github.com/containerd/nerdctl/v2@v2.0.0-beta.5.0.20240520001846-b5758f54fa28/examples/nerdctl-ipfs-registry-kubernetes/ipfs-stargz-snapshotter/nerdctl-ipfs-registry.yaml (about) 1 # Example YAML of IPFS-based node-to-node image sharing 2 3 apiVersion: apps/v1 4 kind: Deployment 5 metadata: 6 name: ipfs-bootstrap 7 spec: 8 selector: 9 matchLabels: 10 app: ipfs-bootstrap 11 template: 12 metadata: 13 labels: 14 app: ipfs-bootstrap 15 spec: 16 initContainers: 17 - name: configure-ipfs 18 image: "ghcr.io/stargz-containers/ipfs/kubo:v0.16.0" 19 command: ["sh", "/custom/configure-ipfs.sh"] 20 env: 21 - name: LIBP2P_FORCE_PNET 22 value: "1" 23 - name: IPFS_SWARM_KEY 24 valueFrom: 25 secretKeyRef: 26 name: secret-config 27 key: ipfs-swarm-key 28 volumeMounts: 29 - name: ipfs-storage 30 mountPath: /data/ipfs 31 - name: configure-script 32 mountPath: /custom 33 containers: 34 - name: id 35 image: "ghcr.io/stargz-containers/ipfs/kubo:v0.16.0" 36 command: ["sh", "/custom/id-server.sh"] 37 ports: 38 - name: id 39 protocol: TCP 40 containerPort: 8000 41 volumeMounts: 42 - name: ipfs-storage 43 mountPath: /data/ipfs 44 - name: configure-script 45 mountPath: /custom 46 - name: ipfs 47 image: "ghcr.io/stargz-containers/ipfs/kubo:v0.16.0" 48 command: ["ipfs", "daemon"] 49 env: 50 - name: LIBP2P_FORCE_PNET 51 value: "1" 52 ports: 53 - name: swarm 54 protocol: TCP 55 containerPort: 4001 56 volumeMounts: 57 - name: ipfs-storage 58 mountPath: /data/ipfs 59 - name: configure-script 60 mountPath: /custom 61 livenessProbe: 62 tcpSocket: 63 port: swarm 64 initialDelaySeconds: 30 65 timeoutSeconds: 5 66 periodSeconds: 15 67 volumes: 68 - name: configure-script 69 configMap: 70 name: ipfs-bootstrap-conf 71 - name: ipfs-storage 72 emptyDir: {} 73 74 --- 75 76 apiVersion: v1 77 kind: Service 78 metadata: 79 name: ipfs-bootstrap 80 labels: 81 app: ipfs-bootstrap 82 spec: 83 type: ClusterIP 84 ports: 85 - name: id 86 targetPort: id 87 port: 8000 88 - name: swarm 89 targetPort: swarm 90 port: 4001 91 selector: 92 app: ipfs-bootstrap 93 94 --- 95 96 apiVersion: apps/v1 97 kind: DaemonSet 98 metadata: 99 name: ipfs 100 spec: 101 selector: 102 matchLabels: 103 app: ipfs 104 template: 105 metadata: 106 labels: 107 app: ipfs 108 spec: 109 initContainers: 110 - name: configure-ipfs 111 image: "ghcr.io/stargz-containers/ipfs/kubo:v0.16.0" 112 command: ["sh", "/custom/configure-ipfs.sh"] 113 env: 114 - name: BOOTSTRAP_SVC_NAME 115 value: "ipfs-bootstrap" 116 - name: LIBP2P_FORCE_PNET 117 value: "1" 118 - name: IPFS_SWARM_KEY 119 valueFrom: 120 secretKeyRef: 121 name: secret-config 122 key: ipfs-swarm-key 123 volumeMounts: 124 - name: ipfs-storage 125 mountPath: /data/ipfs 126 - name: configure-script 127 mountPath: /custom 128 containers: 129 - name: ipfs 130 image: "ghcr.io/stargz-containers/ipfs/kubo:v0.16.0" 131 command: ["ipfs", "daemon"] 132 env: 133 - name: LIBP2P_FORCE_PNET 134 value: "1" 135 ports: 136 - name: swarm 137 protocol: TCP 138 containerPort: 4001 139 - name: api 140 protocol: TCP 141 containerPort: 5001 142 hostPort: 5001 143 volumeMounts: 144 - name: ipfs-storage 145 mountPath: /data/ipfs 146 - name: configure-script 147 mountPath: /custom 148 livenessProbe: 149 tcpSocket: 150 port: swarm 151 initialDelaySeconds: 30 152 timeoutSeconds: 5 153 periodSeconds: 15 154 - name: nerdctl-ipfs-registry 155 image: "ghcr.io/stargz-containers/nerdctl-ipfs-registry:v0.23.0" 156 command: ["sh", "/custom/nerdctl-ipfs-registry-entrypoint.sh"] 157 env: 158 - name: IPFS_PATH 159 value: "/data/ipfs" 160 ports: 161 - containerPort: 5050 162 hostPort: 5050 163 volumeMounts: 164 - name: ipfs-storage 165 mountPath: /data/ipfs 166 - name: configure-script 167 mountPath: /custom 168 volumes: 169 - name: configure-script 170 configMap: 171 name: ipfs-peer-conf 172 - name: ipfs-storage 173 hostPath: 174 path: /var/ipfs/ 175 176 --- 177 178 apiVersion: v1 179 kind: ConfigMap 180 metadata: 181 name: ipfs-peer-conf 182 data: 183 nerdctl-ipfs-registry-entrypoint.sh: | 184 #!