the External IP address for your load balancer:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get svc nginx-ingress-controller -o wide
|
||||
```
|
||||
|
||||
If you find a hostname instead of an IP address, this means your load balancer
|
||||
has multiple IP addresses. In this case, you will need to resolve the domain
|
||||
name to find the IP addresses. If this affects you, run `dig` with the hostname
|
||||
as the second argument. If your system does not have `dig` installed, you can
|
||||
[paste the hostname into this tool](https://toolbox.googleapps.com/apps/dig/).
|
||||
Look for the `;ANSWER` section and you should see two or more IP addresses
|
||||
listed. Since lbrycrd will only advertise one IP address, pick just one of the
|
||||
IP addresses to use for the purposes of this tutorial.
|
||||
|
||||
You must edit your own `values-dev.yaml`. (The setup procedure created an
|
||||
initial configuration in the same directory as `run.sh`.) To use a different
|
||||
config file, export the `VALUES` environment variable before subsequent
|
||||
commands, specifying the full path to your values file.
|
||||
|
||||
Edit `values-dev.yaml`. You only need to change one thing right now:
|
||||
|
||||
* Change `lbrycrd.configurationFile.lbrycrd.conf` at the bottom of this section
|
||||
find `externalip=` and set it equal to the External IP address of the Load
|
||||
Balancer obtained above. (Example: `externalip=123.123.123.123`)
|
||||
|
||||
Save `values-dev.yaml`.
|
||||
|
||||
Now run the install script to create the new release:
|
||||
|
||||
```
|
||||
k8s-lbry install
|
||||
```
|
||||
|
||||
### k8s-lbry upgrade
|
||||
|
||||
For helm, `upgrade` does not necessarily mean you are upgrading to a new version
|
||||
of any particular software, `upgrade` just means to apply your configuration
|
||||
file to the cluster. If you edit `values-dev.yaml`, you then need to apply your
|
||||
changes with `k8s-lbry upgrade`.
|
||||
|
||||
You can make changes to `values-dev.yaml` at any time. You can apply your
|
||||
configuration to your cluster by upgrading the release:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
You can upgrade as often as you want. Each time you upgrade the release, helm
|
||||
increases the `REVISION` number:
|
||||
|
||||
```
|
||||
k8s-lbry helm ls
|
||||
```
|
||||
|
||||
## Services
|
||||
|
||||
### lbrycrd
|
||||
|
||||
After running the installation above, you should now have a running lbrycrd pod.
|
||||
Verify this by listing the pods for the `k8s-lbry` namespace:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get pods
|
||||
```
|
||||
|
||||
You should see a pod listed with a name that starts with `lbrycrd`.
|
||||
|
||||
Check the lbrycrd logs:
|
||||
|
||||
```
|
||||
k8s-lbry logs lbrycrd
|
||||
```
|
||||
|
||||
Press Ctrl-C to stop viewing the log.
|
||||
|
||||
It is advisable to wait for lbrycrd to synchronize with the full blockchain
|
||||
before starting other services, so watch the logs until synchronization
|
||||
completes (`progress=1.0`).
|
||||
|
||||
You can utilize `lbrycrd-cli` as well:
|
||||
|
||||
```
|
||||
k8s-lbry lbrycrd-cli --help
|
||||
```
|
||||
|
||||
### chainquery
|
||||
|
||||
#### MySQL for chainquery
|
||||
[MySQL](https://github.com/helm/charts/tree/master/stable/mysql) is used as
|
||||
the database chainquery talks to.
|
||||
|
||||
Edit `values-dev.yaml` and set `chainquery-mysql.enabled` to `true`.
|
||||
|
||||
Upgrade the release to turn on mysql for chainquery:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
You can try logging into the mysql shell if you like:
|
||||
|
||||
```
|
||||
k8s-lbry chainquery-mysql-client
|
||||
```
|
||||
|
||||
You can view the mysql logs:
|
||||
|
||||
```
|
||||
k8s-lbry logs chainquery-mysql
|
||||
```
|
||||
|
||||
Press Ctrl-C to stop viewing the log.
|
||||
|
||||
#### Start chainquery
|
||||
|
||||
Edit `values-dev.yaml` and set `chainquery.enabled` to `true`.
|
||||
|
||||
Upgrade the release to turn on chainquery:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
You can view the chainquery logs:
|
||||
|
||||
```
|
||||
k8s-lbry logs chainquery
|
||||
```
|
||||
|
||||
#### Startup chainquery with a database snapshot
|
||||
|
||||
If chainquery is starting with a blank MySQL database, it will take several days
|
||||
to synchronize with the full lbrycrd blockchain. If this is OK, you can just
|
||||
watch the chainquery logs and wait for it to get to the [current block
|
||||
height](https://explorer.lbry.io/).
|
||||
|
||||
If you cannot wait that long, you can scrap your existing chainquery database
|
||||
and restart from a more recent database snapshot:
|
||||
|
||||
```
|
||||
k8s-lbry chainquery-override-snapshot
|
||||
```
|
||||
|
||||
This will prompt if you really wish to destroy the current chainquery database.
|
||||
If you confirm, the existing chainquery and chainquery-mysql deployments will be
|
||||
deleted, and pods will be terminated, ***and the contents of the Persistent
|
||||
Volume Claim (PVC) for chainquery-mysql will be deleted.*** The snapshot will be
|
||||
downloaded and restored in its place.
|
||||
|
||||
Once the snapshot is restored, upgrade the release to restore the chainquery and
|
||||
chainquery-mysql deployments, and restart pods:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
You can verify that the database now has data up to the height of the database
|
||||
snapshot. Login to the mysql shell:
|
||||
|
||||
```
|
||||
k8s-lbry chainquery-mysql-client
|
||||
```
|
||||
|
||||
Then query for the latest block height:
|
||||
|
||||
```
|
||||
mysql> select height from chainquery.block order by id desc limit 1;
|
||||
+--------+
|
||||
| height |
|
||||
+--------+
|
||||
| 561080 |
|
||||
+--------+
|
||||
1 row in set (0.00 sec)
|
||||
```
|
||||
|
||||
Also verify that chainquery is again happy. View the chainquery logs:
|
||||
|
||||
```
|
||||
k8s-lbry logs chainquery
|
||||
```
|
||||
|
||||
Press Ctrl-C to quit viewing the logs.
|
||||
|
||||
### lbrynet API service (not for spee.ch)
|
||||
|
||||
This is for a standalone lbrynet API service inside your cluster. Blob storage
|
||||
goes to its own persistent volume, but is configured with `save_files=false`.
|
||||
There is no outside access to the Downloads directory provided. You can stream
|
||||
blobs from lbrynet via `http://lbrynet:5279/get/CLAIM_NAME/CLAIM_ID`.
|
||||
|
||||
This particular lbrynet configuration won't work for spee.ch (v0.5.12). spee.ch
|
||||
needs direct access to the Downloads directory of lbrynet. **If you are wanting
|
||||
lbrynet for spee.ch, skip this section, and head directly to the [spee.ch
|
||||
section](#speech-and-lbrynet-sidecar-and-mysql), which implements its own
|
||||
lbrynet sidecar.**
|
||||
|
||||
Edit `values-dev.yaml` and set `lbrynet.enabled` to `true`.
|
||||
|
||||
Upgrade the release to turn on lbrynet:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
You can view the lbrynet logs:
|
||||
|
||||
```
|
||||
k8s-lbry logs lbrynet
|
||||
```
|
||||
|
||||
#### IMPORTANT - Backup your cluster wallet
|
||||
|
||||
The wallet is created inside the `lbrynet` persistent volume.
|
||||
|
||||
Copy the wallet in case the volume gets destroyed:
|
||||
|
||||
```
|
||||
k8s-lbry lbrynet-copy-wallet /tmp/k8s-lbry-lbrynet-wallet-backup.json
|
||||
```
|
||||
|
||||
Check the contents of `/tmp/k8s-lbry-lbrynet-wallet-backup.json` and move the
|
||||
file to a safe place for backup (make sure to delete the temporary file.)
|
||||
|
||||
Once your wallet is backed up, you can generate a receiving address in order to
|
||||
deposit LBC:
|
||||
|
||||
```
|
||||
k8s-lbry lbrynet address unused
|
||||
```
|
||||
|
||||
### spee.ch (and lbrynet sidecar and mysql)
|
||||
|
||||
*Note: Throughout this deployment, the unstylized name `speech` is used.*
|
||||
|
||||
Speech needs three containers, running in two pods:
|
||||
|
||||
* `speech` pod:
|
||||
|
||||
* speech, the nodejs server container.
|
||||
|
||||
* lbrynet, running in the same pod as speech, so as to share one downloads
|
||||
directory. (This is called a 'sidecar' container, which is guaranteed to
|
||||
run on the same kubernetes node as the spee.ch container.)
|
||||
|
||||
* `speech-mysql` pod:
|
||||
|
||||
* mysql for storing the speech database.
|
||||
|
||||
Edit `values-dev.yaml`.
|
||||
|
||||
* Set `speech-mysql.enabled` to `true`.
|
||||
* Set `speech.enabled` to `true`.
|
||||
* Set `speech.service.hostname` to your subdomain name for speech.
|
||||
* Set `speech.site.details.host` to your subdomain name for speech.
|
||||
* Set `speech.site.details.ipAddress` to your Load Balancer external IP address.
|
||||
* Set `speech.site.details.title`
|
||||
|
||||
Upgrade the release to turn on `speech`, `speech-lbrynet`, and `speech-mysql`:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
Speech will not work yet! Continue on through the next sections.
|
||||
|
||||
#### IMPORTANT - Backup your speech wallet
|
||||
|
||||
The wallet for speech is created inside the `speech-lbrynet` persistent volume.
|
||||
|
||||
Copy the wallet in case the volume gets destroyed:
|
||||
|
||||
```
|
||||
k8s-lbry speech-lbrynet-copy-wallet /tmp/k8s-lbry-speech-lbrynet-wallet-backup.json
|
||||
```
|
||||
|
||||
Check the contents of `/tmp/k8s-lbry-speech-lbrynet-wallet-backup.json` and move
|
||||
the file to a safe place for backup (make sure to delete the temporary file.)
|
||||
|
||||
#### Fund your speech wallet
|
||||
|
||||
Once your wallet is backed up, you can generate a receiving address in order to
|
||||
deposit LBC:
|
||||
|
||||
```
|
||||
k8s-lbry speech-lbrynet address unused
|
||||
```
|
||||
|
||||
Now send at least 5 LBC to your new speech wallet address.
|
||||
|
||||
Verify your speech wallet balance:
|
||||
|
||||
```
|
||||
k8s-lbry speech-lbrynet account balance
|
||||
```
|
||||
|
||||
#### Create a thumbnail channel
|
||||
|
||||
Create the LBRY channel for hosting speech thumbnails. Replace `@YOUR_NAME_HERE`
|
||||
with your chosen (unique) channel name to create. Amount is how much LBC to
|
||||
reserve for the claim:
|
||||
|
||||
```
|
||||
k8s-lbry speech-lbrynet channel new @YOUR_NAME_HERE --amount=1.0
|
||||
```
|
||||
|
||||
Get the claim id for the channel:
|
||||
|
||||
```
|
||||
k8s-lbry speech-lbrynet channel list
|
||||
```
|
||||
|
||||
The `claim_id` field is your `thumbnailChannelId` used in the next section.
|
||||
|
||||
#### Finish speech setup
|
||||
|
||||
Edit `values-dev.yaml` again:
|
||||
|
||||
* Set `speech.site.publishing.primaryClaimAddress` The fresh wallet address
|
||||
generated above.
|
||||
* Set `speech.site.publishing.thumbnailChannel` The name of the channel to
|
||||
publish thumbnails
|
||||
* Set `speech.site.publishing.thumbnailChannelId` The claim id of the channel
|
||||
to publish thumbnails. (see `k8s-lbry speech-lbrynet channel list`)
|
||||
* Set `speech.site.publishing.serviceOnlyApproved` if you want to limit the
|
||||
channels served.
|
||||
* Set `speech.site.publishing.approvedChannels` if you want to limit the
|
||||
channels served.
|
||||
* Set `speech.site.analytics.googleId`
|
||||
|
||||
See the [speech settings docs for more
|
||||
info](https://github.com/lbryio/spee.ch/blob/master/docs/settings.md)
|
||||
|
||||
Upgrade the release to apply the new settings:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
Restart the speech pod:
|
||||
|
||||
```
|
||||
k8s-lbry restart speech
|
||||
```
|
||||
|
||||
## Extra commands that k8s-lbry (run.sh) provides
|
||||
|
||||
You can run `k8s-lbry` without any arguments, and it will provide you some help.
|
||||
|
||||
### k8s-lbry helm
|
||||
|
||||
This script encapsulates helm so that it can run it's own local instance of
|
||||
tiller through [helm-tiller](https://github.com/rimusz/helm-tiller). As a
|
||||
convenience function, run.sh can start tiller locally, pass through any helm
|
||||
commands to your cluster, and then shutdown tiller:
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry helm ls
|
||||
```
|
||||
|
||||
|
||||
If you try to run `helm` without the `run.sh helm` wrapper, you should expect to
|
||||
see this error:
|
||||
|
||||
```
|
||||
Error: could not find tiller
|
||||
```
|
||||
|
||||
By design, [tiller is not running on your
|
||||
cluster](https://rimusz.net/tillerless-helm), it just runs locally for the
|
||||
duration that `run.sh` needs it, then shuts down.
|
||||
|
||||
### k8s-lbry kubectl
|
||||
|
||||
This script encapsulates kubectl so that you do not have to keep typing
|
||||
`--namespace k8s-lbry` all the time. All kubectl commands will default to
|
||||
`k8s-lbry` or the `NAMESPACE` environment variable if set.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get pods
|
||||
```
|
||||
|
||||
### k8s-lbry logs
|
||||
|
||||
Stream the logs for a pod into your terminal, given the helm app name. If the
|
||||
pod contains more than one container you must specify it as the third argument.
|
||||
|
||||
Examples:
|
||||
|
||||
```
|
||||
k8s-lbry logs lbrycrd
|
||||
|
||||
k8s-lbry logs speech speech-lbrynet
|
||||
```
|
||||
|
||||
Press Ctrl-C to stop streaming the logs. If the logs seemingly hang forever,
|
||||
press Ctrl-C and try the command again.
|
||||
|
||||
|
||||
### k8s-lbry shell
|
||||
|
||||
When doing maintainance tasks, it is often useful to be able to attach a shell
|
||||
to a running pod. This is a convenience wrapper that uses the helm app name to
|
||||
connect to the correct pod.
