From 566b970a01121745746af27e50e7d9dfd70f31e4 Mon Sep 17 00:00:00 2001 From: calinah Date: Mon, 23 Jan 2023 07:16:32 -0800 Subject: [PATCH 1/9] feat(nwaku): wip nwaku v2 --- charts/nwaku/.helmignore | 23 +++ charts/nwaku/Chart.yaml | 24 +++ charts/nwaku/README.md | 105 ++++++++++++ charts/nwaku/README.md.gotmpl | 55 +++++++ charts/nwaku/dashboards/nwaku.json | 2 + charts/nwaku/templates/NOTES.txt | 0 charts/nwaku/templates/_helpers.tpl | 82 ++++++++++ charts/nwaku/templates/dashboards.yaml | 12 ++ charts/nwaku/templates/nwaku/service.yaml | 73 +++++++++ .../nwaku/templates/nwaku/servicemonitor.yaml | 34 ++++ charts/nwaku/templates/nwaku/statefulset.yaml | 121 ++++++++++++++ charts/nwaku/templates/rbac.yaml | 49 ++++++ charts/nwaku/templates/serviceaccount.yaml | 12 ++ charts/nwaku/values.yaml | 149 ++++++++++++++++++ 14 files changed, 741 insertions(+) create mode 100644 charts/nwaku/.helmignore create mode 100644 charts/nwaku/Chart.yaml create mode 100644 charts/nwaku/README.md create mode 100644 charts/nwaku/README.md.gotmpl create mode 100644 charts/nwaku/dashboards/nwaku.json create mode 100644 charts/nwaku/templates/NOTES.txt create mode 100644 charts/nwaku/templates/_helpers.tpl create mode 100644 charts/nwaku/templates/dashboards.yaml create mode 100644 charts/nwaku/templates/nwaku/service.yaml create mode 100644 charts/nwaku/templates/nwaku/servicemonitor.yaml create mode 100644 charts/nwaku/templates/nwaku/statefulset.yaml create mode 100644 charts/nwaku/templates/rbac.yaml create mode 100644 charts/nwaku/templates/serviceaccount.yaml create mode 100644 charts/nwaku/values.yaml diff --git a/charts/nwaku/.helmignore b/charts/nwaku/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/nwaku/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/nwaku/Chart.yaml b/charts/nwaku/Chart.yaml new file mode 100644 index 00000000..8e5ba47d --- /dev/null +++ b/charts/nwaku/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: nwaku +description: Deploy and scale [Nwaku](https://github.com/waku-org/nwaku) inside Kubernetes with ease + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "v0.14.0" diff --git a/charts/nwaku/README.md b/charts/nwaku/README.md new file mode 100644 index 00000000..d7060709 --- /dev/null +++ b/charts/nwaku/README.md @@ -0,0 +1,105 @@ +# Nwaku Helm Chart + +Deploy and scale [Nwaku](https://github.com/waku-org/nwaku) inside Kubernetes with ease + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.0](https://img.shields.io/badge/AppVersion-v0.14.0-informational?style=flat-square) + +## Features + +- Actively maintained by [GraphOps](https://graphops.xyz) [and contributors](https://github.com/graphops/helm-charts/graphs/contributors) +- Deploys a scalable pool of `rpcdaemon` instances, with auto-scaling support, for automatic elastic JSON-RPC +- Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) +- Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests +- Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) +- Support for configuring Grafana dashboards for celo ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) +- Support for exposing a NodePort to enable inbound P2P dials for better peering + +## Quickstart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add graphops http://graphops.github.io/helm-charts +$ helm install my-release graphops/nwaku +``` + +Once the release is installed, celo will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. + +## JSON-RPC + +### Built-in JSON-RPC + +You can access JSON-RPC via the stateful node `Service` (`-celo-stateful-node`) on port `8545` by default. + +## Enabling inbound P2P dials + +By default, your celo node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your celo ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. + +```yaml +# values.yaml + +statefulNode: + p2pNodePort: + enabled: true + port: 31000 # Must be globally unique and available on the host +``` + +You can monitor progress by following the logs of the `stateful-node-init` container: `kubectl logs --since 1m -f release-name-stateful-node-0 -c stateful-node-init` + +## Upgrading + +We recommend that you pin the version of the Chart that you deploy. You can use the `--version` flag with `helm install` and `helm upgrade` to specify a chart version constraint. + +This project uses [Semantic Versioning](https://semver.org/). Changes to the version of the application (the `appVersion`) that the Chart deploys will generally result in a patch version bump for the Chart. Breaking changes to the Chart or its `values.yaml` interface will be reflected with a major version bump. + +We do not recommend that you upgrade the application by overriding `image.tag`. Instead, use the version of the Chart that is built for your desired `appVersion`. + +## Values + +| Key | Description | Type | Default | +|-----|-------------|------|---------| + | fullnameOverride | | string | `""` | + | grafana.dashboards | Enable creation of Grafana dashboards. [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) must be configured to search this namespace, see `sidecar.dashboards.searchNamespace` | bool | `false` | + | grafana.dashboardsConfigMapLabel | Must match `sidecar.dashboards.label` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) | string | `"grafana_dashboard"` | + | grafana.dashboardsConfigMapLabelValue | Must match `sidecar.dashboards.labelValue` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) | string | `"1"` | + | image.pullPolicy | | string | `"IfNotPresent"` | + | image.repository | Image for nwaku | string | `"statusteam/nim-waku"` | + | image.tag | Overrides the image tag | string | Chart.appVersion | + | imagePullSecrets | Pull secrets required to fetch the Image | list | `[]` | + | nameOverride | | string | `""` | + | nwaku.affinity | | object | `{}` | + | nwaku.affinityPresets.antiAffinityByHostname | Configure anti-affinity rules to prevent multiple instances on the same host | bool | `true` | + | nwaku.extraArgs | Additional CLI arguments | list | `[]` | + | nwaku.extraLabels | Extra labels to attach to the Pod for matching against | object | `{}` | + | nwaku.initChownData.enabled | Init container to set the correct permissions to access data directories | bool | `true` | + | nwaku.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | + | nwaku.initChownData.image.repository | Container repository | string | `"busybox"` | + | nwaku.initChownData.image.tag | Container tag | string | `"1.34.0"` | + | nwaku.nodeSelector | | object | `{}` | + | nwaku.podAnnotations | Annotations for the `Pod` | object | `{}` | + | nwaku.podSecurityContext | Pod-wide security context | object | `{"fsGroup":101337,"runAsGroup":101337,"runAsNonRoot":true,"runAsUser":101337}` | + | nwaku.resources | | object | `{}` | + | nwaku.service.ports.grpc-nwaku | Service Port to expose gRPC interface on | int | `8545` | + | nwaku.service.ports.http-jsonrpc | Service Port to expose JSON-RPC interface on | int | `8545` | + | nwaku.service.ports.http-metrics | Service Port to expose Prometheus metrics on | int | `8545` | + | nwaku.service.type | | string | `"ClusterIP"` | + | nwaku.terminationGracePeriodSeconds | Amount of time to wait before force-killing the container | int | `60` | + | nwaku.tolerations | | list | `[]` | + | nwaku.volumeClaimSpec | [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage | object | `{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"1.5Ti"}},"storageClassName":null}` | + | nwaku.volumeClaimSpec.resources.requests.storage | The amount of disk space to provision | string | `"1.5Ti"` | + | nwaku.volumeClaimSpec.storageClassName | The storage class to use when provisioning a persistent volume | string | `nil` | + | prometheus.serviceMonitors.enabled | Enable monitoring by creating `ServiceMonitor` CRDs ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) | bool | `false` | + | prometheus.serviceMonitors.interval | | string | `nil` | + | prometheus.serviceMonitors.labels | | object | `{}` | + | prometheus.serviceMonitors.relabelings | | list | `[]` | + | prometheus.serviceMonitors.scrapeTimeout | | string | `nil` | + | rbac.clusterRules | Required ClusterRole rules | list | See `values.yaml` | + | rbac.create | Specifies whether RBAC resources are to be created | bool | `true` | + | rbac.rules | Required ClusterRole rules | list | See `values.yaml` | + | serviceAccount.annotations | Annotations to add to the service account | object | `{}` | + | serviceAccount.create | Specifies whether a service account should be created | bool | `true` | + | serviceAccount.name | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | string | `""` | + +## Contributing + +We welcome and appreciate your contributions! Please see the [Contributor Guide](/CONTRIBUTING.md), [Code Of Conduct](/CODE_OF_CONDUCT.md) and [Security Notes](/SECURITY.md) for this repository. diff --git a/charts/nwaku/README.md.gotmpl b/charts/nwaku/README.md.gotmpl new file mode 100644 index 00000000..bf9b0e49 --- /dev/null +++ b/charts/nwaku/README.md.gotmpl @@ -0,0 +1,55 @@ +{{ template "graphops.title" . }} + +{{ template "chart.description" . }} + +{{ template "graphops.badges" . }} + +## Features + +- Actively maintained by [GraphOps](https://graphops.xyz) [and contributors](https://github.com/graphops/helm-charts/graphs/contributors) +- Deploys a scalable pool of `rpcdaemon` instances, with auto-scaling support, for automatic elastic JSON-RPC +- Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) +- Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests +- Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) +- Support for configuring Grafana dashboards for celo ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) +- Support for exposing a NodePort to enable inbound P2P dials for better peering + +## Quickstart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add graphops http://graphops.github.io/helm-charts +$ helm install my-release graphops/{{ template "chart.name" . }} +``` + +Once the release is installed, celo will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. + +## JSON-RPC + +### Built-in JSON-RPC + +You can access JSON-RPC via the stateful node `Service` (`-celo-stateful-node`) on port `8545` by default. + +## Enabling inbound P2P dials + +By default, your celo node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your celo ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. + +```yaml +# values.yaml + +statefulNode: + p2pNodePort: + enabled: true + port: 31000 # Must be globally unique and available on the host +``` + +You can monitor progress by following the logs of the `stateful-node-init` container: `kubectl logs --since 1m -f release-name-stateful-node-0 -c stateful-node-init` + +{{ template "graphops.upgradingSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "graphops.contributingSection" . }} diff --git a/charts/nwaku/dashboards/nwaku.json b/charts/nwaku/dashboards/nwaku.json new file mode 100644 index 00000000..311847da --- /dev/null +++ b/charts/nwaku/dashboards/nwaku.json @@ -0,0 +1,2 @@ +{} + diff --git a/charts/nwaku/templates/NOTES.txt b/charts/nwaku/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/charts/nwaku/templates/_helpers.tpl b/charts/nwaku/templates/_helpers.tpl new file mode 100644 index 00000000..1eaa88d9 --- /dev/null +++ b/charts/nwaku/templates/_helpers.tpl @@ -0,0 +1,82 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "nwaku.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nwaku.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nwaku.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "nwaku.labels" -}} +helm.sh/chart: {{ include "nwaku.chart" . }} +{{ include "nwaku.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "nwaku.selectorLabels" -}} +app.kubernetes.io/name: {{ include "nwaku.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{- define "nwaku.componentLabelFor" -}} +app.kubernetes.io/component: {{ . }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "nwaku.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "nwaku.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "nwaku.p2pPort" -}} +{{- if .p2pNodePort.enabled }} +{{- print .p2pNodePort.port }} +{{- else }} +{{- printf "30303" -}} +{{- end }} +{{- end -}} + +{{- define "nwaku.replicas" -}} +{{- if .p2pNodePort.enabled }} +{{- print 1 }} +{{ else }} +{{- default 1 .replicaCount }} +{{- end}} +{{- end -}} diff --git a/charts/nwaku/templates/dashboards.yaml b/charts/nwaku/templates/dashboards.yaml new file mode 100644 index 00000000..8592cc14 --- /dev/null +++ b/charts/nwaku/templates/dashboards.yaml @@ -0,0 +1,12 @@ +{{- $values := $.Values.grafana }} +{{- if $values.dashboards }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "nwaku.fullname" . }}-dashboards + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{ $values.dashboardsConfigMapLabel }}: {{ $values.dashboardsConfigMapLabelValue | quote }} +data: +{{- (.Files.Glob "dashboards/*").AsConfig | nindent 2 }} +{{- end }} \ No newline at end of file diff --git a/charts/nwaku/templates/nwaku/service.yaml b/charts/nwaku/templates/nwaku/service.yaml new file mode 100644 index 00000000..79aac05c --- /dev/null +++ b/charts/nwaku/templates/nwaku/service.yaml @@ -0,0 +1,73 @@ +{{- $values := $.Values.nwaku }} +{{- $componentName := "nwaku"}} +{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "nwaku.fullname" . }}-{{ $componentName }}-headless + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +spec: + clusterIP: None # Headless service + ports: + {{- range $portName, $portNumber := $values.service.ports }} + - port: {{ $portNumber }} # the port we expose on the Service, user configurable + targetPort: {{ $portName }} # the name of the port on the container that we are routing to + protocol: TCP + name: {{ $portName }} + {{- end }} + selector: + {{- include "nwaku.selectorLabels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} + serviceMonitorTarget: "true" # Additional label to prevent matching the headless service above +spec: + type: {{ $values.service.type }} + ports: + {{- range $portName, $portNumber := $values.service.ports }} + - port: {{ $portNumber }} # the port we expose on the Service, user configurable + targetPort: {{ $portName }} # the name of the port on the container that we are routing to + protocol: TCP + name: {{ $portName }} + {{- end }} + selector: + {{- include "nwaku.selectorLabels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +{{- if $values.p2pNodePort.enabled }} +{{- $port := $values.p2pNodePort.port }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "nwaku.fullname" . }}-{{ $componentName }}-p2p-0 + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} + pod: {{ include "nwaku.fullname" . }}-{{ $componentName }}-0 + type: p2p # this label is used by the initContainer to select this service +spec: + type: NodePort + externalTrafficPolicy: Local + ports: + - name: tcp-p2p + port: {{ include "nwaku.p2pPort" $values }} + protocol: TCP + targetPort: tcp-p2p + nodePort: {{ $port }} + - name: udp-p2p + port: {{ include "nwaku.p2pPort" $values }} + protocol: UDP + targetPort: udp-p2p + nodePort: {{ $port }} + selector: + {{- include "nwaku.selectorLabels" . | nindent 4 }} + statefulset.kubernetes.io/pod-name: "{{ include "nwaku.fullname" $ }}-{{ $componentName }}-0" +{{- end }} diff --git a/charts/nwaku/templates/nwaku/servicemonitor.yaml b/charts/nwaku/templates/nwaku/servicemonitor.yaml new file mode 100644 index 00000000..faad6f36 --- /dev/null +++ b/charts/nwaku/templates/nwaku/servicemonitor.yaml @@ -0,0 +1,34 @@ +{{- $values := $.Values.statefulNode }} +{{- $componentName := "nwaku" }} +{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} +{{- /* If serviceMonitors enabled in chart-wide values */ -}} +{{- if $.Values.prometheus.serviceMonitors.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +spec: + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "nwaku.selectorLabels" . | nindent 6 }} + {{- $componentLabel | nindent 6 }} + serviceMonitorTarget: "true" # Additional label to prevent matching the headless service + endpoints: + - port: http-metrics + path: /debug/metrics/prometheus + {{- with .Values.prometheus.serviceMonitors.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.prometheus.serviceMonitors.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + honorLabels: true + {{- if .Values.prometheus.serviceMonitors.relabelings }} + relabelings: + {{- toYaml .Values.prometheus.serviceMonitors.relabelings | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml new file mode 100644 index 00000000..e7c164d0 --- /dev/null +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -0,0 +1,121 @@ +{{- $values := $.Values.nwaku }} +{{- $componentName := "nwaku"}} +{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +spec: + serviceName: {{ include "nwaku.fullname" . }}-{{ $componentName }}-headless + replicas: {{ include "nwaku.replicas" $values }} + selector: + matchLabels: + {{- include "nwaku.selectorLabels" . | nindent 6 }} + {{- $componentLabel | nindent 6 }} + volumeClaimTemplates: + - metadata: + name: storage + spec: + {{- toYaml $values.volumeClaimSpec | nindent 8 }} + template: + metadata: + {{- with $values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "nwaku.selectorLabels" . | nindent 8 }} + {{- $componentLabel | nindent 8 }} + {{- with $values.extraLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with $values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "nwaku.serviceAccountName" . }} + {{- with $values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ $values.terminationGracePeriodSeconds | default "60" }} + volumes: + - name: tmp # this is to provide a writable /tmp even with securityContext.readOnlyRootFilesystem=true + emptyDir: {} + containers: + - name: {{ $componentName }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + command: + - sh + - -ac + - | + set -ex; + nwaku + {{- range $arg := $values.extraArgs }} + {{- $arg | nindent 16 }} \ + {{- end }} + ports: + - name: grpc-nwaku + containerPort: 8545 + protocol: TCP + - name: http-metrics + containerPort: 8545 + protocol: TCP + - name: http-jsonrpc + containerPort: 8545 + protocol: TCP + volumeMounts: + - name: storage + mountPath: /storage + - name: tmp + mountPath: /tmp + readinessProbe: + httpGet: + path: / + port: 8545 + initialDelaySeconds: 10 + periodSeconds: 10 + {{- with $values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with $values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if or $values.affinity $values.affinityPresets.antiAffinityByHostname }} + affinity: + {{- with $values.affinity }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if $values.affinityPresets.antiAffinityByHostname }} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/instance + operator: In + values: + - {{ $.Release.Name }} + - key: app.kubernetes.io/component + operator: In + values: + - {{ $componentName }} + topologyKey: "kubernetes.io/hostname" + {{- end }} + {{- end }} + {{- with $values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/nwaku/templates/rbac.yaml b/charts/nwaku/templates/rbac.yaml new file mode 100644 index 00000000..c8fbea58 --- /dev/null +++ b/charts/nwaku/templates/rbac.yaml @@ -0,0 +1,49 @@ +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "nwaku.serviceAccountName" . }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.rules | nindent 0 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "nwaku.serviceAccountName" . }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "nwaku.