aljaz/bitcoin-tutorials
1
1
Fork 0
mirror of https://github.com/openoms/bitcoin-tutorials.git synced 2025-12-20 05:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

k8s: add scripted guides for testnet and mainnet

Browse Source
This commit is contained in:
openoms
2022-05-04 14:19:50 +01:00
parent 7f301772d8
commit 424ccafa58
3 changed files with 258 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
k8s/README.md
View File

@@ -6,7 +6,7 @@
- [Install on a working raspiblitz system: install.microk8s.sh](#install-on-a-working-raspiblitz-system-installmicrok8ssh) - [Install on a working raspiblitz system: install.microk8s.sh](#install-on-a-working-raspiblitz-system-installmicrok8ssh)
- [install on pure Debian 11 (eg Digital Ocean)](#install-on-pure-debian-11-eg-digital-ocean) - [install on pure Debian 11 (eg Digital Ocean)](#install-on-pure-debian-11-eg-digital-ocean)
- [Using the Galoy Helm charts](#using-the-galoy-helm-charts) - [Using the Galoy Helm charts](#using-the-galoy-helm-charts)
- [install the chart repo](#install-the-chart-repo) - [install the Galoy charts repo](#install-the-galoy-charts-repo)
- [Bitcoind in kubernetes helm](#bitcoind-in-kubernetes-helm) - [Bitcoind in kubernetes helm](#bitcoind-in-kubernetes-helm)
- [install](#install) - [install](#install)
- [monitor](#monitor) - [monitor](#monitor)
@@ -51,17 +51,19 @@
- [External Service ports](#external-service-ports) - [External Service ports](#external-service-ports)
- [check local tbitcoind](#check-local-tbitcoind) - [check local tbitcoind](#check-local-tbitcoind)
- [Testnet LND connected to the bitcoin node on the host](#testnet-lnd-connected-to-the-bitcoin-node-on-the-host) - [Testnet LND connected to the bitcoin node on the host](#testnet-lnd-connected-to-the-bitcoin-node-on-the-host)
- [install](#install-1)
- [save seed and unlock password](#save-seed-and-unlock-password) - [save seed and unlock password](#save-seed-and-unlock-password)
- [change the wallet unlock password](#change-the-wallet-unlock-password) - [change the wallet unlock password](#change-the-wallet-unlock-password)
- [restart](#restart)
- [logs](#logs) - [logs](#logs)
- [cli](#cli-1) - [cli](#cli-1)
- [remove pods and data](#remove-pods-and-data)
- [testnet Galoy](#testnet-galoy) - [testnet Galoy](#testnet-galoy)
- [Install](#install-2) - [Install](#install-1)
- [monitor](#monitor-3) - [monitor](#monitor-3)
- [remove](#remove) - [remove](#remove)
- [Galoy with bitcoin and lnd on mainnet](#galoy-with-bitcoin-and-lnd-on-mainnet) - [Galoy with bitcoin and lnd on mainnet](#galoy-with-bitcoin-and-lnd-on-mainnet)
- [Galoy with bitcoin and lnd on mainnet](#galoy-with-bitcoin-and-lnd-on-mainnet-1)
- [Configure with terraform](#configure-with-terraform)
- [install terraform](#install-terraform)
# kubectl cheat sheet # kubectl cheat sheet
* https://kubernetes.io/docs/reference/kubectl/cheatsheet/ * https://kubernetes.io/docs/reference/kubectl/cheatsheet/
@@ -130,9 +132,13 @@ sudo snap install helm --classic
# Using the Galoy Helm charts # Using the Galoy Helm charts
## install the chart repo ## install the Galoy charts repo
``` ```
helm repo add galoy-repo https://github.com/GaloyMoney/charts helm repo add galoy-repo https://github.com/GaloyMoney/charts
# add the bitnami charts https://charts.bitnami.com/
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update helm repo update
``` ```
@@ -583,42 +589,7 @@ k8stunnel tlnd-0 lnd 21333 21333
``` ```
# Testnet LND connected to the bitcoin node on the host # Testnet LND connected to the bitcoin node on the host
* [galoy.testnet.sh](galoy.testnet.sh)
* bitcoind on the raspiblitz node needs:
```
localip=$(hostname -I | awk '{print $1}')
echo "\
test.rpcbind=${localip}:18332
test.zmqpubrawblock=tcp://${localip}:21332
test.zmqpubrawtx=tcp://${localip}:21333
" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf
sudo systemctl restart tbitcoind
```
## install
```
localip=$(hostname -I | awk '{print $1}')
rpcpass=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
echo "\
configmap:
customValues:
- bitcoin.testnet=true
- bitcoind.rpchost=${localip}:18332
- bitcoind.zmqpubrawblock=tcp://${localip}:21332
- bitcoind.zmqpubrawtx=tcp://${localip}:21333
- db.bolt.auto-compact=true
- bitcoind.rpcuser=raspibolt
- bitcoind.rpcpassword=${rpcpass}
autoGenerateSeed:
enabled: true
" | tee tlndvalues.yaml
helm install tlnd -f tlndvalues.yaml galoy-repo/lnd
```
## save seed and unlock password ## save seed and unlock password
``` ```
kubectl -n default logs tlnd-0 -c init-wallet kubectl -n default logs tlnd-0 -c init-wallet
@@ -629,30 +600,27 @@ kubectl get secret tlnd-pass -o jsonpath='{.data.password}' | base64 -d, echo
* semi-automatic method: * semi-automatic method:
``` ```
NewPassword="NEW_PASSWORD_HERE" NewPassword="NEW_PASSWORD_HERE"
kubectl get secret tlnd-pass -o json | jq --arg password "$(echo $NewPassword | base64)" '.data["password"]=$password' | kubectl apply -f - kubectl -n test get secret lnd1-pass -o json | jq --arg password "$(echo $NewPassword | base64)" '.data["password"]=$password' | kubectl -n test apply -f -
```
## restart
```
kubectl delete pod lnd1-0 --wait=false --grace-period=0 -n test
``` ```
## logs ## logs
``` ```
kubectl -n default logs tlnd-0 -c lnd -f kubectl logs lnd1-0 -n test -c lnd -f
sudo tail -f /var/snap/microk8s/common/default-storage/default-tlnd-pvc-*/logs/bitcoin/mainnet/lnd.log sudo tail -f /var/snap/microk8s/common/default-storage/test-lnd1-pvc-[TAB]/logs/bitcoin/testnet/lnd.log
``` ```
## cli ## cli
``` ```
kubectl -n default exec -it tlnd-0 -c lnd -- bash kubectl exec lnd1-0 -n test -c lnd -- sh
lncli -n testnet getinfo lncli -n testnet getinfo
``` ```
## remove pods and data
```
helm uninstall tlnd
sudo rm -r /var/snap/microk8s/common/default-storage/default-tlnd-*
```
# testnet Galoy # testnet Galoy
## Install ## Install
* create custom values * create custom values
``` ```
@@ -660,19 +628,20 @@ echo "\
global: global:
network: testnet network: testnet
galoy: galoy:
name: "Testnet Galoy Wallet" name: 'Testnet Galoy Wallet'
bitcoind: bitcoind:
port: 18332 port: 18332
needFirebaseServiceAccount: false needFirebaseServiceAccount: false
twilio: false twilio: false
devDisableMongoBackup: true
" | tee tgaloyvalues.yaml " | tee tgaloyvalues.yaml
``` ```
* install * install
``` ```
helm install tgaloy -f tgaloyvalues.yaml galoy-repo/galoy helm install galoy -f tgaloyvalues.yaml -n test galoy-repo/galoy
``` ```
# monitor ## monitor
``` ```
kubectl get pod -n galoy -w kubectl get pod -n galoy -w
@@ -686,7 +655,7 @@ helm uninstall galoy
kubectl get pvc kubectl get pvc
## CAREFUL HERE ## CAREFUL HERE
# delete all pending # delete all pending storage
for i in $(kubectl get pvc | grep Pending | awk '{print $1}' ); do kubectl delete pvc ${i}; done for i in $(kubectl get pvc | grep Pending | awk '{print $1}' ); do kubectl delete pvc ${i}; done
# delete galoy storage # delete galoy storage
@@ -738,12 +707,14 @@ kubectl create secret generic galoy-mongodb \
mkdir -p ~/test-secrets/galoy-price-history-postgres-creds mkdir -p ~/test-secrets/galoy-price-history-postgres-creds
cd ~/test-secrets/galoy-price-history-postgres-creds cd ~/test-secrets/galoy-price-history-postgres-creds
echo -n "$(openssl rand -hex 48)" > ./password echo -n "$(openssl rand -hex 48)" > ./password
echo -n 'price-history' > ./username
echo -n 'price-history' > ./database
kubectl create secret generic galoy-price-history-postgres-creds \ kubectl create secret generic galoy-price-history-postgres-creds \
--from-file=./password \ --from-file=./password \
--from-file=./username \ --from-literal=username=price-history \
--from-file=./database --from-file=database=price-history
kubectl create secret generic dropbox-access-token \
--from-literal=token=''
kubectl create secret generic gcs-sa-key kubectl create secret generic gcs-sa-key
@@ -751,8 +722,6 @@ kubectl create secret generic geetest-key
--from-literal=key='dummy' \ --from-literal=key='dummy' \
--from-literal=id='dummy' --from-literal=id='dummy'
kubectl create secret generic dropbox-access-token \
--from-literal=token=''
cd cd
@@ -763,7 +732,24 @@ bitcoind:
port: 8332 port: 8332
needFirebaseServiceAccount: false needFirebaseServiceAccount: false
twilio: false twilio: false
devDisableMongoBackup: true
" | tee galoyvalues.yaml " | tee galoyvalues.yaml
helm install galoy -f galoyvalues.yaml galoy-repo/galoy helm install galoy -f galoyvalues.yaml galoy-repo/galoy
``` ```
https://learnk8s.io/a/a-visual-guide-on-troubleshooting-kubernetes-deployments/troubleshooting-kubernetes.en_en.v2.pdf
# Galoy with bitcoin and lnd on mainnet
* [galoy.testnet.sh](galoy.testnet.sh)
# Configure with terraform
# install terraform
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install terraform
```

71
k8s/galoy.mainnet.sh Normal file
View File

@@ -0,0 +1,71 @@
# charts
helm repo add galoy-repo https://github.com/GaloyMoney/charts
# add the bitnami charts https://charts.bitnami.com/
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
# bitcoind
helm install bitcoind galoy-repo/bitcoin
# lnd
echo "\
configmap:
customValues:
- bitcoin.mainnet=true
- bitcoind.rpchost=bitcoind:8332
- bitcoind.zmqpubrawblock=tcp://bitcoind:28332
- bitcoind.zmqpubrawtx=tcp://bitcoind:28333
- minchansize=200000
- db.bolt.auto-compact=true
autoGenerateSeed:
enabled: true
" | tee -a lndvalues.yaml
helm install lnd -f lndvalues.yaml galoy-repo/lnd
# galoy
# secrets
mkdir -p ~/test-secrets/galoy-mongodb
cd ~/test-secrets/galoy-mongodb
echo -n "$(openssl rand -hex 64)" > ./mongodb-password
echo -n "$(openssl rand -hex 64)" > ./mongodb-root-password
echo -n "$(openssl rand -hex 64)" > ./mongodb-replica-set-key
kubectl create secret generic galoy-mongodb \
--from-file=./mongodb-password \
--from-file=./mongodb-root-password \
--from-file=./mongodb-replica-set-key
mkdir -p ~/test-secrets/galoy-price-history-postgres-creds
cd ~/test-secrets/galoy-price-history-postgres-creds
echo -n "$(openssl rand -hex 48)" > ./password
kubectl create secret generic galoy-price-history-postgres-creds \
--from-file=./password \
--from-literal=username=price-history \
--from-file=database=price-history
kubectl create secret generic dropbox-access-token \
--from-literal=token=''
kubectl create secret generic gcs-sa-key
kubectl create secret generic geetest-key
--from-literal=key='dummy' \
--from-literal=id='dummy'
cd
echo "\
global:
network: mainnet
bitcoind:
port: 8332
needFirebaseServiceAccount: false
twilio: false
devDisableMongoBackup: true
" | tee galoyvalues.yaml
helm install galoy -f galoyvalues.yaml galoy-repo/galoy

138
k8s/galoy.testnet.sh Normal file
View File

@@ -0,0 +1,138 @@
# Testnet LND connected to the bitcoin node on the host
# vars
localip=$(hostname -I | awk '{print $1}')
rpcpass=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
#TODO check for LAN RPC connection
## bitcoind on the raspiblitz node needs:
localip=$(hostname -I | awk '{print $1}')
echo "\
test.rpcbind=${localip}:18332
test.zmqpubrawblock=tcp://${localip}:21332
