k8s/openshift部署Hyperledger burrow
唐茂实
环境
- os:centos 7.6
- openshift:3.11
- helm:v2.13.0(以上版本,需支持mergeOverwrite)
- jq:1.5
1. 安装burrow
wget https://github.com/hyperledger/burrow/releases/download/v0.30.3/burrow_0.30.3_Linux_x86_64.tar.gz
mkdir burrow_bin&& tar -zxvf burrow_0.30.3_Linux_x86_64.tar.gz -C burrow_bin
cp burrow_bin/burrow /usr/bin/
rm -rf burrow_bin/ && rm -f burrow_0.30.3_Linux_x86_64.tar.gz
burrow -v
2. 下载chart
我这里使用了一个修改过的版本,默认值做了修改,并添加了web3端口支持。详见 https://github.com/itling/burrow_helm_chart
$ git clone https://github.com/helm/charts.git
$ cd stable/burrow/
3. 生成配置文件(私钥和地址)
这里生成5个节点配置,链名命名为pld-blockchain-dev-burrow
CHAIN_NAME应带-burrow后缀,前面的名称和部署chart名称相同
$ CHAIN_NODES=5 CHAIN_NAME="pld-blockchain-dev-burrow" ./initialize.sh
Initializing 5 Validator Nodes
------------------------------
Writing kubernetes template files for validators secrets, and configmaps.
Building the genesis spec with burrow (0.30.3+commit.ffccfb69eb9465b3a5b5a747139e081b9f095fdd+2020-04-05T21:34:13Z).
Creating keys and necessary deploy files...
Saved keys and genesis as /root/helm/charts/stable/burrow/setup.yaml
Saved example 'values.yaml' as /root/helm/charts/stable/burrow/addresses.yaml
Done
4. 部署
4.1 创建项目、生成配置文件
$ oc new-project burrow-dev
$ oc apply -f
$ oc apply -f setup.yaml -n burrow-dev
secret/pld-blockchain-dev-burrow-keys-000 created
secret/pld-blockchain-dev-burrow-keys-001 created
secret/pld-blockchain-dev-burrow-keys-002 created
secret/pld-blockchain-dev-burrow-keys-003 created
secret/pld-blockchain-dev-burrow-keys-004 created
configmap/pld-blockchain-dev-burrow-genesis created
4.2 修改配置文件
修改value.yaml配置文件
burrow --version版本应该和image.tag保持一致
image:
repository: hyperledger/burrow
tag: 0.30.3
pullPolicy: IfNotPresent
chain:
logLevel: info
extraSeeds: []
testing: false
restore:
enabled: false
dumpURL: ""
config:
BurrowDir: ".burrow"
Tendermint:
Seeds: ""
SeedMode: false
ListenHost: "0.0.0.0"
ListenPort: "26656"
ExternalAddress: ""
Moniker: ""
Keys:
GRPCServiceEnabled: true
AllowBadFilePermissions: true
RemoteAddress: ""
KeysDirectory: "/keys"
RPC:
Info:
Enabled: true
ListenHost: "0.0.0.0"
ListenPort: "26658"
Profiler:
Enabled: false
ListenHost: "0.0.0.0"
ListenPort: "6060"
GRPC:
Enabled: true
ListenHost: "0.0.0.0"
ListenPort: "10997"
Metrics:
Enabled: true
ListenHost: "0.0.0.0"
ListenPort: "9102"
MetricsPath: "/metrics"
BlockSampleSize: 100
Web3:
Enabled: true
ListenHost: "0.0.0.0"
ListenPort: "26660"
Logging:
ExcludeTrace: true
NonBlocking: true
RootSink:
Output:
OutputType: "stderr"
Format: "json"
validators:
- name: Validator_0
address: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
nodeAddress: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
contracts:
# wait required to ensure chain readiness
enabled: false
image: ""
tag: ""
deploy: ""
extraArgs: {}
environment:
inline: {}
secrets: []
organization: "user"
persistence:
enabled: true
size: 10Gi
storageClass:
accessMode: ReadWriteOnce
persistentVolumeReclaimPolicy: "Delete"
peer:
service:
type: ClusterIP
ingress:
enabled: false
hosts: []
grpc:
service:
type: ClusterIP
loadBalance: true
ingress:
enabled: false
hosts: []
annotations: {}
tls: {}
web3:
service:
type: ClusterIP
loadBalance: true
ingress:
enabled: false
hosts: []
annotations: {}
tls: {}
info:
service:
type: ClusterIP
loadBalance: true
ingress:
enabled: false
# exposing partial ingress only exposes
# the /accounts and /blocks paths outside the cluster
partial: false
pathLeader: "/"
annotations: {}
hosts: []
tls: {}
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
livenessProbe:
enabled: true
path: /status?block_seen_time_within=10m
initialDelaySeconds: 240
timeoutSeconds: 1
periodSeconds: 30
readinessProbe:
enabled: true
path: /status
initialDelaySeconds: 5
initialDelaySeconds: 5
podAnnotations: {}
podLabels: {}
# Affinity for pod assignment
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: blockchain
operator: In
values:
- dev
# Tolerations for pod assignment
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations:
- effect: NoExecute
key: blockchain
operator: Equal
value: dev
# Node labels for pod assignment
# Ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
这里加了节点容忍和亲和,这个集群有几台机器专门用来跑burrow
$ kubectl get node --show-labels |grep blockchain
compute18.domain.local Ready compute 40d v1.11.0+d4cacc0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,blockchain=dev,cpumanager=false,kubernetes.io/hostname=compute18.domain.local,kubevirt.io/schedulable=false,node-role.kubernetes.io/compute=true
compute19.domain.local Ready compute 40d v1.11.0+d4cacc0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,blockchain=dev,cpumanager=false,kubernetes.io/hostname=compute19.domain.local,kubevirt.io/schedulable=false,node-role.kubernetes.io/compute=true
compute20.domain.local Ready compute 40d v1.11.0+d4cacc0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,blockchain=dev,cpumanager=false,kubernetes.io/hostname=compute20.domain.local,kubevirt.io/schedulable=false,node-role.kubernetes.io/compute=true
4.3 合并配置文件
将生成的地址配置文件合并进values.yaml
cat addresses.yaml >> values.yaml
4.4 开始安装chart
helm client安装请参考:https://blog.csdn.net/kk3909/article/details/105441313
–name应该和CHAIN_NAME的前缀保持一致
helm install . \
--set chain.nodes=5 \
--namespace burrow-dev \
--name pld-blockchain-dev \
--values values.yaml
4.4 检查网络是否正常
创建路由(选择pld-blockchain-dev-burrow-info服务),浏览器打开http://your-ingress-domain/consensus,查看peers信息。
4.5 删除重来
oc delete secret pld-blockchain-dev-burrow-keys
oc delete -f setup.yaml -n burrow-dev
helm delete pld-blockchain-dev
helm del --purge pld-blockchain-dev
类似资料: