Compare commits

..

No commits in common. "main" and "main" have entirely different histories.
main ... main

5 changed files with 20 additions and 139 deletions

View File

@ -44,5 +44,5 @@ COPY . /app/
WORKDIR /app/
RUN rm -rf node_modules && yarn && yarn clean && yarn build:release
COPY scripts .
CMD ["./scripts/run.sh"]
COPY run.sh .
CMD ["./run.sh"]

View File

@ -5,10 +5,10 @@ files used by those requests.
## Build and Run
```bash
yarn
yarn build
yarn start
```
$ yarn
$ yarn build
$ yarn start
```
## Configuration
@ -20,22 +20,22 @@ On upload, the configuration is temporarily decrypted for validation, but stored
To create and export a key in the necessary format use:
```bash
```
# Create a key
gpg --batch --passphrase "SECRET" --quick-generate-key webapp-deployer-api.my.domain.com default default never
$ gpg --batch --passphrase "SECRET" --quick-generate-key webapp-deployer-api.my.domain.com default default never
# Export the public key
gpg --export webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.pub
$ gpg --export webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.pub
# Export the private key
gpg --export-secret-keys webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.key
$ gpg --export-secret-keys webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.key
```
### Create the Deployer Record
Every webapp deployer should have `WebappDeployer` record in the registry which looks something like:
```yml
```
record:
type: WebappDeployer
version: 1.0.0
@ -48,34 +48,16 @@ record:
This record can most easily be created using `laconic-so publish-deployer-to-registry`.
```bash
laconic-so publish-deployer-to-registry \
```
$ laconic-so publish-deployer-to-registry \
--laconic-config ~/.laconic/registry.yml \
--api-url https://webapp-deployer-api.my.domain.com
--api-url https://webapp-deployer-api.my.domain.com
--public-key-file webapp-deployer-api.my.domain.com.pgp.pub \
--lrn lrn://laconic/deployers/webapp-deployer-api.my.domain.com \
--min-required-payment 100
```
This will create the record in the proper format and assign its LRN.
### Publish Deployment Auction
Users can optionally create an auction for app deployment with desired number of providers and max price they are willing to pay for a deployment:
```bash
laconic-so publish-deployment-auction \
--laconic-config ./config.yml \
--app lrn://cerc-io/applications/webapp-hello-world@0.1.3 \
--commits-duration 3600 \
--reveals-duration 3600 \
--commit-fee 10000 \
--reveal-fee 10000 \
--max-price 5000000 \
--num-providers 3
```
This will create a `provider` auction with given params and publish a deployment auction record.
This will create the record in the proper format and assign its LRN.
### Request Deployment
@ -85,11 +67,11 @@ Users can now request deployment using the LRN of the deployer. This will allow
1. Obtain the public key for encrypting config.
1. See the minimum required payment.
The request can be made using `laconic-so request-webapp-deployment`. This will handle encrypting and uploading the
The request can be made using `laconic-so request-webapp-deployment`. This will handle encrypting and uploading the
config automatically, as well as making a payment (if necessary).
```bash
laconic-so request-webapp-deployment \
```
$ laconic-so request-webapp-deployment \
--laconic-config ~/.laconic/registry.yml \
--deployer lrn://laconic/deployers/webapp-deployer-api.my.domain.com \
--app lrn://cerc-io/applications/webapp-hello-world@0.1.3 \
@ -97,33 +79,9 @@ laconic-so request-webapp-deployment \
--make-payment auto
```
Alternatively, users can also use a deployment auction they created instead of making the payment to any specific deployer directly:
```bash
laconic-so request-webapp-deployment \
--laconic-config ~/.laconic/registry.yml \
--app lrn://cerc-io/applications/webapp-hello-world@0.1.3 \
--env-file hello.env \
--auction-id 4c9701c22651e143202e991056b6e7649853acc5bc0e97e3a98e09c9f3355909
```
This creates deployment requests targeted towards all the deployers who have won the auction. Similar to requests with payments, the config is automatically encrypted and uploaded to all the deployers.
### Request Undeployment
Users can also request removal of an existing deployment using the deployment record id:
```bash
laconic-so request-webapp-undeployment \
--laconic-config ~/.laconic/registry.yml \
--deployer lrn://laconic/deployers/webapp-deployer-api.my.domain.com \
--deployment bafyreigeopr72dmp6rhvnomgdz3cljbqzhh75epcrigit7ue6i6vjullme \
--make-payment auto
```
### Example Config
```bash
```
UPLOAD_DIRECTORY="/srv/uploads/config"
UPLOAD_MAX_SIZE="1MB"
DEPLOYER_STATE="/srv/deployments/autodeploy.state"
@ -132,10 +90,4 @@ BUILD_LOGS="/srv/logs"
OPENPGP_PASSPHRASE="SECRET"
OPENPGP_PRIVATE_KEY_FILE="/etc/config/webapp-deployer-api.my.domain.com.pgp.key"
LACONIC_CONFIG="/etc/config/registry.yml"
LRN=lrn://laconic/deployers/webapp-deployer-api.my.domain.com
CHECK_INTERVAL=15
AUCTION_CHECK_INTERVAL=10
HANDLE_AUCTION_REQUESTS=true
AUCTION_BID_AMOUNT=50000
```

View File

@ -8,15 +8,6 @@ services:
ports:
- 9555
cerc-webapp-auction-handler:
image: cerc/webapp-deployer-backend:local
restart: always
environment:
RUN_AUCTIONS_HANDLER: "true"
volumes:
- srv:/srv
- config:/etc/config:ro
volumes:
config:
srv:

View File

@ -1,10 +1,5 @@
#!/bin/bash
if [ "$RUN_AUCTIONS_HANDLER" = "true" ]; then
exec "./scripts/handle-auctions.sh"
exit
fi
function is_privileged {
ip link add dummy0 type dummy >/dev/null
if [[ $? -eq 0 ]]; then
@ -40,16 +35,10 @@ if [ ! -f "/etc/config/kube.yml" ]; then
exit 2
fi
AUCTION_OPTS=""
if [ "$HANDLE_AUCTION_REQUESTS" = "true" ]; then
AUCTION_OPTS="--auction-requests"
fi
STORAGE_ROOT="${STORAGE_ROOT:-/srv}"
DEPLOYMENTS_DIR="${DEPLOYMENTS_DIR:-$STORAGE_ROOT/deployments}"
LOG_DIR="${LOG_DIR:-$STORAGE_ROOT/logs}"
CONTAINERS_DIR="${CONTAINER_DIR:-$STORAGE_ROOT/containers}"
REGISTRY_LOCK_FILE="${REGISTRY_LOCK_FILE:-/srv/registry_mutex_lock_file}"
if [[ ! -d "${DEPLOYMENTS_DIR}" ]]; then
mkdir -p "${DEPLOYMENTS_DIR}"
@ -127,7 +116,6 @@ while true; do
echo "########### UNDEPLOY ############"
laconic-so undeploy-webapp-from-registry \
--laconic-config /etc/config/laconic.yml \
--registry-lock-file "${REGISTRY_LOCK_FILE}" \
--deployment-parent-dir "${DEPLOYMENTS_DIR}" \
--delete-names \
--delete-volumes \
@ -135,7 +123,7 @@ while true; do
--include-tags "$INCLUDE_TAGS" \
--exclude-tags "$EXCLUDE_TAGS" \
--lrn "$LRN" \
--min-required-payment 0 \
--min-required-payment ${MIN_REQUIRED_PAYMENT:-0} \
$EXTRA_UNDEPLOY_OPTS \
$UPDATE_OPTS \
--discover
@ -150,7 +138,6 @@ while true; do
laconic-so deploy-webapp-from-registry \
--kube-config /etc/config/kube.yml \
--laconic-config /etc/config/laconic.yml \
--registry-lock-file "${REGISTRY_LOCK_FILE}" \
--image-registry ${IMAGE_REGISTRY} \
--deployment-parent-dir "${DEPLOYMENTS_DIR}" \
--dns-suffix ${DEPLOYMENT_DNS_SUFFIX} \
@ -165,8 +152,6 @@ while true; do
--config-upload-dir "$UPLOAD_DIRECTORY" \
--private-key-file "$OPENPGP_PRIVATE_KEY_FILE" \
--private-key-passphrase "$OPENPGP_PASSPHRASE" \
--recreate-on-deploy \
$AUCTION_OPTS \
$LOG_OPTS \
$EXTRA_DEPLOY_OPTS \
$UPDATE_OPTS \

View File

@ -1,47 +0,0 @@
#!/bin/bash
if [ ! -f "/etc/config/laconic.yml" ]; then
echo "/etc/config/laconic.yml is required."
exit 2
fi
if [ "$HANDLE_AUCTION_REQUESTS" = "true" ]; then
if [ -z "$AUCTION_BID_AMOUNT" ]; then
echo "AUCTION_BID_AMOUNT is required when handling auction requsts."
exit 2
fi
else
echo "Not handling auction requests"
# k8s integration only supports "always" restart policy, so wait indefinitely
# TODO: Exit container once restart policy is supported
tail -f /dev/null
fi
STORAGE_ROOT="${STORAGE_ROOT:-/srv}"
DEPLOYMENTS_DIR="${DEPLOYMENTS_DIR:-$STORAGE_ROOT/deployments}"
REGISTRY_LOCK_FILE="${REGISTRY_LOCK_FILE:-/srv/registry_mutex_lock_file}"
if [[ ! -d "${DEPLOYMENTS_DIR}" ]]; then
mkdir -p "${DEPLOYMENTS_DIR}"
fi
cd /app/
while true; do
echo "=============================================================="
echo "############ DEPLOYMENT AUCTION #############"
laconic-so handle-deployment-auction \
--laconic-config /etc/config/laconic.yml \
--registry-lock-file "${REGISTRY_LOCK_FILE}" \
--state-file "${DEPLOYMENTS_DIR}/autoauction.state" \
--bid-amount ${AUCTION_BID_AMOUNT}
rc=$?
if [ $rc -eq 0 ]; then
echo "############ DEPLOYMENT AUCTION SUCCESS #############"
else
echo "############ DEPLOYMENT AUCTION FAILURE STATUS $rc #############"
fi
sleep ${AUCTION_CHECK_INTERVAL:-10}
done