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "nwaku.serviceAccountName" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "nwaku.serviceAccountName" . }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.clusterRules | nindent 0 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "nwaku.serviceAccountName" . }} + labels: + {{- include "nwaku.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "nwaku.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "nwaku.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/nwaku/templates/serviceaccount.yaml b/charts/nwaku/templates/serviceaccount.yaml new file mode 100644 index 00000000..662a4d9e --- /dev/null +++ b/charts/nwaku/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "celo.serviceAccountName" . }} + labels: + {{- include "celo.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/nwaku/values.yaml b/charts/nwaku/values.yaml new file mode 100644 index 00000000..dc82c15b --- /dev/null +++ b/charts/nwaku/values.yaml @@ -0,0 +1,149 @@ +# Default values for Nwaku. +# This is a YAML-formatted file. + +nameOverride: "" +fullnameOverride: "" + +image: + # -- Image for nwaku + repository: statusteam/nim-waku + pullPolicy: IfNotPresent + # -- Overrides the image tag + # @default -- Chart.appVersion + tag: "" + +# -- Pull secrets required to fetch the Image +imagePullSecrets: [] + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +rbac: + # -- Specifies whether RBAC resources are to be created + create: true + # -- Required ClusterRole rules + # @default -- See `values.yaml` + clusterRules: + # Required to obtain the nodes external IP + - apiGroups: [""] + resources: + - "nodes" + verbs: + - "get" + - "list" + - "watch" + # -- Required ClusterRole rules + # @default -- See `values.yaml` + rules: + # Required to get information about the serices nodePort. + - apiGroups: [""] + resources: + - "services" + verbs: + - "get" + - "list" + - "watch" + +prometheus: + serviceMonitors: + # -- Enable monitoring by creating `ServiceMonitor` CRDs ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) + enabled: false + labels: {} + interval: + scrapeTimeout: + relabelings: [] + + +grafana: + # -- Enable creation of Grafana dashboards. [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) must be configured to search this namespace, see `sidecar.dashboards.searchNamespace` + dashboards: false + # -- Must match `sidecar.dashboards.label` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) + dashboardsConfigMapLabel: grafana_dashboard + # -- Must match `sidecar.dashboards.labelValue` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) + dashboardsConfigMapLabelValue: "1" + +nwaku: + # -- Additional CLI arguments + extraArgs: [] + + # -- Extra labels to attach to the Pod for matching against + extraLabels: {} + + # -- [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage + volumeClaimSpec: + accessModes: ["ReadWriteOnce"] + # -- The storage class to use when provisioning a persistent volume + storageClassName: + resources: + requests: + # -- The amount of disk space to provision + storage: 1.5Ti + + + # Increasing the grace termination period prevents Kubernetes + # from killing the node process prematurely. Premature shutdown + # can lead to data integrity issues + # -- Amount of time to wait before force-killing the container + terminationGracePeriodSeconds: 60 + + # -- Annotations for the `Pod` + podAnnotations: {} + + # -- Pod-wide security context + podSecurityContext: + runAsNonRoot: true + runAsUser: 101337 + runAsGroup: 101337 + fsGroup: 101337 + + service: + type: ClusterIP + ports: + # Valid keys are names of ports that are exposed by the Pod that (see templates/nethermind/statefulset.yaml) + # -- Service Port to expose JSON-RPC interface on + http-jsonrpc: 8545 + # -- Service Port to expose Prometheus metrics on + http-metrics: 8545 + # -- Service Port to expose gRPC interface on + grpc-nwaku: 8545 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # ephemeral-storage: 100Mi + # requests: + # cpu: 100m + # memory: 128Mi + # ephemeral-storage: 100Mi + + nodeSelector: {} + + tolerations: [] + + affinityPresets: + # -- Configure anti-affinity rules to prevent multiple instances on the same host + antiAffinityByHostname: true + + affinity: {} + + initChownData: + # -- Init container to set the correct permissions to access data directories + enabled: true + image: + # -- Container repository + repository: busybox + # -- Container tag + tag: "1.34.0" + # -- Container pull policy + pullPolicy: IfNotPresent From be1e1d3d5d3ce9099c788d61b0bdb9cf37d1a3e8 Mon Sep 17 00:00:00 2001 From: calinah Date: Mon, 23 Jan 2023 22:40:17 -0800 Subject: [PATCH 2/9] feat(nwaku): working wakunode2 --- charts/nwaku/README.md | 12 +- charts/nwaku/templates/nwaku/statefulset.yaml | 108 ++++++++++++++++-- charts/nwaku/templates/serviceaccount.yaml | 4 +- charts/nwaku/values.yaml | 23 +++- 4 files changed, 131 insertions(+), 16 deletions(-) diff --git a/charts/nwaku/README.md b/charts/nwaku/README.md index d7060709..b987e50d 100644 --- a/charts/nwaku/README.md +++ b/charts/nwaku/README.md @@ -69,19 +69,25 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nameOverride | | string | `""` | | nwaku.affinity | | object | `{}` | | nwaku.affinityPresets.antiAffinityByHostname | Configure anti-affinity rules to prevent multiple instances on the same host | bool | `true` | - | nwaku.extraArgs | Additional CLI arguments | list | `[]` | + | nwaku.extraArgs | Additional CLI arguments | list | `["--dns-discovery=true","--dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im"]` | | nwaku.extraLabels | Extra labels to attach to the Pod for matching against | object | `{}` | | nwaku.initChownData.enabled | Init container to set the correct permissions to access data directories | bool | `true` | | nwaku.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | nwaku.initChownData.image.repository | Container repository | string | `"busybox"` | | nwaku.initChownData.image.tag | Container tag | string | `"1.34.0"` | | nwaku.nodeSelector | | object | `{}` | + | nwaku.p2pNodePort.enabled | Expose P2P port via NodePort | bool | `false` | + | nwaku.p2pNodePort.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | + | nwaku.p2pNodePort.initContainer.image.repository | Container image to fetch nodeport information | string | `"lachlanevenson/k8s-kubectl"` | + | nwaku.p2pNodePort.initContainer.image.tag | Container tag | string | `"v1.21.3"` | + | nwaku.p2pNodePort.port | NodePort to be used. Must be unique. | int | `31000` | | nwaku.podAnnotations | Annotations for the `Pod` | object | `{}` | | nwaku.podSecurityContext | Pod-wide security context | object | `{"fsGroup":101337,"runAsGroup":101337,"runAsNonRoot":true,"runAsUser":101337}` | | nwaku.resources | | object | `{}` | - | nwaku.service.ports.grpc-nwaku | Service Port to expose gRPC interface on | int | `8545` | | nwaku.service.ports.http-jsonrpc | Service Port to expose JSON-RPC interface on | int | `8545` | - | nwaku.service.ports.http-metrics | Service Port to expose Prometheus metrics on | int | `8545` | + | nwaku.service.ports.http-metrics | Service Port to expose Prometheus metrics on | int | `8008` | + | nwaku.service.ports.http-rest | | int | `8645` | + | nwaku.service.ports.http-ws | Service Port to expose gRPC interface on | int | `8000` | | nwaku.service.type | | string | `"ClusterIP"` | | nwaku.terminationGracePeriodSeconds | Amount of time to wait before force-killing the container | int | `60` | | nwaku.tolerations | | list | `[]` | diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml index e7c164d0..087f01d8 100644 --- a/charts/nwaku/templates/nwaku/statefulset.yaml +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -47,12 +47,66 @@ spec: volumes: - name: tmp # this is to provide a writable /tmp even with securityContext.readOnlyRootFilesystem=true emptyDir: {} + {{- if $values.p2pNodePort.enabled }} + - name: env-nodeport + emptyDir: {} + {{- end }} + initContainers: + {{- if $values.p2pNodePort.enabled }} + - name: init-nodeport + image: "{{ $values.p2pNodePort.initContainer.image.repository }}:{{ $values.p2pNodePort.initContainer.image.tag }}" + imagePullPolicy: {{ $values.p2pNodePort.initContainer.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: + - sh + - -c + - > + set -ex; + export EXTERNAL_PORT=$(kubectl get services -l "pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); + export EXTERNAL_IP=$(kubectl get nodes "${NODE_NAME}" -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}'); + export EXTERNAL_IP=${EXTERNAL_IP:-$(curl --silent v4.ident.me)}; + echo "EXTERNAL_PORT=$EXTERNAL_PORT" > /env/init-nodeport; + echo "EXTERNAL_IP=$EXTERNAL_IP" >> /env/init-nodeport; + cat /env/init-nodeport; + volumeMounts: + - name: env-nodeport + mountPath: /env + {{- end }} + {{- if $values.initChownData.enabled }} + - name: init-chown-data + image: "{{ $values.initChownData.image.repository }}:{{ $values.initChownData.image.tag }}" + imagePullPolicy: {{ $values.initChownData.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + command: + - sh + - -ac + - | + set -ex; + chown -R {{ $values.podSecurityContext.runAsUser }}:{{ $values.podSecurityContext.runAsGroup }} /storage; + ls -lah /storage + volumeMounts: + - name: storage + mountPath: "/storage" + {{- end }} containers: - name: {{ $componentName }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} securityContext: - readOnlyRootFilesystem: true + readOnlyRootFilesystem: false capabilities: drop: - ALL @@ -60,30 +114,68 @@ spec: - sh - -ac - | + {{- if $values.p2pNodePort.enabled }} + . /env/init-nodeport; + {{- end }} set -ex; - nwaku + wakunode2 \ + --store=false \ + --discv5-discovery=true \ + {{- if $values.p2pNodePort.enabled }} + --nat=extip:${EXTERNAL_IP} \ + --tcp-port=${EXTERNAL_PORT} \ + {{- else }} + --tcp-port={{ include "nwaku.p2pPort" $values }} \ + {{- end }} + --rest=true \ + --rest-address=0.0.0.0 \ + --rpc=true \ + --rpc-address=0.0.0.0 \ + --rpc-admin=true \ + --metrics-server=true \ + --metrics-server-address=0.0.0.0 \ {{- range $arg := $values.extraArgs }} {{- $arg | nindent 16 }} \ {{- end }} ports: - - name: grpc-nwaku - containerPort: 8545 + - name: htpp-rest + containerPort: 8645 protocol: TCP - name: http-metrics - containerPort: 8545 + containerPort: 8008 protocol: TCP - name: http-jsonrpc containerPort: 8545 protocol: TCP + - name: http-ws + containerPort: 8000 + protocol: TCP + - name: udp-p2p + containerPort: {{ include "nwaku.p2pPort" $values }} + protocol: UDP + - name: tcp-p2p + containerPort: {{ include "nwaku.p2pPort" $values }} + protocol: TCP volumeMounts: + {{- if $values.p2pNodePort.enabled }} + - name: env-nodeport + mountPath: /env + {{- end }} - name: storage mountPath: /storage - name: tmp mountPath: /tmp readinessProbe: - httpGet: - path: / - port: 8545 + exec: + command: + - curl + - -X + - POST + - -H + - "Content-Type: application/json" + - -d + - '{"jsonrpc":"2.0","id":"id","method":"get_waku_v2_debug_v1_info","params":[]}' + - http://localhost:8545 initialDelaySeconds: 10 periodSeconds: 10 {{- with $values.resources }} diff --git a/charts/nwaku/templates/serviceaccount.yaml b/charts/nwaku/templates/serviceaccount.yaml index 662a4d9e..02350be0 100644 --- a/charts/nwaku/templates/serviceaccount.yaml +++ b/charts/nwaku/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "celo.serviceAccountName" . }} + name: {{ include "nwaku.serviceAccountName" . }} labels: - {{- include "celo.labels" . | nindent 4 }} + {{- include "nwaku.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/nwaku/values.yaml b/charts/nwaku/values.yaml index dc82c15b..a7a8f4cc 100644 --- a/charts/nwaku/values.yaml +++ b/charts/nwaku/values.yaml @@ -70,7 +70,9 @@ grafana: nwaku: # -- Additional CLI arguments - extraArgs: [] + extraArgs: + - --dns-discovery=true + - --dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im # -- Extra labels to attach to the Pod for matching against extraLabels: {} @@ -109,9 +111,10 @@ nwaku: # -- Service Port to expose JSON-RPC interface on http-jsonrpc: 8545 # -- Service Port to expose Prometheus metrics on - http-metrics: 8545 + http-metrics: 8008 # -- Service Port to expose gRPC interface on - grpc-nwaku: 8545 + http-ws: 8000 + http-rest: 8645 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious @@ -137,6 +140,20 @@ nwaku: affinity: {} + p2pNodePort: + # -- Expose P2P port via NodePort + enabled: false + # -- NodePort to be used. Must be unique. + port: 31000 + initContainer: + image: + # -- Container image to fetch nodeport information + repository: lachlanevenson/k8s-kubectl + # -- Container tag + tag: v1.21.3 + # -- Container pull policy + pullPolicy: IfNotPresent + initChownData: # -- Init container to set the correct permissions to access data directories enabled: true From f774b481d8863f97e1f3227886645cb9319d1d8e Mon Sep 17 00:00:00 2001 From: calinah Date: Mon, 23 Jan 2023 22:51:08 -0800 Subject: [PATCH 3/9] feat(nwaku): fixing readinessProbe --- charts/nwaku/templates/nwaku/statefulset.yaml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml index 087f01d8..afa854b7 100644 --- a/charts/nwaku/templates/nwaku/statefulset.yaml +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -166,16 +166,9 @@ spec: - name: tmp mountPath: /tmp readinessProbe: - exec: - command: - - curl - - -X - - POST - - -H - - "Content-Type: application/json" - - -d - - '{"jsonrpc":"2.0","id":"id","method":"get_waku_v2_debug_v1_info","params":[]}' - - http://localhost:8545 + httpGet: + port: http-jsonrpc + path: /health initialDelaySeconds: 10 periodSeconds: 10 {{- with $values.resources }} From 2999920b689d5a411cab2856eefaee4f8c63f6ff Mon Sep 17 00:00:00 2001 From: calinah Date: Tue, 24 Jan 2023 22:20:09 -0800 Subject: [PATCH 4/9] feat(nwaku): added support for nodekey & dashboard --- charts/nwaku/Chart.yaml | 2 +- charts/nwaku/README.md | 15 +- charts/nwaku/README.md.gotmpl | 8 +- charts/nwaku/dashboards/nwaku.json | 2874 ++++++++++++++++- charts/nwaku/templates/nwaku/jwt-secret.yaml | 17 + charts/nwaku/templates/nwaku/service.yaml | 8 +- .../nwaku/templates/nwaku/servicemonitor.yaml | 2 +- charts/nwaku/templates/nwaku/statefulset.yaml | 26 +- charts/nwaku/values.yaml | 11 + 9 files changed, 2944 insertions(+), 19 deletions(-) create mode 100644 charts/nwaku/templates/nwaku/jwt-secret.yaml diff --git a/charts/nwaku/Chart.yaml b/charts/nwaku/Chart.yaml index 8e5ba47d..8ea2032b 100644 --- a/charts/nwaku/Chart.yaml +++ b/charts/nwaku/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nwaku -description: Deploy and scale [Nwaku](https://github.com/waku-org/nwaku) inside Kubernetes with ease +description: Deploy and scale [Waku v2 Node](https://github.com/waku-org/nwaku) inside Kubernetes with ease # A chart can be either an 'application' or a 'library' chart. # diff --git a/charts/nwaku/README.md b/charts/nwaku/README.md index b987e50d..cb671f66 100644 --- a/charts/nwaku/README.md +++ b/charts/nwaku/README.md @@ -1,6 +1,6 @@ # Nwaku Helm Chart -Deploy and scale [Nwaku](https://github.com/waku-org/nwaku) inside Kubernetes with ease +Deploy and scale [Waku v2 Node](https://github.com/waku-org/nwaku) inside Kubernetes with ease [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.0](https://img.shields.io/badge/AppVersion-v0.14.0-informational?style=flat-square) @@ -11,7 +11,7 @@ Deploy and scale [Nwaku](https://github.com/waku-org/nwaku) inside Kubernetes wi - Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) - Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests - Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) -- Support for configuring Grafana dashboards for celo ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) +- Support for configuring Grafana dashboards for nwaku ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) - Support for exposing a NodePort to enable inbound P2P dials for better peering ## Quickstart @@ -23,17 +23,17 @@ $ helm repo add graphops http://graphops.github.io/helm-charts $ helm install my-release graphops/nwaku ``` -Once the release is installed, celo will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. +Once the release is installed, nwaku will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. ## JSON-RPC ### Built-in JSON-RPC -You can access JSON-RPC via the stateful node `Service` (`-celo-stateful-node`) on port `8545` by default. +You can access JSON-RPC via the stateful node `Service` (`-nwaku`) on port `8545` by default. ## Enabling inbound P2P dials -By default, your celo node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your celo ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. +By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. ```yaml # values.yaml @@ -75,6 +75,11 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nwaku.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | nwaku.initChownData.image.repository | Container repository | string | `"busybox"` | | nwaku.initChownData.image.tag | Container tag | string | `"1.34.0"` | + | nwaku.jwt | Key to use to maintain consistent addressing between restarts https://github.com/waku-org/nwaku/blob/master/docs/operators/how-to/configure-key.md#generate-and-configure-a-node-key | object | `{"existingSecret":{"key":"","name":""},"fromLiteral":""}` | + | nwaku.jwt.existingSecret | Load the JWT from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. | object | `{"key":"","name":""}` | + | nwaku.jwt.existingSecret.key | Data key for the JWT in the Secret | string | `""` | + | nwaku.jwt.existingSecret.name | Name of the Secret resource in the same namespace | string | `""` | + | nwaku.jwt.fromLiteral | Use this literal value for the JWT | string | `""` | | nwaku.nodeSelector | | object | `{}` | | nwaku.p2pNodePort.enabled | Expose P2P port via NodePort | bool | `false` | | nwaku.p2pNodePort.