Skip to content
This repository has been archived by the owner on Feb 13, 2024. It is now read-only.

JINWOO-J/prep_docker

BranchesTags

Repository files navigation

prep-node docker

Latest docker tag

ICON badge latest tag tag info

Travis-build

Master Build Status

Build History Build History

Introduction to prep-node

This project was created to help ICON's PRep-node.

How to build docker image

prep_docker (master) ✗ make build_python
 ----- Build Environment -----

  DOCKERIZE_VERSION="v0.6.1"
  DOWNLOAD_PACKAGE="http://tbears.icon.foundation.s3-website.ap-northeast-2.amazonaws.com/docker_resource/1910211829xc2286d/docker_1910211829xc2286d_packages.tar.gz"
  GO_VERSION="1.12.7"
  IS_LOCAL=true
  NAME=prep-node
  RABBITMQ_VERSION="3.7.17"
  REPO_HUB=iconloop
  TAGNAME=1909261038x4fa4a5
  VERSION=1909261038x4fa4a5
docker build --no-cache --rm=true -f python_37/Dockerfile \
		 --build-arg DOCKERIZE_VERSION=v0.6.1   --build-arg DOWNLOAD_PACKAGE=http://tbears.icon.foundation.s3-website.ap-northeast-2.amazonaws.com/docker_resource/1909261038x4fa4a5/docker_1909261038x4fa4a5_packages.tar.gz   --build-arg GO_VERSION=1.12.7   --build-arg ICON_RC_VERSION=1.0.0   --build-arg IS_LOCAL=true   --build-arg NAME=prep-node   --build-arg RABBITMQ_VERSION=3.7.17   --build-arg REPO_HUB=iconloop   --build-arg TAGNAME=1909261038x4fa4a5   --build-arg VERSION=1909261038x4fa4a5   \
		-t iconloop/prep-node:1910211829xc2286d .
Sending build context to Docker daemon  21.42MB
Step 1/44 : FROM python:3.7.3-slim-stretch
 ---> 338ae06dfca5
Step 2/44 : LABEL maintainer="JINWOO <[email protected]>"
 ---> Running in 4804b6987e20
Removing intermediate container 4804b6987e20
 ---> aa348d5ab934
Step 3/44 : ENV TZ "Asia/Seoul"
 ---> Running in a42cf9cf045e
Removing intermediate container a42cf9cf045e
 ---> 4b94bc713990
Step 4/44 : ENV TERM "xterm-256color"
 ---> Running in 6a7f30c9acdb
Removing intermediate container 6a7f30c9acdb
 ---> 1dea771bb6be
Step 5/44 : ENV USERID 24988
 ---> Running in cd88bf497d89
Removing intermediate container cd88bf497d89

Entrypoint.sh diagram

entrypoint.sh

How to create a cert file

A certificate is required to operate a node.
There are three ways to create certificate file or keystore file.

a. When you start a docker, you can create a certificate using IS_AUTOGEN_CERT environment variables.

      environment:
         IS_AUTOGEN_CERT: "true"
         PRIVATE_PASSWORD: "password123!@#"
  • ${CERT_PATH}/autogen_cert.pem file is created with password password123!@#

b. You can create a certificate through the openssl command.

#  openssl ecparam -genkey -name secp256k1 | openssl ec -aes-256-cbc -out my_private.pem -passout pass:'password123!@#'
read EC key
writing EC key
  • It is created as password123!@# under the name my_private.pem.
  • my_private.pem file is created with password password123!@#
  • If you want to use special characters, you can use ' or "

c. You can create a certificate using tbears command.

If you have tbears

# tbears keystore keystore_tbears.json  -p 'password123!@#'
  • keystore_tbears.json file is created with password password123!@#

If you using docker image

# docker run -it --rm -v ${PWD}/cert:/cert/ iconloop/prep-node tbears keystore /cert/keystore_tbears.json -p 'password123!@#'
Made keystore file successfully
  • -it running interactive mode
  • --rm Running containers with --rm flag is good for those containers that you use for very short while just to accomplish something
  • -v ${PWD}/cert:/cert/
  • tbears keystore /cert/keystore_tbears.json -p 'password123^^&' It executes with the tbears command in docker

d. Create an account and download keystore file using ICONex(wallet)

How to start docker container

If you don't already have docker installed, you can install it here:

https://www.icondev.io/docs/p-rep-installation-and-configuration-1#section-p-rep-installation-using-docker

Using docker-compose command (Recommended)

Open docker-compose.yml in a text editor and add the following content:

For MainNet

version: "3"
services:
   prep:
      image: iconloop/prep-node:2020.11.13
      container_name: "prep-mainnet"
      network_mode: host
      restart: "on-failure"
#      entrypoint: bash -c "while [ 1 ]; do sleep 1; done"
      environment:
         NETWORK_ENV: "mainnet"  # mainnet, testnet, PREP-TestNet (zicon)
         CERT_PATH: "/cert"
         LOOPCHAIN_LOG_LEVEL: "DEBUG"
         ICON_LOG_LEVEL: "DEBUG"
         PRIVATE_KEY_FILENAME: "YOUR_KEYSTORE_or_YOUR_CERTKEY_FILENAME" # only filename
         PRIVATE_PASSWORD: "YOUR_KEY_PASSWORD"
      cap_add:
         - SYS_TIME
      volumes:
         - ./data:/data # mount a data volumes
         - ./cert:/cert # Automatically generate cert key files here
      ports:
         - 9000:9000
         - 7100:7100

