Skip to content

Commit

Permalink
feat(sawtooth): add ingress capability
Browse files Browse the repository at this point in the history 
Signed-off-by: Kevin O'Donnell <kevin@blockchaintp.com>
  • Loading branch information
@scealiontach
scealiontach committed Aug 31, 2021
1 parent 67f6212 commit 1fe012a
Show file tree
Hide file tree
Showing 4 changed files with 176 additions and 47 deletions.
80 changes: 80 additions & 0 deletions charts/sawtooth/templates/_ingress.tpl
View file
@@ -0,0 +1,80 @@
{{/*
include "ingress" (dict "ingressName" "myingress" "ingress" path.to.ingress "serviceName" "the-service" "servicePort" 9090 "context" $)
ingress:
enabled: true
certManager: false
pathType: ImplementationSpecific
apiVersion: ""
hostname: theservice.local
path: /
annotations: {}
tls: false
extraHosts: []
extraPaths: []
extraTls: []
secrets: []
*/}}
{{- define "lib.ingress" -}}
{{- $ctx := .context -}}
{{- $ingressName := .ingressName -}}
{{- $serviceName := .serviceName -}}
{{- $servicePort := .servicePort -}}
{{- if .ingress.enabled -}}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" $ctx }}
kind: Ingress
metadata:
name: {{ $ingressName }}
namespace: {{ $ctx.Release.Namespace | quote }}
labels: {{- include "common.labels.standard" $ctx | nindent 4 }}
{{- if $ctx.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" $ctx.Values.commonLabels "context" $ctx ) | nindent 4 }}
{{- end }}
annotations:
{{- if .ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- if .ingress.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .ingress.annotations "context" $ctx ) | nindent 4 }}
{{- end }}
{{- if $ctx.Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" $ctx.Values.commonAnnotations "context" $ctx ) | nindent 4 }}
{{- end }}
spec:
rules:
{{- if .ingress.hostname }}
- host: {{ .ingress.hostname }}
http:
paths:
{{- if .ingress.extraPaths }}
{{- toYaml .ingress.extraPaths | nindent 10 }}
{{- end }}
- path: {{ .ingress.path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $ctx) }}
pathType: {{ .ingress.pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" $serviceName "servicePort" $servicePort "context" $ctx) | nindent 14 }}
{{- end }}
{{- range .ingress.extraHosts }}
- host: {{ .name | quote }}
http:
paths:
- path: {{ default "/" .path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $ctx) }}
pathType: {{ default "ImplementationSpecific" .pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" $serviceName "servicePort" $servicePort "context" $ctx) | nindent 14 }}
{{- end }}
{{- if or .ingress.tls .ingress.extraTls }}
tls:
{{- if .ingress.tls }}
- hosts:
- {{ .ingress.hostname }}
secretName: {{ printf "%s-tls" .ingress.hostname }}
{{- end }}
{{- if .ingress.extraTls }}
{{- include "common.tplvalues.render" ( dict "value" .ingress.extraTls "context" $ctx ) | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}
6 changes: 6 additions & 0 deletions charts/sawtooth/templates/ingress.yaml
View file
@@ -0,0 +1,6 @@
{{- if .Values.ingress.enabled -}}
{{- $serviceName := include "sawtooth.validator.fullname" . -}}
{{- $ingressName := printf "%s-rest" $serviceName -}}
{{- $servicePort := .Values.sawtooth.ports.rest -}}
{{ include "lib.ingress" (dict "ingressName" $ingressName "ingress" .Values.ingress "serviceName" $serviceName "servicePort" $servicePort "context" $) }}
{{- end -}}
18 changes: 18 additions & 0 deletions charts/sawtooth/tests/ingress_test.yaml
View file
@@ -0,0 +1,18 @@
suite: test the ingresses
templates:
- ingress.yaml
release:
name: test
namespace: testns
tests:
- it: ingress links to service properly
set:
ingress:
enabled: true
asserts:
- equal:
path: spec.rules[0].http.paths[0].backend.service.name
value: test-sawtooth
- equal:
path: spec.rules[0].http.paths[0].backend.service.port.number
value: 8008
119 changes: 72 additions & 47 deletions charts/sawtooth/values.yaml
View file
@@ -1,11 +1,11 @@
---
## @md # These are the reasonable defaults file sawtooth 1.2
## @md
## @md | field | description | type | default |
## @md |-|-|-|-|
## @md | field | description | default |
## @md |-|-|-|

affinity:
## @md | `affinity.enabled` | false: no effect true: then validators will be deployed only to k8s nodes with the label `app={{ .sawtooth.networkName }}-validator` | boolean | false |
## @md | `affinity.enabled` | false: no effect true: then validators will be deployed only to k8s nodes with the label `app={{ .sawtooth.networkName }}-validator` | false |
# Normally set this as disabled.
# If false - no effect, validators are run on every ( or in the case of devmode any one)
# node in the cluster.
Expand All @@ -19,42 +19,67 @@ global:
registry: index.docker.io
tag: BTP2.1.0rc14


