github.com/vipernet-xyz/tm@v0.34.24/tools/mintnet-kubernetes/app.template.yaml (about) 1 --- 2 apiVersion: v1 3 kind: Service 4 metadata: 5 annotations: 6 service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" 7 name: YOUR_APP_NAME 8 labels: 9 app: YOUR_APP_NAME 10 spec: 11 ports: 12 - port: 26656 13 name: p2p 14 - port: 26657 15 name: rpc 16 clusterIP: None 17 selector: 18 app: tm 19 --- 20 apiVersion: v1 21 kind: ConfigMap 22 metadata: 23 name: tm-config 24 data: 25 seeds: "tm-0,tm-1,tm-2,tm-3" 26 validators: "tm-0,tm-1,tm-2,tm-3" 27 validator.power: "10" 28 genesis.json: |- 29 { 30 "genesis_time": "2017-01-02T10:10:10.164Z", 31 "chain_id": "chain-B5XXm5", 32 "validators": [], 33 "app_hash": "" 34 } 35 pub_key_nginx.conf: |- 36 server { 37 listen 80 default_server; 38 listen [::]:80 default_server ipv6only=on; 39 location /pub_key.json { root /usr/share/nginx/; } 40 } 41 --- 42 apiVersion: policy/v1beta1 43 kind: PodDisruptionBudget 44 metadata: 45 name: tm-budget 46 spec: 47 selector: 48 matchLabels: 49 app: tm 50 minAvailable: 2 51 --- 52 apiVersion: apps/v1beta1 53 kind: StatefulSet 54 metadata: 55 name: tm 56 spec: 57 serviceName: YOUR_APP_NAME 58 replicas: 4 59 template: 60 metadata: 61 labels: 62 app: tm 63 version: v1 64 annotations: 65 pod.beta.kubernetes.io/init-containers: '[{ 66 "name": "tm-gen-validator", 67 "image": "tendermint/tendermint:0.10.0", 68 "imagePullPolicy": "IfNotPresent", 69 "command": ["bash", "-c", " 70 set -ex\n 71 if [ ! -f /tendermint/priv_validator.json ]; then\n 72 tendermint gen_validator > /tendermint/priv_validator.json\n 73 # pub_key.json will be served by pub-key container\n 74 cat /tendermint/priv_validator.json | jq \".pub_key\" > /tendermint/pub_key.json\n 75 fi\n 76 "], 77 "volumeMounts": [ 78 {"name": "tmdir", "mountPath": "/tendermint"} 79 ] 80 }]' 81 spec: 82 containers: 83 - name: tm 84 imagePullPolicy: IfNotPresent 85 image: tendermint/tendermint:0.10.0 86 resources: 87 requests: 88 cpu: 50m 89 memory: 128Mi 90 limits: 91 cpu: 100m 92 memory: 256Mi 93 ports: 94 - containerPort: 26656 95 name: p2p 96 - containerPort: 26657 97 name: rpc 98 env: 99 - name: SEEDS 100 valueFrom: 101 configMapKeyRef: 102 name: tm-config 103 key: seeds 104 - name: VALIDATOR_POWER 105 valueFrom: 106 configMapKeyRef: 107 name: tm-config 108 key: validator.power 109 - name: VALIDATORS 110 valueFrom: 111 configMapKeyRef: 112 name: tm-config 113 key: validators 114 - name: TMHOME 115 value: /tendermint 116 command: 117 - bash 118 - "-c" 119 - | 120 set -ex 121 122 # copy template 123 cp /etc/tendermint/genesis.json /tendermint/genesis.json 124 125 # fill genesis file with validators 126 IFS=',' read -ra VALS_ARR <<< "$VALIDATORS" 127 fqdn_suffix=$(hostname -f | sed 's#[^.]*\.\(\)#\1#') 128 for v in "${VALS_ARR[@]}"; do 129 # wait until validator generates priv/pub key pair 130 set +e 131 132 curl -s --fail "http://$v.$fqdn_suffix/pub_key.json" > /dev/null 133 ERR=$? 134 while [ "$ERR" != 0 ]; do 135 sleep 5 136 curl -s --fail "http://$v.$fqdn_suffix/pub_key.json" > /dev/null 137 ERR=$? 138 done 139 set -e 140 141 # add validator to genesis file along with its pub_key 142 curl -s "http://$v.$fqdn_suffix/pub_key.json" | jq ". as \$k | {pub_key: \$k, amount: $VALIDATOR_POWER, name: \"$v\"}" > pub_validator.json 143 cat /tendermint/genesis.json | jq ".validators |= .+ [$(cat pub_validator.json)]" > tmpgenesis && mv tmpgenesis /tendermint/genesis.json 144 rm pub_validator.json 145 done 146 147 # construct seeds 148 IFS=',' read -ra SEEDS_ARR <<< "$SEEDS" 149 seeds=() 150 for s in "${SEEDS_ARR[@]}"; do 151 seeds+=("$s.$fqdn_suffix:26656") 152 done 153 seeds=$(IFS=','; echo "${seeds[*]}") 154 155 tendermint node --p2p.seeds="$seeds" --moniker="`hostname`" --proxy_app="unix:///socks/app.sock" 156 volumeMounts: 157 - name: tmdir 158 mountPath: /tendermint 159 - mountPath: /etc/tendermint/genesis.json 160 name: configdir 161 subPath: genesis.json 162 - name: socksdir 163 mountPath: /socks 164 165 - name: app 166 imagePullPolicy: IfNotPresent 167 image: YOUR_APP_IMAGE 168 args: ["--addr=\"unix:///socks/app.sock\""] 169 volumeMounts: 170 - name: socksdir 171 mountPath: /socks 172 173 ######## OR ######## 174 # 175 # - name: app 176 # imagePullPolicy: IfNotPresent 177 # image: golang:1.7.5 178 # resources: 179 # requests: 180 # cpu: YOUR_APP_CPU_REQ 181 # memory: YOUR_APP_MEM_REQ 182 # limits: 183 # cpu: YOUR_APP_CPU_LIMIT 184 # memory: YOUR_APP_MEM_LIMIT 185 # command: 186 # - bash 187 # - "-c" 188 # - | 189 # set -ex 190 191 # go get -d YOUR_APP_PACKAGE 192 # cd $GOPATH/YOUR_APP_PACKAGE 193 # make install 194 # 195 # rm -f /socks/app.sock # remove old socket 196 197 # YOUR_APP_EXEC --addr="unix:///socks/app.sock" 198 # volumeMounts: 199 # - name: socksdir 200 # mountPath: /socks 201 202 ######## OPTIONALLY ######## 203 # 204 # - name: data 205 # imagePullPolicy: IfNotPresent 206 # image: golang:1.7.5 207 # command: 208 # - bash 209 # - "-c" 210 # - | 211 # set -ex 212 # go get github.com/tendermint/merkleeyes/cmd/merkleeyes 213 # rm -f /socks/data.sock # remove old socket 214 # merkleeyes server --address="unix:///socks/data.sock" 215 # volumeMounts: 216 # - name: socksdir 217 # mountPath: /socks 218 219 - name: pub-key 220 imagePullPolicy: IfNotPresent 221 image: nginx:1.11.9 222 resources: 223 requests: 224 cpu: 10m 225 memory: 12Mi 226 limits: 227 cpu: 20m 228 memory: 24Mi 229 ports: 230 - containerPort: 80 231 name: pub-key 232 command: 233 - bash 234 - "-c" 235 - | 236 set -ex 237 # fixes 403 Permission Denied (open() "/tendermint/pub_key.json" failed (13: Permission denied)) 238 # => we cannot serve from /tendermint, so we copy the file 239 mkdir -p /usr/share/nginx 240 cp /tendermint/pub_key.json /usr/share/nginx/pub_key.json 241 nginx -g "daemon off;" 242 volumeMounts: 243 - name: tmdir 244 mountPath: /tendermint 245 - mountPath: /etc/nginx/conf.d/pub_key.conf 246 name: configdir 247 subPath: pub_key_nginx.conf 248 249 volumes: 250 - name: configdir 251 configMap: 252 name: tm-config 253 - name: socksdir 254 emptyDir: {} 255 256 volumeClaimTemplates: 257 - metadata: 258 name: tmdir 259 annotations: 260 volume.alpha.kubernetes.io/storage-class: anything 261 spec: 262 accessModes: ["ReadWriteOnce"] 263 resources: 264 requests: 265 storage: 2Gi