From 1f5ccd9bc35f5e8f790e0d133f0537490322db68 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:24:41 +0200 Subject: [PATCH 01/23] adding ethereumjs chart, closes: #169 --- README.md | 1 + charts/ethereumjs/.helmignore | 23 ++ charts/ethereumjs/Chart.yaml | 13 + charts/ethereumjs/README.md | 125 +++++++ charts/ethereumjs/README.md.gotmpl | 41 +++ charts/ethereumjs/ci/default-values.yaml | 1 + charts/ethereumjs/templates/NOTES.txt | 0 charts/ethereumjs/templates/_cmd.tpl | 6 + charts/ethereumjs/templates/_helpers.tpl | 78 ++++ charts/ethereumjs/templates/clusterrole.yaml | 10 + .../templates/clusterrolebinding.yaml | 16 + charts/ethereumjs/templates/configmap.yaml | 9 + charts/ethereumjs/templates/ingress.yaml | 61 ++++ .../templates/poddisruptionbudget.yaml | 18 + charts/ethereumjs/templates/role.yaml | 10 + charts/ethereumjs/templates/rolebinding.yaml | 15 + charts/ethereumjs/templates/secret.yaml | 18 + .../templates/service-headless.yaml | 34 ++ .../templates/service.p2p.nodeport.yaml | 30 ++ charts/ethereumjs/templates/service.yaml | 34 ++ .../ethereumjs/templates/serviceaccount.yaml | 13 + .../ethereumjs/templates/servicemonitor.yaml | 43 +++ charts/ethereumjs/templates/statefulset.yaml | 206 +++++++++++ .../templates/tests/test-connection.yaml | 24 ++ charts/ethereumjs/values.yaml | 338 ++++++++++++++++++ 25 files changed, 1167 insertions(+) create mode 100644 charts/ethereumjs/.helmignore create mode 100644 charts/ethereumjs/Chart.yaml create mode 100644 charts/ethereumjs/README.md create mode 100644 charts/ethereumjs/README.md.gotmpl create mode 100644 charts/ethereumjs/ci/default-values.yaml create mode 100644 charts/ethereumjs/templates/NOTES.txt create mode 100644 charts/ethereumjs/templates/_cmd.tpl create mode 100644 charts/ethereumjs/templates/_helpers.tpl create mode 100644 charts/ethereumjs/templates/clusterrole.yaml create mode 100644 charts/ethereumjs/templates/clusterrolebinding.yaml create mode 100644 charts/ethereumjs/templates/configmap.yaml create mode 100644 charts/ethereumjs/templates/ingress.yaml create mode 100644 charts/ethereumjs/templates/poddisruptionbudget.yaml create mode 100644 charts/ethereumjs/templates/role.yaml create mode 100644 charts/ethereumjs/templates/rolebinding.yaml create mode 100644 charts/ethereumjs/templates/secret.yaml create mode 100644 charts/ethereumjs/templates/service-headless.yaml create mode 100644 charts/ethereumjs/templates/service.p2p.nodeport.yaml create mode 100644 charts/ethereumjs/templates/service.yaml create mode 100644 charts/ethereumjs/templates/serviceaccount.yaml create mode 100644 charts/ethereumjs/templates/servicemonitor.yaml create mode 100644 charts/ethereumjs/templates/statefulset.yaml create mode 100644 charts/ethereumjs/templates/tests/test-connection.yaml create mode 100644 charts/ethereumjs/values.yaml diff --git a/README.md b/README.md index 96e4ffba..c06dd812 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ Execution layer clients - [`besu`](charts/besu) - [`erigon`](charts/erigon) +- [`ethereumjs`](charts/ethereumjs) - [`geth`](charts/geth) - [`nethermind`](charts/nethermind) diff --git a/charts/ethereumjs/.helmignore b/charts/ethereumjs/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/ethereumjs/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/ethereumjs/Chart.yaml b/charts/ethereumjs/Chart.yaml new file mode 100644 index 00000000..5c61be56 --- /dev/null +++ b/charts/ethereumjs/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: ethereumjs +description: > + The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or Nethermind) written in TypeScript/JavaScript, the non-Smart-Contract language Ethereum dApp developers are most familiar with. It is targeted to be a client for research and development and not meant to be used in production on mainnet for the foreseeable future (out of resource and security considerations). +home: https://ethereumjs.readthedocs.io/en/latest/ +icon: https://user-images.githubusercontent.com/47108/78779352-d0839500-796a-11ea-9468-fd2a0b3fe1ef.png +sources: + - https://github.com/ethereumjs/ethereumjs-monorepo +type: application +version: 0.0.1 +maintainers: + - name: barnabasbusa + email: busa.barnabas@gmail.com diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md new file mode 100644 index 00000000..565eb030 --- /dev/null +++ b/charts/ethereumjs/README.md @@ -0,0 +1,125 @@ + +# ethereumjs + +![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Go Ethereum (ethereumjs for short) is one of the original implementations of the Ethereum protocol. Currently, it is the most widespread client with the biggest user base and variety of tooling for users and developers. It is written in Go, fully open source and licensed under the GNU LGPL v3 + +**Homepage:** + +## Source Code + +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Affinity configuration for pods | +| annotations | object | `{}` | Annotations for the StatefulSet | +| authPort | int | `8551` | Engine Port (Auth Port) | +| config | string | See `values.yaml` for example | TOML config file | +| containerSecurityContext | object | See `values.yaml` | The security context for containers | +| customCommand | list | `[]` | Legacy way