|
||||
|
||||
This will connect to the pod running the `lbrynet` service.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry shell lbrynet
|
||||
```
|
||||
|
||||
Once in the shell, do whatever maintaince is necessary, and press `Ctrl-D` or
|
||||
type `exit` when done.
|
||||
|
||||
### k8s-lbry shell-pvc
|
||||
|
||||
When doing maintainance tasks, it is often useful to be able to run a utility
|
||||
container that mounts the persistent volume
|
||||
([PVC](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)) of
|
||||
another container. This is especially useful in scenarios where the pod will not
|
||||
start, and therefore cannot use the `run.sh shell` command in the previous
|
||||
section.
|
||||
|
||||
This will run a shell in a new utility container, mounting the lbrynet PVC to
|
||||
`/pvcs/lbrynet`.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry shell-pvc lbrynet
|
||||
```
|
||||
|
||||
Once in the shell, do whatever maintaince is necessary, and press `Ctrl-D` or
|
||||
type `exit` when done.
|
||||
|
||||
|
||||
### k8s-lbry restart
|
||||
|
||||
Delete a pod for a given app name. The existing deployment will immediately
|
||||
restart a new pod.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry restart speech
|
||||
```
|
||||
|
||||
### k8s-lbry lbrynet
|
||||
You can run the `lbrynet` client from within the running pod, redirecting output
|
||||
to your local console.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry lbrynet --help
|
||||
```
|
||||
|
||||
### k8s-lbry chainquery-mysql-client
|
||||
|
||||
Run the mysql shell for the chainquery database.
|
||||
|
||||
### k8s-lbry speech-mysql-client
|
||||
|
||||
Run the mysql shell for the speech database.
|
||||
|
||||
### k8s-lbry lbrynet-copy-wallet <local_backup_path>
|
||||
|
||||
Backup the lbrynet wallet to a local path.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry lbrynet-copy-wallet /tmp/k8s-lbry-lbrynet-wallet-backup.json
|
||||
```
|
||||
### k8s-lbry package
|
||||
|
||||
This is for the developer of this package to build and maintain the helm package
|
||||
releases, and upload to the S3 package repository. Requires `s3cmd` installed.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
k8s-lbry package 0.1.1
|
||||
```
|
||||
|
||||
|
||||
## TLS / SSL / HTTPS
|
||||
|
||||
You have already installed cert-manager for your cluster, but HTTPs is not
|
||||
turned on out of the box. Setup is easy:
|
||||
|
||||
* You need to create a DNS A record for your domain pointing to the External IP
|
||||
address of the nginx-ingress Load Balancer. (Preferably create a wildcard
|
||||
record for an entire subdomain [`*.example.com` or `*.lbry.example.com`],
|
||||
that way you only have to set this up once, no matter how many sub-domains
|
||||
you end up needing.) Refer to the [install
|
||||
section](https://github.com/EnigmaCurry/lbry-docker/tree/k8s-lbry/contrib/k8s-lbry#k8s-lbry-install)
|
||||
for how to retrieve the IP address.
|
||||
|
||||
* Edit `values-dev.yaml`
|
||||
|
||||
* Change `cert-manager-issuer.email` from the example email address to your
|
||||
own. [Let's Encrypt](https://letsencrypt.org/) is a free TLS certificate
|
||||
issuer, and they will send you important emails about your domain and
|
||||
certificate expirations.
|
||||
|
||||
* You can turn on the echo service to test with:
|
||||
|
||||
* Change `echo-http-server.enabled` to `true`
|
||||
|
||||
* Change `echo-http-server.hostname` to a hostname you've configured the DNS
|
||||
for.
|
||||
|
||||
Upgrade nginx-ingress, turning on HTTPs support (copy the command **including the wrapping parentheses**):
|
||||
|
||||
```
|
||||
(
|
||||
NGINX_ENABLE_HTTPS=true
|
||||
k8s-lbry upgrade-nginx-ingress
|
||||
)
|
||||
```
|
||||
|
||||
And Upgrade `k8s-lbry`:
|
||||
|
||||
```
|
||||
k8s-lbry upgrade
|
||||
```
|
||||
|
||||
If you turned on the echo service, try it out with curl:
|
||||
|
||||
```
|
||||
curl -L https://echo.example.com
|
||||
```
|
||||
|
||||
It should return the name of the service: `echo-http-server`.
|
||||
|
||||
If you get any certificate validation errors, then you may need to wait for up
|
||||
to 20 minutes for the certificate to be issued, and then retry.
|
||||
|
||||
If you run into problems with certificates, check out the cert-manager logs:
|
||||
|
||||
```
|
||||
kubectl -n cert-manager logs -l app=cert-manager -f
|
||||
```
|
||||
|
||||
Also check the certificate resources:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get certificates
|
||||
```
|
||||
|
||||
You should see the `echo-http-server-tls` certificate resource listed. The
|
||||
`READY` status is the indicator as to whether the certificate has been issued
|
||||
yet or not.
|
||||
|
||||
## Cloud specific notes
|
||||
|
||||
### AWS
|
||||
|
||||
Deployment on AWS requires these modifications:
|
||||
|
||||
Following the [CDK on
|
||||
AWS](https://www.ubuntu.com/kubernetes/docs/aws-integration) docs, install the
|
||||
StorageClass for EBS:
|
||||
|
||||
```
|
||||
kubectl create -f - <<EOF
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: ebs-gp2
|
||||
provisioner: kubernetes.io/aws-ebs
|
||||
parameters:
|
||||
type: gp2
|
||||
EOF
|
||||
```
|
||||
|
||||
In `values-dev.yaml` all of your persistence configurations need to add
|
||||
`storageClass: ebs-gp2`. There are commented versions in the default config file
|
||||
which you can simply uncomment.
|
||||
|
||||
### minikube
|
||||
|
||||
[minikube](https://kubernetes.io/docs/setup/minikube/) lets you run kubernetes
|
||||
on your development machine, in VirtualBox.
|
||||
|
||||
Make sure you start minikube with sufficient RAM for testing:
|
||||
|
||||
```
|
||||
minikube start --memory 4096
|
||||
```
|
||||
|
||||
In order for minikube to route the LoadBalancer correctly, you need to [add a
|
||||
route on the host, and install a
|
||||
patch](https://github.com/elsonrodriguez/minikube-lb-patch) to your cluster:
|
||||
|
||||
```
|
||||
## ONLY RUN THESE COMMANDS IF YOU ARE USING MINIKUBE:
|
||||
sudo ip route add $(cat ~/.minikube/profiles/minikube/config.json | jq -r ".KubernetesConfig.ServiceCIDR") via $(minikube ip)
|
||||
|
||||
kubectl run minikube-lb-patch --replicas=1 --image=elsonrodriguez/minikube-lb-patch:0.1 --namespace=kube-system
|
||||
```
|
||||
|
||||
If it works correctly, after you run `k8s-lbry install-nginx-ingress`, the
|
||||
External IP address for the LoadBalancer should no longer be `pending`:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get svc nginx-ingress-controller
|
||||
```
|
||||
|
||||
## Uninstall
|
||||
|
||||
If you wish to uninstall k8s-lbry from your cluster, here are the steps:
|
||||
|
||||
* Delete the helm releases:
|
||||
|
||||
```
|
||||
k8s-lbry helm delete k8s-lbry
|
||||
|
||||
k8s-lbry helm delete cert-manager
|
||||
|
||||
k8s-lbry helm delete nginx-ingress
|
||||
```
|
||||
|
||||
* By deleting the `nginx-ingress` release, the Load Balancer resource should
|
||||
be automatically cleaned up. You can verify this yourself in your cloud
|
||||
provider's console that no Load Balancer is still running.
|
||||
|
||||
* Delete the Persistent Volume Claims:
|
||||
|
||||
* In `values-dev.yaml` all of the persistence claims are labeled as
|
||||
`"helm.sh/resource-policy": keep`. This means that helm will not
|
||||
automatically delete the volume when it deletes the release.
|
||||
|
||||
* List all of your Persistent Volume Claims:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl get pvc
|
||||
```
|
||||
|
||||
* Then delete each one you no longer want:
|
||||
|
||||
```
|
||||
k8s-lbry kubectl delete pvc [name-of-pvc]
|
||||
```
|
||||
|
||||
* Deleting the claim, should delete the volume. You can verify this yourself
|
||||
in your cloud provider's console that no Volumes exist.
|
||||
|
22
contrib/k8s-lbry/charts/cert-manager-issuer/.helmignore
Normal file
22
contrib/k8s-lbry/charts/cert-manager-issuer/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/cert-manager-issuer/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/cert-manager-issuer/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: Install staging and production certificate issuers with Lets Encrypt ACME.
|
||||
name: cert-manager-issuer
|
||||
version: 0.1.0
|
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "cert-manager-issuer.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "cert-manager-issuer.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "cert-manager-issuer.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,16 @@
|
|||
apiVersion: certmanager.k8s.io/v1alpha1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: letsencrypt-prod
|
||||
spec:
|
||||
acme:
|
||||
# The ACME server URL
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
# Email address used for ACME registration
|
||||
email: {{ .Values.email }}
|
||||
# Name of a secret used to store the ACME account private key
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-prod
|
||||
# Enable the HTTP-01 challenge provider
|
||||
http01: {}
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
apiVersion: certmanager.k8s.io/v1alpha1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: letsencrypt-staging
|
||||
spec:
|
||||
acme:
|
||||
# The ACME server URL
|
||||
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
# Email address used for ACME registration
|
||||
email: {{ .Values.email }}
|
||||
# Name of a secret used to store the ACME account private key
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-staging
|
||||
# Enable the HTTP-01 challenge provider
|
||||
http01: {}
|
22
contrib/k8s-lbry/charts/chainquery/.helmignore
Normal file
22
contrib/k8s-lbry/charts/chainquery/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/chainquery/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/chainquery/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "v0.0.0"
|
||||
description: LBRY chainquery
|
||||
name: chainquery
|
||||
version: 0.1.0
|
32
contrib/k8s-lbry/charts/chainquery/templates/_helpers.tpl
Normal file
32
contrib/k8s-lbry/charts/chainquery/templates/_helpers.tpl
Normal file
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "chainquery.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "chainquery.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "chainquery.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
13
contrib/k8s-lbry/charts/chainquery/templates/configmap.yaml
Normal file
13
contrib/k8s-lbry/charts/chainquery/templates/configmap.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "chainquery.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
chart: {{ template "chainquery.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
data:
|
||||
{{ toYaml .Values.configurationFile | indent 2 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,61 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: apps/v1beta2
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "chainquery.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
chart: {{ template "chainquery.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
|
||||
{{- if .Values.configurationFile }}
|
||||
initContainers:
|
||||
- name: copy-chainquery-config
|
||||
image: busybox
|
||||
command: ['sh', '-c', 'cp /configmap/chainqueryconfig.toml /etc/lbry/chainqueryconfig.toml']
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /configmap
|
||||
- name: config
|
||||
mountPath: /etc/lbry
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ template "chainquery.fullname" . }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: port
|
||||
containerPort: {{ .Values.service.port }}
|
||||
volumeMounts:
|
||||
{{- if .Values.configurationFile }}
|
||||
- name: config
|
||||
mountPath: /etc/lbry/chainqueryconfig.toml
|
||||
subPath: chainqueryconfig.toml
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.configurationFile }}
|
||||
- name: config
|
||||
emptyDir: {}
|
||||
- name: configmap
|
||||
configMap:
|
||||
name: {{ template "chainquery.fullname" . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
19
contrib/k8s-lbry/charts/chainquery/templates/service.yaml
Normal file
19
contrib/k8s-lbry/charts/chainquery/templates/service.yaml
Normal file
|
@ -0,0 +1,19 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "chainquery.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
chart: {{ template "chainquery.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
ports:
|
||||
- name: port
|
||||
port: {{ .Values.service.port }}
|
||||
targetPort: port
|
||||
selector:
|
||||
app: {{ template "chainquery.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
22
contrib/k8s-lbry/charts/echo-http-server/.helmignore
Normal file
22
contrib/k8s-lbry/charts/echo-http-server/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/echo-http-server/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/echo-http-server/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: An HTTP echo service
|
||||
name: echo-http-server
|
||||
version: 0.1.0
|
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "echo-http-server.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "echo-http-server.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "echo-http-server.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,24 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Values.service }}
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
certmanager.k8s.io/issuer: {{ .Values.certificateIssuer }}
|
||||
certmanager.k8s.io/acme-challenge-type: http01
|
||||
spec:
|
||||
{{ if .Values.enableHttps }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.hostname }}
|
||||
secretName: {{ .Values.service }}-tls
|
||||
{{ end }}
|
||||
rules:
|
||||
- host: {{ .Values.hostname }}
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: {{ .Values.service }}
|
||||
servicePort: 80
|
||||
{{- end }}
|
|
@ -0,0 +1,34 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.service }}
|
||||
spec:
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 5678
|
||||
selector:
|
||||
app: {{ .Values.service }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Values.service }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.service }}
|
||||
replicas: 2
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Values.service }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "echo-http-server.fullname" . }}
|
||||
image: hashicorp/http-echo
|
||||
args:
|
||||
- "-text={{ .Values.service }}"
|
||||
ports:
|
||||
- containerPort: 5678
|
||||
{{- end }}
|
22
contrib/k8s-lbry/charts/echo-socket-server/.helmignore
Normal file
22
contrib/k8s-lbry/charts/echo-socket-server/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/echo-socket-server/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/echo-socket-server/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: A socket echo service
|
||||
name: echo-socket-server
|
||||
version: 0.1.0
|
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "echo-socket-server.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "echo-socket-server.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "echo-socket-server.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,33 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.service }}
|
||||
spec:
|
||||
ports:
|
||||
- port: 8000
|
||||
targetPort: 8000
|
||||
selector:
|
||||
app: {{ .Values.service }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Values.service }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.service }}
|
||||
replicas: 2
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Values.service }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "echo-socket-server.fullname" . }}
|
||||
image: enigmacurry/echo-socket-server
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
{{- end }}
|
||||
|
22
contrib/k8s-lbry/charts/lbrycrd/.helmignore
Normal file
22
contrib/k8s-lbry/charts/lbrycrd/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/lbrycrd/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/lbrycrd/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "v0.0.0"
|
||||
description: lbrycrd LBRY blockchain daemon
|
||||
name: lbrycrd
|
||||
version: 0.1.0
|
32
contrib/k8s-lbry/charts/lbrycrd/templates/_helpers.tpl
Normal file
32
contrib/k8s-lbry/charts/lbrycrd/templates/_helpers.tpl
Normal file
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "lbrycrd.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "lbrycrd.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "lbrycrd.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
13
contrib/k8s-lbry/charts/lbrycrd/templates/configmap.yaml
Normal file
13
contrib/k8s-lbry/charts/lbrycrd/templates/configmap.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "lbrycrd.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
chart: {{ template "lbrycrd.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
data:
|
||||
{{ toYaml .Values.configurationFile | indent 2 }}
|
||||
{{- end }}
|
78
contrib/k8s-lbry/charts/lbrycrd/templates/deployments.yaml
Normal file
78
contrib/k8s-lbry/charts/lbrycrd/templates/deployments.yaml
Normal file
|
@ -0,0 +1,78 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: apps/v1beta2
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "lbrycrd.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
chart: {{ template "lbrycrd.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
|
||||
{{- if .Values.configurationFile }}
|
||||
initContainers:
|
||||
- name: copy-lbrycrd-config
|
||||
image: busybox
|
||||
command: ['sh', '-c', 'cp /configmap/lbrycrd.conf /etc/lbry/lbrycrd.conf']
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /configmap
|
||||
- name: config
|
||||
mountPath: /etc/lbry
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ template "lbrycrd.fullname" . }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
env:
|
||||
- name: RUN_MODE
|
||||
value: "default"
|
||||
- name: PORT
|
||||
value: "{{ .Values.service.port }}"
|
||||
- name: RPC_PORT
|
||||
value: "{{ .Values.service.rpcPort }}"
|
||||
resources: {{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: port
|
||||
containerPort: {{ .Values.service.port }}
|
||||
- name: rpc
|
||||
containerPort: {{ .Values.service.rpcPort }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
{{- if .Values.configurationFile }}
|
||||
- name: config
|
||||
mountPath: /etc/lbry/lbrycrd.conf
|
||||
subPath: lbrycrd.conf
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.configurationFile }}
|
||||
- name: config
|
||||
emptyDir: {}
|
||||
- name: configmap
|
||||
configMap:
|
||||
name: {{ template "lbrycrd.fullname" . }}
|
||||
{{- end }}
|
||||
- name: data
|
||||
{{- if .Values.persistence.enabled }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingClaim | default (include "lbrycrd.fullname" .) }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end -}}
|
||||
{{- end }}
|
31
contrib/k8s-lbry/charts/lbrycrd/templates/pvc.yaml
Normal file
31
contrib/k8s-lbry/charts/lbrycrd/templates/pvc.yaml
Normal file
|
@ -0,0 +1,31 @@
|
|||
{{- if .Values.enabled }}
|
||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "lbrycrd.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{- with .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
22
contrib/k8s-lbry/charts/lbrycrd/templates/service.yaml
Normal file
22
contrib/k8s-lbry/charts/lbrycrd/templates/service.yaml
Normal file
|
@ -0,0 +1,22 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "lbrycrd.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
chart: {{ template "lbrycrd.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
ports:
|
||||
- name: port
|
||||
port: {{ .Values.service.port }}
|
||||
targetPort: port
|
||||
- name: rpc
|
||||
port: {{ .Values.service.rpcPort }}
|
||||
targetPort: rpc
|
||||
selector:
|
||||
app: {{ template "lbrycrd.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
22
contrib/k8s-lbry/charts/lbrynet/.helmignore
Normal file
22
contrib/k8s-lbry/charts/lbrynet/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/lbrynet/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/lbrynet/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "v0.0.0"
|
||||
description: LBRY lbrynet
|
||||
name: lbrynet
|
||||
version: 0.1.0
|
32
contrib/k8s-lbry/charts/lbrynet/templates/_helpers.tpl
Normal file
32
contrib/k8s-lbry/charts/lbrynet/templates/_helpers.tpl
Normal file
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "lbrynet.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "lbrynet.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "lbrynet.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
15
contrib/k8s-lbry/charts/lbrynet/templates/configmap.yaml
Normal file
15
contrib/k8s-lbry/charts/lbrynet/templates/configmap.yaml
Normal file
|
@ -0,0 +1,15 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "lbrynet.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
chart: {{ template "lbrynet.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
data:
|
||||
{{- with .Values.daemon_settings }}
|
||||
daemon_settings.yml: {{ toYaml . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
76
contrib/k8s-lbry/charts/lbrynet/templates/deployments.yaml
Normal file
76
contrib/k8s-lbry/charts/lbrynet/templates/deployments.yaml
Normal file
|
@ -0,0 +1,76 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: apps/v1beta2
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "lbrynet.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
chart: {{ template "lbrynet.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
|
||||
{{- if .Values.daemon_settings }}
|
||||
initContainers:
|
||||
- name: copy-lbrynet-config
|
||||
image: busybox
|
||||
command: ['sh', '-c', 'cp /configmap/daemon_settings.yml /etc/lbry/daemon_settings.yml']
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /configmap
|
||||
- name: config
|
||||
mountPath: /etc/lbry
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ template "lbrynet.fullname" . }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
env:
|
||||
- name: RUN_MODE
|
||||
value: "default"
|
||||
- name: PORT
|
||||
value: "{{ .Values.service.port }}"
|
||||
- name: RPC_PORT
|
||||
value: "{{ .Values.service.rpcPort }}"
|
||||
resources: {{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: rpc
|
||||
containerPort: {{ .Values.service.rpcPort }}
|
||||
volumeMounts:
|
||||
- name: lbrynet-home
|
||||
mountPath: /home/lbrynet
|
||||
{{- if .Values.daemon_settings }}
|
||||
- name: config
|
||||
mountPath: /etc/lbry/daemon_settings.yml
|
||||
subPath: daemon_settings.yml
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.daemon_settings }}
|
||||
- name: config
|
||||
emptyDir: {}
|
||||
- name: configmap
|
||||
configMap:
|
||||
name: {{ template "lbrynet.fullname" . }}
|
||||
{{- end }}
|
||||
- name: lbrynet-home
|
||||
{{- if .Values.persistence.enabled }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingClaim | default (include "lbrynet.fullname" .) }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end -}}
|
||||
{{- end }}
|
30
contrib/k8s-lbry/charts/lbrynet/templates/pvc.yaml
Normal file
30
contrib/k8s-lbry/charts/lbrynet/templates/pvc.yaml
Normal file
|
@ -0,0 +1,30 @@
|
|||
{{- if .Values.enabled }}
|
||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "lbrynet.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{- with .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
19
contrib/k8s-lbry/charts/lbrynet/templates/service.yaml
Normal file
19
contrib/k8s-lbry/charts/lbrynet/templates/service.yaml
Normal file
|
@ -0,0 +1,19 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "lbrynet.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
chart: {{ template "lbrynet.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
ports:
|
||||
- name: rpc
|
||||
port: {{ .Values.service.rpcPort }}
|
||||
targetPort: rpc
|
||||
selector:
|
||||
app: {{ template "lbrynet.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
22
contrib/k8s-lbry/charts/speech/.helmignore
Normal file
22
contrib/k8s-lbry/charts/speech/.helmignore
Normal file
|
@ -0,0 +1,22 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
5
contrib/k8s-lbry/charts/speech/Chart.yaml
Normal file
5
contrib/k8s-lbry/charts/speech/Chart.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "v0.0.0"
|
||||
description: LBRY spee.ch
|
||||
name: speech
|
||||
version: 0.1.0
|
32
contrib/k8s-lbry/charts/speech/templates/_helpers.tpl
Normal file
32
contrib/k8s-lbry/charts/speech/templates/_helpers.tpl
Normal file
|
@ -0,0 +1,32 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "speech.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "speech.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "speech.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
36
contrib/k8s-lbry/charts/speech/templates/configmap.yaml
Normal file
36
contrib/k8s-lbry/charts/speech/templates/configmap.yaml
Normal file
|
@ -0,0 +1,36 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "speech.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
chart: {{ template "speech.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
data:
|
||||
{{- with .Values.auth }}
|
||||
authConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.mysql }}
|
||||
mysqlConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.chainquery }}
|
||||
chainqueryConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.lbrynet }}
|
||||
lbryConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.site }}
|
||||
siteConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.logger }}
|
||||
loggerConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.slack }}
|
||||
slackConfig.json: {{ toJson . | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.lbrynet.daemon_settings }}
|
||||
daemon_settings.yml: {{ toYaml . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
93
contrib/k8s-lbry/charts/speech/templates/deployments.yaml
Normal file
93
contrib/k8s-lbry/charts/speech/templates/deployments.yaml
Normal file
|
@ -0,0 +1,93 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: apps/v1beta2
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "speech.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
chart: {{ template "speech.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ template "speech.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
|
||||
initContainers:
|
||||
- name: copy-lbrycrd-config
|
||||
image: busybox
|
||||
command: ['sh', '-c', 'cp /configmap/chainqueryConfig.json /configmap/lbryConfig.json /configmap/loggerConfig.json /configmap/mysqlConfig.json /configmap/siteConfig.json /configmap/slackConfig.json /configmap/daemon_settings.yml /config && cp /configmap/authConfig.json /private']
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /configmap
|
||||
- name: config
|
||||
mountPath: /config
|
||||
- name: private
|
||||
mountPath: /private
|
||||
containers:
|
||||
- name: {{ template "speech.fullname" . }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
resources: {{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: port
|
||||
containerPort: {{ .Values.service.port }}
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /spee.ch/site/config
|
||||
- name: private
|
||||
mountPath: /spee.ch/site/private
|
||||
- name: speech-data
|
||||
mountPath: /data
|
||||
{{- if .Values.lbrynet.enabled }}
|
||||
- name: {{ template "speech.fullname" . }}-lbrynet
|
||||
image: "{{ .Values.lbrynet.image.repository }}:{{ .Values.lbrynet.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.lbrynet.image.pullPolicy }}
|
||||
resources: {{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: rpc
|
||||
containerPort: {{ .Values.lbrynet.service.rpcPort }}
|
||||
volumeMounts:
|
||||
- name: configmap
|
||||
mountPath: /etc/lbry
|
||||
- name: lbrynet-home
|
||||
mountPath: /home/lbrynet
|
||||
- name: speech-data
|
||||
mountPath: /data
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: config
|
||||
- name: private
|
||||
- name: configmap
|
||||
configMap:
|
||||
name: {{ template "speech.fullname" . }}
|
||||
- name: speech-data
|
||||
{{- if .Values.persistence.enabled }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.existingClaim | default (include "speech.fullname" .) }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
- name: lbrynet-home
|
||||
{{- if .Values.persistence.enabled }}
|
||||
persistentVolumeClaim:
|
||||
{{- if .Values.lbrynet.persistence.existingClaim }}
|
||||
claimName: {{ .Values.lbrynet.persistence.existingClaim }}
|
||||
{{- else }}
|
||||
claimName: {{ template "speech.fullname" .}}-lbrynet
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- end }}
|
24
contrib/k8s-lbry/charts/speech/templates/ingress.yaml
Normal file
24
contrib/k8s-lbry/charts/speech/templates/ingress.yaml
Normal file
|
@ -0,0 +1,24 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Values.service.name }}
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
certmanager.k8s.io/issuer: {{ .Values.service.certificateIssuer }}
|
||||
certmanager.k8s.io/acme-challenge-type: http01
|
||||
spec:
|
||||
{{ if .Values.service.enableHttps }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.service.hostname }}
|
||||
secretName: {{ .Values.service.name }}-tls
|
||||
{{ end }}
|
||||
rules:
|
||||
- host: {{ .Values.service.hostname }}
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: {{ .Values.service.name }}
|
||||
servicePort: {{ .Values.service.port }}
|
||||
{{- end }}
|
62
contrib/k8s-lbry/charts/speech/templates/pvc.yaml
Normal file
62
contrib/k8s-lbry/charts/speech/templates/pvc.yaml
Normal file
|
@ -0,0 +1,62 @@
|
|||
{{- if .Values.enabled }}
|
||||
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "speech.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{- with .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
---
|
||||
{{- if and .Values.lbrynet.persistence.enabled (not .Values.lbrynet.persistence.existingClaim) }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ template "speech.fullname" . }}-lbrynet
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{- with .Values.persistence.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
---
|
||||
{{- end }}
|
19
contrib/k8s-lbry/charts/speech/templates/service.yaml
Normal file
19
contrib/k8s-lbry/charts/speech/templates/service.yaml
Normal file
|
@ -0,0 +1,19 @@
|
|||
{{- if .Values.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "speech.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "speech.name" . }}
|
||||
chart: {{ template "speech.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
ports:
|
||||
- name: port
|
||||
port: {{ .Values.service.port }}
|
||||
targetPort: port
|
||||
selector:
|
||||
app: {{ template "speech.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
44
contrib/k8s-lbry/index.yaml
Normal file
44
contrib/k8s-lbry/index.yaml
Normal file
|
@ -0,0 +1,44 @@
|
|||
apiVersion: v1
|
||||
entries:
|
||||
k8s-lbry:
|
||||
- apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
created: "2019-06-16T20:45:37.131503885-04:00"
|
||||
description: LBRY on Kubernetes with Helm
|
||||
digest: 0e28fad6b25fcbf79ea30390a65340c50422e84408a86f6e366abdfb1c471cf0
|
||||
home: https://github.com/lbryio/lbry-docker/tree/master/contrib/k8s-lbry
|
||||
maintainers:
|
||||
- email: ryan@enigmacurry.com
|
||||
name: EnigmaCurry
|
||||
- email: leopere [at] nixc [dot] us
|
||||
name: Leopere
|
||||
name: k8s-lbry
|
||||
urls:
|
||||
- https://github.com/lbryio/lbry-docker/releases/download/k8s-lbry-0.1.5/k8s-lbry-0.1.5.tgz
|
||||
version: 0.1.5
|
||||
mysql:
|
||||
- appVersion: 5.7.14
|
||||
created: "2019-06-16T20:45:37.133445969-04:00"
|
||||
description: Fast, reliable, scalable, and easy to use open-source relational
|
||||
database system.