prep-node docker environment settings

Generated on 2021-02-17 14:37:43
Environment variable Description Default value Allowed value
EXT_IPADDR Getting external IP address $(curl http://checkip.amazonaws.com)
IPADDR Setting the IP address $EXT_IPADDR
LOCAL_TEST false false
TZ Setting the TimeZone Environment Asia/Seoul List of TZ name
NETWORK_ENV Network Environment name PREP-TestNet mainnet or PREP-TestNet
SERVICE Service Name zicon mainnet/testnet/zicon
ENDPOINT_URL ENDPOINT API URI URI
FIND_NEIGHBOR Find fastest neighborhood PRep true
FIND_NEIGHBOR_COUNT neighborhood count 5
FIND_NEIGHBOR_OPTION neighborhood option -t (main|sub
SERVICE_API SERVICE_API URI ${ENDPOINT_URL}/api/v3 URI
NTP_SERVER NTP SERVER ADDRESS time.google.com
NTP_REFRESH_TIME NTP refresh time 21600
USE_NTP_SYNC whether use ntp or not true boolean (true/false)
FASTEST_START It can be restored from Snapshot DB. no yes/no
FASTEST_START_POINT
GENESIS_NODE false false
DEFAULT_PATH Setting the Default Root PATH /data/${NETWORK_ENV}
DEFAULT_LOG_PATH Setting the logging path ${DEFAULT_PATH}/log
DEFAULT_STORAGE_PATH block DB will be stored ${DEFAULT_PATH}/.storage
USE_NAT if you want to use NAT Network no
NETWORK_NAME
VIEW_CONFIG for check deployment state false boolean (true/false)
AMQP_TARGET 127.0.0.1 127.0.0.1
USE_EXTERNAL_MQ false false
USE_LAZY_MQ false false
USE_MQ_ADMIN Enable RabbitMQ management Web interface.The management UI can be accessed using a Web browser at http://{node-hostname}:15672/. For example, for a node running on a machine with the hostname of prep-node, it can be accessed at http://prepnode:15672/ false boolean (true/false)
MQ_ADMIN RabbitMQ management username admin
MQ_PASSWORD RabbitMQ management password iamicon
LOOPCHAIN_LOG_LEVEL loopchain log level INFO DEBUG, INFO, WARNING, ERROR
ICON_LOG_LEVEL iconservice log level INFO DEBUG, INFO, WARNING, ERROR
LOG_OUTPUT_TYPE loopchain's output log type file file, console, file|console
outputType iconservice's output log type $LOG_OUTPUT_TYPE file, console, file|console
FIRST_PEER for testnet false
NEWRELIC_LICENSE for testnet
CONF_PATH Setting the configure file path /${APP_DIR}/conf
CERT_PATH Setting the certificate key file path /${APP_DIR}/cert
ICON_NID Setting the ICON Network ID number 0x50
CREP_ROOT_HASH
ALLOW_MAKE_EMPTY_BLOCK true true
CHANNEL_BUILTIN boolean (true/false) true
RECOVERY_MODE boolean (true/false) false
PEER_NAME $(uname) $(uname)
PRIVATE_KEY_FILENAME YOUR_KEYSTORE or YOUR_CERTKEY FILENAME YOUR_KEYSTORE_FILENAME YOUR_KEYSTORE or YOUR_CERTKEY FILENAME
PRIVATE_PATH public cert key or keystore file location ${CERT_PATH}/${PRIVATE_KEY_FILENAME}
PRIVATE_PASSWORD private cert key or keystore file password test
LOAD_PEERS_FROM_IISS true true
CHANNEL_MANAGE_DATA_PATH ${CONF_PATH}/channel_manange_data.json ${CONF_PATH}/channel_manange_data.json
CONFIG_API_SERVER https://download.solidwallet.io https://download.solidwallet.io
GENESIS_DATA_PATH ${CONF_PATH}/genesis.json ${CONF_PATH}/genesis.json
BLOCK_VERSIONS
SWITCH_BH_VERSION3
SWITCH_BH_VERSION4
SWITCH_BH_VERSION5
RADIOSTATIONS
SHUTDOWN_TIMER SHUTDOWN_TIMER for citizen 7200
SUBSCRIBE_LIMIT 60 60
TIMEOUT_FOR_LEADER_COMPLAIN 60 60
configure_json ${CONF_PATH}/configure.json ${CONF_PATH}/configure.json
iconservice_json ${CONF_PATH}/iconservice.json ${CONF_PATH}/iconservice.json
iconrpcserver_json ${CONF_PATH}/iconrpcserver.json ${CONF_PATH}/iconrpcserver.json
FORCE_RUN_MODE Setting the loopchain running parameter e.g. if FORCE_RUN_MODE is -r citizen then loop -r citizen
ICON_REVISION 5 5
ROLE_SWITCH_BLOCK_HEIGHT 1 1
mainPRepCount 22 22
mainAndSubPRepCount 100 100
decentralizeTrigger 0.002 0.002
iissCalculatePeriod origin value is 43200 1800
termPeriod origin value is 43120 1800
blockValidationPenaltyThreshold 66000000 66000000
lowProductivityPenaltyThreshold 85 85
score_fee true true
score_audit true true
scoreRootPath ${DEFAULT_PATH}/.score_data/score ${DEFAULT_PATH}/.score_data/score
stateDbRootPath ${DEFAULT_PATH}/.score_data/db ${DEFAULT_PATH}/.score_data/db
penaltyGracePeriod 86400 86400
STAKE_LOCK_MAX
STAKE_LOCK_MIN
RPC_PORT Choose a RPC service port 9000
PORT ${RPC_PORT} ${RPC_PORT}
RPC_WORKER Setting the number of RPC workers 3
RPC_GRACEFUL_TIMEOUT rpc graceful timeout 0
AMQP_KEY Choose a AMQP_KEY for Rabbitmq connection 7100 7100
PORT_PEER Choose a gRPC PORT 7100 7100
USE_PROC_HEALTH_CHECK yes yes
USE_API_HEALTH_CHECK yes yes
USE_HELL_CHECK yes yes
HEALTH_CHECK_INTERVAL Trigger if greater than 1 30
ERROR_LIMIT 6 6
HELL_LIMIT 300 300
CHECK_PROC_LIST Watchdog process names /bin/loop channel icon_rc icon_service gunicorn
USE_SLACK if you want to use the slack no
SLACK_URL slack's webhook URL
SLACK_PREFIX slack's prefix header message
IS_BROADCAST_MULTIPROCESSING false false
IS_DOWNLOAD_CERT false false
IS_AUTOGEN_CERT auto generate cert key false true, false
IS_COMPRESS_LOG auto compress loopchain and icon log via crontab false true, false
IS_WRITE_BH write BH, TX, UX_TX, state on booting log true true, false
REPAIRDB_MODE recovery crash leveldb false true, false, force
USER_DEFINED_ENV

About

Docker image of ICON's PRep-node

Resources

Readme
Activity

Stars

9 stars

Watchers

6 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages