From c5c64f613bd5dff032d2a03ed5e97547c61b5861 Mon Sep 17 00:00:00 2001 From: saurabhkumarkardam Date: Fri, 16 Aug 2024 11:06:55 +0000 Subject: [PATCH] bug(quorum): refactor quorum ansible codebase This PR will allow us to deploy Quorum DLT platform via Ansible. Changes made: - Enabled multi-organization deployment. - To support a multi-organization network, the codebase is designed in such a way that the first organization is responsible for creating the static node JSON file, and each subsequent organization copies the file from the immediately preceding organization. This ensures that the most recently deployed organization will have the addresses of all the nodes from the previously deployed organizations. - Added validation code to stop deployment if a user does not define a minimum of 4 validators. The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3. Note: Beyond the initial four, custom names can be defined as needed. - Added the latest image, version 24.4.1, for the quorum nodes. fixes #2614 Signed-off-by: saurabhkumarkardam --- platforms/network-schema.json | 3 +- .../quorum/charts/quorum-genesis/Chart.yaml | 2 +- .../charts/quorum-node/requirements.yaml | 4 +- .../quorum/charts/quorum-node/values.yaml | 3 +- platforms/quorum/configuration/cleanup.yaml | 9 +-- .../quorum/configuration/deploy-network.yaml | 73 +++++++------------ .../validation/tasks/count_validators.yaml | 14 ++++ .../roles/check/validation/tasks/main.yaml | 26 +++++++ .../{memberquorum.tpl => member_quorum.tpl} | 8 +- ...lidatorquorum.tpl => validator_quorum.tpl} | 10 ++- .../create/helm_component/vars/main.yaml | 4 +- .../roles/create/member_node/tasks/main.yaml | 31 +------- .../create/validator_node/tasks/main.yaml | 30 ++------ .../delete/local_directories/tasks/main.yaml | 25 +++++++ .../setup/genesis/primary/tasks/main.yaml | 53 -------------- .../genesis/primary_genesis/tasks/main.yaml | 46 ++++++++++++ .../setup/genesis/secondary/tasks/main.yaml | 42 ----------- .../tasks/deploy_secondary_genesis.yaml | 33 +++++++++ .../genesis/secondary_genesis/tasks/main.yaml | 51 +++++++++++++ .../roles/setup/nodes/tasks/main.yaml | 37 ++++++++++ .../samples/network-minikube.yaml | 2 +- .../samples/network-quorum-newnode.yaml | 2 +- .../samples/network-quorum-tessera.yaml | 2 +- .../configuration/samples/network-quorum.yaml | 12 +-- .../templates/primary_genesis.tpl | 3 +- .../roles/create/job_component/vars/main.yaml | 15 ++-- .../roles/helm_lint/vars/main.yaml | 4 +- 27 files changed, 311 insertions(+), 233 deletions(-) create mode 100644 platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml create mode 100644 platforms/quorum/configuration/roles/check/validation/tasks/main.yaml rename platforms/quorum/configuration/roles/create/helm_component/templates/{memberquorum.tpl => member_quorum.tpl} (88%) rename platforms/quorum/configuration/roles/create/helm_component/templates/{validatorquorum.tpl => validator_quorum.tpl} (79%) create mode 100644 platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml delete mode 100644 platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml create mode 100644 platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml delete mode 100644 platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml create mode 100644 platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml create mode 100644 platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml create mode 100644 platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml diff --git a/platforms/network-schema.json b/platforms/network-schema.json index 2c84a485d34..657039e3d54 100755 --- a/platforms/network-schema.json +++ b/platforms/network-schema.json @@ -267,7 +267,8 @@ "type": "string", "enum": [ "21.4.2", - "23.4.0" + "23.4.0", + "24.4.1" ] }, "env": { diff --git a/platforms/quorum/charts/quorum-genesis/Chart.yaml b/platforms/quorum/charts/quorum-genesis/Chart.yaml index 0f7f92ff4b1..01e33afa216 100644 --- a/platforms/quorum/charts/quorum-genesis/Chart.yaml +++ b/platforms/quorum/charts/quorum-genesis/Chart.yaml @@ -1,4 +1,4 @@ -apiVersion: v1 +apiVersion: v2 name: quorum-genesis description: "Quorum: This Helm chart deploys genesis." type: application diff --git a/platforms/quorum/charts/quorum-node/requirements.yaml b/platforms/quorum/charts/quorum-node/requirements.yaml index e127c6e4b9e..50fe2d48c93 100644 --- a/platforms/quorum/charts/quorum-node/requirements.yaml +++ b/platforms/quorum/charts/quorum-node/requirements.yaml @@ -10,12 +10,12 @@ dependencies: repository: "file://../quorum-tessera-node" tags: - tessera - version: ~1.0.0 + version: ~1.1.0 condition: tessera.enabled - name: quorum-tls-gen alias: tls repository: "file://../quorum-tlscert-gen" tags: - bevel - version: ~1.0.0 + version: ~1.1.0 condition: tls.enabled diff --git a/platforms/quorum/charts/quorum-node/values.yaml b/platforms/quorum/charts/quorum-node/values.yaml index cd23e788205..c62e9d34c1c 100644 --- a/platforms/quorum/charts/quorum-node/values.yaml +++ b/platforms/quorum/charts/quorum-node/values.yaml @@ -98,7 +98,8 @@ node: image: quorum: repository: quorumengineering/quorum - tag: 22.7.1 + # latest is equivalent to 24.4.1 + tag: latest # latest | 22.7.1 hooks: repository: ghcr.io/hyperledger/bevel-k8s-hooks tag: qgt-0.2.12 diff --git a/platforms/quorum/configuration/cleanup.yaml b/platforms/quorum/configuration/cleanup.yaml index 662174478d1..27e7b20e7cc 100644 --- a/platforms/quorum/configuration/cleanup.yaml +++ b/platforms/quorum/configuration/cleanup.yaml @@ -27,11 +27,10 @@ kubernetes: "{{ item.k8s }}" loop: "{{ network['organizations'] }}" - # Delete build directory - - name: Remove build directory - file: - path: "./build" - state: absent + # Clean up helpers directory + - name: "Clean up helpers directory" + include_role: + name: delete/local_directories #These variables can be overriden from the command line vars: diff --git a/platforms/quorum/configuration/deploy-network.yaml b/platforms/quorum/configuration/deploy-network.yaml index 19b67ac454d..9571db0ed45 100644 --- a/platforms/quorum/configuration/deploy-network.yaml +++ b/platforms/quorum/configuration/deploy-network.yaml @@ -4,6 +4,7 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################################################## +############################################################################################## # This playbook deploys a DLT network on existing Kubernetes clusters # The Kubernetes clusters should already be created and the infomation to connect to the # clusters be updated in the network.yaml file that is used as an input to this playbook @@ -11,6 +12,7 @@ # To Run this playbook from this directory, use the following command (network.yaml also in this directory) # ansible-playbook deploy-network.yaml -e "@./network.yaml" ############################################################################################ + # Please ensure that the ../../shared/configuration playbooks have been run using the same network.yaml - hosts: ansible_provisioners gather_facts: no @@ -21,7 +23,12 @@ file: path: "./build" state: absent - + + # Validate input network.yaml + - name: "Validating network.yaml" + include_role: + name: check/validation + # create namespace - name: "Create namespace" include_role: @@ -46,63 +53,35 @@ loop_var: org when: - org.org_status is not defined or org.org_status == 'new' - - # Execute primary genesis for the first organization - - name: "Setup primary genesis with first org as Validators" - include_role: - name: setup/genesis/primary - vars: - build_path: "./build" - org: "{{ network['organizations'] | first }}" - name: "{{ org.name | lower }}" - component_ns: "{{ org.name | lower }}-quo" - kubernetes: "{{ org.k8s }}" - vault: "{{ org.vault }}" - gitops: "{{ org.gitops }}" - charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "./build/{{ component_ns }}" - when: - - not (add_new_org | bool) - - # # This role deploy validator nodes - - name: "Deploy validator nodes" + + # Install primary Genesis + - name: "Install primary Genesis" include_role: - name: create/validator_node + name: setup/genesis/primary_genesis vars: - build_path: "./build" - org: "{{ network['organizations'] | first }}" - name: "{{ org.name | lower }}" - component_ns: "{{ org.name | lower }}-quo" - kubernetes: "{{ org.k8s }}" - vault: "{{ org.vault }}" - gitops: "{{ org.gitops }}" - charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}" - when: - - org.org_status is not defined or org.org_status == 'new' - - # Deploy member nodes - - name: "Deploy member nodes with tessera transaction manager" + validator_count: "{{ total_validators | int }}" + + # Deploy nodes + - name: "Deploy nodes" include_role: - name: create/member_node + name: setup/nodes vars: - build_path: "./build" + org_name: "{{ org.name | lower }}" + component_ns: "{{ org_name }}-quo" + validators: "{{ org.services.validators }}" + members: "{{ org.services.peers }}" + cloud_provider: "{{ org.cloud_provider | lower }}" kubernetes: "{{ org.k8s }}" - name: "{{ org.name | lower }}" - firstorg: "{{ network['organizations'] | first }}" - consensus: "{{ network.config.consensus }}" - component_ns: "{{ org.name | lower }}-quo" vault: "{{ org.vault }}" gitops: "{{ org.gitops }}" charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}" - geth_data: "{{ network.config.bootnode | default('null') }}" + values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org_name }}" + current_org_index: "{{ org_index }}" loop: "{{ network['organizations'] }}" loop_control: loop_var: org - when: - - org.org_status is not defined or org.org_status == 'new' - + index_var: org_index + #These variables can be overriden from the command line vars: install_os: "linux" # Default to linux OS diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml new file mode 100644 index 00000000000..8b606ed2aee --- /dev/null +++ b/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml @@ -0,0 +1,14 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Counting the number of validator nodes +- name: "Count validator nodes" + set_fact: + total_validators: "{{ total_validators | int + 1 }}" + loop: "{{ validators }}" + loop_control: + loop_var: validator + when: validator is defined diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml new file mode 100644 index 00000000000..87c256babd0 --- /dev/null +++ b/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml @@ -0,0 +1,26 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Set initial counter for validators +- name: Set initial validator count + set_fact: + total_validators: 0 + +# Count Validato nodes in the first organization +- name: Count Validato nodes in the first organization + include_tasks: count_validators.yaml + vars: + org: "{{ network['organizations'] | first }}" + validators: "{{ org.services.validators }}" + +# Fail if total validators are less than 4 +- name: Fail if total validators are less than 4 + fail: + msg: | + The first organization, {{ (network['organizations'] | first).name }}, must have at least 4 validators. + The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3. + Note: Beyond the initial four, custom names can be defined as needed. + when: (total_validators | int) < 4 diff --git a/platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl b/platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl similarity index 88% rename from platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl rename to platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl index 594251f8de0..aafb06bb942 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl +++ b/platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl @@ -25,15 +25,15 @@ spec: type: {{ vault.type | default("hashicorp") }} network: quorum address: {{ vault.url }} - secretPrefix: "data/{{ network.env.type }}{{ name }}" + secretPrefix: "data/{{ network.env.type }}{{ org_name }}" secretEngine: {{ vault.secret_path | default("secretsv2") }} role: vault-role - authPath: {{ network.env.type }}{{ name }} + authPath: {{ network.env.type }}{{ org_name }} proxy: provider: ambassador externalUrlSuffix: {{ org.external_url_suffix }} - p2p: {{ peer.p2p.ambassador }} - tmport: {{ peer.tm_nodeport.ambassador | default(443) }} + p2p: {{ member.p2p.ambassador }} + tmport: {{ member.tm_nodeport.ambassador | default(443) }} storage: size: "2Gi" tessera: diff --git a/platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl b/platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl similarity index 79% rename from platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl rename to platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl index 587a281418c..472c9769391 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl +++ b/platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl @@ -23,13 +23,17 @@ spec: cloudNativeServices: false vault: address: {{ vault.url }} - secretPrefix: data/{{ network.env.type }}{{ name }} + secretPrefix: data/{{ network.env.type }}{{ org_name }} network: quorum role: vault-role - authPath: {{ network.env.type }}{{ name }} + authPath: {{ network.env.type }}{{ org_name }} type: {{ vault.type | default("hashicorp") }} secretEngine: {{ vault.secret_path | default("secretsv2") }} proxy: provider: "ambassador" externalUrlSuffix: {{ org.external_url_suffix }} - p2p: {{ peer.p2p.ambassador }} + p2p: {{ validator.p2p.ambassador }} + tessera: + enabled: false + tls: + enabled: false diff --git a/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml b/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml index 1e305938041..0a300e6d106 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml +++ b/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml @@ -7,8 +7,8 @@ helm_templates: quorum_tessera: tessera.tpl quorum: quorum.tpl - validatorquorum: validatorquorum.tpl - memberquorum: memberquorum.tpl + validator_quorum: validator_quorum.tpl + member_quorum: member_quorum.tpl crypto_tessera: crypto_tessera.tpl crypto_ibft_job: crypto_ibft_job.tpl certs-ambassador-quorum: certs-ambassador-quorum.tpl diff --git a/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml index 7b97986556b..2eac370f993 100644 --- a/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml +++ b/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml @@ -4,31 +4,12 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################################################## -# Execute only for members -- name: Perform secondary genesis - include_role: - name: setup/genesis/secondary - vars: - values_dir: "./build/{{ component_ns }}" - when: org.type == 'member' - -# Get the Genesis and staticnodes -- name: Get genesis and staticnodes - include_role: - name: get/genesis - when: org.type == 'member' and org.services.peers is defined - -# Creates the Quorum node value files for each node of organization -- name: Create value file for Quorum node +# Create value file for member node +- name: Create value file for member node include_role: name: create/helm_component vars: - component_name: "{{ peer.name }}" - type: "memberquorum" - loop: "{{ org.services.peers }}" - loop_control: - loop_var: peer - when: org.services.peers is defined + type: "member_quorum" # Pushes the above generated files to git directory - name: Git Push @@ -37,17 +18,13 @@ vars: GIT_DIR: "{{ playbook_dir }}/../../../" msg: "[ci skip] Pushing Member node files" - when: org.services.peers is defined # Wait for the last Member to be running - name: "Wait for the last member to run" include_role: name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" vars: - member: "{{ org.services.peers | last }}" label_selectors: - - app.kubernetes.io/release = {{ member.name | lower }} + - app.kubernetes.io/release = {{ component_name }} component_type: "Pod" - component_name: "{{ member.name | lower }}" namespace: "{{ component_ns }}" - when: org.services.peers is defined diff --git a/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml index aa7e77c1d0b..3e874c8df1c 100644 --- a/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml +++ b/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml @@ -1,20 +1,9 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# This task creates helm release file for each validator node of organization -- name: Create helm release file for each validator node of organization +# Create value file for validator node +- name: Create value file for validator node include_role: name: create/helm_component vars: - component_name: "{{ peer.name }}" - type: "validatorquorum" - loop: "{{ org.services.validators }}" - loop_control: - loop_var: peer - when: org.services.validators is defined + type: "validator_quorum" # Git Push : Pushes the above generated files to git - name: Git Push @@ -22,23 +11,14 @@ name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" vars: GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing Validator files" - when: org.services.validators is defined + msg: "[ci skip] Pushing Validator Helm release file" # Wait for the last validator to be running - name: "Wait for the last validator to run" include_role: name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" vars: - validator: "{{ org.services.validators | last }}" label_selectors: - - app.kubernetes.io/release = {{ validator.name | lower }} + - app.kubernetes.io/release = {{ component_name }} component_type: "Pod" namespace: "{{ component_ns }}" - when: org.services.validators is defined - -# Get the Genesis and staticnodes -- name: Get genesis and staticnodes - include_role: - name: get/genesis - when: org.services.validators is defined diff --git a/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml b/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml new file mode 100644 index 00000000000..24bd51b1ab3 --- /dev/null +++ b/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml @@ -0,0 +1,25 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Find and delete .json files in platforms/quorum/charts/quorum-genesis/files directory +- name: "Find .json files in quorum-genesis files directory" + find: + paths: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files" + patterns: "*.json" + register: genesis_and_static_node + +# Delete .json files in quorum-genesis files directory +- name: "Delete .json files in quorum-genesis files directory" + file: + path: "{{ item.path }}" + state: absent + loop: "{{ genesis_and_static_node.files }}" + +# Delete the build directory in platforms/quorum/configuration +- name: "Remove build directory from configuration" + file: + path: "{{ playbook_dir }}/../../quorum/configuration/build" + state: absent diff --git a/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml deleted file mode 100644 index 083936f8cca..00000000000 --- a/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml +++ /dev/null @@ -1,53 +0,0 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# create build directory -- name: Create build directory if it does not exist - file: - path: "{{ build_path }}" - state: directory - -# Get number of validators -- name: Validator count - set_fact: - validator_count={{ validator_count | default(0) | int + 1 }} - loop: "{{ org.services.validators | default([]) }}" - -- name: Fail when no validators detected - ansible.builtin.fail: - msg: The first organization must have Validators. - when: validator_count == 0 - -- name: Get the kubernetes server url - shell: | - KUBECONFIG={{ kubernetes.config_file }} kubectl config view --minify | grep server | cut -f 2- -d ":" | tr -d " " - register: kubernetes_server_url - -# This task runs the genesis job -- name: Genesis job helm install - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" - vars: - component_name: "genesis" - type: "primary_genesis" - kubernetes_url: "{{ kubernetes_server_url.stdout }}" - -# Pushes the above generated files to git directory -- name: Git Push - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" - vars: - GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing genesis file" - -# Wait for Genesis job to complete -- name: "Wait for the genesis job to complete" - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" - vars: - component_name: "genesis" - component_type: Job - namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml new file mode 100644 index 00000000000..f6a0d3ab8fd --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml @@ -0,0 +1,46 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Gather Kubernetes cluster information +- name: Gather Kubernetes cluster information + community.kubernetes.k8s_cluster_info: + kubeconfig: "{{ network['organizations'][0].k8s.config_file }}" + register: cluster_info + +# Set the Kubernetes server URL fact +- name: Set kubernetes_server_url fact + set_fact: + kubernetes_server_url: "{{ cluster_info.connection.host }}" + +# Install primary genesis +- name: "Install primary genesis" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" + vars: + org: "{{ network['organizations'] | first }}" + name: "{{ org.name | lower }}" + component_name: "{{ name }}-genesis" + component_ns: "{{ name }}-quo" + type: "primary_genesis" + kubernetes: "{{ org.k8s }}" + kubernetes_url: "{{ kubernetes_server_url }}" + vault: "{{ org.vault }}" + values_dir: "{{ playbook_dir }}/../../../{{ org.gitops.release_dir }}/{{ name }}/build" + charts_dir: "{{ org.gitops.chart_source }}" + +# Check if primary genesis job is completed +- name: "Check if primary genesis job is completed" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" + vars: + org: "{{ network['organizations'] | first }}" + name: "{{ org.name | lower }}" + component_name: "{{ name }}-genesis" + component_type: Job + org: "{{ network['organizations'] | first }}" + component_ns: "{{ org.name | lower }}-quo" + namespace: "{{ component_ns }}" + kubernetes: "{{ org.k8s }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml deleted file mode 100644 index 9fbc4d7ce4d..00000000000 --- a/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml +++ /dev/null @@ -1,42 +0,0 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# create build directory -- name: Create build directory if it does not exist - file: - path: "{{ build_path }}" - state: directory - -- name: Get the kubernetes server url - shell: | - KUBECONFIG={{ kubernetes.config_file }} kubectl config view --minify | grep server | cut -f 2- -d ":" | tr -d " " - register: kubernetes_server_url - -# This task runs the genesis job -- name: Genesis job helm install - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" - vars: - component_name: "genesis" - type: "secondary_genesis" - kubernetes_url: "{{ kubernetes_server_url.stdout }}" - -# Pushes the above generated files to git directory -- name: Git Push - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" - vars: - GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing genesis file" - -# Wait for Genesis job to complete -- name: "Wait for the genesis job to complete" - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" - vars: - component_name: "genesis" - component_type: Job - namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml new file mode 100644 index 00000000000..03671491dbd --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml @@ -0,0 +1,33 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Gather Kubernetes cluster information +- name: Gather cluster info + community.kubernetes.k8s_cluster_info: + kubeconfig: "{{ kubernetes.config_file }}" + register: cluster_info + +# Set the Kubernetes server URL fact +- name: Set kubernetes_server_url fact + set_fact: + kubernetes_server_url: "{{ cluster_info.connection.host }}" + +# Install the secondary genesis component for the specified organization +- name: "Install secondary genesis for the {{ org_name }} organization" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" + vars: + type: "secondary_genesis" + kubernetes_url: "{{ kubernetes_server_url }}" + values_dir: "{{ playbook_dir }}/../../../{{ org.gitops.release_dir }}/{{ org_name }}/build" + +# Check if the secondary genesis job for the specified organization is completed +- name: "Check if secondary genesis job {{ org_name }} for is completed" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" + vars: + component_type: Job + namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml new file mode 100644 index 00000000000..d3427c8d300 --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml @@ -0,0 +1,51 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Initialize variables for the first organization +- name: "Initialize variables for the first organization" + set_fact: + previous_org_name: "{{ network.organizations[(current_org_index | int) - 1].name | lower }}" + previous_org_kubernetes: "{{ network.organizations[(current_org_index | int) - 1].k8s }}" + +# Retrieve static nodes from the ConfigMap belongs to the primary (first) organization +- name: "Get static nodes ConfigMap" + community.kubernetes.k8s_info: + api_version: v1 + kind: ConfigMap + name: quorum-peers + namespace: "{{ previous_org_name }}-quo" + kubeconfig: "{{ previous_org_kubernetes.config_file }}" + register: peers_configmap + +# Retrieve genesis from the ConfigMap belongs to the primary (first) organization +- name: "Get genesis ConfigMap" + community.kubernetes.k8s_info: + api_version: v1 + kind: ConfigMap + name: quorum-genesis + namespace: "{{ previous_org_name }}-quo" + kubeconfig: "{{ previous_org_kubernetes.config_file }}" + register: genesis_configmap + +# Save peers_configmap content to a file +- name: "Save peers_configmap to file" + copy: + content: "{{ peers_configmap.resources[0].data['static-nodes.json'] }}" + dest: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files/static-nodes.json" + when: peers_configmap.resources[0].data['static-nodes.json'] is defined + +# Save genesis_configmap content to a file +- name: "Save genesis_configmap to file" + copy: + content: "{{ genesis_configmap.resources[0].data['genesis.json'] }}" + dest: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files/genesis.json" + when: genesis_configmap.resources[0].data['genesis.json'] is defined + +# Generate secondary genesis HR files for the remaining organizations +- name: "Generate secondary genesis HR file for the remaining organization" + include_tasks: deploy_secondary_genesis.yaml + vars: + name: "{{ org_name }}" diff --git a/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml new file mode 100644 index 00000000000..b635fb5e351 --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml @@ -0,0 +1,37 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Install Secondary Genesis +- name: "Install Secondary Genesis" + include_role: + name: setup/genesis/secondary_genesis + vars: + component_name: "{{ org_name }}-genesis" + when: org_name != network.organizations[0].name + +# Process primary organization's validators +- name: "Deploy validators of {{ org_name }}" + include_role: + name: create/validator_node + vars: + name: "{{ org_name }}" + component_name: "{{ validator.name | lower }}" + loop: "{{ validators }}" + loop_control: + loop_var: validator + when: validator is defined + +# Process primary organization's validators +- name: "Deploy members of {{ org_name }}" + include_role: + name: create/member_node + vars: + name: "{{ org_name }}" + component_name: "{{ member.name | lower }}" + loop: "{{ members }}" + loop_control: + loop_var: member + when: members is defined diff --git a/platforms/quorum/configuration/samples/network-minikube.yaml b/platforms/quorum/configuration/samples/network-minikube.yaml index af42df24d30..ba3a52b8c7b 100644 --- a/platforms/quorum/configuration/samples/network-minikube.yaml +++ b/platforms/quorum/configuration/samples/network-minikube.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum-newnode.yaml b/platforms/quorum/configuration/samples/network-quorum-newnode.yaml index f2f057df9b1..b3ed67ed952 100644 --- a/platforms/quorum/configuration/samples/network-quorum-newnode.yaml +++ b/platforms/quorum/configuration/samples/network-quorum-newnode.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum-tessera.yaml b/platforms/quorum/configuration/samples/network-quorum-tessera.yaml index e8f5f87772c..aefba9867aa 100644 --- a/platforms/quorum/configuration/samples/network-quorum-tessera.yaml +++ b/platforms/quorum/configuration/samples/network-quorum-tessera.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum.yaml b/platforms/quorum/configuration/samples/network-quorum.yaml index 3238b25cde4..962c183aa97 100644 --- a/platforms/quorum/configuration/samples/network-quorum.yaml +++ b/platforms/quorum/configuration/samples/network-quorum.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: @@ -100,9 +100,11 @@ network: private_key: "path_to_private_key" # Path to private key file which has write-access to the git repo (Optional for https; Required for ssh) # The participating nodes are named as peers services: + # The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3. + # Note: Beyond the initial four, custom names can be defined as needed validators: - validator: - name: validator-1 + name: validator-0 bootnode: true # true if the validator node is used also a bootnode for the network cactus_connector: disabled # set to enabled to create a cactus connector for Besu p2p: @@ -117,7 +119,7 @@ network: enabled: true # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-2 + name: validator-1 bootnode: true # true if the validator node is used also a bootnode for the network cactus_connector: disabled # set to enabled to create a cactus connector for Besu p2p: @@ -132,7 +134,7 @@ network: enabled: true # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-3 + name: validator-2 bootnode: false # true if the validator node is used also a bootnode for the network p2p: port: 21000 @@ -146,7 +148,7 @@ network: enabled: false # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-4 + name: validator-3 bootnode: false # true if the validator node is used also a bootnode for the network p2p: port: 21000 diff --git a/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl b/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl index 2d79849d53e..f76bee70154 100644 --- a/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl +++ b/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl @@ -29,8 +29,7 @@ rawGenesisConfig: gasLimit: '0x1fffffffffffff' difficulty: '0x1' coinbase: '0x0000000000000000000000000000000000000000' - additionalAccounts: {{ network.config.accounts }} - permissioning: {{ network.permissioning.enabled }} + includeQuickStartAccounts: false blockchain: nodes: generate: true diff --git a/platforms/shared/configuration/roles/create/job_component/vars/main.yaml b/platforms/shared/configuration/roles/create/job_component/vars/main.yaml index 3b5ddf835da..e8d207c7f28 100644 --- a/platforms/shared/configuration/roles/create/job_component/vars/main.yaml +++ b/platforms/shared/configuration/roles/create/job_component/vars/main.yaml @@ -27,11 +27,10 @@ charts: osn_create_channel_job: fabric-osnadmin-channel-create create_channel_job: fabric-channel-create join_channel_job: fabric-channel-join - -bevel_alpine_version: latest -fabric_tools_image: bevel-fabric-tools -indy_genesis: indy-genesis -indy_endorser: indy-register-identity -corda_ent_init: enterprise-init -corda_ent_secondary_init: enterprise-init -corda_ent_cenm: cenm + bevel_alpine_version: latest + fabric_tools_image: bevel-fabric-tools + indy_genesis: indy-genesis + indy_endorser: indy-register-identity + corda_ent_init: enterprise-init + corda_ent_secondary_init: enterprise-init + corda_ent_cenm: cenm diff --git a/platforms/shared/configuration/roles/helm_lint/vars/main.yaml b/platforms/shared/configuration/roles/helm_lint/vars/main.yaml index 87176403ae7..36fdd4e9c0e 100644 --- a/platforms/shared/configuration/roles/helm_lint/vars/main.yaml +++ b/platforms/shared/configuration/roles/helm_lint/vars/main.yaml @@ -25,8 +25,8 @@ charts: corda_node: corda-node quorum_tessera: quorum-tessera-node quorum: quorum-member-node - validatorquorum: quorum-node - memberquorum: quorum-node + validator_quorum: quorum-node + member_quorum: quorum-node pki-generator: cenm-pki-gen signer: cenm-signer gateway: cenm-gateway