|
||||
digest: dacef52f53a395059131064cfdc7ae39ae2d7be2580440575d1532dfaa3fd2b8
|
||||
engine: gotpl
|
||||
home: https://www.mysql.com/
|
||||
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
|
||||
keywords:
|
||||
- mysql
|
||||
- database
|
||||
- sql
|
||||
maintainers:
|
||||
- email: o.with@sportradar.com
|
||||
name: olemarkus
|
||||
- email: viglesias@google.com
|
||||
name: viglesiasce
|
||||
name: mysql
|
||||
sources:
|
||||
- https://github.com/kubernetes/charts
|
||||
- https://github.com/docker-library/mysql
|
||||
urls:
|
||||
- charts/mysql-0.19.0.tgz
|
||||
version: 0.19.0
|
||||
generated: "2019-06-16T20:45:36.911335647-04:00"
|
15738
contrib/k8s-lbry/kick-ascii/cast/k8s-lbry.cast
Normal file
15738
contrib/k8s-lbry/kick-ascii/cast/k8s-lbry.cast
Normal file
File diff suppressed because it is too large
Load diff
BIN
contrib/k8s-lbry/kick-ascii/cast/k8s-lbry.png
Normal file
BIN
contrib/k8s-lbry/kick-ascii/cast/k8s-lbry.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 190 KiB |
BIN
contrib/k8s-lbry/kick-ascii/img/lbry.png
Normal file
BIN
contrib/k8s-lbry/kick-ascii/img/lbry.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 51 KiB |
12
contrib/k8s-lbry/kick-ascii/index.html
Normal file
12
contrib/k8s-lbry/kick-ascii/index.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
<html>
|
||||
<head>
|
||||
<link rel="stylesheet" type="text/css" href="player/asciinema-player.css">
|
||||
<link href="data:image/x-icon;base64,AAABAAEAEBAQAAEABAAoAQAAFgAAACgAAAAQAAAAIAAAAAEABAAAAAAAgAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe94AAEpSAABKUgAAe94AAAAAAAB73gAAe9IAAHvSAAB73gAAAAAAAHveAAB6XgAAel4AAHveAAAAAAAA" rel="icon" type="image/x-icon" />
|
||||
</head>
|
||||
<body>
|
||||
<div id="CRT_BOX"></div>
|
||||
<script src="player/asciinema-player.v2.6.1.js"></script>
|
||||
<script src="kick-ascii.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
|
62
contrib/k8s-lbry/kick-ascii/kick-ascii.js
Normal file
62
contrib/k8s-lbry/kick-ascii/kick-ascii.js
Normal file
|
@ -0,0 +1,62 @@
|
|||
window.onload = function() {
|
||||
var crt = document.getElementById("CRT_BOX")
|
||||
var urlParams = new URLSearchParams(window.location.search)
|
||||
var cast = urlParams.get("cast") != null ? urlParams.get("cast") : "index"
|
||||
var speed = urlParams.get("speed") == null ? " speed=\"1\" " : " speed=\"" + urlParams.get("speed") + "\" "
|
||||
var bg = urlParams.get("bg")
|
||||
var autoplay = urlParams.get("autoplay") === "false" ? "" : " autoplay=\"true\" "
|
||||
var loop = urlParams.get("loop") === "false" ? "" : " loop=\"true\" "
|
||||
var preload = urlParams.get("preload") === "false" ? "" : " preload=\"true\" "
|
||||
var fontsize = urlParams.get("fontsize") == null ? " fontsize=\"small\" " : " fontsize=\"" + urlParams.get("fontsize") + "\" "
|
||||
|
||||
crt.innerHTML = "<asciinema-player id=\"asciinema-player\" src=\"cast/" + cast + ".cast\"" + fontsize + autoplay + loop + preload + speed + "></asciinema-player>"
|
||||
|
||||
var player = document.getElementsByTagName("asciinema-player")[0]
|
||||
|
||||
var background = document.createElement("img")
|
||||
background.classList.add("bg_image")
|
||||
|
||||
if (bg != null) {
|
||||
background.src = "img/" + bg
|
||||
document.body.append(background)
|
||||
}
|
||||
|
||||
window.addEventListener('resize', function() {
|
||||
var wrapper = document.getElementsByClassName("asciinema-player-wrapper")[0]
|
||||
if (wrapper != null) {
|
||||
var control_bar_offset = 23;
|
||||
var scale = (document.body.clientHeight / (wrapper.clientHeight + control_bar_offset));
|
||||
if (wrapper.clientWidth * scale < document.body.clientWidth) {
|
||||
crt.style.transform = "scale("+scale+") translate(-50%, 0%)";
|
||||
crt.classList.add("crt_wide")
|
||||
background.classList.remove("bg_raised")
|
||||
} else {
|
||||
scale = (document.body.clientWidth / (wrapper.clientWidth));
|
||||
crt.style.transform = "scale("+scale+")";
|
||||
crt.classList.remove("crt_wide")
|
||||
background.classList.add("bg_raised")
|
||||
}
|
||||
}
|
||||
});
|
||||
window.dispatchEvent(new Event('resize'));
|
||||
setInterval(function(){window.dispatchEvent(new Event('resize'));}, 1000)
|
||||
|
||||
var playing = true;
|
||||
let drag = false;
|
||||
|
||||
// Click anywhere to play/pause
|
||||
// Allow selecting/dragging text without affecting play/pause
|
||||
document.addEventListener('mousedown', () => drag = false);
|
||||
document.addEventListener('mousemove', () => drag = true);
|
||||
document.addEventListener('mouseup', function() {
|
||||
if(!drag){
|
||||
if (playing) {
|
||||
player.pause()
|
||||
playing = false
|
||||
} else {
|
||||
player.play()
|
||||
playing = true
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
2597
contrib/k8s-lbry/kick-ascii/player/asciinema-player.css
Normal file
2597
contrib/k8s-lbry/kick-ascii/player/asciinema-player.css
Normal file
File diff suppressed because it is too large
Load diff
1213
contrib/k8s-lbry/kick-ascii/player/asciinema-player.v2.6.1.js
Normal file
1213
contrib/k8s-lbry/kick-ascii/player/asciinema-player.v2.6.1.js
Normal file
File diff suppressed because one or more lines are too long
9
contrib/k8s-lbry/requirements.lock
Normal file
9
contrib/k8s-lbry/requirements.lock
Normal file
|
@ -0,0 +1,9 @@
|
|||
dependencies:
|
||||
- name: mysql
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
version: 0.19.0
|
||||
- name: mysql
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
version: 0.19.0
|
||||
digest: sha256:dcb695ba5d5865f2a0b760e1bbef189b9465df4592a69463d18eed925e34e91a
|
||||
generated: 2019-05-17T10:07:58.995024521-04:00
|
11
contrib/k8s-lbry/requirements.yaml
Normal file
11
contrib/k8s-lbry/requirements.yaml
Normal file
|
@ -0,0 +1,11 @@
|
|||
dependencies:
|
||||
- name: mysql
|
||||
alias: chainquery-mysql
|
||||
repository: "@stable"
|
||||
version: 0.19.0
|
||||
condition: chainquery-mysql.enabled,global.chainquery-mysql.enabled
|
||||
- name: mysql
|
||||
alias: speech-mysql
|
||||
repository: "@stable"
|
||||
version: 0.19.0
|
||||
condition: speech-mysql.enabled,global.speech-mysql.enabled
|
656
contrib/k8s-lbry/run.sh
Executable file
656
contrib/k8s-lbry/run.sh
Executable file
|
@ -0,0 +1,656 @@
|
|||
#!/bin/bash
|
||||
BASEDIR=$(cd $(dirname "$0"); pwd)
|
||||
BASENAME=$(basename "$0")
|
||||
|
||||
## RELEASE - The name for the helm release.
|
||||
RELEASE=${RELEASE:-k8s-lbry}
|
||||
|
||||
## NAMESPACE - The Kubernetes namespace for the release
|
||||
NAMESPACE=${NAMESPACE:-k8s-lbry}
|
||||
|
||||
## CHART - The helm chart location (local path, or from repository)
|
||||
### Use the stable chart from the HELM_REPO repository:
|
||||
CHART=${CHART:-lbry/k8s-lbry}
|
||||
### Use the chart from the current directory:
|
||||
#CHART=${CHART:-$BASEDIR}
|
||||
|
||||
## VALUES - The path to your configured helm values.yaml:
|
||||
VALUES=${VALUES:-$BASEDIR/values-dev.yaml}
|
||||
DEFAULT_VALUES_URL=${DEFAULT_VALUES_URL:-https://raw.githubusercontent.com/lbryio/lbry-docker/master/contrib/k8s-lbry/values.yaml}
|
||||
|
||||
## HELM_REPO - The stable helm chart repository for this chart:
|
||||
HELM_REPO=${HELM_REPO:-https://lbryio.github.io/lbry-docker/contrib/k8s-lbry/}
|
||||
|
||||
## TILLER_HOST - The host that runs tiller
|
||||
TILLER_HOST=${TILLER_HOST:-localhost}
|
||||
|
||||
## CERTMANAGER_NAMESPACE - The namespace cert-manager runs in
|
||||
CERTMANAGER_NAMESPACE=${CERTMANAGER_NAMESPACE:-cert-manager}
|
||||
CERTMANAGER_VERSION=v0.7.1
|
||||
|
||||
## NGINX_ENABLE_HTTPS - This needs to be set false until DNS is setup.
|
||||
NGINX_ENABLE_HTTPS=${NGINX_ENABLE_HTTPS:-false}
|
||||
|
||||
## Mysql Database snapshot download url:
|
||||
## TODO: Use lbry owned bucket for this:
|
||||
CHAINQUERY_SNAPSHOT_URL=${CHAINQUERY_SNAPSHOT_URL:-https://lbry-chainquery-mysql-dump.sfo2.digitaloceanspaces.com/chainquery_height_560900.mysql-backup.tar.gz}
|
||||
|
||||
## lbrycrd snapshot download url:
|
||||
## TODO: Use lbry owned bucket for this:
|
||||
LBRYCRD_SNAPSHOT_URL=${LBRYCRD_SNAPSHOT_URL:-https://lbry-chainquery-mysql-dump.sfo2.digitaloceanspaces.com/lbrycrd-566588-snapshot.tar.gz}
|
||||
|
||||
LBRYCRD_RPC_USER=${LBRYCRD_RPC_USER:-lbry}
|
||||
LBRYCRD_RPC_PASSWORD=${LBRYCRD_RPC_PASSWORD:-lbry}
|
||||
|
||||
## Bash alias name for run.sh
|
||||
## defaults to $NAMESPACE (k8s-lbry)
|
||||
RUN_ALIAS=${RUN_ALIAS:-$NAMESPACE}
|
||||
|
||||
exe() { ( echo "## $*"; $*; ) }
|
||||
|
||||
setup() {
|
||||
### Check for external dependencies:
|
||||
if ! which helm > /dev/null; then
|
||||
echo "Error: You must install helm"
|
||||
echo "On Ubuntu you can run: sudo snap install --classic helm"
|
||||
echo "For other platforms, see https://github.com/helm/helm/releases/latest"
|
||||
exit 1
|
||||
fi
|
||||
if ! which kubectl > /dev/null; then
|
||||
echo "Error: You must install kubectl"
|
||||
echo "On Ubuntu you can run: sudo snap install --classic kubectl"
|
||||
echo "For other platforms, see https://kubernetes.io/docs/tasks/tools/install-kubectl/"
|
||||
exit 1
|
||||
fi
|
||||
if ! which git > /dev/null; then
|
||||
echo "Error: You must install git"
|
||||
echo "On Ubuntu you can run: sudo apt install -y git"
|
||||
echo "For other platforms, see https://git-scm.com/downloads"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
### Initialize helm locally, but do not install tiller to the cluster:
|
||||
HELM=$(which helm)
|
||||
if [ ! -f "$HOME"/.helm/repository/repositories.yaml ]; then
|
||||
exe "$HELM" init --client-only
|
||||
fi
|
||||
|
||||
### Add the stable helm chart repository:
|
||||
if [ "$CHART" != "$BASEDIR" ]; then
|
||||
exe "$HELM" repo add lbry "$HELM_REPO"
|
||||
exe "$HELM" repo update
|
||||
fi
|
||||
|
||||
### Install helm-tiller plugin, so that no tiller needs to be installed to the cluster:
|
||||
exe "$HELM" plugin install https://github.com/rimusz/helm-tiller || true
|
||||
|
||||
### Setup the values.yaml for the chart, using the VALUES environment variable or script default
|
||||
### If no values file exists, interactively ask if a default config should be created in its place.
|
||||
if [ ! -f "$VALUES" ]; then
|
||||
echo ""
|
||||
echo "Values file does not exist: $VALUES"
|
||||
read -p "Would you like to create a default config file here? (y/N)" choice
|
||||
echo ""
|
||||
case "$choice" in
|
||||
y|Y ) curl "$DEFAULT_VALUES_URL" -Lo "$VALUES"
|
||||
echo "Default configuration created: $VALUES"
|
||||
;;
|
||||
* ) echo "You must create your own values file: $VALUES (using values.yaml as a template.)"
|
||||
echo "Or set VALUES=/path/to/values.yaml before subsequent commands."
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
echo "Configuration found: $VALUES"
|
||||
fi
|
||||
echo "Edit this config file to suit your own environment before install/upgrade"
|
||||
|
||||
}
|
||||
|
||||
helm() {
|
||||
## Redefine all helm commands to run through local tiller instance
|
||||
## https://rimusz.net/tillerless-helm
|
||||
HELM=$(which helm)
|
||||
exe "$HELM" tiller run "$NAMESPACE" -- helm "$*"
