diff --git a/platforms/network-schema.json b/platforms/network-schema.json index 2c84a485d34..657039e3d54 100755 --- a/platforms/network-schema.json +++ b/platforms/network-schema.json @@ -267,7 +267,8 @@ "type": "string", "enum": [ "21.4.2", - "23.4.0" + "23.4.0", + "24.4.1" ] }, "env": { diff --git a/platforms/quorum/charts/quorum-genesis/Chart.yaml b/platforms/quorum/charts/quorum-genesis/Chart.yaml index 0f7f92ff4b1..01e33afa216 100644 --- a/platforms/quorum/charts/quorum-genesis/Chart.yaml +++ b/platforms/quorum/charts/quorum-genesis/Chart.yaml @@ -1,4 +1,4 @@ -apiVersion: v1 +apiVersion: v2 name: quorum-genesis description: "Quorum: This Helm chart deploys genesis." type: application diff --git a/platforms/quorum/charts/quorum-node/requirements.yaml b/platforms/quorum/charts/quorum-node/requirements.yaml index e127c6e4b9e..50fe2d48c93 100644 --- a/platforms/quorum/charts/quorum-node/requirements.yaml +++ b/platforms/quorum/charts/quorum-node/requirements.yaml @@ -10,12 +10,12 @@ dependencies: repository: "file://../quorum-tessera-node" tags: - tessera - version: ~1.0.0 + version: ~1.1.0 condition: tessera.enabled - name: quorum-tls-gen alias: tls repository: "file://../quorum-tlscert-gen" tags: - bevel - version: ~1.0.0 + version: ~1.1.0 condition: tls.enabled diff --git a/platforms/quorum/charts/quorum-node/values.yaml b/platforms/quorum/charts/quorum-node/values.yaml index cd23e788205..c62e9d34c1c 100644 --- a/platforms/quorum/charts/quorum-node/values.yaml +++ b/platforms/quorum/charts/quorum-node/values.yaml @@ -98,7 +98,8 @@ node: image: quorum: repository: quorumengineering/quorum - tag: 22.7.1 + # latest is equivalent to 24.4.1 + tag: latest # latest | 22.7.1 hooks: repository: ghcr.io/hyperledger/bevel-k8s-hooks tag: qgt-0.2.12 diff --git a/platforms/quorum/configuration/cleanup.yaml b/platforms/quorum/configuration/cleanup.yaml index 662174478d1..27e7b20e7cc 100644 --- a/platforms/quorum/configuration/cleanup.yaml +++ b/platforms/quorum/configuration/cleanup.yaml @@ -27,11 +27,10 @@ kubernetes: "{{ item.k8s }}" loop: "{{ network['organizations'] }}" - # Delete build directory - - name: Remove build directory - file: - path: "./build" - state: absent + # Clean up helpers directory + - name: "Clean up helpers directory" + include_role: + name: delete/local_directories #These variables can be overriden from the command line vars: diff --git a/platforms/quorum/configuration/deploy-network.yaml b/platforms/quorum/configuration/deploy-network.yaml index 19b67ac454d..9571db0ed45 100644 --- a/platforms/quorum/configuration/deploy-network.yaml +++ b/platforms/quorum/configuration/deploy-network.yaml @@ -4,6 +4,7 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################################################## +############################################################################################## # This playbook deploys a DLT network on existing Kubernetes clusters # The Kubernetes clusters should already be created and the infomation to connect to the # clusters be updated in the network.yaml file that is used as an input to this playbook @@ -11,6 +12,7 @@ # To Run this playbook from this directory, use the following command (network.yaml also in this directory) # ansible-playbook deploy-network.yaml -e "@./network.yaml" ############################################################################################ + # Please ensure that the ../../shared/configuration playbooks have been run using the same network.yaml - hosts: ansible_provisioners gather_facts: no @@ -21,7 +23,12 @@ file: path: "./build" state: absent - + + # Validate input network.yaml + - name: "Validating network.yaml" + include_role: + name: check/validation + # create namespace - name: "Create namespace" include_role: @@ -46,63 +53,35 @@ loop_var: org when: - org.org_status is not defined or org.org_status == 'new' - - # Execute primary genesis for the first organization - - name: "Setup primary genesis with first org as Validators" - include_role: - name: setup/genesis/primary - vars: - build_path: "./build" - org: "{{ network['organizations'] | first }}" - name: "{{ org.name | lower }}" - component_ns: "{{ org.name | lower }}-quo" - kubernetes: "{{ org.k8s }}" - vault: "{{ org.vault }}" - gitops: "{{ org.gitops }}" - charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "./build/{{ component_ns }}" - when: - - not (add_new_org | bool) - - # # This role deploy validator nodes - - name: "Deploy validator nodes" + + # Install primary Genesis + - name: "Install primary Genesis" include_role: - name: create/validator_node + name: setup/genesis/primary_genesis vars: - build_path: "./build" - org: "{{ network['organizations'] | first }}" - name: "{{ org.name | lower }}" - component_ns: "{{ org.name | lower }}-quo" - kubernetes: "{{ org.k8s }}" - vault: "{{ org.vault }}" - gitops: "{{ org.gitops }}" - charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}" - when: - - org.org_status is not defined or org.org_status == 'new' - - # Deploy member nodes - - name: "Deploy member nodes with tessera transaction manager" + validator_count: "{{ total_validators | int }}" + + # Deploy nodes + - name: "Deploy nodes" include_role: - name: create/member_node + name: setup/nodes vars: - build_path: "./build" + org_name: "{{ org.name | lower }}" + component_ns: "{{ org_name }}-quo" + validators: "{{ org.services.validators }}" + members: "{{ org.services.peers }}" + cloud_provider: "{{ org.cloud_provider | lower }}" kubernetes: "{{ org.k8s }}" - name: "{{ org.name | lower }}" - firstorg: "{{ network['organizations'] | first }}" - consensus: "{{ network.config.consensus }}" - component_ns: "{{ org.name | lower }}-quo" vault: "{{ org.vault }}" gitops: "{{ org.gitops }}" charts_dir: "{{ org.gitops.chart_source }}" - values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ component_ns }}" - geth_data: "{{ network.config.bootnode | default('null') }}" + values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org_name }}" + current_org_index: "{{ org_index }}" loop: "{{ network['organizations'] }}" loop_control: loop_var: org - when: - - org.org_status is not defined or org.org_status == 'new' - + index_var: org_index + #These variables can be overriden from the command line vars: install_os: "linux" # Default to linux OS diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml new file mode 100644 index 00000000000..8b606ed2aee --- /dev/null +++ b/platforms/quorum/configuration/roles/check/validation/tasks/count_validators.yaml @@ -0,0 +1,14 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Counting the number of validator nodes +- name: "Count validator nodes" + set_fact: + total_validators: "{{ total_validators | int + 1 }}" + loop: "{{ validators }}" + loop_control: + loop_var: validator + when: validator is defined diff --git a/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml b/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml new file mode 100644 index 00000000000..87c256babd0 --- /dev/null +++ b/platforms/quorum/configuration/roles/check/validation/tasks/main.yaml @@ -0,0 +1,26 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Set initial counter for validators +- name: Set initial validator count + set_fact: + total_validators: 0 + +# Count Validato nodes in the first organization +- name: Count Validato nodes in the first organization + include_tasks: count_validators.yaml + vars: + org: "{{ network['organizations'] | first }}" + validators: "{{ org.services.validators }}" + +# Fail if total validators are less than 4 +- name: Fail if total validators are less than 4 + fail: + msg: | + The first organization, {{ (network['organizations'] | first).name }}, must have at least 4 validators. + The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3. + Note: Beyond the initial four, custom names can be defined as needed. + when: (total_validators | int) < 4 diff --git a/platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl b/platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl similarity index 88% rename from platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl rename to platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl index 594251f8de0..aafb06bb942 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/templates/memberquorum.tpl +++ b/platforms/quorum/configuration/roles/create/helm_component/templates/member_quorum.tpl @@ -25,15 +25,15 @@ spec: type: {{ vault.type | default("hashicorp") }} network: quorum address: {{ vault.url }} - secretPrefix: "data/{{ network.env.type }}{{ name }}" + secretPrefix: "data/{{ network.env.type }}{{ org_name }}" secretEngine: {{ vault.secret_path | default("secretsv2") }} role: vault-role - authPath: {{ network.env.type }}{{ name }} + authPath: {{ network.env.type }}{{ org_name }} proxy: provider: ambassador externalUrlSuffix: {{ org.external_url_suffix }} - p2p: {{ peer.p2p.ambassador }} - tmport: {{ peer.tm_nodeport.ambassador | default(443) }} + p2p: {{ member.p2p.ambassador }} + tmport: {{ member.tm_nodeport.ambassador | default(443) }} storage: size: "2Gi" tessera: diff --git a/platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl b/platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl similarity index 79% rename from platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl rename to platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl index 587a281418c..472c9769391 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/templates/validatorquorum.tpl +++ b/platforms/quorum/configuration/roles/create/helm_component/templates/validator_quorum.tpl @@ -23,13 +23,17 @@ spec: cloudNativeServices: false vault: address: {{ vault.url }} - secretPrefix: data/{{ network.env.type }}{{ name }} + secretPrefix: data/{{ network.env.type }}{{ org_name }} network: quorum role: vault-role - authPath: {{ network.env.type }}{{ name }} + authPath: {{ network.env.type }}{{ org_name }} type: {{ vault.type | default("hashicorp") }} secretEngine: {{ vault.secret_path | default("secretsv2") }} proxy: provider: "ambassador" externalUrlSuffix: {{ org.external_url_suffix }} - p2p: {{ peer.p2p.ambassador }} + p2p: {{ validator.p2p.ambassador }} + tessera: + enabled: false + tls: + enabled: false diff --git a/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml b/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml index 1e305938041..0a300e6d106 100644 --- a/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml +++ b/platforms/quorum/configuration/roles/create/helm_component/vars/main.yaml @@ -7,8 +7,8 @@ helm_templates: quorum_tessera: tessera.tpl quorum: quorum.tpl - validatorquorum: validatorquorum.tpl - memberquorum: memberquorum.tpl + validator_quorum: validator_quorum.tpl + member_quorum: member_quorum.tpl crypto_tessera: crypto_tessera.tpl crypto_ibft_job: crypto_ibft_job.tpl certs-ambassador-quorum: certs-ambassador-quorum.tpl diff --git a/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml index 7b97986556b..2eac370f993 100644 --- a/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml +++ b/platforms/quorum/configuration/roles/create/member_node/tasks/main.yaml @@ -4,31 +4,12 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################################################## -# Execute only for members -- name: Perform secondary genesis - include_role: - name: setup/genesis/secondary - vars: - values_dir: "./build/{{ component_ns }}" - when: org.type == 'member' - -# Get the Genesis and staticnodes -- name: Get genesis and staticnodes - include_role: - name: get/genesis - when: org.type == 'member' and org.services.peers is defined - -# Creates the Quorum node value files for each node of organization -- name: Create value file for Quorum node +# Create value file for member node +- name: Create value file for member node include_role: name: create/helm_component vars: - component_name: "{{ peer.name }}" - type: "memberquorum" - loop: "{{ org.services.peers }}" - loop_control: - loop_var: peer - when: org.services.peers is defined + type: "member_quorum" # Pushes the above generated files to git directory - name: Git Push @@ -37,17 +18,13 @@ vars: GIT_DIR: "{{ playbook_dir }}/../../../" msg: "[ci skip] Pushing Member node files" - when: org.services.peers is defined # Wait for the last Member to be running - name: "Wait for the last member to run" include_role: name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" vars: - member: "{{ org.services.peers | last }}" label_selectors: - - app.kubernetes.io/release = {{ member.name | lower }} + - app.kubernetes.io/release = {{ component_name }} component_type: "Pod" - component_name: "{{ member.name | lower }}" namespace: "{{ component_ns }}" - when: org.services.peers is defined diff --git a/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml b/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml index aa7e77c1d0b..3e874c8df1c 100644 --- a/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml +++ b/platforms/quorum/configuration/roles/create/validator_node/tasks/main.yaml @@ -1,20 +1,9 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# This task creates helm release file for each validator node of organization -- name: Create helm release file for each validator node of organization +# Create value file for validator node +- name: Create value file for validator node include_role: name: create/helm_component vars: - component_name: "{{ peer.name }}" - type: "validatorquorum" - loop: "{{ org.services.validators }}" - loop_control: - loop_var: peer - when: org.services.validators is defined + type: "validator_quorum" # Git Push : Pushes the above generated files to git - name: Git Push @@ -22,23 +11,14 @@ name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" vars: GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing Validator files" - when: org.services.validators is defined + msg: "[ci skip] Pushing Validator Helm release file" # Wait for the last validator to be running - name: "Wait for the last validator to run" include_role: name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" vars: - validator: "{{ org.services.validators | last }}" label_selectors: - - app.kubernetes.io/release = {{ validator.name | lower }} + - app.kubernetes.io/release = {{ component_name }} component_type: "Pod" namespace: "{{ component_ns }}" - when: org.services.validators is defined - -# Get the Genesis and staticnodes -- name: Get genesis and staticnodes - include_role: - name: get/genesis - when: org.services.validators is defined diff --git a/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml b/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml new file mode 100644 index 00000000000..24bd51b1ab3 --- /dev/null +++ b/platforms/quorum/configuration/roles/delete/local_directories/tasks/main.yaml @@ -0,0 +1,25 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Find and delete .json files in platforms/quorum/charts/quorum-genesis/files directory +- name: "Find .json files in quorum-genesis files directory" + find: + paths: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files" + patterns: "*.json" + register: genesis_and_static_node + +# Delete .json files in quorum-genesis files directory +- name: "Delete .json files in quorum-genesis files directory" + file: + path: "{{ item.path }}" + state: absent + loop: "{{ genesis_and_static_node.files }}" + +# Delete the build directory in platforms/quorum/configuration +- name: "Remove build directory from configuration" + file: + path: "{{ playbook_dir }}/../../quorum/configuration/build" + state: absent diff --git a/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml deleted file mode 100644 index 083936f8cca..00000000000 --- a/platforms/quorum/configuration/roles/setup/genesis/primary/tasks/main.yaml +++ /dev/null @@ -1,53 +0,0 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# create build directory -- name: Create build directory if it does not exist - file: - path: "{{ build_path }}" - state: directory - -# Get number of validators -- name: Validator count - set_fact: - validator_count={{ validator_count | default(0) | int + 1 }} - loop: "{{ org.services.validators | default([]) }}" - -- name: Fail when no validators detected - ansible.builtin.fail: - msg: The first organization must have Validators. - when: validator_count == 0 - -- name: Get the kubernetes server url - shell: | - KUBECONFIG={{ kubernetes.config_file }} kubectl config view --minify | grep server | cut -f 2- -d ":" | tr -d " " - register: kubernetes_server_url - -# This task runs the genesis job -- name: Genesis job helm install - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" - vars: - component_name: "genesis" - type: "primary_genesis" - kubernetes_url: "{{ kubernetes_server_url.stdout }}" - -# Pushes the above generated files to git directory -- name: Git Push - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" - vars: - GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing genesis file" - -# Wait for Genesis job to complete -- name: "Wait for the genesis job to complete" - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" - vars: - component_name: "genesis" - component_type: Job - namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml new file mode 100644 index 00000000000..f6a0d3ab8fd --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/primary_genesis/tasks/main.yaml @@ -0,0 +1,46 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Gather Kubernetes cluster information +- name: Gather Kubernetes cluster information + community.kubernetes.k8s_cluster_info: + kubeconfig: "{{ network['organizations'][0].k8s.config_file }}" + register: cluster_info + +# Set the Kubernetes server URL fact +- name: Set kubernetes_server_url fact + set_fact: + kubernetes_server_url: "{{ cluster_info.connection.host }}" + +# Install primary genesis +- name: "Install primary genesis" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" + vars: + org: "{{ network['organizations'] | first }}" + name: "{{ org.name | lower }}" + component_name: "{{ name }}-genesis" + component_ns: "{{ name }}-quo" + type: "primary_genesis" + kubernetes: "{{ org.k8s }}" + kubernetes_url: "{{ kubernetes_server_url }}" + vault: "{{ org.vault }}" + values_dir: "{{ playbook_dir }}/../../../{{ org.gitops.release_dir }}/{{ name }}/build" + charts_dir: "{{ org.gitops.chart_source }}" + +# Check if primary genesis job is completed +- name: "Check if primary genesis job is completed" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" + vars: + org: "{{ network['organizations'] | first }}" + name: "{{ org.name | lower }}" + component_name: "{{ name }}-genesis" + component_type: Job + org: "{{ network['organizations'] | first }}" + component_ns: "{{ org.name | lower }}-quo" + namespace: "{{ component_ns }}" + kubernetes: "{{ org.k8s }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml deleted file mode 100644 index 9fbc4d7ce4d..00000000000 --- a/platforms/quorum/configuration/roles/setup/genesis/secondary/tasks/main.yaml +++ /dev/null @@ -1,42 +0,0 @@ -############################################################################################## -# Copyright Accenture. All Rights Reserved. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################################################## - -# create build directory -- name: Create build directory if it does not exist - file: - path: "{{ build_path }}" - state: directory - -- name: Get the kubernetes server url - shell: | - KUBECONFIG={{ kubernetes.config_file }} kubectl config view --minify | grep server | cut -f 2- -d ":" | tr -d " " - register: kubernetes_server_url - -# This task runs the genesis job -- name: Genesis job helm install - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" - vars: - component_name: "genesis" - type: "secondary_genesis" - kubernetes_url: "{{ kubernetes_server_url.stdout }}" - -# Pushes the above generated files to git directory -- name: Git Push - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/git_push" - vars: - GIT_DIR: "{{ playbook_dir }}/../../../" - msg: "[ci skip] Pushing genesis file" - -# Wait for Genesis job to complete -- name: "Wait for the genesis job to complete" - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" - vars: - component_name: "genesis" - component_type: Job - namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml new file mode 100644 index 00000000000..03671491dbd --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/deploy_secondary_genesis.yaml @@ -0,0 +1,33 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Gather Kubernetes cluster information +- name: Gather cluster info + community.kubernetes.k8s_cluster_info: + kubeconfig: "{{ kubernetes.config_file }}" + register: cluster_info + +# Set the Kubernetes server URL fact +- name: Set kubernetes_server_url fact + set_fact: + kubernetes_server_url: "{{ cluster_info.connection.host }}" + +# Install the secondary genesis component for the specified organization +- name: "Install secondary genesis for the {{ org_name }} organization" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/create/job_component" + vars: + type: "secondary_genesis" + kubernetes_url: "{{ kubernetes_server_url }}" + values_dir: "{{ playbook_dir }}/../../../{{ org.gitops.release_dir }}/{{ org_name }}/build" + +# Check if the secondary genesis job for the specified organization is completed +- name: "Check if secondary genesis job {{ org_name }} for is completed" + include_role: + name: "{{ playbook_dir }}/../../shared/configuration/roles/check/helm_component" + vars: + component_type: Job + namespace: "{{ component_ns }}" diff --git a/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml new file mode 100644 index 00000000000..d3427c8d300 --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/genesis/secondary_genesis/tasks/main.yaml @@ -0,0 +1,51 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Initialize variables for the first organization +- name: "Initialize variables for the first organization" + set_fact: + previous_org_name: "{{ network.organizations[(current_org_index | int) - 1].name | lower }}" + previous_org_kubernetes: "{{ network.organizations[(current_org_index | int) - 1].k8s }}" + +# Retrieve static nodes from the ConfigMap belongs to the primary (first) organization +- name: "Get static nodes ConfigMap" + community.kubernetes.k8s_info: + api_version: v1 + kind: ConfigMap + name: quorum-peers + namespace: "{{ previous_org_name }}-quo" + kubeconfig: "{{ previous_org_kubernetes.config_file }}" + register: peers_configmap + +# Retrieve genesis from the ConfigMap belongs to the primary (first) organization +- name: "Get genesis ConfigMap" + community.kubernetes.k8s_info: + api_version: v1 + kind: ConfigMap + name: quorum-genesis + namespace: "{{ previous_org_name }}-quo" + kubeconfig: "{{ previous_org_kubernetes.config_file }}" + register: genesis_configmap + +# Save peers_configmap content to a file +- name: "Save peers_configmap to file" + copy: + content: "{{ peers_configmap.resources[0].data['static-nodes.json'] }}" + dest: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files/static-nodes.json" + when: peers_configmap.resources[0].data['static-nodes.json'] is defined + +# Save genesis_configmap content to a file +- name: "Save genesis_configmap to file" + copy: + content: "{{ genesis_configmap.resources[0].data['genesis.json'] }}" + dest: "{{ playbook_dir }}/../../quorum/charts/quorum-genesis/files/genesis.json" + when: genesis_configmap.resources[0].data['genesis.json'] is defined + +# Generate secondary genesis HR files for the remaining organizations +- name: "Generate secondary genesis HR file for the remaining organization" + include_tasks: deploy_secondary_genesis.yaml + vars: + name: "{{ org_name }}" diff --git a/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml b/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml new file mode 100644 index 00000000000..b635fb5e351 --- /dev/null +++ b/platforms/quorum/configuration/roles/setup/nodes/tasks/main.yaml @@ -0,0 +1,37 @@ +############################################################################################## +# Copyright Accenture. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################################################## + +# Install Secondary Genesis +- name: "Install Secondary Genesis" + include_role: + name: setup/genesis/secondary_genesis + vars: + component_name: "{{ org_name }}-genesis" + when: org_name != network.organizations[0].name + +# Process primary organization's validators +- name: "Deploy validators of {{ org_name }}" + include_role: + name: create/validator_node + vars: + name: "{{ org_name }}" + component_name: "{{ validator.name | lower }}" + loop: "{{ validators }}" + loop_control: + loop_var: validator + when: validator is defined + +# Process primary organization's validators +- name: "Deploy members of {{ org_name }}" + include_role: + name: create/member_node + vars: + name: "{{ org_name }}" + component_name: "{{ member.name | lower }}" + loop: "{{ members }}" + loop_control: + loop_var: member + when: members is defined diff --git a/platforms/quorum/configuration/samples/network-minikube.yaml b/platforms/quorum/configuration/samples/network-minikube.yaml index af42df24d30..ba3a52b8c7b 100644 --- a/platforms/quorum/configuration/samples/network-minikube.yaml +++ b/platforms/quorum/configuration/samples/network-minikube.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum-newnode.yaml b/platforms/quorum/configuration/samples/network-quorum-newnode.yaml index f2f057df9b1..b3ed67ed952 100644 --- a/platforms/quorum/configuration/samples/network-quorum-newnode.yaml +++ b/platforms/quorum/configuration/samples/network-quorum-newnode.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum-tessera.yaml b/platforms/quorum/configuration/samples/network-quorum-tessera.yaml index e8f5f87772c..aefba9867aa 100644 --- a/platforms/quorum/configuration/samples/network-quorum-tessera.yaml +++ b/platforms/quorum/configuration/samples/network-quorum-tessera.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: diff --git a/platforms/quorum/configuration/samples/network-quorum.yaml b/platforms/quorum/configuration/samples/network-quorum.yaml index 3238b25cde4..962c183aa97 100644 --- a/platforms/quorum/configuration/samples/network-quorum.yaml +++ b/platforms/quorum/configuration/samples/network-quorum.yaml @@ -12,7 +12,7 @@ network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: quorum - version: 23.4.0 #this is the version of Quorum + version: 24.4.1 #this is the version of Quorum #Environment section for Kubernetes setup env: @@ -100,9 +100,11 @@ network: private_key: "path_to_private_key" # Path to private key file which has write-access to the git repo (Optional for https; Required for ssh) # The participating nodes are named as peers services: + # The first four validators must be named in the following order: validator-0, validator-1, validator-2, validator-3. + # Note: Beyond the initial four, custom names can be defined as needed validators: - validator: - name: validator-1 + name: validator-0 bootnode: true # true if the validator node is used also a bootnode for the network cactus_connector: disabled # set to enabled to create a cactus connector for Besu p2p: @@ -117,7 +119,7 @@ network: enabled: true # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-2 + name: validator-1 bootnode: true # true if the validator node is used also a bootnode for the network cactus_connector: disabled # set to enabled to create a cactus connector for Besu p2p: @@ -132,7 +134,7 @@ network: enabled: true # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-3 + name: validator-2 bootnode: false # true if the validator node is used also a bootnode for the network p2p: port: 21000 @@ -146,7 +148,7 @@ network: enabled: false # Set this to true to enable Prometheus monitoring for this node, or false to disable it. port: 9545 # Specify the port that Prometheus will use to collect metrics for this node. - validator: - name: validator-4 + name: validator-3 bootnode: false # true if the validator node is used also a bootnode for the network p2p: port: 21000 diff --git a/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl b/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl index 2d79849d53e..f76bee70154 100644 --- a/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl +++ b/platforms/shared/configuration/roles/create/job_component/templates/primary_genesis.tpl @@ -29,8 +29,7 @@ rawGenesisConfig: gasLimit: '0x1fffffffffffff' difficulty: '0x1' coinbase: '0x0000000000000000000000000000000000000000' - additionalAccounts: {{ network.config.accounts }} - permissioning: {{ network.permissioning.enabled }} + includeQuickStartAccounts: false blockchain: nodes: generate: true diff --git a/platforms/shared/configuration/roles/create/job_component/vars/main.yaml b/platforms/shared/configuration/roles/create/job_component/vars/main.yaml index 3b5ddf835da..e8d207c7f28 100644 --- a/platforms/shared/configuration/roles/create/job_component/vars/main.yaml +++ b/platforms/shared/configuration/roles/create/job_component/vars/main.yaml @@ -27,11 +27,10 @@ charts: osn_create_channel_job: fabric-osnadmin-channel-create create_channel_job: fabric-channel-create join_channel_job: fabric-channel-join - -bevel_alpine_version: latest -fabric_tools_image: bevel-fabric-tools -indy_genesis: indy-genesis -indy_endorser: indy-register-identity -corda_ent_init: enterprise-init -corda_ent_secondary_init: enterprise-init -corda_ent_cenm: cenm + bevel_alpine_version: latest + fabric_tools_image: bevel-fabric-tools + indy_genesis: indy-genesis + indy_endorser: indy-register-identity + corda_ent_init: enterprise-init + corda_ent_secondary_init: enterprise-init + corda_ent_cenm: cenm diff --git a/platforms/shared/configuration/roles/helm_lint/vars/main.yaml b/platforms/shared/configuration/roles/helm_lint/vars/main.yaml index 87176403ae7..36fdd4e9c0e 100644 --- a/platforms/shared/configuration/roles/helm_lint/vars/main.yaml +++ b/platforms/shared/configuration/roles/helm_lint/vars/main.yaml @@ -25,8 +25,8 @@ charts: corda_node: corda-node quorum_tessera: quorum-tessera-node quorum: quorum-member-node - validatorquorum: quorum-node - memberquorum: quorum-node + validator_quorum: quorum-node + member_quorum: quorum-node pki-generator: cenm-pki-gen signer: cenm-signer gateway: cenm-gateway