Skip to content

Commit

Permalink
add charts
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrenarchy
andrenarchy committed May 20, 2019
1 parent d37c7b3 commit 539fa96
Show file tree
Hide file tree
Showing 41 changed files with 1,642 additions and 0 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
*.tgz
21 changes: 21 additions & 0 deletions stellar-core/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
apiVersion: v1
appVersion: "10.0.0"
description: Backbone node of the Stellar cryptocurrency network.
name: stellar-core
version: 1.0.0
icon: https://www.stellar.org/developers/images/favicon/rocket-180x180.png
home: https://www.stellar.org
maintainers:
- name: andrenarchy
email: [email protected]
url: https://github.com/andrenarchy
- name: rendhalver
email: [email protected]
sources:
- https://github.com/satoshipay/docker-stellar-core/
keywords:
- stellar
- stellar-core
- cryptocurrency
- blockchain
engine: gotpl
6 changes: 6 additions & 0 deletions stellar-core/OWNERS
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
approvers:
- andrenarchy
- rendhalver
reviewers:
- andrenarchy
- rendhalver
101 changes: 101 additions & 0 deletions stellar-core/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
# Stellar Core

[Stellar](https://www.stellar.org) is an open-source and distributed payments infrastructure. Stellar Core is the software that powers the backbone of the Stellar network and validates and agrees on transactions. For more information see the [Stellar network overview](https://www.stellar.org/developers/guides/get-started/).

## Introduction

This chart bootstraps a [Stellar Core](https://github.com/stellar/stellar-core/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. By default the deployment includes a PostgreSQL database. The chart is based on the Kubernetes-ready [Stellar Core images provided by SatoshiPay](https://github.com/satoshipay/docker-stellar-core/).

## Prerequisites

- You need a node seed to run Stellar Core. If you don't have one you can generate one with the following command:
```bash
$ docker run --rm -it --entrypoint '' satoshipay/stellar-core stellar-core --genseed
```
The output will look like
```
Secret seed: SDUFQA7YL3KTWZNKOXX7XXIYU4R5R6JKELMREKHDQOYY2WPUGXFVJN52
Public: GDJFYQK2VFVMQAOFSBM7RVE4I5HCUT7VNWOKSJKGI5JEODIH6F3EM6YX
```
The node seed must be kept secret but the public key can (and should) be shared with other Stellar node operators.
- Kubernetes 1.8+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure (Only when persisting data)

## Installing the Chart

To install the chart with the release name `my-release`:

```bash
$ helm install --name my-release stable/stellar-core
```

🚨 **Warning:** Make sure to use your own node seed, either via setting `nodeSeed` or `existingNodeSeedSecret`. See [prerequisites](#prerequisites) for how to generate a new node seed.

## Configuration

The following table lists the configurable parameters of the Stellar Core chart and their default values.