|
||||
}
|
||||
|
||||
kubectl() {
|
||||
## kubectl wrapper that defaults to k8s-lbry namespace, so you don't have to
|
||||
## type as much, but still passes all the provided arguments on to kubectl.
|
||||
## So you can still specify a different namespace, because the client args
|
||||
## are applied last.
|
||||
KUBECTL=$(which kubectl)
|
||||
exe "$KUBECTL" --namespace "$NAMESPACE" "$*"
|
||||
}
|
||||
|
||||
install-nginx-ingress() {
|
||||
### Install nginx-ingress from stable helm repository
|
||||
### See https://github.com/helm/charts/tree/master/stable/nginx-ingress
|
||||
helm install stable/nginx-ingress --namespace "$NAMESPACE" --name nginx-ingress --set nginx-ingress.controller.service.enableHttps="$NGINX_ENABLE_HTTPS" --set tcp.9246="$NAMESPACE/lbrycrd:9246"
|
||||
}
|
||||
|
||||
upgrade-nginx-ingress() {
|
||||
### Upgrade nginx-ingress
|
||||
helm upgrade nginx-ingress stable/nginx-ingress --namespace "$NAMESPACE" --set nginx-ingress.controller.service.enableHttps="$NGINX_ENABLE_HTTPS" --set tcp.9246="$NAMESPACE/lbrycrd:9246"
|
||||
}
|
||||
|
||||
install-cert-manager() {
|
||||
### Install cert-manager from jetstack helm repository
|
||||
### See https://docs.cert-manager.io/en/latest/index.html
|
||||
kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/00-crds.yaml
|
||||
|
||||
helm repo add jetstack https://charts.jetstack.io
|
||||
helm repo update
|
||||
|
||||
helm install --name cert-manager --namespace "$CERTMANAGER_NAMESPACE" jetstack/cert-manager --version $CERTMANAGER_VERSION
|
||||
|
||||
kubectl label namespace "$CERTMANAGER_NAMESPACE" certmanager.k8s.io/disable-validation="true"
|
||||
}
|
||||
|
||||
upgrade-cert-manager() {
|
||||
### Upgrade cert-manager
|
||||
helm upgrade cert-manager jetstack/cert-manager --namespace "$CERTMANAGER_NAMESPACE" --version $CERTMANAGER_VERSION
|
||||
}
|
||||
|
||||
install() {
|
||||
### Install the k8s-lbry helm chart
|
||||
if [ ! -f "$VALUES" ]; then
|
||||
echo "Could not find chart values file: $VALUES"
|
||||
exit 1
|
||||
fi
|
||||
helm install "$CHART" --name "$RELEASE" --namespace="$NAMESPACE" -f "$VALUES"
|
||||
}
|
||||
|
||||
upgrade() {
|
||||
### Upgrade the k8s-lbry helm chart
|
||||
if [ ! -f "$VALUES" ]; then
|
||||
echo "Could not find chart values file: $VALUES"
|
||||
exit 1
|
||||
fi
|
||||
helm upgrade "$RELEASE" "$CHART" --namespace="$NAMESPACE" -f "$VALUES"
|
||||
}
|
||||
|
||||
shell() {
|
||||
### Execute a shell in the running container with helm app name provided by first argument
|
||||
(
|
||||
if [ "$#" -eq 1 ]; then
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL get --namespace "$NAMESPACE" pod -l app="$1" -o name | sed s+pod/++)
|
||||
exe kubectl exec -it "$POD" /bin/bash
|
||||
else
|
||||
echo "Required arg: helm app name of pod to shell into"
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
shell-pvc() {
|
||||
### Start a utility container shell with an attached Persistent Volume Claim.
|
||||
(
|
||||
# From https://gist.github.com/yuanying/3aa7d59dcce65470804ab43def646ab6
|
||||
|
||||
IMAGE="ubuntu:18.04"
|
||||
COMMAND="/bin/bash"
|
||||
SUFFIX=$(date +%s | shasum | base64 | fold -w 10 | head -1 | tr '[:upper:]' '[:lower:]')
|
||||
|
||||
usage_exit() {
|
||||
echo "Usage: $0 [-c command] [-i image] PVC ..." 1>&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
usage_exit
|
||||
fi
|
||||
|
||||
while getopts i:h OPT
|
||||
do
|
||||
case $OPT in
|
||||
i) IMAGE=$OPTARG
|
||||
;;
|
||||
c) COMMAND=$OPTARG
|
||||
;;
|
||||
h) usage_exit
|
||||
;;
|
||||
\?) usage_exit
|
||||
;;
|
||||
esac
|
||||
done
|
||||
shift $(($OPTIND - 1))
|
||||
|
||||
VOL_MOUNTS=""
|
||||
VOLS=""
|
||||
COMMA=""
|
||||
|
||||
for i in $@
|
||||
do
|
||||
VOL_MOUNTS="${VOL_MOUNTS}${COMMA}{\"name\": \"${i}\",\"mountPath\": \"/pvcs/${i}\"}"
|
||||
VOLS="${VOLS}${COMMA}{\"name\": \"${i}\",\"persistentVolumeClaim\": {\"claimName\": \"${i}\"}}"
|
||||
COMMA=","
|
||||
done
|
||||
|
||||
$(which kubectl) --namespace "$NAMESPACE" run -it --rm --restart=Never --image="${IMAGE}" pvc-mounter-"${SUFFIX}" --overrides "
|
||||
{
|
||||
\"spec\": {
|
||||
\"hostNetwork\": true,
|
||||
\"containers\":[
|
||||
{
|
||||
\"args\": [\"${COMMAND}\"],
|
||||
\"stdin\": true,
|
||||
\"tty\": true,
|
||||
\"name\": \"pvc\",
|
||||
\"image\": \"${IMAGE}\",
|
||||
\"volumeMounts\": [
|
||||
${VOL_MOUNTS}
|
||||
]
|
||||
}
|
||||
],
|
||||
\"volumes\": [
|
||||
${VOLS}
|
||||
]
|
||||
}
|
||||
}
|
||||
" -- "${COMMAND}"
|
||||
|
||||
)
|
||||
}
|
||||
|
||||
restart() {
|
||||
### Restart the pod given by a helm app name
|
||||
(
|
||||
if [ "$#" -eq 1 ]; then
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL get --namespace "$NAMESPACE" pod -l app="$1" -o name | sed s+pod/++)
|
||||
exe kubectl delete pod "$POD"
|
||||
else
|
||||
echo "Required arg: helm app name of pod to restart"
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
package() {
|
||||
### Create a packaged helm release and upload to the S3 repository
|
||||
(
|
||||
cd $BASEDIR
|
||||
set -e
|
||||
if [ "$#" -eq 1 ]; then
|
||||
if ! grep "version: $1" Chart.yaml; then
|
||||
echo "Chart.yaml version does not match intended package version ($1)."
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "required argument: package version"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PACKAGE="k8s-lbry-$1.tgz"
|
||||
|
||||
# Package release and rebuild repository
|
||||
exe helm dependency update
|
||||
exe helm package .
|
||||
exe helm repo index --merge index.yaml .
|
||||
## Replace URLs in index to point to github releases:
|
||||
sed -i 's|- k8s-lbry-\(.*\).tgz$|- https://github.com/lbryio/lbry-docker/releases/download/k8s-lbry-\1/k8s-lbry-\1.tgz|g' index.yaml
|
||||
echo "Created package: $PACKAGE"
|
||||
echo "Next steps: "
|
||||
echo " 1) Create new github release (https://github.com/lbryio/lbry-docker/releases) and upload $PACKAGE"
|
||||
echo " 2) Commit index.yaml and push to github"
|
||||
)
|
||||
}
|
||||
|
||||
chainquery-mysql-client() {
|
||||
### Access the mysql shell for chainquery
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=chainquery-mysql -o name | sed s+pod/++)
|
||||
if [ ${#POD} -gt 0 ]; then
|
||||
kubectl exec -it "$POD" -- mysql -u chainquery -pchainquery
|
||||
else
|
||||
echo "chainquery-mysql pod not found"
|
||||
fi
|
||||
}
|
||||
|
||||
speech-mysql-client() {
|
||||
### Access the mysql shell for speech
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=speech-mysql -o name | sed s+pod/++)
|
||||
if [ ${#POD} -gt 0 ]; then
|
||||
kubectl exec -it "$POD" -- mysql -u speech -pspeech
|
||||
else
|
||||
echo "speech-mysql pod not found"
|
||||
fi
|
||||
}
|
||||
|
||||
chainquery-override-snapshot() {
|
||||
### Delete the existing chainquery database and download a snapshot to restore
|
||||
read -p "Would you like to DESTROY the existing chainquery database,
|
||||
and restore from a fresh snapshot? (y/N) " destroy_chainquery
|
||||
case "$destroy_chainquery" in
|
||||
y|Y )
|
||||
kubectl delete deployments chainquery chainquery-mysql || true
|
||||
echo "Please wait.."
|
||||
IMAGE="ubuntu:18.04"
|
||||
SUFFIX=$(date +%s | shasum | base64 | fold -w 10 | head -1 | tr '[:upper:]' '[:lower:]')
|
||||
VOL_MOUNTS="{\"name\": \"chainquery-mysql\",\"mountPath\": \"/pvcs/chainquery-mysql\"}"
|
||||
VOLS="{\"name\": \"chainquery-mysql\",\"persistentVolumeClaim\": {\"claimName\": \"chainquery-mysql\"}}"
|
||||
COMMAND="rm -rf /pvcs/chainquery-mysql/* && apt-get update && apt-get install -y curl && curl -s ${CHAINQUERY_SNAPSHOT_URL} | tar xvz -C /pvcs/chainquery-mysql/"
|
||||
$(which kubectl) --namespace "$NAMESPACE" run -it --rm --restart=Never --image=${IMAGE} pvc-mounter-"${SUFFIX}" --overrides "
|
||||
{
|
||||
\"spec\": {
|
||||
\"hostNetwork\": true,
|
||||
\"containers\":[
|
||||
{
|
||||
\"args\": [\"bin/bash\", \"-c\", \"${COMMAND}\"],
|
||||
\"stdin\": true,
|
||||
\"tty\": true,
|
||||
\"name\": \"pvc\",
|
||||
\"image\": \"${IMAGE}\",
|
||||
\"volumeMounts\": [
|
||||
${VOL_MOUNTS}
|
||||
]
|
||||
}
|
||||
],
|
||||
\"volumes\": [
|
||||
${VOLS}
|
||||
]
|
||||
}
|
||||
}
|
||||
"
|
||||
echo "Extraction complete"
|
||||
;;
|
||||
* ) echo "Aborted."
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
lbrycrd-override-snapshot() {
|
||||
### Delete the existing lbrycrd data and download a snapshot to restore
|
||||
read -p "Would you like to DESTROY the existing lbrycrd data,
|
||||
and restore from a fresh snapshot? (y/N) " destroy_lbrycrd
|
||||
case "$destroy_lbrycrd" in
|
||||
y|Y )
|
||||
kubectl delete deployments lbrycrd || true
|
||||
echo "Please wait.."
|
||||
IMAGE="ubuntu:18.04"
|
||||
SUFFIX=$(date +%s | shasum | base64 | fold -w 10 | head -1 | tr '[:upper:]' '[:lower:]')
|
||||
VOL_MOUNTS="{\"name\": \"lbrycrd\",\"mountPath\": \"/pvcs/lbrycrd\"}"
|
||||
VOLS="{\"name\": \"lbrycrd\",\"persistentVolumeClaim\": {\"claimName\": \"lbrycrd\"}}"
|
||||
COMMAND="rm -rf /pvcs/lbrycrd/* && apt-get update && apt-get install -y curl && curl -s ${LBRYCRD_SNAPSHOT_URL} | tar xvz -C /pvcs/lbrycrd/"
|
||||
$(which kubectl) --namespace "$NAMESPACE" run -it --rm --restart=Never --image=${IMAGE} pvc-mounter-"${SUFFIX}" --overrides "
|
||||
{
|
||||
\"spec\": {
|
||||
\"hostNetwork\": true,
|
||||
\"containers\":[
|
||||
{
|
||||
\"args\": [\"bin/bash\", \"-c\", \"${COMMAND}\"],
|
||||
\"stdin\": true,
|
||||
\"tty\": true,
|
||||
\"name\": \"pvc\",
|
||||
\"image\": \"${IMAGE}\",
|
||||
\"volumeMounts\": [
|
||||
${VOL_MOUNTS}
|
||||
]
|
||||
}
|
||||
],
|
||||
\"volumes\": [
|
||||
${VOLS}
|
||||
]
|
||||
}
|
||||
}
|
||||
"
|
||||
echo "Extraction complete"
|
||||
;;
|
||||
* ) echo "Aborted."
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
logs() {
|
||||
### Watch the logs of a pod by helm app name
|
||||
(
|
||||
set -e
|
||||
if [ "$#" -eq 1 ]; then
|
||||
kubectl logs -l app="$1" -f
|
||||
elif [ "$#" -eq 2 ]; then
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL get --namespace "$NAMESPACE" pod -l app="$1" -o name | sed s+pod/++)
|
||||
kubectl logs "$POD" "$2" -f
|
||||
else
|
||||
echo "Required arg: app_name"
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
lbrynet-copy-wallet() {
|
||||
### Copy the lbrynet wallet to a local path for backup
|
||||
(
|
||||
set -e
|
||||
if [ "$#" -eq 1 ]; then
|
||||
WALLET=/home/lbrynet/.local/share/lbry/lbryum/wallets/default_wallet
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=lbrynet -o name | sed s+pod/++)
|
||||
kubectl cp "$POD":$WALLET "$1"
|
||||
chmod 600 "$1"
|
||||
echo "lbrynet wallet copied to $1"
|
||||
else
|
||||
echo "Required arg: path of backup location for wallet"
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
speech-lbrynet-copy-wallet() {
|
||||
### Copy the speech-lbrynet wallet to a local path for backup
|
||||
(
|
||||
set -e
|
||||
if [ "$#" -eq 1 ]; then
|
||||
WALLET=/home/lbrynet/.local/share/lbry/lbryum/wallets/default_wallet
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=speech -o name | sed s+pod/++)
|
||||
kubectl cp "$POD":$WALLET "$1" -c speech-lbrynet
|
||||
chmod 600 "$1"
|
||||
echo "lbrynet wallet copied to $1"
|
||||
else
|
||||
echo "Required arg: path of backup location for wallet"
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
lbrycrd-cli() {
|
||||
## Run lbrycrd-cli client from inside the running pod outputting to your local terminal
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=lbrycrd -o name | sed s+pod/++)
|
||||
if [ ${#POD} -gt 0 ]; then
|
||||
kubectl exec "$POD" -- lbrycrd-cli -rpcuser="$LBRYCRD_RPC_USER" -rpcpassword="$LBRYCRD_RPC_PASSWORD" "$*"
|
||||
else
|
||||
echo "lbrycrd pod not found"
|
||||
fi
|
||||
}
|
||||
|
||||
lbrynet() {
|
||||
## Run lbrynet client from inside the running pod outputting to your local terminal
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=lbrynet -o name | sed s+pod/++)
|
||||
if [ ${#POD} -gt 0 ]; then
|
||||
kubectl exec "$POD" -- lbrynet "$*"
|
||||
else
|
||||
echo "lbrynet pod not found"
|
||||
fi
|
||||
}
|
||||
|
||||
speech-lbrynet() {
|
||||
## Run lbrynet client from inside the running pod outputting to your local terminal
|
||||
KUBECTL=$(which kubectl)
|
||||
POD=$($KUBECTL -n "$NAMESPACE" get pod -l app=speech -o name | sed s+pod/++)
|
||||
if [ ${#POD} -gt 0 ]; then
|
||||
kubectl exec "$POD" -c speech-lbrynet -- lbrynet "$*"
|
||||
else
|
||||
echo "lbrynet pod not found"
|
||||
fi
|
||||
}
|
||||
|
||||
SUBCOMMANDS_NO_ARGS=(setup install install-nginx-ingress install-cert-manager upgrade
|
||||
upgrade-nginx-ingress upgrade-cert-manager chainquery-mysql-client
|
||||
speech-mysql-client chainquery-override-snapshot lbrycrd-override-snapshot
|
||||
setup-alias)
|
||||
|
||||
SUBCOMMANDS_PASS_ARGS=(helm kubectl shell shell-pvc restart package logs lbrynet-copy-wallet lbrynet speech-lbrynet-copy-wallet speech-lbrynet lbrycrd-cli completion)
|
||||
|
||||
completion() {
|
||||
if [ "$#" -eq 1 ] && [ "$1" == "bash" ]; then
|
||||
cat <<EOF
|
||||
__delegate_k8s_lbry() {
|
||||
alias kubectl="kubectl --namespace=$NAMESPACE"
|
||||
local cur subs
|
||||
cur="\${COMP_WORDS[COMP_CWORD]}" # partial word, if any
|
||||
subs="${SUBCOMMANDS_NO_ARGS[*]} ${SUBCOMMANDS_PASS_ARGS[*]}"
|
||||
if [[ \${COMP_CWORD} -gt 1 ]]; then
|
||||
# complete subcommands
|
||||
_command \${@: -1}
|
||||
else
|
||||
# complete with the list of subcommands
|
||||
COMPREPLY=( \$(compgen -W "\${subs}" -- \${cur}) )
|
||||
fi
|
||||
}
|
||||
if [[ $(type -t compopt) = "builtin" ]]; then
|
||||
complete -o default -F __delegate_k8s_lbry $RUN_ALIAS
|
||||
else
|
||||
complete -o default -o nospace -F __delegate_k8s_lbry $RUN_ALIAS
|
||||
fi
|
||||
EOF
|
||||
else
|
||||
echo "## I only know how to do completion for the bash shell."