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | diff --git a/charts/nwaku/README.md.gotmpl b/charts/nwaku/README.md.gotmpl index bf9b0e49..7ebe5bf8 100644 --- a/charts/nwaku/README.md.gotmpl +++ b/charts/nwaku/README.md.gotmpl @@ -11,7 +11,7 @@ - Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) - Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests - Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) -- Support for configuring Grafana dashboards for celo ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) +- Support for configuring Grafana dashboards for nwaku ([grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)) - Support for exposing a NodePort to enable inbound P2P dials for better peering ## Quickstart @@ -23,17 +23,17 @@ $ helm repo add graphops http://graphops.github.io/helm-charts $ helm install my-release graphops/{{ template "chart.name" . }} ``` -Once the release is installed, celo will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. +Once the release is installed, nwaku will begin syncing. You can use `kubectl logs` to monitor the sync status. See the Values section to install Prometheus `ServiceMonitor`s and a Grafana dashboard. ## JSON-RPC ### Built-in JSON-RPC -You can access JSON-RPC via the stateful node `Service` (`-celo-stateful-node`) on port `8545` by default. +You can access JSON-RPC via the stateful node `Service` (`-nwaku`) on port `8545` by default. ## Enabling inbound P2P dials -By default, your celo node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your celo ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. +By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. ```yaml # values.yaml diff --git a/charts/nwaku/dashboards/nwaku.json b/charts/nwaku/dashboards/nwaku.json index 311847da..1d5c7511 100644 --- a/charts/nwaku/dashboards/nwaku.json +++ b/charts/nwaku/dashboards/nwaku.json @@ -1,2 +1,2874 @@ -{} +{ + "__inputs": [ + { + "name": "DS_NWAKU_PROMETHEUS", + "label": "Nwaku_Prometheus", + "description": "", + "type": "datasource", + "pluginId": "prometheus", + "pluginName": "Prometheus" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "panel", + "id": "gauge", + "name": "Gauge", + "version": "" + }, + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "9.1.5" + }, + { + "type": "panel", + "id": "graph", + "name": "Graph (old)", + "version": "" + }, + { + "type": "panel", + "id": "heatmap", + "name": "Heatmap", + "version": "" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "Basic metrics for a single running nwaku node", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 56, + "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "refId": "A" + } + ], + "title": "At a glance", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "max": 150, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 0 + }, + { + "color": "yellow", + "value": 1 + }, + { + "color": "green", + "value": 2 + }, + { + "color": "#EAB839", + "value": 120 + }, + { + "color": "red", + "value": 149 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 10, + "w": 8, + "x": 0, + "y": 1 + }, + "id": 52, + "options": { + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true, + "text": {} + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_peers", + "interval": "", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Libp2p PubSub Peers", + "type": "gauge" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "links": [], + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 10, + "w": 8, + "x": 8, + "y": 1 + }, + "id": 11, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "8.3.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "(increase(waku_node_messages_total[10m]))", + "interval": "", + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "title": "Messages (10m rate)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 9, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 10, + "w": 8, + "x": 16, + "y": 1 + }, + "id": 54, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sum by (type)(waku_peers_errors)", + "interval": "", + "legendFormat": "peer {{type}}", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sum by (type)(waku_store_errors)", + "hide": false, + "interval": "", + "legendFormat": "store {{type}}", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sum by (type)(waku_node_errors)", + "hide": false, + "interval": "", + "legendFormat": "node {{type}}", + "range": true, + "refId": "C" + } + ], + "title": "Waku Errors", + "type": "timeseries" + }, + { + "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 11 + }, + "id": 17, + "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "refId": "A" + } + ], + "title": "General", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 12 + }, + "id": 60, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_topics", + "interval": "", + "legendFormat": "Topics", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_subscriptions_total", + "hide": false, + "interval": "", + "legendFormat": "Subscriptions", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_unsubscriptions_total", + "hide": false, + "interval": "", + "legendFormat": "Unsubscriptions", + "range": true, + "refId": "C" + } + ], + "title": "Pubsub Topics", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 12 + }, + "id": 50, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "waku_node_errors", + "interval": "", + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "title": "Waku Node Errors", + "type": "timeseries" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 5, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 18 + }, + "hiddenSeries": false, + "id": 2, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "libp2p_peers", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "LibP2P Peers", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:1306", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:1307", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 5, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 18 + }, + "hiddenSeries": false, + "id": 8, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "libp2p_pubsub_peers", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "LibP2P PubSub Peers", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:1232", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:1233", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 24 + }, + "hiddenSeries": false, + "id": 3, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum by (type)(libp2p_open_streams)", + "interval": "", + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "LibP2P Open Streams", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:115", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:116", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 24 + }, + "hiddenSeries": false, + "id": 9, + "legend": { + "alignAsTable": true, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_validation_success_total", + "hide": false, + "interval": "", + "legendFormat": "success ", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_validation_failure_total", + "hide": false, + "interval": "", + "legendFormat": "failure ", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_pubsub_validation_ignore_total", + "hide": false, + "interval": "", + "legendFormat": "ignore ", + "range": true, + "refId": "C" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "LibP2P Validations", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:189", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:190", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 30 + }, + "hiddenSeries": false, + "id": 6, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "process_open_fds", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Open File Descriptors", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:511", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:512", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 30 + }, + "hiddenSeries": false, + "id": 7, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_total_dial_attempts_total", + "format": "time_series", + "hide": false, + "interval": "", + "legendFormat": "Attempts", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_failed_dials_total", + "hide": false, + "interval": "", + "legendFormat": "Failed", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "libp2p_successful_dials_total", + "hide": false, + "interval": "", + "legendFormat": "Successful", + "range": true, + "refId": "C" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "LibP2P Dials", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:189", + "format": "short", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:190", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 36 + }, + "id": 44, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "nim_gc_mem_bytes", + "interval": "", + "legendFormat": "Nim total memory: ", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "nim_gc_mem_occupied_bytes", + "hide": false, + "interval": "", + "legendFormat": "Nim occupied memory: ", + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "nim_gc_heap_instance_occupied_summed_bytes", + "hide": false, + "interval": "", + "legendFormat": "Nim total heap: ", + "refId": "C" + } + ], + "title": "Nim Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 36 + }, + "id": 64, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "nim_gc_heap_instance_occupied_bytes", + "interval": "", + "legendFormat": " {{type_name}}", + "refId": "A" + } + ], + "title": "Heap allocation", + "type": "timeseries" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 44 + }, + "hiddenSeries": false, + "id": 4, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "process_virtual_memory_bytes", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Virtual Memory", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:263", + "format": "decbytes", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:264", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 44 + }, + "hiddenSeries": false, + "id": 5, + "legend": { + "alignAsTable": false, + "avg": true, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "process_resident_memory_bytes", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Resident Memory", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:437", + "format": "decbytes", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:438", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 50 + }, + "id": 34, + "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "refId": "A" + } + ], + "title": "Store", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 51 + }, + "id": 36, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_store_peers", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Waku Store Peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 51 + }, + "id": 38, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "waku_store_messages", + "interval": "", + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "title": "Waku Store Messages", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 57 + }, + "id": 62, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "increase(waku_store_queries[10m])", + "interval": "", + "legendFormat": "", + "range": true, + "refId": "A" + } + ], + "title": "Waku Store Queries (10m rate)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 57 + }, + "id": 40, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "sum by (type)(increase(waku_store_errors[10m]))", + "interval": "", + "legendFormat": "{{type}}", + "refId": "A" + } + ], + "title": "Waku Store Errors (10m rate)", + "type": "timeseries" + }, + { + "cards": {}, + "color": { + "cardColor": "#b4ff00", + "colorScale": "sqrt", + "colorScheme": "interpolateRdYlGn", + "exponent": 0.5, + "mode": "spectrum" + }, + "dataFormat": "tsbuckets", + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 63 + }, + "heatmap": {}, + "hideZeroBuckets": true, + "highlightCards": true, + "id": 77, + "legend": { + "show": false + }, + "maxDataPoints": 120, + "options": { + "calculate": false, + "calculation": {}, + "cellGap": 2, + "cellValues": {}, + "color": { + "exponent": 0.5, + "fill": "#b4ff00", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "RdYlGn", + "steps": 128 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": false + }, + "rowsFrame": { + "layout": "auto" + }, + "showValue": "never", + "tooltip": { + "show": true, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "decimals": 0, + "reverse": false, + "unit": "s" + } + }, + "pluginVersion": "9.1.5", + "reverseYBuckets": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": false, + "expr": "sum by (le)(rate(waku_store_query_duration_seconds_bucket[$__rate_interval]))", + "format": "heatmap", + "interval": "", + "legendFormat": "{{le}}", + "refId": "A" + } + ], + "title": "Store Query Duration", + "tooltip": { + "show": true, + "showHistogram": false + }, + "type": "heatmap", + "xAxis": { + "show": true + }, + "yAxis": { + "decimals": 0, + "format": "s", + "logBase": 1, + "show": true + }, + "yBucketBound": "auto" + }, + { + "cards": {}, + "color": { + "cardColor": "#b4ff00", + "colorScale": "sqrt", + "colorScheme": "interpolateRdYlGn", + "exponent": 0.5, + "mode": "spectrum" + }, + "dataFormat": "tsbuckets", + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 63 + }, + "heatmap": {}, + "hideZeroBuckets": true, + "highlightCards": true, + "id": 75, + "legend": { + "show": false + }, + "maxDataPoints": 120, + "options": { + "calculate": false, + "calculation": {}, + "cellGap": 2, + "cellValues": {}, + "color": { + "exponent": 0.5, + "fill": "#b4ff00", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "RdYlGn", + "steps": 128 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": false + }, + "rowsFrame": { + "layout": "auto" + }, + "showValue": "never", + "tooltip": { + "show": true, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "decimals": 0, + "reverse": false, + "unit": "s" + } + }, + "pluginVersion": "9.1.5", + "reverseYBuckets": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": false, + "expr": "sum by (le)(rate(waku_store_insert_duration_seconds_bucket[$__rate_interval]))", + "format": "heatmap", + "hide": false, + "interval": "", + "legendFormat": "{{le}}", + "refId": "B" + } + ], + "title": "Store Insert Duration", + "tooltip": { + "show": true, + "showHistogram": false + }, + "type": "heatmap", + "xAxis": { + "show": true + }, + "yAxis": { + "decimals": 0, + "format": "s", + "logBase": 1, + "show": true + }, + "yBucketBound": "auto" + }, + { + "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 70 + }, + "id": 20, + "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "refId": "A" + } + ], + "title": "Filter", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "description": "Waku Filter Peers", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 71 + }, + "id": 22, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_filter_peers", + "hide": false, + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Waku Filter Peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 8, + "y": 71 + }, + "id": 24, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_filter_subscribers", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Waku Filter Subscribers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 16, + "y": 71 + }, + "id": 26, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_filter_errors", + "interval": "", + "legendFormat": "{{type}}: ", + "refId": "A" + } + ], + "title": "Waku Filter Errors", + "type": "timeseries" + }, + { + "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 79 + }, + "id": 28, + "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "8smvunn4k" + }, + "refId": "A" + } + ], + "title": "Lightpush", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 80 + }, + "id": 30, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_lightpush_peers", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Waku Lightpush Peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 80 + }, + "id": 32, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_NWAKU_PROMETHEUS}" + }, + "exemplar": true, + "expr": "waku_lightpush_errors", + "interval": "", + "legendFormat": "{{type}}: {[instance}}", + "refId": "A" + } + ], + "title": "Waku Lightpush Errors", + "type": "timeseries" + } + ], + "refresh": "30s", + "schemaVersion": 37, + "style": "dark", + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ] + }, + "timezone": "browser", + "title": "nwaku single node dashboard", + "uid": "qrp_ZCTGz", + "version": 10, + "weekStart": "" +} diff --git a/charts/nwaku/templates/nwaku/jwt-secret.yaml b/charts/nwaku/templates/nwaku/jwt-secret.yaml new file mode 100644 index 00000000..5a6e6bdb --- /dev/null +++ b/charts/nwaku/templates/nwaku/jwt-secret.yaml @@ -0,0 +1,17 @@ +{{- $values := $.Values.nwaku }} +{{- $componentName := "nwaku" }} +{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} + +{{- if $values.jwt.fromLiteral }} +--- +apiVersion: v1 +type: Opaque +kind: Secret +metadata: + name: {{ include "nwaku.fullname" . }}-jwt + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +data: + jwt.hex: {{ $values.jwt.fromLiteral | b64enc }} +{{- end }} diff --git a/charts/nwaku/templates/nwaku/service.yaml b/charts/nwaku/templates/nwaku/service.yaml index 79aac05c..c3c2451e 100644 --- a/charts/nwaku/templates/nwaku/service.yaml +++ b/charts/nwaku/templates/nwaku/service.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "nwaku.fullname" . }}-{{ $componentName }}-headless + name: {{ include "nwaku.fullname" . }}-headless labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} @@ -24,7 +24,7 @@ spec: apiVersion: v1 kind: Service metadata: - name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + name: {{ include "nwaku.fullname" . }} labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} @@ -47,11 +47,11 @@ spec: apiVersion: v1 kind: Service metadata: - name: {{ include "nwaku.fullname" . }}-{{ $componentName }}-p2p-0 + name: {{ include "nwaku.fullname" . }}-p2p-0 labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} - pod: {{ include "nwaku.fullname" . }}-{{ $componentName }}-0 + pod: {{ include "nwaku.fullname" . }}-0 type: p2p # this label is used by the initContainer to select this service spec: type: NodePort diff --git a/charts/nwaku/templates/nwaku/servicemonitor.yaml b/charts/nwaku/templates/nwaku/servicemonitor.yaml index faad6f36..6ad80ca5 100644 --- a/charts/nwaku/templates/nwaku/servicemonitor.yaml +++ b/charts/nwaku/templates/nwaku/servicemonitor.yaml @@ -6,7 +6,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + name: {{ include "nwaku.fullname" . }} labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml index afa854b7..595603c4 100644 --- a/charts/nwaku/templates/nwaku/statefulset.yaml +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -2,15 +2,19 @@ {{- $componentName := "nwaku"}} {{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} +{{- $jwtEnabled := or $values.jwt.existingSecret $values.jwt.fromLiteral }} +{{- $jwtSecretName := default (print (include "nwaku.fullname" .) "-" $componentName "-jwt") $values.jwt.existingSecret.name }} +{{- $jwtSecretKey := default "jwt.hex" $values.jwt.existingSecret.key }} + apiVersion: apps/v1 kind: StatefulSet metadata: - name: {{ include "nwaku.fullname" . }}-{{ $componentName }} + name: {{ include "nwaku.fullname" . }} labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} spec: - serviceName: {{ include "nwaku.fullname" . }}-{{ $componentName }}-headless + serviceName: {{ include "nwaku.fullname" . }}-headless replicas: {{ include "nwaku.replicas" $values }} selector: matchLabels: @@ -47,6 +51,14 @@ spec: volumes: - name: tmp # this is to provide a writable /tmp even with securityContext.readOnlyRootFilesystem=true emptyDir: {} + {{- if $jwtEnabled }} + - name: jwt + secret: + secretName: {{ $jwtSecretName }} + items: + - key: {{ $jwtSecretKey }} + path: jwt.hex + {{- end }} {{- if $values.p2pNodePort.enabled }} - name: env-nodeport emptyDir: {} @@ -118,6 +130,7 @@ spec: . /env/init-nodeport; {{- end }} set -ex; + export NODEKEY=$(cat /jwt/jwt.hex); wakunode2 \ --store=false \ --discv5-discovery=true \ @@ -126,17 +139,20 @@ spec: --tcp-port=${EXTERNAL_PORT} \ {{- else }} --tcp-port={{ include "nwaku.p2pPort" $values }} \ + {{- end }} + {{- if $jwtEnabled }} + --nodekey=${NODEKEY} \ {{- end }} --rest=true \ --rest-address=0.0.0.0 \ --rpc=true \ --rpc-address=0.0.0.0 \ --rpc-admin=true \ - --metrics-server=true \ --metrics-server-address=0.0.0.0 \ {{- range $arg := $values.extraArgs }} {{- $arg | nindent 16 }} \ {{- end }} + --metrics-server=true ports: - name: htpp-rest containerPort: 8645 @@ -157,6 +173,10 @@ spec: containerPort: {{ include "nwaku.p2pPort" $values }} protocol: TCP volumeMounts: + {{- if $jwtEnabled }} + - name: jwt + mountPath: /jwt + {{- end }} {{- if $values.p2pNodePort.enabled }} - name: env-nodeport mountPath: /env diff --git a/charts/nwaku/values.yaml b/charts/nwaku/values.yaml index a7a8f4cc..51740519 100644 --- a/charts/nwaku/values.yaml +++ b/charts/nwaku/values.yaml @@ -77,6 +77,17 @@ nwaku: # -- Extra labels to attach to the Pod for matching against extraLabels: {} + # -- Key to use to maintain consistent addressing between restarts https://github.com/waku-org/nwaku/blob/master/docs/operators/how-to/configure-key.md#generate-and-configure-a-node-key + jwt: + # -- Load the JWT from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. + existingSecret: + # -- Name of the Secret resource in the same namespace + name: "" + # -- Data key for the JWT in the Secret + key: "" + # -- Use this literal value for the JWT + fromLiteral: "" + # -- [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage volumeClaimSpec: accessModes: ["ReadWriteOnce"] From 46d176923255df964d1694133aa9c0b153c3668c Mon Sep 17 00:00:00 2001 From: calinah Date: Tue, 24 Jan 2023 22:33:35 -0800 Subject: [PATCH 5/9] feat(nwaku): updated README --- charts/nwaku/README.md | 8 ++++---- charts/nwaku/README.md.gotmpl | 6 +++--- charts/nwaku/values.yaml | 4 +--- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/charts/nwaku/README.md b/charts/nwaku/README.md index cb671f66..1113f0c4 100644 --- a/charts/nwaku/README.md +++ b/charts/nwaku/README.md @@ -33,18 +33,18 @@ You can access JSON-RPC via the stateful node `Service` (`-nwaku`) ## Enabling inbound P2P dials -By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. +By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `nwaku.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `nwaku.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `nwaku.replicaCount` will be locked to `1`. ```yaml # values.yaml -statefulNode: +nwaku: p2pNodePort: enabled: true port: 31000 # Must be globally unique and available on the host ``` -You can monitor progress by following the logs of the `stateful-node-init` container: `kubectl logs --since 1m -f release-name-stateful-node-0 -c stateful-node-init` +You can monitor progress by following the logs of the `nwaku` container: `kubectl logs --since 1m -f release-name-nwaku-0` ## Upgrading @@ -69,7 +69,7 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nameOverride | | string | `""` | | nwaku.affinity | | object | `{}` | | nwaku.affinityPresets.antiAffinityByHostname | Configure anti-affinity rules to prevent multiple instances on the same host | bool | `true` | - | nwaku.extraArgs | Additional CLI arguments | list | `["--dns-discovery=true","--dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im"]` | + | nwaku.extraArgs | Additional CLI arguments | list | `[]` | | nwaku.extraLabels | Extra labels to attach to the Pod for matching against | object | `{}` | | nwaku.initChownData.enabled | Init container to set the correct permissions to access data directories | bool | `true` | | nwaku.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | diff --git a/charts/nwaku/README.md.gotmpl b/charts/nwaku/README.md.gotmpl index 7ebe5bf8..46543cf8 100644 --- a/charts/nwaku/README.md.gotmpl +++ b/charts/nwaku/README.md.gotmpl @@ -33,18 +33,18 @@ You can access JSON-RPC via the stateful node `Service` (`-nwaku`) ## Enabling inbound P2P dials -By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `statefulNode.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `statefulNode.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `statefulNode.replicaCount` will be locked to `1`. +By default, your nwaku node will not have an internet-accessible port for P2P traffic. This makes it harder for your node to establish a strong set of peers because you cannot accept inbound P2P dials. To change this behaviour, you can set `nwaku.p2pNodePort.enabled` to `true`. This will make your node accessible via the Internet using a `Service` of type `NodePort`. When using `nwaku.p2pNodePort.enabled`, the exposed IP address on your nwaku ENR record will be the "External IP" of the Node where the Pod is running. When using this mode, `nwaku.replicaCount` will be locked to `1`. ```yaml # values.yaml -statefulNode: +nwaku: p2pNodePort: enabled: true port: 31000 # Must be globally unique and available on the host ``` -You can monitor progress by following the logs of the `stateful-node-init` container: `kubectl logs --since 1m -f release-name-stateful-node-0 -c stateful-node-init` +You can monitor progress by following the logs of the `nwaku` container: `kubectl logs --since 1m -f release-name-nwaku-0` {{ template "graphops.upgradingSection" . }} diff --git a/charts/nwaku/values.yaml b/charts/nwaku/values.yaml index 51740519..a4975077 100644 --- a/charts/nwaku/values.yaml +++ b/charts/nwaku/values.yaml @@ -70,9 +70,7 @@ grafana: nwaku: # -- Additional CLI arguments - extraArgs: - - --dns-discovery=true - - --dns-discovery-url=enrtree://AOGECG2SPND25EEFMAJ5WF3KSGJNSGV356DSTL2YVLLZWIV6SAYBM@prod.waku.nodes.status.im + extraArgs: [] # -- Extra labels to attach to the Pod for matching against extraLabels: {} From 0c8e6a504e2d820dca61f4c184588e67db525e44 Mon Sep 17 00:00:00 2001 From: calinah Date: Thu, 26 Jan 2023 06:38:12 -0800 Subject: [PATCH 6/9] feat(nwaku): updated based on PR review --- charts/nwaku/README.md | 11 ++++---- charts/nwaku/README.md.gotmpl | 1 - charts/nwaku/templates/nwaku/jwt-secret.yaml | 6 ++--- .../nwaku/templates/nwaku/servicemonitor.yaml | 2 +- charts/nwaku/templates/nwaku/statefulset.yaml | 26 +++++++++---------- charts/nwaku/values.yaml | 8 +++--- 6 files changed, 26 insertions(+), 28 deletions(-) diff --git a/charts/nwaku/README.md b/charts/nwaku/README.md index 1113f0c4..51eed8a5 100644 --- a/charts/nwaku/README.md +++ b/charts/nwaku/README.md @@ -7,7 +7,6 @@ Deploy and scale [Waku v2 Node](https://github.com/waku-org/nwaku) inside Kubern ## Features - Actively maintained by [GraphOps](https://graphops.xyz) [and contributors](https://github.com/graphops/helm-charts/graphs/contributors) -- Deploys a scalable pool of `rpcdaemon` instances, with auto-scaling support, for automatic elastic JSON-RPC - Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) - Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests - Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) @@ -75,12 +74,12 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nwaku.