test.zmqpubrawtx=tcp://${localip}:21333
" | sudo tee -a /mnt/hdd/bitcoin/bitcoin.conf
sudo systemctl restart tbitcoind
############
## charts
helm repo add galoy-repo https://github.com/GaloyMoney/charts
## add the bitnami charts https://charts.bitnami.com/
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
## bitcoind - on the host
#helm install bitcoind galoy-repo/bitcoin
## create secrets instead of bitcoind
rpcpass=$(sudo cat /mnt/hdd/bitcoin/bitcoin.conf | grep rpcpassword | cut -c 13-)
kubectl create secret generic network -n test \
--from-literal=network=testnet
kubectl create secret generic bitcoind-rpcpassword -n test \
--from-literal=password="${rpcpass}"
## lnd
## values
localip=$(hostname -I | awk '{print $1}')
echo "\
configmap:
customValues:
- bitcoin.testnet=true
- bitcoind.rpchost=${localip}:18332
- bitcoind.zmqpubrawblock=tcp://${localip}:21332
- bitcoind.zmqpubrawtx=tcp://${localip}:21333
- db.bolt.auto-compact=true
- bitcoind.rpcuser=raspibolt
autoGenerateSeed:
enabled: true
loop:
enabled: false
lndmon:
enabled: false
" | tee tlndvalues.yaml
## install
helm install lnd1 -f tlndvalues.yaml --namespace test galoy-repo/lnd --create-namespace
## save seed and unlock password
mkdir -p ~/test-secrets/lnd
kubectl -n test logs lnd1-0 -c init-wallet >> ~/test-secrets/lnd/tlnd1seed.txt
cat ~/test-secrets/lnd/tlnd1seed.txt
kubectl -n test get secret lnd1-pass -o jsonpath='{.data.password}' | base64 -d >> ~/test-secrets/lnd/tlnd1walletpassword.txt
cat ~/test-secrets/lnd/tlnd1walletpassword.txt
## galoy
## secrets
mkdir -p ~/test-secrets/tgaloy-mongodb
cd ~/test-secrets/tgaloy-mongodb
echo -n "$(openssl rand -hex 64)" > ./mongodb-password
echo -n "$(openssl rand -hex 64)" > ./mongodb-root-password
echo -n "$(openssl rand -hex 64)" > ./mongodb-replica-set-key
kubectl -n test create secret generic galoy-mongodb \
--from-file=./mongodb-password \
--from-file=./mongodb-root-password \
--from-file=./mongodb-replica-set-key
mkdir -p ~/test-secrets/tgaloy-price-history-postgres-creds
cd ~/test-secrets/tgaloy-price-history-postgres-creds
echo -n "$(openssl rand -hex 48)" > ./password
kubectl -n test create secret generic galoy-price-history-postgres-creds \
--from-file=./password \
--from-literal=username=price-history \
--from-literal=database=price-history
# for trigger
kubectl -n test create secret generic gcs-sa-key
# for galoy-pre-migration-backup-1
kubectl -n test create secret generic dropbox-access-token \
--from-literal=token=''
# kubectl create secret generic geetest-key
# --from-literal=key='dummy' \
# --from-literal=id='dummy'
cd
# galoy
echo "\
global:
network: testnet
galoy:
name: 'Testnet Wallet'
bitcoind:
port: 18332
needFirebaseServiceAccount: false
twilio: false
devDisableMongoBackup: true
" | tee tgaloyvalues.yaml
helm install galoy -f tgaloyvalues.yaml -n test galoy-repo/galoy
if [ "$1" = off ]; then
stop_terminated_pods() {
# Define namespace
namespace="test"
# Get all pods in Terminated / Evicted State
epods=$(kubectl get pods -n ${namespace} | egrep -i 'Terminating|Terminated|Evicted' | awk '{print $1 }')
# Force deletion of the pods
for i in ${epods[@]}; do
kubectl delete pod --force=true --wait=false --grace-period=0 $i -n ${namespace}
done
}
# LND
helm uninstall lnd1 --wait=false
stop_terminated_pods
# delete galoy storage
for i in $(kubectl -n test get pvc | grep galoy | awk '{print $1}' ); do kubectl -n test delete pvc ${i}; done
# in filesystem (skip lnd)
for i in $(sudo ls /var/snap/microk8s/common/default-storage/ | grep test | grep -v lnd ); do sudo rm -rf /var/snap/microk8s/common/default-storage/${i}; done
# delete the manually generated secrets
kubectl -n test delete secret galoy-mongodb
fi