|
||||
echo "## Try '$0 completion bash' instead."
|
||||
fi
|
||||
}
|
||||
|
||||
setup-alias() {
|
||||
if [[ $SHELL != */bash ]]; then
|
||||
echo "It looks like you are currently running $SHELL";
|
||||
echo "This tool only supports bash."
|
||||
echo ""
|
||||
echo "You will need to setup an alias in your own shell called \"$RUN_ALIAS\" for $BASEDIR/run.sh"
|
||||
echo ""
|
||||
read -p "Would you like to setup the alias for bash anyway? (Y/n)" choice
|
||||
case "$choice" in
|
||||
y|Y )
|
||||
echo "Note: You will need to run bash as a subshell before running $RUN_ALIAS"
|
||||
;;
|
||||
* ) echo "Aborting" && exit 1
|
||||
;;
|
||||
esac
|
||||
echo ""
|
||||
fi
|
||||
$(which kubectl) completion bash > "$BASEDIR"/completion.bash.inc
|
||||
$(which helm) completion bash >> "$BASEDIR"/completion.bash.inc
|
||||
completion bash >> "$BASEDIR"/completion.bash.inc
|
||||
|
||||
if [[ -z $K8S_LBRY_HOME ]] && ! grep "K8S_LBRY_HOME" "$HOME"/.bashrc > /dev/null; then
|
||||
echo "K8S_LBRY_HOME not set."
|
||||
read -p "Would you this script to edit $HOME/.bashrc to add tab completion support? (y/N) " choice
|
||||
case "$choice" in
|
||||
y|Y )
|
||||
cat <<EOF >> "$HOME"/.bashrc
|
||||
|
||||
## Enable bash completion
|
||||
if [ -f /etc/bash_completion ]; then
|
||||
source /etc/bash_completion
|
||||
fi
|
||||
|
||||
## k8s-lbry alias and tab completion
|
||||
K8S_LBRY_HOME=$BASEDIR
|
||||
alias $RUN_ALIAS=\$K8S_LBRY_HOME/run.sh
|
||||
if [ -f \$K8S_LBRY_HOME/completion.bash.inc ]; then
|
||||
source \$K8S_LBRY_HOME/completion.bash.inc
|
||||
fi
|
||||
EOF
|
||||
echo "Created new alias: $RUN_ALIAS"
|
||||
echo "To use the new alias, run \"source ~/.bashrc\" or just close your terminal session and restart it."
|
||||
;;
|
||||
* ) echo "Aborting" && exit 1;;
|
||||
esac
|
||||
else
|
||||
echo "K8S_LBRY_HOME environment already setup. Nothing left to do."
|
||||
fi
|
||||
}
|
||||
|
||||
if printf '%s\n' ${SUBCOMMANDS_NO_ARGS[@]} | grep -q -P "^$1$"; then
|
||||
## Subcommands that take no arguments:
|
||||
(
|
||||
set -e
|
||||
if [ "$#" -eq 1 ]; then
|
||||
$*
|
||||
else
|
||||
echo "$1 does not take any additional arguments"
|
||||
fi
|
||||
)
|
||||
elif printf '%s\n' ${SUBCOMMANDS_PASS_ARGS[@]} | grep -q -P "^$1$"; then
|
||||
## Subcommands that pass all arguments:
|
||||
(
|
||||
set -e
|
||||
$*
|
||||
)
|
||||
else
|
||||
if [[ $# -gt 0 ]]; then
|
||||
echo "## Invalid command: $1"
|
||||
else
|
||||
echo "## Must specify a command:"
|
||||
fi
|
||||
echo ""
|
||||
echo "## $0 setup"
|
||||
echo "## - Setup dependencies"
|
||||
echo ""
|
||||
echo "## $0 install-nginx-ingress"
|
||||
echo "## - Deploy nginx-ingress chart"
|
||||
echo ""
|
||||
echo "## $0 install-cert-manager"
|
||||
echo "## - Deploy cert-manager chart"
|
||||
echo ""
|
||||
echo "## $0 install"
|
||||
echo "## - Deploy main k8s-lbry chart"
|
||||
echo ""
|
||||
echo "## $0 upgrade"
|
||||
echo "## - Upgrade an existing release"
|
||||
echo ""
|
||||
echo "## $0 shell <app>"
|
||||
echo "## - execute shell into running helm application pod"
|
||||
echo ""
|
||||
echo "## $0 shell-pvc [-c command] [-i image] PVC"
|
||||
echo "## - run a utility shell with the named PVC mounted in /pvcs"
|
||||
echo ""
|
||||
echo "## $0 helm <cmd> [...] "
|
||||
echo "## - run any helm command (through helm-tiller wrapper)"
|
||||
echo ""
|
||||
echo "## $0 kubectl <cmd> [...]"
|
||||
echo "## - run any kubectl command (defaulting to configured namespace)"
|
||||
echo ""
|
||||
echo "## $0 chainquery-mysql-client"
|
||||
echo "## - run mysql shell for chainquery database"
|
||||
echo ""
|
||||
echo "## $0 speech-mysql-client"
|
||||
echo "## - run mysql shell for speech database"
|
||||
echo ""
|
||||
echo "## $0 chainquery-override-snapshot"
|
||||
echo "## - Restore chainquery database from snapshot"
|
||||
echo ""
|
||||
echo "## $0 lbrycrd-override-snapshot"
|
||||
echo "## - Restore lbrycrd database from snapshot"
|
||||
echo ""
|
||||
echo "## $0 logs <app> [container]"
|
||||
echo "## - Stream the logs for the pod running the helm app name provided"
|
||||
echo "## (specify which container if the pod has more than one.)"
|
||||
echo ""
|
||||
echo "## $0 lbrynet-copy-wallet <local-path>"
|
||||
echo "## - Backup the lbrynet wallet file to a local path"
|
||||
echo ""
|
||||
echo "## $0 lbrynet <args ... >"
|
||||
echo "## - Run lbrynet client inside running lbrynet pod"
|
||||
echo ""
|
||||
echo "## $0 speech-lbrynet-copy-wallet <local-path>"
|
||||
echo "## - Backup the speech-lbrynet wallet file to a local path"
|
||||
echo ""
|
||||
echo "## $0 speech-lbrynet <args ... >"
|
||||
echo "## - Run speech-lbrynet client inside running speech pod"
|
||||
echo ""
|
||||
echo "## $0 setup-alias"
|
||||
echo "## - Setup bash alias and tab completion for run.sh"
|
||||
echo ""
|
||||
exit 1
|
||||
fi
|
281
contrib/k8s-lbry/values.yaml
Normal file
281
contrib/k8s-lbry/values.yaml
Normal file
|
@ -0,0 +1,281 @@
|
|||
cert-manager-issuer:
|
||||
# Enter your email address to receive important notices from Let's Encrypt:
|
||||
email: "fred@example.com"
|
||||
|
||||
lbrycrd:
|
||||
fullnameOverride: lbrycrd
|
||||
enabled: true
|
||||
image:
|
||||
repository: lbry/lbrycrd
|
||||
tag: linux-x86_64-production
|
||||
pullPolicy: Always
|
||||
service:
|
||||
port: 9246
|
||||
rpcPort: 9245
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 50Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
configurationFile:
|
||||
lbrycrd.conf: |-
|
||||
datadir=/data
|
||||
rpcuser=lbry
|
||||
rpcpassword=lbry
|
||||
regtest=0
|
||||
txindex=1
|
||||
rpcallowip=10.0.0.0/8
|
||||
server=1
|
||||
listen=1
|
||||
daemon=0
|
||||
externalip=
|
||||
|
||||
chainquery-mysql:
|
||||
fullnameOverride: chainquery-mysql
|
||||
enabled: false
|
||||
mysqlUser: chainquery
|
||||
mysqlPassword: chainquery
|
||||
mysqlDatabase: chainquery
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 100Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
|
||||
chainquery:
|
||||
fullnameOverride: chainquery
|
||||
enabled: false
|
||||
image:
|
||||
repository: lbry/chainquery
|
||||
tag: linux-x86_64-production
|
||||
pullPolicy: IfNotPresent
|
||||
service:
|
||||
port: 6300
|
||||
configurationFile:
|
||||
chainqueryconfig.toml: |-
|
||||
lbrycrdurl="rpc://lbry:lbry@lbrycrd:9245"
|
||||
mysqldsn="chainquery:chainquery@tcp(chainquery-mysql:3306)/chainquery"
|
||||
apimysqldsn="chainquery:chainquery@tcp(chainquery-mysql:3306)/chainquery"
|
||||
|
||||
lbrynet:
|
||||
fullnameOverride: lbrynet
|
||||
enabled: false
|
||||
image:
|
||||
repository: lbry/lbrynet
|
||||
tag: linux-x86_64-production
|
||||
pullPolicy: Always
|
||||
service:
|
||||
rpcPort: 5279
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
daemon_settings:
|
||||
api: 0.0.0.0:5279
|
||||
use_upnp: false
|
||||
auto_re_reflect_interval: 0
|
||||
max_key_fee: {amount: 0, currency: LBC}
|
||||
run_reflector_server: false
|
||||
save_files: false
|
||||
|
||||
speech-mysql:
|
||||
fullnameOverride: speech-mysql
|
||||
labels:
|
||||
app: speech-mysql
|
||||
enabled: false
|
||||
mysqlUser: speech
|
||||
mysqlPassword: speech
|
||||
mysqlDatabase: speech
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 100Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
|
||||
|
||||
speech:
|
||||
fullnameOverride: speech
|
||||
enabled: false
|
||||
service:
|
||||
name: speech
|
||||
hostname: "speech.example.com"
|
||||
port: 3000
|
||||
enableHttps: true
|
||||
certificateIssuer: letsencrypt-prod
|
||||
image:
|
||||
repository: enigmacurry/dump
|
||||
tag: spee.ch
|
||||
pullPolicy: Always
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 20Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
auth:
|
||||
masterPassword: speech
|
||||
mysql:
|
||||
host: speech-mysql
|
||||
database: speech
|
||||
username: speech
|
||||
password: speech
|
||||
chainquery:
|
||||
host: chainquery-mysql
|
||||
port: 3306
|
||||
timeout: 30
|
||||
database: chainquery
|
||||
username: chainquery
|
||||
password: chainquery
|
||||
lbrynet:
|
||||
enabled: true
|
||||
apiHost: 127.0.0.1
|
||||
apiPort: 5279
|
||||
getTimeout: 30
|
||||
image:
|
||||
repository: enigmacurry/dump
|
||||
tag: lbrynet-v0.33.0
|
||||
pullPolicy: Always
|
||||
service:
|
||||
rpcPort: 5279
|
||||
daemon_settings:
|
||||
api: 0.0.0.0:5279
|
||||
use_upnp: false
|
||||
auto_re_reflect_interval: 0
|
||||
max_key_fee: {amount: 0, currency: LBC}
|
||||
run_reflector_server: false
|
||||
download_dir: /data/Downloads
|
||||
persistence:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
annotations:
|
||||
"helm.sh/resource-policy": keep
|
||||
# If on AWS:
|
||||
# storageClass: "ebs-gp2"
|
||||
logger:
|
||||
logLevel: verbose
|
||||
slack:
|
||||
slackWebHook: false
|
||||
slackErrorChannel: false
|
||||
slackInfoChannel: false
|
||||
site:
|
||||
analytics:
|
||||
googleId:
|
||||
assetDefaults:
|
||||
description: 'Default Content Description'
|
||||
thumbnail: https://spee.ch/0e5d4e8f4086e13f5b9ca3f9648f518e5f524402/speechflag.png
|
||||
title: 'Default Content Title'
|
||||
details:
|
||||
blockListEndpoint: https://api.lbry.com/file/list_blocked
|
||||
description: 'A decentralized hosting platform built on LBRY'
|
||||
host: https://www.example.com
|
||||
ipAddress: ""
|
||||
port: 3000
|
||||
title: 'My Site'
|
||||
twitter: false
|
||||
publishing:
|
||||
primaryClaimAddress:
|
||||
additionalClaimAddresses: []
|
||||
approvedChannels: []
|
||||
channelClaimBidAmount: "0.1"
|
||||
closedRegistration: false
|
||||
disabled: false
|
||||
disabledMessage: 'Default publishing disabled message'
|
||||
fileClaimBidAmount: "0.01"
|
||||
fileSizeLimits:
|
||||
application: 50000000
|
||||
audio: 50000000
|
||||
customByContentType:
|
||||
application/octet-stream: 50000000
|
||||
image: 50000000
|
||||
model: 50000000
|
||||
text: 50000000
|
||||
video: 50000000
|
||||
publishOnlyApproved: false
|
||||
publishingChannelWhitelist: []
|
||||
serveOnlyApproved: false
|
||||
thumbnailChannel:
|
||||
thumbnailChannelId:
|
||||
uploadDirectory: /data/Uploads
|
||||
serving:
|
||||
customFileExtensions:
|
||||
application/x-mif: mif
|
||||
application/x-pn-realaudio: ram
|
||||
application/x-python-code: pyc
|
||||
application/x-sgml: sgm
|
||||
application/x-troff: roff
|
||||
application/x-troff-man: man
|
||||
application/x-troff-me: me
|
||||
application/x-troff-ms: ms
|
||||
image/pict: pct
|
||||
model/stl: stl
|
||||
text/x-go: go
|
||||
text/x-python: py
|
||||
text/xul: xul
|
||||
dynamicFileSizing:
|
||||
enabled: true
|
||||
maxDimension: 2000
|
||||
markdownSettings:
|
||||
allowedTypesDescriptions: []
|
||||
allowedTypesExample:
|
||||
- 'see react-markdown docs'
|
||||
- root
|
||||
- text
|
||||
- break
|
||||
- paragraph
|
||||
- emphasis
|
||||
- strong
|
||||
- thematicBreak
|
||||
- blockquote
|
||||
- delete
|
||||
- link
|
||||
- image
|
||||
- linkReference
|
||||
- imageReference
|
||||
- table
|
||||
- tableHead
|
||||
- tableBody
|
||||
- tableRow
|
||||
- tableCell
|
||||
- list
|
||||
- listItem
|
||||
- heading
|
||||
- inlineCode
|
||||
- code
|
||||
- html
|
||||
- parsedHtml
|
||||
allowedTypesMain: []
|
||||
escapeHtmlDescriptions: true
|
||||
escapeHtmlMain: true
|
||||
skipHtmlDescriptions: true
|
||||
skipHtmlMain: true
|
||||
startup:
|
||||
performChecks: true
|
||||
performUpdates: true
|
||||
|
||||
echo-http-server:
|
||||
enabled: false
|
||||
# Enter your domain name for the echo test service:
|
||||
hostname: "echo.example.com"
|
||||
service: echo-http-server
|
||||
enableHttps: true
|
||||
certificateIssuer: letsencrypt-prod
|
||||
|
||||
echo-socket-server:
|
||||
enabled: false
|
||||
service: echo-socket-server
|
|
@ -3,14 +3,14 @@
|
|||
#########################
|
||||
## Chainquery Settings ##
|
||||
#########################
|
||||
RPC_ALLOW_IP=10.5.1.3
|
||||
RPC_ALLOW_IP=10.6.1.3
|
||||
DEBUGMODE=false
|
||||
|
||||
#################
|
||||
## Mysql Creds ##
|
||||
#################
|
||||
MYSQL_SERVER=10.5.1.10
|
||||
MYSQL_USER=chainquery
|
||||
MYSQL_PASSWORD=changeme
|
||||
MYSQL_SERVER=10.6.1.10
|
||||
MYSQL_USER=lbry
|
||||
MYSQL_PASSWORD=lbry
|
||||
MYSQL_DATABASE=chainquery
|
||||
MYSQL_ROOT_PASSWORD=changeme
|
||||
MYSQL_ROOT_PASSWORD=lbry
|
||||
|
|
|
@ -10,4 +10,4 @@ GID=$UID
|
|||
|
||||
## This should be the internal container IP from which you'll be calling the RPC for Lbrycrdd from.
|
||||
## TODO: make this more dynamic before we move to scalability
|
||||
RPC_ALLOW_IP=10.5.1.3
|
||||
RPC_ALLOW_IP=10.6.1.3
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
FROM ubuntu:18.04 as prep
|
||||
LABEL MAINTAINER="leopere [at] nixc [dot] us"
|
||||
## TODO: Implement version pinning. `apt-get install curl=<version>`
|
||||
RUN apt-get update && \
|
||||
apt-get -y install unzip curl build-essential && \
|
||||
apt-get autoclean -y && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
WORKDIR /
|
||||
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
||||
COPY ./stuff/start.sh start
|
||||
COPY ./stuff/healthcheck.sh healthcheck
|
||||
COPY ./stuff/advance_blocks.sh advance
|
||||
COPY ./stuff/fix-permissions.c fix-permissions.c
|
||||
RUN curl -L -o ./lbrycrd-linux.zip $(curl -s https://api.github.com/repos/lbryio/lbrycrd/releases | grep -F 'lbrycrd-linux.zip' | grep download | head -n 1 | cut -d'"' -f4) && \
|
||||
unzip ./lbrycrd-linux.zip && \
|
||||
gcc fix-permissions.c -o fix-permissions && \
|
||||
chmod +x ./lbrycrdd ./lbrycrd-cli ./lbrycrd-tx ./start ./healthcheck ./fix-permissions ./advance
|
||||
|
||||
FROM ubuntu:18.04 as app
|
||||
COPY --from=prep /lbrycrdd /lbrycrd-cli /lbrycrd-tx /start /healthcheck /fix-permissions /advance /usr/bin/
|
||||
RUN addgroup --gid 1000 lbrycrd && \
|
||||
adduser lbrycrd --uid 1000 --gid 1000 --gecos GECOS --shell /bin/bash --disabled-password --home /data && \
|
||||
mkdir /etc/lbry && \
|
||||
chown lbrycrd /etc/lbry && \
|
||||
chmod a+s /usr/bin/fix-permissions
|
||||
VOLUME ["/data"]
|
||||
WORKDIR /data
|
||||
## TODO: Implement healthcheck.
|
||||
# HEALTHCHECK ["healthcheck"]
|
||||
EXPOSE 9246 9245
|
||||
|
||||
USER lbrycrd
|
||||
CMD ["start"]
|
|
@ -1,4 +1 @@
|
|||
# lbrycrd
|
||||
# Docker image tags
|
||||
`lbry/lbrycrd`
|
||||
`[linux-x86_64-production](https://github.com/lbryio/lbry-docker/blob/master/lbrycrd/Dockerfile-linux-x86_64-production)` (Latest release)
|
||||
# moved to https://github.com/lbryio/lbrycrd/tree/master/packaging/docker-for-binary
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
version: '3.4'
|
||||
|
||||
networks:
|
||||
lbry-network:
|
||||
external: true
|
||||
|
||||
services:
|
||||
#############
|
||||
## Lbrycrd ##
|
||||
#############
|
||||
lbrycrd:
|
||||
build: .
|
||||
restart: always
|
||||
networks:
|
||||
lbry-network:
|
||||
ipv4_address: 10.6.1.2
|
||||
environment:
|
||||
RUN_MODE: default
|
||||
env_file:
|
||||
- env
|
||||
expose:
|
||||
- 9245
|
||||
- 9246
|
||||
## host volumes for persistent data such as wallet private keys.
|
||||
volumes:
|
||||
- "../persist/data:/data"
|
|
@ -1,17 +0,0 @@
|
|||
version: '3.4'
|
||||
|
||||
services:
|
||||
#############
|
||||
## Lbrycrd ##
|
||||
#############
|
||||
lbrycrd:
|
||||
image: lbry/lbrycrd:linux-x86_64-production
|
||||
restart: always
|
||||
ports:
|
||||
- "11336:9246"
|
||||
- "11337:11337"
|
||||
## host volumes for persistent data such as wallet private keys.
|
||||
volumes:
|
||||
- "../persist/data:/data"
|
||||
environment:
|
||||
- RUN_MODE=regtest
|
|
@ -1,17 +0,0 @@
|
|||
version: '3.4'
|
||||
|
||||
services:
|
||||
#############
|
||||
## Lbrycrd ##
|
||||
#############
|
||||
lbrycrd:
|
||||
image: lbry/lbrycrd:linux-x86_64-production
|
||||
restart: always
|
||||
ports:
|
||||
- "11336:9246"
|
||||
- "11337:11337"
|
||||
## host volumes for persistent data such as wallet private keys.
|
||||
volumes:
|
||||
- "../persist/data:/data"
|
||||
environment:
|
||||
- RUN_MODE=testnet
|
|
@ -1,5 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
while true; do
|
||||
lbrycrd-cli -conf=/data/.lbrycrd/lbrycrd.conf generate 1 >> /tmp/output.log
|
||||
sleep 2
|
||||
done
|
|
@ -1,12 +0,0 @@
|
|||
COMPOSE_PROJECT_NAME=lbrycrd
|
||||
|
||||
#############
|
||||
## Lbrycrd ##
|
||||
#############
|
||||
## TODO: The credentials are a formality but we should randomize these with magic.
|
||||
RPC_USER=${RPC_USER=lbryrpc}
|
||||
RPC_PASSWORD=${RPC_PASSWORD:-changeme}
|
||||
|
||||
## This should be the internal container IP from which you'll be calling the RPC for Lbrycrdd from.
|
||||
## TODO: make this more dynamic before we move to scalability
|
||||
RPC_ALLOW_IP=${RPC_ALLOW_IP:-10.6.1.3}
|
|
@ -1,9 +0,0 @@
|
|||
#include <unistd.h>
|
||||
int main() {
|
||||
// This program needs to run with setuid == root
|
||||
// This needs to be in a compiled language because you cannot setuid bash scripts
|
||||
setuid(0);
|
||||
execle("/bin/bash", "bash", "-c",
|
||||
"/bin/chown -R lbrycrd:lbrycrd /data && /bin/chmod -R 755 /data/",
|
||||
(char*) NULL, (char*) NULL);
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
## TODO: Implement a healthcheck for lbrycrd.
|
||||
curl --data-binary '{"jsonrpc":"1.0","id":"curltext","method":"getinfo","params":[]}' -H 'content-type:text/plain;' http://$RPC_USER:$RPC_PASSWORD@127.0.0.1:9246
|
||||
## OR
|
||||
lbrycrd-cli getinfo
|
|
@ -1,84 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
CONFIG_PATH=/etc/lbry/lbrycrd.conf
|
||||
|
||||
function set_config() {
|
||||
CONFIG_PATH=/etc/lbry/lbrycrd.conf
|
||||
if [ -f "$CONFIG_PATH" ]
|
||||
then
|
||||
echo "Using the config file that was mounted into the container."
|
||||
else
|
||||
echo "Creating a fresh config file from environment variables."
|
||||
## Set config params
|
||||
echo "rpcuser=$RPC_USER" > $CONFIG_PATH
|
||||
echo "rpcpassword=$RPC_PASSWORD" >> $CONFIG_PATH
|
||||
echo "rpcallowip=$RPC_ALLOW_IP" >> $CONFIG_PATH
|
||||
echo "rpcport=9245" >> $CONFIG_PATH
|
||||
echo "rpcbind=0.0.0.0" >> $CONFIG_PATH
|
||||
#echo "bind=0.0.0.0" >> $CONFIG_PATH
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
## Ensure perms are correct prior to running main binary
|
||||
/usr/bin/fix-permissions
|
||||
|
||||
## You can optionally specify a run mode if you want to use lbry defined presets for compatibility.
|
||||
case $RUN_MODE in
|
||||
default )
|
||||
set_config
|
||||
lbrycrdd -server -conf=$CONFIG_PATH -printtoconsole
|
||||
;;
|
||||
## If it's a first run you need to do a full index including all transactions
|
||||
## tx index creates an index of every single transaction in the block history if
|
||||
## not specified it will only create an index for transactions that are related to the wallet or have unspent outputs.
|
||||
## This is generally specific to chainquery.
|
||||
reindex )
|
||||
## Apply this RUN_MODE in the case you need to update a dataset. NOTE: you do not need to use `RUN_MODE reindex` for more than one complete run.
|
||||
set_config
|
||||
lbrycrdd -server -txindex -reindex -conf=$CONFIG_PATH -printtoconsole
|
||||
;;
|
||||
chainquery )
|
||||
## If your only goal is to run Chainquery against this instance of lbrycrd and you're starting a
|
||||
## fresh local dataset use this run mode.
|
||||
set_config
|
||||
lbrycrdd -server -txindex -conf=$CONFIG_PATH -printtoconsole
|
||||
;;
|
||||
regtest )
|
||||
## Set config params
|
||||
## TODO: Make this more automagic in the future.
|
||||
mkdir -p `dirname $CONFIG_PATH`
|
||||
echo "rpcuser=lbry" > $CONFIG_PATH
|
||||
echo "rpcpassword=lbry" >> $CONFIG_PATH
|
||||
echo "rpcport=11337" >> $CONFIG_PATH
|
||||
echo "rpcbind=0.0.0.0" >> $CONFIG_PATH
|
||||
echo "rpcallowip=0.0.0.0/0" >> $CONFIG_PATH
|
||||
echo "regtest=1" >> $CONFIG_PATH
|
||||
echo "txindex=1" >> $CONFIG_PATH
|
||||
echo "server=1" >> $CONFIG_PATH
|
||||
echo "printtoconsole=1" >> $CONFIG_PATH
|
||||
|
||||
#nohup advance &>/dev/null &
|
||||
lbrycrdd -conf=$CONFIG_PATH $1
|
||||
;;
|
||||
testnet )
|
||||
## Set config params
|
||||
## TODO: Make this more automagic in the future.
|
||||
mkdir -p `dirname $CONFIG_PATH`
|
||||
echo "rpcuser=lbry" > $CONFIG_PATH
|
||||
echo "rpcpassword=lbry" >> $CONFIG_PATH
|
||||
echo "rpcport=11337" >> $CONFIG_PATH
|
||||
echo "rpcbind=0.0.0.0" >> $CONFIG_PATH
|
||||
echo "rpcallowip=0.0.0.0/0" >> $CONFIG_PATH
|
||||
echo "testnet=1" >> $CONFIG_PATH
|
||||
echo "txindex=1" >> $CONFIG_PATH
|
||||
echo "server=1" >> $CONFIG_PATH
|
||||
echo "printtoconsole=1" >> $CONFIG_PATH
|
||||
|
||||
#nohup advance &>/dev/null &
|
||||
lbrycrdd -conf=$CONFIG_PATH $1
|
||||
;;
|
||||
* )
|
||||
echo "Error, you must define a RUN_MODE environment variable."
|
||||
echo "Available options are testnet, regtest, chainquery, default, and reindex"
|
||||
;;
|
||||
esac
|
|
@ -39,29 +39,27 @@ RUN apt-get update && \
|
|||
|
||||
FROM dependencies as compile
|
||||
|
||||
ARG REPO=https://github.com/lbryio/lbry.git
|
||||
ARG VERSION=master
|
||||
ARG RUN_FROM_SOURCE=false
|
||||
RUN python3.7 -m pip install -U pyinstaller && \
|
||||
git clone https://github.com/lbryio/lbry.git /lbry && \
|
||||
git -C /lbry checkout ${VERSION}
|
||||
WORKDIR /lbry
|
||||
RUN git clone https://github.com/lbryio/torba.git --depth 1 /lbry/torba
|
||||
WORKDIR /lbry/torba
|
||||
RUN python3.7 -m pip install -e .