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | nwaku.initChownData.image.repository | Container repository | string | `"busybox"` | | nwaku.initChownData.image.tag | Container tag | string | `"1.34.0"` | - | nwaku.jwt | Key to use to maintain consistent addressing between restarts https://github.com/waku-org/nwaku/blob/master/docs/operators/how-to/configure-key.md#generate-and-configure-a-node-key | object | `{"existingSecret":{"key":"","name":""},"fromLiteral":""}` | - | nwaku.jwt.existingSecret | Load the JWT from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. | object | `{"key":"","name":""}` | - | nwaku.jwt.existingSecret.key | Data key for the JWT in the Secret | string | `""` | - | nwaku.jwt.existingSecret.name | Name of the Secret resource in the same namespace | string | `""` | - | nwaku.jwt.fromLiteral | Use this literal value for the JWT | string | `""` | | nwaku.nodeSelector | | object | `{}` | + | nwaku.nodekey | Key to use to maintain consistent addressing between restarts https://github.com/waku-org/nwaku/blob/master/docs/operators/how-to/configure-key.md#generate-and-configure-a-node-key | object | `{"existingSecret":{"key":"","name":""},"fromLiteral":""}` | + | nwaku.nodekey.existingSecret | Load the key from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. | object | `{"key":"","name":""}` | + | nwaku.nodekey.existingSecret.key | Data key for the NodeKey in the Secret | string | `""` | + | nwaku.nodekey.existingSecret.name | Name of the Secret resource in the same namespace | string | `""` | + | nwaku.nodekey.fromLiteral | Use this literal value for the NodeKey | string | `""` | | nwaku.p2pNodePort.enabled | Expose P2P port via NodePort | bool | `false` | | nwaku.p2pNodePort.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | nwaku.p2pNodePort.initContainer.image.repository | Container image to fetch nodeport information | string | `"lachlanevenson/k8s-kubectl"` | diff --git a/charts/nwaku/README.md.gotmpl b/charts/nwaku/README.md.gotmpl index 46543cf8..b72e5c3a 100644 --- a/charts/nwaku/README.md.gotmpl +++ b/charts/nwaku/README.md.gotmpl @@ -7,7 +7,6 @@ ## Features - Actively maintained by [GraphOps](https://graphops.xyz) [and contributors](https://github.com/graphops/helm-charts/graphs/contributors) -- Deploys a scalable pool of `rpcdaemon` instances, with auto-scaling support, for automatic elastic JSON-RPC - Strong security defaults (non-root execution, ready-only root filesystem, drops all capabilities) - Readiness checks to ensure traffic only hits `Pod`s that are healthy and ready to serve requests - Support for `ServiceMonitor`s to configure Prometheus to scrape metrics ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) diff --git a/charts/nwaku/templates/nwaku/jwt-secret.yaml b/charts/nwaku/templates/nwaku/jwt-secret.yaml index 5a6e6bdb..b918ae57 100644 --- a/charts/nwaku/templates/nwaku/jwt-secret.yaml +++ b/charts/nwaku/templates/nwaku/jwt-secret.yaml @@ -2,16 +2,16 @@ {{- $componentName := "nwaku" }} {{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} -{{- if $values.jwt.fromLiteral }} +{{- if $values.nodekey.fromLiteral }} --- apiVersion: v1 type: Opaque kind: Secret metadata: - name: {{ include "nwaku.fullname" . }}-jwt + name: {{ include "nwaku.fullname" . }}-nodekey labels: {{- include "nwaku.labels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} data: - jwt.hex: {{ $values.jwt.fromLiteral | b64enc }} + nodekey.hex: {{ $values.nodekey.fromLiteral | b64enc }} {{- end }} diff --git a/charts/nwaku/templates/nwaku/servicemonitor.yaml b/charts/nwaku/templates/nwaku/servicemonitor.yaml index 6ad80ca5..224655a8 100644 --- a/charts/nwaku/templates/nwaku/servicemonitor.yaml +++ b/charts/nwaku/templates/nwaku/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- $values := $.Values.statefulNode }} +{{- $values := $.Values.nwaku }} {{- $componentName := "nwaku" }} {{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} {{- /* If serviceMonitors enabled in chart-wide values */ -}} diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml index 595603c4..33f1c622 100644 --- a/charts/nwaku/templates/nwaku/statefulset.yaml +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -2,9 +2,9 @@ {{- $componentName := "nwaku"}} {{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} -{{- $jwtEnabled := or $values.jwt.existingSecret $values.jwt.fromLiteral }} -{{- $jwtSecretName := default (print (include "nwaku.fullname" .) "-" $componentName "-jwt") $values.jwt.existingSecret.name }} -{{- $jwtSecretKey := default "jwt.hex" $values.jwt.existingSecret.key }} +{{- $nodekeyEnabled := or $values.nodekey.existingSecret $values.nodekey.fromLiteral }} +{{- $nodekeySecretName := default (print (include "nwaku.fullname" .) "-" $componentName "-nodekey") $values.nodekey.existingSecret.name }} +{{- $nodekeySecretKey := default "nodekey.hex" $values.nodekey.existingSecret.key }} apiVersion: apps/v1 kind: StatefulSet @@ -51,13 +51,13 @@ spec: volumes: - name: tmp # this is to provide a writable /tmp even with securityContext.readOnlyRootFilesystem=true emptyDir: {} - {{- if $jwtEnabled }} - - name: jwt + {{- if $nodekeyEnabled }} + - name: nodekey secret: - secretName: {{ $jwtSecretName }} + secretName: {{ $nodekeySecretName }} items: - - key: {{ $jwtSecretKey }} - path: jwt.hex + - key: {{ $nodekeySecretKey }} + path: nodekey.hex {{- end }} {{- if $values.p2pNodePort.enabled }} - name: env-nodeport @@ -130,7 +130,7 @@ spec: . /env/init-nodeport; {{- end }} set -ex; - export NODEKEY=$(cat /jwt/jwt.hex); + export NODEKEY=$(cat /nodekey/nodekey.hex); wakunode2 \ --store=false \ --discv5-discovery=true \ @@ -140,7 +140,7 @@ spec: {{- else }} --tcp-port={{ include "nwaku.p2pPort" $values }} \ {{- end }} - {{- if $jwtEnabled }} + {{- if $nodekeyEnabled }} --nodekey=${NODEKEY} \ {{- end }} --rest=true \ @@ -173,9 +173,9 @@ spec: containerPort: {{ include "nwaku.p2pPort" $values }} protocol: TCP volumeMounts: - {{- if $jwtEnabled }} - - name: jwt - mountPath: /jwt + {{- if $nodekeyEnabled }} + - name: nodekey + mountPath: /nodekey {{- end }} {{- if $values.p2pNodePort.enabled }} - name: env-nodeport diff --git a/charts/nwaku/values.yaml b/charts/nwaku/values.yaml index a4975077..ab2e5f9b 100644 --- a/charts/nwaku/values.yaml +++ b/charts/nwaku/values.yaml @@ -76,14 +76,14 @@ nwaku: extraLabels: {} # -- Key to use to maintain consistent addressing between restarts https://github.com/waku-org/nwaku/blob/master/docs/operators/how-to/configure-key.md#generate-and-configure-a-node-key - jwt: - # -- Load the JWT from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. + nodekey: + # -- Load the key from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. existingSecret: # -- Name of the Secret resource in the same namespace name: "" - # -- Data key for the JWT in the Secret + # -- Data key for the NodeKey in the Secret key: "" - # -- Use this literal value for the JWT + # -- Use this literal value for the NodeKey fromLiteral: "" # -- [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage From 314308ab970bc312ae1f06325c13d9ececf24cfe Mon Sep 17 00:00:00 2001 From: calinah Date: Thu, 26 Jan 2023 06:39:21 -0800 Subject: [PATCH 7/9] feat(nwaku): updated jwt key secret file name --- charts/nwaku/templates/nwaku/jwt-secret.yaml | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 charts/nwaku/templates/nwaku/jwt-secret.yaml diff --git a/charts/nwaku/templates/nwaku/jwt-secret.yaml b/charts/nwaku/templates/nwaku/jwt-secret.yaml deleted file mode 100644 index b918ae57..00000000 --- a/charts/nwaku/templates/nwaku/jwt-secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- $values := $.Values.nwaku }} -{{- $componentName := "nwaku" }} -{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} - -{{- if $values.nodekey.fromLiteral }} ---- -apiVersion: v1 -type: Opaque -kind: Secret -metadata: - name: {{ include "nwaku.fullname" . }}-nodekey - labels: - {{- include "nwaku.labels" . | nindent 4 }} - {{- $componentLabel | nindent 4 }} -data: - nodekey.hex: {{ $values.nodekey.fromLiteral | b64enc }} -{{- end }} From 71477d079e2f1aa7067b8c50d4a321d6282d2f91 Mon Sep 17 00:00:00 2001 From: calinah Date: Thu, 26 Jan 2023 06:39:27 -0800 Subject: [PATCH 8/9] feat(nwaku): updated jwt key secret file name --- .../nwaku/templates/nwaku/nodekey-secret.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 charts/nwaku/templates/nwaku/nodekey-secret.yaml diff --git a/charts/nwaku/templates/nwaku/nodekey-secret.yaml b/charts/nwaku/templates/nwaku/nodekey-secret.yaml new file mode 100644 index 00000000..b918ae57 --- /dev/null +++ b/charts/nwaku/templates/nwaku/nodekey-secret.yaml @@ -0,0 +1,17 @@ +{{- $values := $.Values.nwaku }} +{{- $componentName := "nwaku" }} +{{- $componentLabel := include "nwaku.componentLabelFor" $componentName }} + +{{- if $values.nodekey.fromLiteral }} +--- +apiVersion: v1 +type: Opaque +kind: Secret +metadata: + name: {{ include "nwaku.fullname" . }}-nodekey + labels: + {{- include "nwaku.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +data: + nodekey.hex: {{ $values.nodekey.fromLiteral | b64enc }} +{{- end }} From 0c9c6ba93d7eee3538fbad85384a39f65ecea4f3 Mon Sep 17 00:00:00 2001 From: calinah Date: Fri, 27 Jan 2023 22:09:51 -0800 Subject: [PATCH 9/9] feat(nwaku): rm-ing unneeded flag --- charts/nwaku/templates/nwaku/statefulset.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/nwaku/templates/nwaku/statefulset.yaml b/charts/nwaku/templates/nwaku/statefulset.yaml index 33f1c622..c67bc238 100644 --- a/charts/nwaku/templates/nwaku/statefulset.yaml +++ b/charts/nwaku/templates/nwaku/statefulset.yaml @@ -133,7 +133,6 @@ spec: export NODEKEY=$(cat /nodekey/nodekey.hex); wakunode2 \ --store=false \ - --discv5-discovery=true \ {{- if $values.p2pNodePort.enabled }} --nat=extip:${EXTERNAL_IP} \ --tcp-port=${EXTERNAL_PORT} \