/bin/sh 185 set -eu 186 187 if ! command -v curl &> /dev/null 188 then 189 echo "curl not found. installing..." 190 apt-get update -y && apt-get install -y curl 191 fi 192 193 # wait for ipfs daemon 194 ok=false 195 for i in $(seq 100) ; do 196 if curl localhost:5001/api/v0/id >/dev/null 2>&1 ; then 197 ok=true 198 break 199 fi 200 echo "Fail(${i}). Retrying..." 201 sleep 3 202 done 203 if [ "$ok" != "true" ] ; then 204 echo "failed to detect ipfs api" 205 exit 1 206 fi 207 208 exec /usr/local/bin/nerdctl ipfs registry serve --listen-registry 0.0.0.0:5050 --ipfs-address /ip4/127.0.0.1/tcp/5001 --read-retry-num 3 --read-timeout 500ms 209 210 configure-ipfs.sh: | 211 #!/bin/sh 212 set -eu -o pipefail 213 214 # wait for bootstrap node running 215 ok=false 216 for i in $(seq 100) ; do 217 if nc -z ${BOOTSTRAP_SVC_NAME} 4001 ; then 218 ok=true 219 break 220 fi 221 echo "Fail(${i}). Retrying..." 222 sleep 3 223 done 224 if [ "$ok" != "true" ] ; then 225 echo "failed to detect bootstrap node" 226 exit 1 227 fi 228 229 BOOTSTRAP_ID=$(wget -O - ${BOOTSTRAP_SVC_NAME}:8000/id) 230 if [ "${BOOTSTRAP_ID}" == "" ] ; then 231 echo "failed to get bootstrap peer id" 232 exit 1 233 fi 234 if [ "${IPFS_SWARM_KEY}" == "" ] || [ "${LIBP2P_FORCE_PNET}" != "1" ] ; then 235 echo "must be forced to private ipfs network (got LIBP2P_FORCE_PNET=${LIBP2P_FORCE_PNET})" 236 exit 1 237 fi 238 239 mkdir -p /data/ipfs 240 if ! [ -z "$(ls -A /data/ipfs)" ]; then 241 echo "IPFS already configured on this node; destroying the current repo and refreshing..." 242 rm -rf /data/ipfs/* 243 fi 244 245 ipfs init --profile=server 246 ipfs bootstrap rm --all 247 ipfs bootstrap add /dns4/${BOOTSTRAP_SVC_NAME}/tcp/4001/ipfs/${BOOTSTRAP_ID} 248 ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001 249 ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080 250 ipfs config Datastore.StorageMax 100GB 251 ipfs config Addresses.NoAnnounce --json '[]' 252 ipfs config Swarm.AddrFilters --json '[]' 253 echo -n "${IPFS_SWARM_KEY}" > /data/ipfs/swarm.key 254 255 --- 256 257 apiVersion: v1 258 kind: ConfigMap 259 metadata: 260 name: ipfs-bootstrap-conf 261 data: 262 id-server.sh: | 263 #!/bin/sh 264 set -eu -o pipefail 265 266 if [ ! -f /doc/id ]; then 267 mkdir /doc 268 ipfs config show | grep "PeerID" | sed -E 's/.*"PeerID": "([a-zA-Z0-9]*)".*/\1/' > /doc/id 269 fi 270 exec httpd -f -p 8000 -h /doc 271 272 configure-ipfs.sh: | 273 #!/bin/sh 274 set -eu -o pipefail 275 276 if [ "${IPFS_SWARM_KEY}" == "" ] || [ "${LIBP2P_FORCE_PNET}" != "1" ] ; then 277 echo "must be forced to private ipfs network (got LIBP2P_FORCE_PNET=${LIBP2P_FORCE_PNET})" 278 fi 279 280 mkdir -p /data/ipfs 281 if ! [ -z "$(ls -A /data/ipfs)" ]; then 282 echo "IPFS already configured on this node; destroying the current repo and refreshing..." 283 rm -rf /data/ipfs/* 284 fi 285 286 ipfs init --profile=server 287 ipfs bootstrap rm --all 288 ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001 289 ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080 290 ipfs config Addresses.NoAnnounce --json '[]' 291 ipfs config Swarm.AddrFilters --json '[]' 292 ipfs config Datastore.StorageMax 1GB 293 echo -n "${IPFS_SWARM_KEY}" > /data/ipfs/swarm.key