|
||||
WORKDIR /lbry/
|
||||
git clone ${REPO} /lbry-sdk && \
|
||||
git -C /lbry-sdk checkout ${VERSION}
|
||||
RUN python3.7 -m pip install -e /lbry-sdk/torba
|
||||
WORKDIR /lbry-sdk/lbry
|
||||
COPY stuff/start.sh /usr/local/bin/start
|
||||
COPY stuff/checkmount.sh /usr/local/bin/checkmount
|
||||
RUN python3.7 scripts/set_build.py && \
|
||||
RUN export TRAVIS_COMMIT=`git rev-parse HEAD` && \
|
||||
python3.7 scripts/set_build.py && \
|
||||
python3.7 -m pip install -e . && \
|
||||
pyinstaller -F -n lbrynet lbrynet/extras/cli.py && \
|
||||
chmod +x /lbry/dist/lbrynet && \
|
||||
zip -j /lbry/dist/lbrynet-armhf.zip /lbry/dist/lbrynet && \
|
||||
pyinstaller -F -n lbrynet lbry/extras/cli.py && \
|
||||
chmod +x /lbry-sdk/lbry/dist/lbrynet && \
|
||||
chmod a+x /usr/local/bin/* && \
|
||||
mkdir /target && \
|
||||
/lbry/dist/lbrynet --version
|
||||
/lbry-sdk/lbry/dist/lbrynet --version
|
||||
|
||||
FROM ${BASE_IMAGE} as app
|
||||
RUN adduser lbrynet --gecos GECOS --shell /bin/bash --disabled-password --home /home/lbrynet
|
||||
COPY --from=compile /usr/local/bin/start /usr/local/bin/checkmount /lbry/dist/lbrynet /usr/local/bin/
|
||||
COPY --from=compile /usr/local/bin/start /usr/local/bin/checkmount /lbry-sdk/lbry/dist/lbrynet /usr/local/bin/
|
||||
EXPOSE 5279
|
||||
USER lbrynet
|
||||
ENTRYPOINT ["/usr/local/bin/checkmount"]
|
||||
|
|
|
@ -1,30 +1,27 @@
|
|||
## This base image is for running the latest lbrynet-daemon release.
|
||||
FROM ubuntu:18.04
|
||||
FROM ubuntu:18.04 as prep
|
||||
LABEL MAINTAINER="leopere [at] nixc [dot] us"
|
||||
RUN apt-get update && apt-get -y install unzip curl
|
||||
|
||||
## Add lbrynet
|
||||
ADD https://lbry.io/get/lbrynet.linux.zip /lbrynet/lbrynet.linux.zip
|
||||
ARG VERSION=latest
|
||||
RUN URL=$(curl -Ls https://api.github.com/repos/lbryio/lbry-sdk/releases/$(if [ "${VERSION}" = 'latest' ]; then echo "latest"; else echo "tags/${VERSION}"; fi) | grep browser_download_url | grep lbrynet-linux.zip | cut -d'"' -f4) && echo $URL && curl -L -o /lbrynet.linux.zip $URL
|
||||
|
||||
RUN apt-get update && apt-get -y install unzip && \
|
||||
adduser lbrynet --gecos GECOS --shell /bin/bash --disabled-password --home /home/lbrynet && \
|
||||
unzip /lbrynet/lbrynet.linux.zip -d /lbrynet/ && \
|
||||
rm /lbrynet/lbrynet.linux.zip && \
|
||||
chown -Rv lbrynet:lbrynet /lbrynet && \
|
||||
mv /lbrynet/lbrynet /bin/
|
||||
|
||||
COPY stuff/start.sh /usr/local/bin/start
|
||||
COPY stuff/checkmount.sh /usr/local/bin/checkmount
|
||||
COPY stuff/start.sh /usr/bin/start
|
||||
COPY stuff/checkmount.sh /usr/bin/checkmount
|
||||
RUN unzip /lbrynet.linux.zip -d /lbrynet/ && \
|
||||
mv /lbrynet/lbrynet /usr/bin && \
|
||||
chmod a+x /usr/bin/checkmount /usr/bin/start /usr/bin/lbrynet
|
||||
|
||||
FROM ubuntu:18.04 as app
|
||||
COPY --from=prep /usr/bin/start /usr/bin/checkmount /usr/bin/lbrynet /usr/bin/
|
||||
RUN adduser lbrynet --gecos GECOS --shell /bin/bash --disabled-password --home /home/lbrynet
|
||||
## Daemon port [Intended for internal use]
|
||||
## LBRYNET talks to peers on port 3333 [Intended for external use] this port is used to discover other lbrynet daemons with blobs.
|
||||
## Expose 5566 Reflector port to listen on
|
||||
## Expose 5279 Port the daemon API will listen on
|
||||
## the lbryumx aka Wallet port [Intended for internal use]
|
||||
EXPOSE 4444 3333 5566 5279 50001
|
||||
|
||||
## Example daemon_settings.yml is at https://github.com/lbryio/lbry/blob/master/example_daemon_settings.yml
|
||||
ADD https://raw.githubusercontent.com/lbryio/lbry/master/example_daemon_settings.yml /etc/lbrynet/example_daemon_settings.yml
|
||||
EXPOSE 5279
|
||||
USER lbrynet
|
||||
ENTRYPOINT ["/usr/local/bin/checkmount"]
|
||||
ENTRYPOINT ["/usr/bin/checkmount"]
|
||||
CMD ["start"]
|
||||
|
|
|
@ -38,10 +38,25 @@ docker build -t lbrynet-arm64 -f Dockerfile-linux-multiarch-compiler --build-arg
|
|||
|
||||
Compile any version of lbrynet by specifying the git tag:
|
||||
|
||||
VERSION can be any git reference. Examples:
|
||||
|
||||
* master
|
||||
* v0.37.2
|
||||
* 588568752b983f46f8f492d4bd5d76feeb74dfbf
|
||||
|
||||
```
|
||||
docker build -t lbrynet:v0.36.0 --build-arg VERSION=v0.36.0 -f Dockerfile-linux-multiarch-compiler .
|
||||
```
|
||||
|
||||
### REPO
|
||||
|
||||
Compile from any fork of lbrynet:
|
||||
|
||||
```
|
||||
docker build -t lbrynet:v0.37.2-enigmacurry --build-arg VERSION=v0.37.2 \
|
||||
--build-arg REPO=https://github.com/EnigmaCurry/lbry.git -f Dockerfile-linux-multiarch-compiler .
|
||||
```
|
||||
|
||||
### Running from the compiler container directly
|
||||
|
||||
The container requires a home directory to be mounted at `/home/lbrynet`. This
|
||||
|
@ -49,13 +64,25 @@ is to ensure that the wallet is backed up to a real storage device. You must run
|
|||
the container with the appropriate volume argument, or else lbrynet will refuse
|
||||
to run.
|
||||
|
||||
If you compiled lbrynet as above, with the tag `lbrynet-x86`, you could run
|
||||
The config file must be mounted at `/etc/lbry/daemon_settings.yml`.
|
||||
|
||||
If you compiled lbrynet as above, with the tag `lbrynet:v0.37.2`, you could run
|
||||
docker like so:
|
||||
|
||||
```
|
||||
docker run --rm -it -v wallet:/home/lbrynet lbrynet-x86 lbrynet start
|
||||
docker run --rm -it -v wallet:/home/lbrynet -v $(pwd)/stuff/daemon_settings_test.yml:/etc/lbry/daemon_settings.yml lbrynet:v0.37.2
|
||||
```
|
||||
|
||||
This automatically creates a docker volume called `wallet` and it will persist
|
||||
across container restarts. See more in the [Docker volume
|
||||
documentation](https://docs.docker.com/storage/volumes/)
|
||||
|
||||
If you would rather not use a docker volume, you can mount a directory
|
||||
from your host instead:
|
||||
|
||||
```
|
||||
docker run --rm -it -v /path/on/your/host:/home/lbrynet -v $(pwd)/stuff/daemon_settings_test.yml:/etc/lbry/daemon_settings.yml lbrynet:v0.37.2
|
||||
```
|
||||
|
||||
Either way, the container uses the configuration from `/home/lbrynet` inside the container.
|
||||
|
||||
|
|
|
@ -8,5 +8,5 @@ if ! grep -qs ".* $mountpoint " /proc/mounts; then
|
|||
## TODO: We should have documentation that this error references directly with a URL as to why it won't run without a volume.
|
||||
exit 1
|
||||
else
|
||||
`$@`
|
||||
bash -c "$*"
|
||||
fi
|
||||
|
|
3
lbrynet/stuff/daemon_settings_test.yml
Normal file
3
lbrynet/stuff/daemon_settings_test.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
api: 0.0.0.0:5279
|
||||
streaming_server: 0.0.0.0:5280
|
||||
use_upnp: false
|
|
@ -1,2 +1,4 @@
|
|||
#!/bin/bash
|
||||
lbrynet start
|
||||
"lbrynet start \
|
||||
--api "${API_BIND_IP:-0.0.0.0}":"${API_PORT:-5179}" \
|
||||
--config ${CONFIG_PATH:-/etc/lbry/daemon_settings.yml}"
|
||||
|
|
118
tools/dockerfile_image_tag.sh
Executable file
118
tools/dockerfile_image_tag.sh
Executable file
|
@ -0,0 +1,118 @@
|
|||
#!/bin/bash
|
||||
|
||||
### Find the latest docker image id and tag it in git
|
||||
### Usage:
|
||||
### ./dockerfile_image_tag.sh DOCKER_ORG DOCKER_REPO DOCKER_TAG
|
||||
### Example:
|
||||
### ./dockerfile_image_tag.sh lbry lbrycrd linux-x86_64-production
|
||||
|
||||
exe() { ( echo "## $*"; $*; ) }
|
||||
|
||||
SCRIPT_NAME=$0
|
||||
SCRIPT_PATH="$( cd "$(dirname "$0")" && pwd -P )"
|
||||
GIT_PATH="$(dirname "$SCRIPT_PATH")"
|
||||
GIT_REMOTE=${GIT_REMOTE:-origin}
|
||||
|
||||
if ! which jq > /dev/null; then
|
||||
echo "You need to install jq - https://stedolan.github.io/jq/"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! which curl > /dev/null; then
|
||||
echo "You need to install curl"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
get_docker_tags() {
|
||||
# Thank you minamijoyo - https://stackoverflow.com/a/41830007/56560
|
||||
if [ "$#" -ne 3 ]; then
|
||||
echo "Wrong args: get_docker_tags DOCKER_ORG DOCKER_REPO DOCKER_TAG"
|
||||
fi
|
||||
|
||||
ORG=$1
|
||||
REPOSITORY=$2
|
||||
TARGET_TAG=$3
|
||||
|
||||
echo "Contacting docker hub ..." >&2
|
||||
# get authorization token
|
||||
TOKEN=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$ORG/$REPOSITORY:pull" | jq -r .token)
|
||||
|
||||
# find all tags
|
||||
ALL_TAGS=$(curl -s -H "Authorization: Bearer $TOKEN" https://index.docker.io/v2/$ORG/$REPOSITORY/tags/list | jq -r .tags[])
|
||||
|
||||
# get image digest for target
|
||||
TARGET_DIGEST=$(curl -s -D - -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" https://index.docker.io/v2/$ORG/$REPOSITORY/manifests/$TARGET_TAG | grep Docker-Content-Digest | cut -d ' ' -f 2)
|
||||
|
||||
# for each tags
|
||||
for tag in ${ALL_TAGS[@]}; do
|
||||
# get image digest
|
||||
digest=$( curl -s -D - -H "Authorization: Bearer $TOKEN" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" https://index.docker.io/v2/$ORG/$REPOSITORY/manifests/$tag | grep Docker-Content-Digest | cut -d ' ' -f 2)
|
||||
|
||||
# check digest
|
||||
if [[ $TARGET_DIGEST = $digest ]]; then
|
||||
# Echo to stderr to be helpful to humans:
|
||||
echo "$ORG/$REPOSITORY:$tag $digest" >&2
|
||||
# Echo to stdout to use as a script:
|
||||
echo $digest
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
check_git_status(){
|
||||
# Check if the git stage is clear, on master branch, and up to date with the remote.
|
||||
(
|
||||
set -e
|
||||
echo "Checking git status ..."
|
||||
cd $GIT_PATH
|
||||
if [[ $(git branch --show-current) != "master" ]]; then
|
||||
echo "You are not on the master branch."
|
||||
echo "Please change to the master branch before running this."
|
||||
exit 1
|
||||
fi
|
||||
if ! git remote show origin | grep -e "^\W*master .*\(up to date\)" > /dev/null; then
|
||||
echo "Your local branch is behind in the history of the remote"
|
||||
echo "Please do a git pull before running this."
|
||||
exit 1
|
||||
fi
|
||||
if git status --porcelain | grep -e "^A " > /dev/null; then
|
||||
git status
|
||||
echo "You have staged files for commit in git: $GIT_PATH"
|
||||
echo "Please stash or commit those changes before running this. "
|
||||
exit 1
|
||||
fi
|
||||
)
|
||||
}
|
||||
|
||||
main() {
|
||||
if [ "$#" -ne 3 ]; then
|
||||
echo "run: $SCRIPT_NAME DOCKER_ORG DOCKER_REPO DOCKER_TAG"
|
||||
echo "eg : $SCRIPT_NAME lbry lbrycrd linux-x86_64-production"
|
||||
exit 1
|
||||
fi
|
||||
DOCKER_ORG=$1 DOCKER_REPO=$2; DOCKER_TAG=$3
|
||||
|
||||
# Check if the git stage is clear, error if not:
|
||||
check_git_status
|
||||
|
||||
# Get the current Docker tag id and sanity check:
|
||||
CURRENT_IMAGE_ID=$(get_docker_tags $DOCKER_ORG $DOCKER_REPO $DOCKER_TAG | cut -d ':' -f 2 | sed 's/\r$//g')
|
||||
echo "CURRENT_IMAGE_ID=$CURRENT_IMAGE_ID"
|
||||
if ! (echo $CURRENT_IMAGE_ID | grep -e "^[A-Fa-f0-9]\{64\}$" > /dev/null); then
|
||||
echo "Bad image id: $CURRENT_IMAGE_ID"
|
||||
echo -n $CURRENT_IMAGE_ID | hexdump -C
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Tag the current git HEAD with the docker image id:
|
||||
GIT_COMMIT=$(git -C $GIT_PATH rev-parse HEAD)
|
||||
GIT_TAG=$DOCKER_ORG-$DOCKER_REPO-$DOCKER_TAG-$CURRENT_IMAGE_ID
|
||||
echo "GIT_COMMIT=$GIT_COMMIT"
|
||||
echo "GIT_TAG=$GIT_TAG"
|
||||
git -C $GIT_PATH tag $GIT_TAG $GIT_COMMIT && \
|
||||
echo "Pushing tags to $GIT_REMOTE ..." && \
|
||||
(git push --tags --dry-run 2>&1 | grep "\[new tag\]") && \
|
||||
git -C $GIT_PATH push --tags $GIT_REMOTE
|
||||
}
|
||||
|
||||
main $*
|
||||
|
Loading…
Reference in a new issue