Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return cardano-wallet nomad job #24

Merged
merged 4 commits into from Aug 8, 2022
Merged

Return cardano-wallet nomad job #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8a52c34
wait-for-node
blaggacao Jun 15, 2022
7aa68a2
fix: correct broken SRV published port record
omegadilebo-io Jun 24, 2022
eacb7b5
fix: correct broken wallet healthcheck
omegadilebo-io Jun 24, 2022
92b715f
reintroduce cardano-wallet from stable-wallet-impl branch
womfoo Aug 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
44 changes: 31 additions & 13 deletions nix/cardano/entrypoints.nix
View file
Open in desktop
Expand Up @@ -494,33 +494,51 @@ in {
};

cardano-wallet = writeShellApplication {
runtimeInputs = prelude-runtime;
debugInputs = [packages.cardano-wallet packages.cardano-cli];
runtimeInputs = prelude-runtime ++ [packages.cardano-cli];
debugInputs = [packages.cardano-wallet];
name = "entrypoint";
text = ''

${prelude}

DB_DIR="$DATA_DIR/db-''${ENVIRONMENT:-custom}"

flags=()
[ "''${ENVIRONMENT}" == "mainnet" ] && flags+=("--mainnet")
[ "''${ENVIRONMENT}" != "mainnet" ] && flags+=(
"--testnet-magic" "$(
jq -r '.networkMagic' "$(
file="$(jq -r '.ShelleyGenesisFile' "$NODE_CONFIG" )"
folder="$(dirname "$NODE_CONFIG")"
[[ "$file" == /* ]] && echo "$file" || echo "$folder/$file"
)"
)"
)


while ! CARDANO_NODE_SOCKET_PATH="$SOCKET_PATH" cardano-cli query tip "''${flags[@]}"
do
sleep 30
echo Waiting for cardano socket to go live ... >&2
done

# Build args array
args+=("--listen-address" "0.0.0.0")
args+=("--port" "8090")
args+=("--node-socket" "$SOCKET_PATH")
args+=("--database" "$DB_DIR/wallet")
# FIXME: consume the node config directly
args+=("$(
[ "''${ENVIRONMENT}" == "mainnet" ] &&
echo "--mainnet" ||
echo "--testnet-magic $(
jq '.networkMagic' "$(
file="$(jq '.ShelleyGenesisFile' "$NODE_CONFIG" )"
{
if [ "''${ENVIRONMENT}" == "mainnet" ]
then
args+=("--mainnet")
else
args+=("--testnet" "$(
file="$(jq -r '.ByronGenesisFile' "$NODE_CONFIG" )"
folder="$(dirname "$NODE_CONFIG")"
[[ "$file" == /* ]] && echo "$file" || echo "$folder/$file"
)"
)"
)")

)")
fi
}
# Wallet will not export prometheus metrics without also enabling EKG
export CARDANO_WALLET_EKG_HOST=127.0.0.1
export CARDANO_WALLET_EKG_PORT=8083
Expand Down
15 changes: 5 additions & 10 deletions nix/cardano/healthChecks.nix
View file
Open in desktop
Expand Up @@ -8,19 +8,14 @@
inherit (cell) environments library packages;
in {
cardano-wallet-network-sync = writeShellApplication {
runtimeInputs = [srvaddr nixpkgs.jq nixpkgs.coreutils nixpkgs.curl];
runtimeInputs = [nixpkgs.jq nixpkgs.coreutils nixpkgs.curl];
name = "healthcheck";
text = ''
#!/bin/bash
[ -z "''${NOMAD_PORT_wallet:-}" ] && echo "NOMAD_PORT_wallet env var must be set -- aborting" && exit 1

[ -z "''${WALLET_SRV_FQDN:-}" ] && echo "WALLET_SRV_FQDN env var must be set -- aborting" && exit 1
[ -z "''${CARDANO_WALLET_ID:-}" ] && echo "CARDANO_WALLET_ID env var must be set -- aborting" && exit 1

mapfile -t wallet_urls <<<"$(srvaddr "''${WALLET_SRV_FQDN}")"