## @md | `commonLabels` |
commonLabels: {}
commonAnnotations: {}
# This is optional,
# if false the values are ignored,
# if true then there should exist a secret within the namespace
# of the given names, multiple values are acceptable
hostAliases:
imagePullSecrets:
## @md | `imagePullSecrets.enabled` | if true use the list of named imagePullSecrets | boolean | false |
## @md | `imagePullSecrets.enabled` | if true use the list of named imagePullSecrets | false |
enabled: false
## @md | `imagePullSecrets.value` | a list if named secret references of the form ```- name: secretName```| list | [] |
## @md | `imagePullSecrets.value` | a list if named secret references of the form ```- name: secretName```| [] |
value: []
ingress:
## @md | `ingress.apiVersion` | if necessary the apiVersion of the ingress may be overridden | "" |
apiVersion: ""
## @md | `ingress.enabled` | true to enable the ingress to the main service rest-api | false |
enabled: false
## @md | `ingress.certManager` | true to enable the acme certmanager for this ingress | false |
certManager: false
## @md | `ingress.hostname` | primary hostname for the ingress | false |
hostname: "sawtooth.local"
## @md | `ingress.path` | path for the ingress's primary hostname | / |
path: /
## @md | `ingress.annotations` | annotations for the ingress | {} |
annotations: {}
## @md | `ingress.tls` | true to enable tls on the ingress with a secrete at hostname-tls | false |
tls: false
## @md | `ingress.extraHosts` | list of extra hosts to add to the ingress | [] |
extraHosts: []
## @md | `ingress.extraPaths` | list of extra paths to add to the primary host of the ingress | [] |
extraPaths: []
## @md | `ingress.extraTls` | list of extra tls entries | [] |
extraTls: []
pagerduty:
## @md | `pagerduty.enabled` | if true send pagerduty alerts | boolean | false |
## @md | `pagerduty.enabled` | if true send pagerduty alerts | false |
enabled: false
## @md | `pagerduty.token` | pagerduty user token | string | nil |
## @md | `pagerduty.token` | pagerduty user token | nil |
token:
## @md | `pagerduty.serviceid` | pagerduty serviceid | string | nil |
## @md | `pagerduty.serviceid` | pagerduty serviceid | nil |
serviceid:
sawtooth:
opentsdb:
## @md | `sawtooth.opentsdb.db` | name of the opentsdb database to be used | string | metrics |
## @md | `sawtooth.opentsdb.db` | name of the opentsdb database to be used | metrics |
db: metrics
## @md | `sawtooth.opentsdb.url` | url of the opentsdb database to be used | string | nil |
## @md | `sawtooth.opentsdb.url` | url of the opentsdb database to be used | nil |
url:
## @md | `sawtooth.opentsdb.enabled` | whether to enable the opentsdb metrics | boolean | false |
## @md | `sawtooth.opentsdb.enabled` | whether to enable the opentsdb metrics | false |
enabled: false
statefulset:
enabled: false
replicas:
podAnnotations:
## @md | `sawtooth.minReadySeconds` | the minimum time a pod must be Running before proceeding on a rolling update | int | 120 |
## @md | `sawtooth.minReadySeconds` | the minimum time a pod must be Running before proceeding on a rolling update | 120 |
minReadySeconds: 120
## @md | `sawtooth.maxUnavailable` | maximum number of pods allowed down on a rollout or update | int | 1 |
## @md | `sawtooth.maxUnavailable` | maximum number of pods allowed down on a rollout or update | 1 |
maxUnavailable: 1
containers:
block_info:
## @md | `sawtooth.containers.block_info.args` | extra args for block-info-tp | string | nil |
## @md | `sawtooth.containers.block_info.args` | extra args for block-info-tp | nil |
args:
env:
image:
Expand Down Expand Up @@ -83,7 +108,7 @@ sawtooth:
requests:
cpu: "50m"
identity_tp:
## @md | `sawtooth.containers.identity_tp.args` | extra args for identity-tp | string | nil |
## @md | `sawtooth.containers.identity_tp.args` | extra args for identity-tp | nil |
args:
env:
image:
Expand Down Expand Up @@ -196,7 +221,7 @@ sawtooth:
requests:
cpu: "50m"
rest_api:
## @md | `sawtooth.containers.rest_api.args` | extra args for rest-api | string | nil |
## @md | `sawtooth.containers.rest_api.args` | extra args for rest-api | nil |
args:
env:
image:
Expand Down Expand Up @@ -239,7 +264,7 @@ sawtooth:
requests:
cpu: "50m"
settings_tp:
## @md | `sawtooth.containers.settings_tp.args` | extra args for settings-tp | string | nil |
## @md | `sawtooth.containers.settings_tp.args` | extra args for settings-tp | nil |
args:
env:
image:
Expand Down Expand Up @@ -268,9 +293,9 @@ sawtooth:
requests:
cpu: "50m"
validator:
## @md | `sawtooth.containers.validator.args` | extra args for validator | string | nil |
## @md | `sawtooth.containers.validator.args` | extra args for validator | nil |
args:
## @md | `sawtooth.containers.validator.env` | list of environment name/value dicts | map | nil |
## @md | `sawtooth.containers.validator.env` | list of environment name/value dicts | nil |
env:
- name: RUST_BACKTRACE
value: "1"
Expand Down Expand Up @@ -304,38 +329,38 @@ sawtooth:
storageClass:
size: 40Gi
ports:
## @md | `sawtooth.ports.sawnet` | port for the sawtooth validator network | int | 8800 |
## @md | `sawtooth.ports.sawnet` | port for the sawtooth validator network | 8800 |
sawnet: 8800
## @md | `sawtooth.ports.consensus` | port for the sawtooth consensus network | int | 5050 |
## @md | `sawtooth.ports.consensus` | port for the sawtooth consensus network | 5050 |
consensus: 5050
## @md | `sawtooth.ports.sawcomp` | port for the sawtooth component network | int | 4004 |
## @md | `sawtooth.ports.sawcomp` | port for the sawtooth component network | 4004 |
sawcomp: 4004
## @md | `sawtooth.ports.rest` | port for the sawtooth rest-api | int | 8008 |
## @md | `sawtooth.ports.rest` | port for the sawtooth rest-api | 8008 |
rest: 8008
livenessProbe:
## @md | `sawtooth.livenessProbe.enabled` | whether to run the livenessProbe on the validator | boolean | false |
## @md | `sawtooth.livenessProbe.enabled` | whether to run the livenessProbe on the validator | false |
enabled: false
## @md | `sawtooth.livenessProbe.initialDelaySeconds` | seconds to wait before running the liveness probe the first time | int | 300 |
## @md | `sawtooth.livenessProbe.initialDelaySeconds` | seconds to wait before running the liveness probe the first time | 300 |
initialDelaySeconds: 300
## @md | `sawtooth.livenessProbe.periodSeconds` | interval in seconds to re-run the liveness probe | int | 120 |
## @md | `sawtooth.livenessProbe.periodSeconds` | interval in seconds to re-run the liveness probe | 120 |
periodSeconds: 120
## @md | `sawtooth.livenessProbe.active` | if false, the liveness probe will run and evaluate the the situation, but always return successfully | string | "false"
active: "false"
## @md | `sawtooth.livenessProbe.exitSignals` | when restarting due to a livenessProbe failure, the validator pod has a "signal" system which will cause it to restart the named containers in this var | string | "block-info-tp" |
## @md | `sawtooth.livenessProbe.exitSignals` | when restarting due to a livenessProbe failure, the validator pod has a "signal" system which will cause it to restart the named containers in this var | "block-info-tp" |
exitSignals: "block-info-tp pbft-engine"
heartbeat:
## @md | `sawtooth.heartbeat.interval` | interval in seconds to issue a heartbeat | int | 300 |
## @md | `sawtooth.heartbeat.interval` | interval in seconds to issue a heartbeat | 300 |
interval: 300

## @md | `sawtooth.permissioned` | Whether to run this chain as a permissioned chain or not | boolean | false |
## @md | `sawtooth.permissioned` | Whether to run this chain as a permissioned chain or not | false |
permissioned: false
# This MUST be chosen by the user
# Follows DNS naming rules
## @md | `sawtooth.namespace` | namespace to render these templates into (deprecated) | string | "prod" |
## @md | `sawtooth.namespace` | namespace to render these templates into (deprecated) | "prod" |
namespace: prod
# This MUST be chosen by the user.
# Follows DNS naming rules
## @md | `sawtooth.networkName` | name of this sawtooth network (deprecated) | string | "mynetwork" |
## @md | `sawtooth.networkName` | name of this sawtooth network (deprecated) | "mynetwork" |
networkName: mynetwork
# serial or parallel
## @md | `sawtooth.scheduler` | name of the sawtooth transaction scheduler to use | string | "serial"
Expand All @@ -346,26 +371,26 @@ sawtooth:
## @md | `sawtooth.consensus` | id of the the consensus algorithm to use< valid values: 100:DevMode, 200, PoET, 300 - Raft, 400, PBFT | int | 200
consensus: 200
genesis:
## @md | `sawtooth.genesis.enabled` | If true, and the cluster is starting for the first time, then a node will be selected to create and submit the genesis block | boolean | true |
## @md | `sawtooth.genesis.enabled` | If true, and the cluster is starting for the first time, then a node will be selected to create and submit the genesis block | true |
enabled: true
## @md | `sawtooth.genesis.seed` | The seed is an arbitrary string which identifies a given genesis If the data of a given set of nodes is to be wiped out, change this value. | string | "9a2de774-90b5-11e9-9df0-87e889b0f1c9" |
## @md | `sawtooth.genesis.seed` | The seed is an arbitrary string which identifies a given genesis If the data of a given set of nodes is to be wiped out, change this value. | "9a2de774-90b5-11e9-9df0-87e889b0f1c9" |
seed: "9a2de774-90b5-11e9-9df0-87e889b0f1c9"
## @md | `sawtooth.dynamicPeering` | Dynamic Peering should default to false, since it is a bit unreliable | boolean | false |
## @md | `sawtooth.dynamicPeering` | Dynamic Peering should default to false, since it is a bit unreliable | false |
dynamicPeering: false
## @md | `sawtooth.externalSeeds` | a list of maps defining validator endpoints external to this deployment | list | [] |
## @md | `sawtooth.externalSeeds` | a list of maps defining validator endpoints external to this deployment | [] |
externalSeeds: []
seth:
# This should default to false, there appear to be problems with the required
# block_info block injector that this depends upon
## @md | `sawtooth.seth.enabled` | enabled sawtooth-seth | boolean | false |
## @md | `sawtooth.seth.enabled` | enabled sawtooth-seth | false |
enabled: false
xo:
# default this to false since you probably don't want it in real life
## @md | `sawtooth.xo.enabled` | enabled sawtooth-xo-tp | boolean | false |
## @md | `sawtooth.xo.enabled` | enabled sawtooth-xo-tp | false |
enabled: false
smallbank:
# default this to false since you probably don't want it in real life
## @md | `sawtooth.smallbank.enabled` | enabled sawtooth-smallbank-tp | boolean | false |
## @md | `sawtooth.smallbank.enabled` | enabled sawtooth-smallbank-tp | false |
enabled: false
volumes:
# This MUST be set, and SHOULD be presented to the user as an option, as it is a likely area
Expand All @@ -374,24 +399,24 @@ sawtooth:
hostPathBaseDir: /var/lib/btp/
# This is an arbitrary cool down period to wait for validators to initialize
# before starting any client operations
## @md | `sawtooth.client_wait` | arbitrary delay to validator client startup, such as the rest-api | int | 90 |
## @md | `sawtooth.client_wait` | arbitrary delay to validator client startup, such as the rest-api | 90 |
client_wait: 90
## @md | `sawtooth.customTPs` | a list of [custom tp definitions](#custom-tp-definitions) | list | nil |
## @md | `sawtooth.customTPs` | a list of [custom tp definitions](#custom-tp-definitions) | nil |
customTPs:
# A list of basic container definitions
# - name: intkey-tp
# image: "blockchaintp/sawtooth-intkey-tp-go:1.0.5"
# command: [ "bash", "-c" ]
# args: [ "intkey-tp-go -v --connect tcp://localhost:4004" ]
## @md | `sawtooth.affinity` | custom affinity rules for the sawtooth validator deamonset | map | nil |
## @md | `sawtooth.affinity` | custom affinity rules for the sawtooth validator deamonset | nil |
affinity: {}

serviceAccount:
create: true
name:
# The below are mostly controlled by BTP, although an "advanced" option to customize them may be
# presented
## @md | `images` | a map containing all of the image urls used by this template| map | N/A |
## @md | `images` | a map containing all of the image urls used by this template| N/A |
images:
## @md
## @md ## Images
Expand Down Expand Up @@ -440,9 +465,9 @@ images:
## @md
## @md Custom TP definitions are describe using maps with the following fields
## @md
## @md | field | description | type | default |
## @md |-|-|-|-|
## @md | `name` | name of the custom tp container(must be unique within the pod) | string | nil |
## @md | `image` | url of the image for this tp | string | nil |
## @md | field | description | default |
## @md |-|-|-|
## @md | `name` | name of the custom tp container(must be unique within the pod) | nil |
## @md | `image` | url of the image for this tp | nil |
## @md | `command` | list of command tokens for this tp | list | nil
## @md | `arg` | list of arguments to the command | list | nil] |
## @md | `arg` | list of arguments to the command | nil] |

0 comments on commit 1fe012a

Please sign in to comment.