cerc-io/laconicd-stack
14
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Update tmkms instructions to use playbooks

Browse Source
This commit is contained in:
Shreerang Kale 2025-06-11 11:49:10 +05:30
parent c70da6d19a
commit d1f64401e1
2 changed files with 135 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
docs/run-first-validator.md
View File

@ -14,6 +14,8 @@
- LPS distribution Google spreadsheet URL or CSV file path
- Machine 4: Where the TMKMS service is to be setup
- Following tools are required in all machines:
- [ansible](playbooks/README.md#ansible-installation)
@ -81,6 +83,46 @@
NOTE: This public key is required in [next step to generate the genesis file](#generate-mainnet-genesis-file)
- Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine where the TMKMS service is to be setup (machine 4)
## Setup TMKMS
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4)
- Copy the example variables file:
```bash
cp ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.example.yml ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml
```
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-node)
```yaml
# Absolute path to the node's private validator key file
priv_validator_key_file_path: "</path/to/priv_validator_key.json>"
# Set the IP address of the machine where the laconicd node is setup
node_ip: "<NODE_PUBLIC_IP_ADDRESS>"
# Set the port of the laconicd node
node_port: "26659"
```
- Export the data directory and TMKMS deployment directory as environment variables:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=
```
- Run ansible playbook to setup the TMKMS service:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
## Export testnet state
- Run the following steps in machine where the testnet node is already running (machine 1)
@ -177,72 +219,20 @@
## Run node
- Run the following steps in the machine where the mainnet node is setup (machine 2)
### Start TMKMS
### Setup TMKMS (Optional but Recommended)
- Run these steps in the machine where the TMKMS service is setup (machine 4)
<!-- Reference: https://docs.osmosis.zone/osmosis-core/keys/tmkms/#setup-tmkms -->
- For integrating existing TMKMS with laconicd, follow steps below in the machine where TMKMS is setup
- Set `$TMKMS_HOME` to the directory path containing TMKMS config files
- Run ansible playbook to run the TMKMS:
```bash
# Contents of tmkms config directory
ls -l $TMKMS_HOME
drwxrwxr-x 2 ... schema
drwx------ 2 ... secrets
drwxrwxr-x 2 ... state
-rw-rw-r-- 1 ... tmkms.toml
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml
```
- Update the TMKMS configuration file `$TMKMS_HOME/tmkms.toml`:
```toml
[[chain]]
id = "laconic-mainnet"
key_format = { type = "cosmos-json", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
state_file = "<TMKMS_HOME>/state/priv_validator_state.json"
[[validator]]
chain_id = "laconic-mainnet"
# Replace <NODE_IP> with actual IP address of the laconicd node
addr = "tcp://<NODE_IP>:26659"
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
secret_key = "<TMKMS_HOME>/secrets/kms-identity.key"
protocol_version = "v0.34"
reconnect = true
[[providers.softsign]]
key_type = "consensus"
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
path = "<TMKMS_HOME>/secrets/priv_validator_key"
chain_ids = ["laconic-mainnet"]
```
- Copy your validator key to TMKMS:
- The validator key in laconicd node deployment is present at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json`
- Place the validator key file in TMKMS config directory at `$TMKMS_HOME/secrets/`
- Import the private validator key into tmkms:
```bash
tmkms softsign import $TMKMS_HOME/secrets/priv_validator_key.json $TMKMS_HOME/secrets/priv_validator_key
```
- Remove the JSON key file
```bash
rm $TMKMS_HOME/secrets/priv_validator_key.json
```
- Start TMKMS:
- Check logs to ensure that TMKMS is running:
```bash
tmkms start --config $TMKMS_HOME/tmkms.toml
laconic-so deployment --dir $DATA_DIRECTORY/$TMKMS_DEPLOYMENT_DIR logs tmkms -f
```
- Expected example output:
@ -251,19 +241,12 @@
INFO tmkms::commands::start: tmkms 0.14.0 starting up...
INFO tmkms::keyring: [keyring:softsign] added consensus Ed25519 key: {"@type":"/cosmos.crypto.ed25519.PubKey","key":"T24No1A1FmetNRVCOSg2G2XAKWh97oBXuELdAD6DFgw="}
INFO tmkms::connection::tcp: KMS node ID: 7f5fd8dae8953e964e7e56edd4700f597ea0d45c
ERROR tmkms::client: [laconic-mainnet@tcp://localhost:26659] I/O error: Connection refused (os error 111)
ERROR tmkms::client: [laconic-mainnet@tcp://<node-ip>:26659] I/O error: Connection refused (os error 111)
```
NOTE: The errors dissapear once the laconicd node starts
- Note the pubkey logged at start for comparing later with validator pubkey on chain
- Enable TMKMS in the laconicd node configuration:
```bash
# Set TMKMS_ENABLED to true in the node's config.env
echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
```
- Note the pubkey logged at start for comparing later with validator pubkey on chain
- Remove the validator key from node deployment as it is no longer required:
@ -275,6 +258,15 @@
### Start node
- Run the following steps in the machine where the mainnet node is setup (machine 2)
- Enable TMKMS in the laconicd node configuration:
```bash
# Set TMKMS_ENABLED to true in the node's config.env
echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
```
- Copy the genesis file to the mainnet deployment tmp directory:
```bash
@ -293,7 +285,7 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
```
- If TMKMS has been configured verify that validator and TMKMS pubkeys match:
- Verify that validator and TMKMS pubkeys match:
- Get validator pubkey on chain

131
docs/run-validator.md
View File

@ -16,6 +16,12 @@
- [ansible](playbooks/README.md#ansible-installation)
- Machine 4: Where the TMKMS service is to be setup
- laconicd-stack
- [ansible](playbooks/README.md#ansible-installation)
- [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install) is required in all machines
- To fetch laconicd-stack:
@ -89,72 +95,85 @@
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml
```
### Setup TMKMS (Optional but Recommended)
<!-- Reference: https://docs.osmosis.zone/osmosis-core/keys/tmkms/#setup-tmkms -->
- For integrating existing TMKMS with laconicd, follow steps below in the machine where TMKMS is setup
- Set `$TMKMS_HOME` to the directory path containing TMKMS config files
- Get the public key of your node:
```bash
# Contents of tmkms config directory
ls -l $TMKMS_HOME
drwxrwxr-x 2 ... schema
drwx------ 2 ... secrets
drwxrwxr-x 2 ... state
-rw-rw-r-- 1 ... tmkms.toml
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd tendermint show-validator"
```
- Update the TMKMS configuration file `$TMKMS_HOME/tmkms.toml`:
NOTE: This public key is required in next step to create validator
```toml
[[chain]]
id = "laconic-mainnet"
key_format = { type = "cosmos-json", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
state_file = "<TMKMS_HOME>/state/priv_validator_state.json"
- Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine from where the TMKMS service is to be setup (machine 4)
[[validator]]
chain_id = "laconic-mainnet"
# Replace <NODE_IP> with actual IP address of the laconicd node
addr = "tcp://<NODE_IP>:26659"
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
secret_key = "<TMKMS_HOME>/secrets/kms-identity.key"
protocol_version = "v0.34"
reconnect = true
## Setup TMKMS
[[providers.softsign]]
key_type = "consensus"
# Replace <TMKMS_HOME> with absolute path to tmkms config directory
path = "<TMKMS_HOME>/secrets/priv_validator_key"
chain_ids = ["laconic-mainnet"]
```
- For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4)
- Copy your validator key to TMKMS:
- The validator key in laconicd node deployment is present at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json`
- Place the validator key file in TMKMS config directory at `$TMKMS_HOME/secrets/`
- Import the private validator key into tmkms:
```bash
tmkms softsign import $TMKMS_HOME/secrets/priv_validator_key.json $TMKMS_HOME/secrets/priv_validator_key
```
- Remove the JSON key file
```bash
rm $TMKMS_HOME/secrets/priv_validator_key.json
```
- Start TMKMS:
- Copy the example variables file:
```bash
tmkms start --config $TMKMS_HOME/tmkms.toml
cp ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.example.yml ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml
```
- Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values:
NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-node)
```yaml
# Absolute path to the node's private validator key file
priv_validator_key_file_path: "</path/to/priv_validator_key.json>"
# Set the IP address of the machine where the laconicd node is setup
node_ip: "<NODE_PUBLIC_IP_ADDRESS>"
# Set the port of the laconicd node
node_port: "26659"
```
- Export the data directory as environment variable:
```bash
# Parent directory where the deployment directory will live
export DATA_DIRECTORY=
```
- Run ansible playbook to setup the TMKMS service:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml
```
## Run Node
### Start TMKMS
- Run the following steps in the machine where the TMKMS service is setup (Machine 4)
- Run ansible playbook to run the TMKMS:
```bash
ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml
```
- Check logs to ensure that TMKMS is running:
```bash
laconic-so deployment --dir $DATA_DIRECTORY/$TMKMS_DEPLOYMENT_DIR logs tmkms -f
```
- Expected example output:
```bash
INFO tmkms::commands::start: tmkms 0.14.0 starting up...
INFO tmkms::keyring: [keyring:softsign] added consensus Ed25519 key: {"@type":"/cosmos.crypto.ed25519.PubKey","key":"T24No1A1FmetNRVCOSg2G2XAKWh97oBXuELdAD6DFgw="}
INFO tmkms::connection::tcp: KMS node ID: 7f5fd8dae8953e964e7e56edd4700f597ea0d45c
ERROR tmkms::client: [laconic-mainnet@<node-ip>:26659] I/O error: Connection refused (os error 111)
```
NOTE: The errors dissapear once the laconicd node starts
- Note the pubkey logged at start for comparing later with validator pubkey on chain
- Enable TMKMS in the laconicd node configuration:
```bash
@ -162,7 +181,7 @@
echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
```
## Start Node
### Start Node
- Start the laconicd node:
@ -234,7 +253,7 @@
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
```
- If TMKMS has been configured, remove the validator key from node deployment as it is no longer required:
- Remove the validator key from node deployment as TMKMS is configured:
```bash
rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json