| Parameter | Description | Default |
| ----------------------- | --------------------------------------------- | --------------------------------------------- |
| `nodeSeed` | Stellar Core node seed (if `existingNodeSeedSecret` is not set) | Not set |
| `existingNodeSeedSecret` | Existing secret with the node seed (if `nodeSeed` is not set) | Not set |
| `existingNodeSeedSecret.name` | Secret containing the node seed | Not set |
| `existingNodeSeedSecret.key` | Key of the node seed in the secret | Not set |
| `nodeIsValidator` | Should the node participate in SCP? Otherwise it is only observing | `true` |
| `networkPassphrase` | The network this instance should talk to | `Public Global Stellar Network ; September 2015` |
| `catchupRecent` | Number of ledgers to catch up (`0` means minimal catchup) | `0` |
| `maxPeerConnections` | Maximum number of connections to other peers | `50` |
| `knownPeers` | List of hostnames/IPs and ports of peers to connect to initially | Default peers, see `values.yaml` |
| `preferredPeers` | List of hostnames/IPs and ports of peers to stay connected to | Default peers, see `values.yaml` |
| `nodeNames` | List of node public keys and node names | Default node names, see `values.yaml` |
| `nodeNames[].publicKey` | Public key of a node | See above |
| `nodeNames[].name` | Name of a node | See above |
| `quorumSet` | List of quorum set definitions | Default quorum set, see `values.yaml` |
| `quorumSet.thresholdPercent` | Threshold in percent for the quorum set | See above |
| `quorumSet.validators` | List of node names (prefixed with `$$`) or public keys in this set | See above |
| `quorumSet.path` | Path for sub-quorum-sets | See above |
| `history` | Definition for fetching and storing the history of the network | Default history, see `values.yaml` |
| `history.$name.get` | Command for fetching from the history archive | See above |
| `history.$name.put` | Command for storing the history in an archive | See above |
| `initializeHistoryArchives` | Set to `true` if you want history archives to be initialized | `false` |
| `gcloudServiceAccountKey` | Gcloud service account key for `gcloud` flavor | Not set |
| `environment` | Additional environment variables for Stellar Core | `{}` |
| `postgresql.enabled` | Enable PostgreSQL database | `true` |
| `postgresql.postgresDatabase` | PostgreSQL database name | `stellar-core` |
| `postgresql.postgresUser` | PostgreSQL username | `postgres` |
| `postgresql.postgresPassword` | PostgreSQL password | Random password (see PostgreSQL chart) |
| `postgresql.persistence` | PostgreSQL persistence options | See PostgreSQL chart |
| `postgresql.*` | Any PostgreSQL option | See PostgreSQL chart |
| `existingDatabase` | Provide existing database (used if `postgresql.enabled` is `false`)| |
| `existingDatabase.passwordSecret` | Existing secret with the database password | `{name: 'postgresql-core', value: 'password'}` |
| `existingDatabase.url` | Existing database URL (use `$(DATABASE_PASSWORD` as the password) | Not set |
| `image.repository` | `stellar-core` image repository | `satoshipay/stellar-core` |
| `image.tag` | `stellar-core` image tag | `10.0.0-2` |
| `image.flavor` | `stellar-core` flavor (e.g., `aws` or `gcloud`) | Not set |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `peerService.type` | p2p service type | `LoadBalancer` |
| `peerService.port` | p2p service TCP port | `11625` |
| `peerService.loadBalancerIP` | p2p service load balancer IP | Not set |
| `peerService.externalTrafficPolicy` | p2p service traffic policy | Not set |
| `httpService.type` | Non-public HTTP admin endpoint service type | `ClusterIP` |
| `httpService.port` | Non-public HTTP admin endpoint TCP port | `11626` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | Not set |
| `persistence.storageClass` | Storage class of backing PVC | Not set (uses alpha storage class annotation) |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.annotations` | Persistent Volume annotations | `{}` |
| `persistence.size` | Size of data volume | `8Gi` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `stellar-core` |
| `persistence.mountPath` | Mount path of data volume | `/data` |
| `resources` | CPU/Memory resource requests/limits | Requests: `512Mi` memory, `100m` CPU |
| `nodeSelector` | Node labels for pod assignment | {} |
| `tolerations` | Toleration labels for pod assignment | [] |
| `affinity` | Affinity settings for pod assignment | {} |
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template |

## Persistence

Both Stellar Core and PostgreSQL (if `postgresql.enabled` is `true`) need to store data and thus this chart creates [Persistent Volumes](http://kubernetes.io/docs/user-guide/persistent-volumes/) by default. Make sure to size them properly for your needs and use an appropriate storage class, e.g. SSDs.

You can also use existing claims with the `persistence.existingClaim` and `postgresql.persistence.existingClaim` options.
6 changes: 6 additions & 0 deletions stellar-core/requirements.lock
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
dependencies:
- name: postgresql
repository: https://kubernetes-charts.storage.googleapis.com/
version: 0.19.0
digest: sha256:31a2190b81ff68c4c1793c17fd4cbf6157683cc6d2f9fef66a1423938593e93d
generated: 2018-10-09T16:15:19.465844319+02:00
5 changes: 5 additions & 0 deletions stellar-core/requirements.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
dependencies:
- name: postgresql
version: ^0.19.0
repository: "https://kubernetes-charts.storage.googleapis.com/"
condition: postgresql.enabled
15 changes: 15 additions & 0 deletions stellar-core/templates/NOTES.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
1. The node will take a while to sync with the network (~1h or more
is not unusual for the default config).

2. Allow other nodes to connect to you

You can publish your external IP address and port as well as your
node's public key so other validators can include your node in
their quorum sets.

{{- if contains "LoadBalancer" .Values.peerService.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "stellar-core.fullname" . }}-peer'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "stellar-core.fullname" . }}-peer -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo $SERVICE_IP:{{ .Values.peerService.port }}
{{- end }}
174 changes: 174 additions & 0 deletions stellar-core/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,174 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "stellar-core.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "stellar-core.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "stellar-core.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
{{- define "stellar-core.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "stellar-core.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "stellar-core.postgresql.fullname" -}}
{{- if .Values.postgresql.fullnameOverride -}}
{{- .Values.postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default "postgresql" .Values.postgresql.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

{{- define "stellar-core.env" -}}
{{- with .Values.existingNodeSeedSecret }}
- name: NODE_SEED
valueFrom:
secretKeyRef:
name: {{ required "name of existingNodeSeedSecret is required" .name | quote }}
key: {{ required "key of existingNodeSeedSecret is required" .key | quote }}
{{- else }}
- name: NODE_SEED
valueFrom:
secretKeyRef:
name: {{ template "stellar-core.fullname" . }}
key: nodeSeed
{{- end }}
{{- if .Values.postgresql.enabled }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "stellar-core.postgresql.fullname" . }}
key: postgres-password
- name: DATABASE
value: postgresql://dbname={{ .Values.postgresql.postgresDatabase }} user={{ .Values.postgresql.postgresUser }} password=$(DATABASE_PASSWORD) host={{ template "stellar-core.postgresql.fullname" . }} connect_timeout={{ .Values.postgresqlConnectTimeout }}
{{- else }}
{{- with .Values.existingDatabase.passwordSecret }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .name | quote }}
key: {{ .key | quote }}
{{- end }}
- name: DATABASE
value: {{ .Values.existingDatabase.url }}
{{- end }}
- name: INITIALIZE_DB
value: {{ .Values.initializeDatabase | quote }}
{{- with .Values.knownPeers }}
- name: KNOWN_PEERS
value: "{{ join "," .}}"
{{- end }}
{{- with .Values.preferredPeerKeys }}
- name: PREFERRED_PEER_KEYS
value: "{{ join "," .}}"
{{- end }}
{{- with .Values.preferredPeers }}
- name: PREFERRED_PEERS
value: "{{ join "," .}}"
{{- end }}
{{- with .Values.nodeNames }}
- name: NODE_NAMES
value: "{{range $index, $element := . }}{{ if gt $index 0 }},{{ end }}{{ $element.publicKey }} {{ $element.name }}{{ end }}"
{{- end }}
{{- with .Values.knownCursors }}
- name: KNOWN_CURSORS
value: "{{ join "," .}}"
{{- end }}
{{- if .Values.unsafeQuorum }}
- name: UNSAFE_QUORUM
value: "true"
{{- end }}
{{- with .Values.quorumSet }}
- name: QUORUM_SET
value: {{ . | toJson | quote }}
{{- end }}
{{- with .Values.history }}
- name: HISTORY
value: {{ . | toJson | quote }}
{{- end }}
- name: INITIALIZE_HISTORY_ARCHIVES
value: {{ .Values.initializeHistoryArchives | quote }}
{{- if .Values.gcloudServiceAccountKey }}
- name: GCLOUD_SERVICE_ACCOUNT_KEY
valueFrom:
secretKeyRef:
name: {{ template "stellar-core.fullname" . }}
key: gcloudServiceAccountKey
{{- end }}
{{- with .Values.nodeIsValidator }}
- name: NODE_IS_VALIDATOR
value: {{ . | quote }}
{{- end }}
{{- with .Values.networkPassphrase }}
- name: NETWORK_PASSPHRASE
value: {{ . | quote }}
{{- end }}
{{- with .Values.catchupComplete }}
- name: CATCHUP_COMPLETE
value: {{ . | quote }}
{{- end }}
{{- with .Values.catchupRecent }}
- name: CATCHUP_RECENT
value: {{ . | quote }}
{{- end }}
{{- with .Values.targetPeerConnections }}
- name: TARGET_PEER_CONNECTIONS
value: {{ . | quote }}
{{- end }}
{{- with .Values.maxAdditionalPeerConnections }}
- name: MAX_ADDITIONAL_PEER_CONNECTIONS
value: {{ . | quote }}
{{- end }}
{{- with .Values.maxPendingConnections }}
- name: MAX_PENDING_CONNECTIONS
value: {{ . | quote }}
{{- end }}
{{- with .Values.maxConcurrentSubprocesses }}
- name: MAX_CONCURRENT_SUBPROCESSES
value: {{ . | quote }}
{{- end }}
{{- range $key, $val := .Values.environment }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end -}}
Loading

0 comments on commit 539fa96

Please sign in to comment.