STATUS="$(curl -sf "''${wallet_urls[0]}/v2/wallets/$CARDANO_WALLET_ID" || :)"
jq <<<"$STATUS" || :
jq -e '.state.status == "ready"' <<<"$STATUS" || exit 1
STATUS="$(curl -sf "localhost:$NOMAD_PORT_wallet/v2/network/information" || :)"
jq <<< "$STATUS" || :
jq -e '.sync_progress.status == "ready"' <<< "$STATUS" || exit 1
'';
};
cardano-submit-api-network-sync = writeShellApplication {
Expand Down
145 changes: 145 additions & 0 deletions nix/cardano/nomadCharts/cardano-wallet.nix
View file
Open in desktop
@@ -0,0 +1,145 @@
{
inputs,
cell,
}: let
inherit (inputs) data-merge cells;
inherit (inputs.nixpkgs) lib;
inherit (inputs.nixpkgs) system;
inherit (inputs.bitte-cells) vector _utils;
inherit (cell) healthChecks constants oci-images;
# OCI-Image Namer
ociNamer = oci: l.unsafeDiscardStringContext "${oci.imageName}:${oci.imageTag}";
l = lib // builtins;
in
{
jobname ? "wallet",
namespace,
datacenters ? ["eu-central-1" "eu-west-1" "us-east-2"],
domain,
nodeClass,
scaling,
} @ args: let
id = jobname;
type = "service";
priority = 50;
persistanceMount = "/persist";
vaultPkiPath = "pki/issue/wallet";
consulRolePath = "consul/creds/wallet";
in
with data-merge; {
job.${id} = {
inherit namespace datacenters id type priority;
# ----------
# Scheduling
# ----------
constraint = [
{
attribute = "\${node.class}";
operator = "=";
value = "${nodeClass}";
}
{
attribute = "\${meta.cardano}";
operator = "is_set";
}
{
operator = "distinct_hosts";
value = "true";
}
];
spread = [{attribute = "\${node.datacenter}";}];
# ----------
# Update
# ----------
update.health_check = "task_states";
update.healthy_deadline = "5m0s";
update.max_parallel = 1;
update.min_healthy_time = "10s";
update.progress_deadline = "10m0s";
update.stagger = "30s";
# ----------
# Migrate
# ----------
migrate.health_check = "checks";
migrate.healthy_deadline = "8m20s";
migrate.max_parallel = 1;
migrate.min_healthy_time = "10s";
# ----------
# Reschedule
# ----------
reschedule.delay = "30s";
reschedule.delay_function = "exponential";
reschedule.max_delay = "1h0m0s";
reschedule.unlimited = true;
# ----------
# Task Groups
# ----------
group.wallet = let
# work-around: we need to get rid of vector first
node' = (cell.nomadCharts.cardano-node (args // {jobname = "node";})).job.node.group.cardano;
group = l.removeAttrs node' ["task"];
node = group // {task.node = node'.task.node;};
in
merge
# task.vector ...
(vector.nomadTask.default {
inherit namespace;
endpoints = [
# prometheus metrics for wallet
"http://127.0.0.1:8082/metrics"
# prometheus metrics for cardano-node
"http://127.0.0.1:12798/metrics"
];
})
(
merge node
{
count = scaling;
service = append [
(import ./srv-wallet.nix {inherit namespace healthChecks;})
];
volume = {
"persist-wallet-local" = {
source = "${namespace}-persist-wallet-local";
type = "host";
};
};
network.port.wallet = {to = 8090;};
task = {
# ----------
# Task: Wallet
# ----------
wallet = {
env.DATA_DIR = persistanceMount;
env.SOCKET_PATH = "/alloc/tmp/node.socket";
template =
_utils.nomadFragments.workload-identity-vault {inherit vaultPkiPath;}
++ _utils.nomadFragments.workload-identity-vault-consul {inherit consulRolePath;};
env.WORKLOAD_CACERT = "/secrets/tls/ca.pem";
env.WORKLOAD_CLIENT_KEY = "/secrets/tls/key.pem";
env.WORKLOAD_CLIENT_CERT = "/secrets/tls/cert.pem";
config.image = ociNamer oci-images.cardano-wallet;
user = "0:0";
driver = "docker";
kill_signal = "SIGINT";
kill_timeout = "30s";
resources = {
cpu = 2000;
memory = 4096;
};
volume_mount = {
destination = persistanceMount;
propagation_mode = "private";
volume = "persist-wallet-local";
};
vault = {
change_mode = "noop";
env = true;
policies = ["wallet"];
};
};
};
}
);
};
}
1 change: 1 addition & 0 deletions nix/cardano/nomadCharts/default.nix
View file
Open in desktop
Expand Up @@ -6,4 +6,5 @@
cardano-node = import ./cardano-node.nix {inherit inputs cell;};
cardano-db-sync = import ./cardano-db-sync.nix {inherit inputs cell;};
cardano-faucet = import ./cardano-faucet.nix {inherit inputs cell;};
cardano-wallet = import ./cardano-wallet.nix {inherit inputs cell;};
}
2 changes: 1 addition & 1 deletion nix/cardano/nomadCharts/srv-wallet.nix
View file
Open in desktop
Expand Up @@ -20,6 +20,6 @@
}
];
name = "${namespace}-wallet";
port = "8090";
port = "wallet";
tags = ["\${NOMAD_ALLOC_ID}"];
}