of overwriting the default command. You may prefer to change defaultCommandTemplate instead. | +| defaultCommandTemplate | string | See `values.yaml` | Template used for the default command | +| extraArgs | list | `[]` | Extra args for the ethereumjs container | +| extraContainerPorts | list | `[]` | Additional ports for the main container | +| extraContainers | list | `[]` | Additional containers | +| extraEnv | list | `[]` | Additional env variables | +| extraPorts | list | `[]` | Additional ports. Useful when using extraContainers or extraContainerPorts | +| extraVolumeMounts | list | `[]` | Additional volume mounts | +| extraVolumes | list | `[]` | Additional volumes | +| fullnameOverride | string | `""` | Overrides the chart's computed fullname | +| rpcPort | int | `8545` | HTTP Port | +| image.pullPolicy | string | `"IfNotPresent"` | ethereumjs container pull policy | +| image.repository | string | `"ethereum/client-go"` | ethereumjs container image repository | +| image.tag | string | `"stable"` | ethereumjs container image tag | +| imagePullSecrets | list | `[]` | Image pull secrets for Docker images | +| ingress.annotations | object | `{}` | Annotations for Ingress | +| ingress.enabled | bool | `false` | Ingress resource for the HTTP API | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | Ingress TLS | +| initChownData.enabled | bool | `true` | Init container to set the correct permissions to access data directories | +| initChownData.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| initChownData.image.repository | string | `"busybox"` | Container repository | +| initChownData.image.tag | string | `"1.34.0"` | Container tag | +| initChownData.resources | object | `{}` | Resource requests and limits | +| initContainers | list | `[]` | Additional init containers | +| jwt | string | `"ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a"` | JWT secret used by client as a configMap. Change this value. | +| livenessProbe | object | See `values.yaml` | Liveness probe | +| metricsPort | int | `6060` | Metrics Port | +| nameOverride | string | `""` | Overrides the chart's name | +| nodeSelector | object | `{}` | Node selector for pods | +| p2pNodePort.enabled | bool | `false` | Expose P2P port via NodePort | +| p2pNodePort.initContainer.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| p2pNodePort.initContainer.image.repository | string | `"lachlanevenson/k8s-kubectl"` | Container image to fetch nodeport information | +| p2pNodePort.initContainer.image.tag | string | `"v1.21.3"` | Container tag | +| p2pNodePort.port | int | `31000` | NodePort to be used | +| p2pNodePort.portForwardContainer.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| p2pNodePort.portForwardContainer.image.repository | string | `"alpine/socat"` | Container image for the port forwarder | +| p2pNodePort.portForwardContainer.image.tag | string | `"latest"` | Container tag | +| persistence.accessModes | list | `["ReadWriteOnce"]` | Access mode for the volume claim template | +| persistence.annotations | object | `{}` | Annotations for volume claim template | +| persistence.enabled | bool | `false` | Uses an EmptyDir when not enabled | +| persistence.existingClaim | string | `nil` | Use an existing PVC when persistence.enabled | +| persistence.selector | object | `{}` | Selector for volume claim template | +| persistence.size | string | `"20Gi"` | Requested size for volume claim template | +| persistence.storageClassName | string | `nil` | Use a specific storage class E.g 'local-path' for local storage to achieve best performance Read more (https://github.com/rancher/local-path-provisioner) | +| podAnnotations | object | `{}` | Pod annotations | +| podDisruptionBudget | object | `{}` | Define the PodDisruptionBudget spec If not set then a PodDisruptionBudget will not be created | +| podLabels | object | `{}` | Pod labels | +| podManagementPolicy | string | `"OrderedReady"` | Pod management policy | +| priorityClassName | string | `nil` | Pod priority class | +| rbac.clusterRules | list | See `values.yaml` | Required ClusterRole rules | +| rbac.create | bool | `true` | Specifies whether RBAC resources are to be created | +| rbac.rules | list | See `values.yaml` | Required ClusterRole rules | +| readinessProbe | object | See `values.yaml` | Readiness probe | +| replicas | int | `1` | Number of replicas | +| resources | object | `{}` | Resource requests and limits | +| secretEnv | object | `{}` | Additional env variables injected via a created secret | +| securityContext | object | See `values.yaml` | The security context for pods | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceMonitor.annotations | object | `{}` | Additional ServiceMonitor annotations | +| serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator | +| serviceMonitor.interval | string | `"1m"` | ServiceMonitor scrape interval | +| serviceMonitor.labels | object | `{}` | Additional ServiceMonitor labels | +| serviceMonitor.namespace | string | `nil` | Alternative namespace for ServiceMonitor | +| serviceMonitor.path | string | `"/debug/metrics/prometheus"` | Path to scrape | +| serviceMonitor.relabelings | list | `[]` | ServiceMonitor relabelings | +| serviceMonitor.scheme | string | `"http"` | ServiceMonitor scheme | +| serviceMonitor.scrapeTimeout | string | `"30s"` | ServiceMonitor scrape timeout | +| serviceMonitor.tlsConfig | object | `{}` | ServiceMonitor TLS configuration | +| terminationGracePeriodSeconds | int | `300` | How long to wait until the pod is forcefully terminated | +| tolerations | list | `[]` | Tolerations for pods | +| updateStrategy | object | `{"type":"RollingUpdate"}` | Update stategy for the Statefulset | +| updateStrategy.type | string | `"RollingUpdate"` | Update stategy type | +| wsPort | int | `8546` | WS Port | + +# Examples + +## Connecting to the goerli test network + +```yaml +extraArgs: + - --goerli + - --maxpeers=60 +``` + +## Exposing the P2P service via NodePort + +This will make your node accessible via the Internet using a service of type [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport). +When using `p2pNodePort.enabled` the exposed IP address on your ENR record will be the "External IP" of the node where the pod is running. + +**Limitations:** You can only run a single replica per chart deployment when using `p2pNodePort.enabled=true`.If you need N nodes, simply deploy the chart N times. +Currently ethereumjs doesn't allow you to announce a a different discovery port, which would be a requirement to run multiple replicas within the same chart. + +```yaml +replicas: 1 + +p2pNodePort: + enabled: true + port: 31000 +``` diff --git a/charts/ethereumjs/README.md.gotmpl b/charts/ethereumjs/README.md.gotmpl new file mode 100644 index 00000000..e5208894 --- /dev/null +++ b/charts/ethereumjs/README.md.gotmpl @@ -0,0 +1,41 @@ + +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +# Examples + +## Connecting to the goerli test network + +```yaml +extraArgs: + - --goerli + - --maxpeers=60 +``` + +## Exposing the P2P service via NodePort + +This will make your node accessible via the Internet using a service of type [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport). +When using `p2pNodePort.enabled` the exposed IP address on your ENR record will be the "External IP" of the node where the pod is running. + +**Limitations:** You can only run a single replica per chart deployment when using `p2pNodePort.enabled=true`.If you need N nodes, simply deploy the chart N times. +Currently ethereumjs doesn't allow you to announce a a different discovery port, which would be a requirement to run multiple replicas within the same chart. + +```yaml +replicas: 1 + +p2pNodePort: + enabled: true + port: 31000 +``` diff --git a/charts/ethereumjs/ci/default-values.yaml b/charts/ethereumjs/ci/default-values.yaml new file mode 100644 index 00000000..7cf9a955 --- /dev/null +++ b/charts/ethereumjs/ci/default-values.yaml @@ -0,0 +1 @@ +# Leave empty so that CT tests with default values diff --git a/charts/ethereumjs/templates/NOTES.txt b/charts/ethereumjs/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/charts/ethereumjs/templates/_cmd.tpl b/charts/ethereumjs/templates/_cmd.tpl new file mode 100644 index 00000000..93af9c36 --- /dev/null +++ b/charts/ethereumjs/templates/_cmd.tpl @@ -0,0 +1,6 @@ +{{/* +# Default command +*/}} +{{- define "ethereumjs.defaultCommand" -}} +{{- tpl .Values.defaultCommandTemplate . }} +{{- end }} diff --git a/charts/ethereumjs/templates/_helpers.tpl b/charts/ethereumjs/templates/_helpers.tpl new file mode 100644 index 00000000..45c18283 --- /dev/null +++ b/charts/ethereumjs/templates/_helpers.tpl @@ -0,0 +1,78 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ethereumjs.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ethereumjs.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ethereumjs.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ethereumjs.labels" -}} +helm.sh/chart: {{ include "ethereumjs.chart" . }} +{{ include "ethereumjs.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ethereumjs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ethereumjs.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ethereumjs.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ethereumjs.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "ethereumjs.p2pPort" -}} +{{- if .Values.p2pNodePort.enabled }} +{{- print .Values.p2pNodePort.port }} +{{- else }} +{{- printf "30303" -}} +{{- end }} +{{- end -}} + +{{- define "ethereumjs.replicas" -}} +{{- if .Values.p2pNodePort.enabled }} +{{- print 1 }} +{{ else }} +{{- print .Values.replicas }} +{{- end}} +{{- end -}} diff --git a/charts/ethereumjs/templates/clusterrole.yaml b/charts/ethereumjs/templates/clusterrole.yaml new file mode 100644 index 00000000..5921d2e1 --- /dev/null +++ b/charts/ethereumjs/templates/clusterrole.yaml @@ -0,0 +1,10 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.clusterRules | nindent 0 }} +{{- end }} diff --git a/charts/ethereumjs/templates/clusterrolebinding.yaml b/charts/ethereumjs/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..53d935fe --- /dev/null +++ b/charts/ethereumjs/templates/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "ethereumjs.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "ethereumjs.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/ethereumjs/templates/configmap.yaml b/charts/ethereumjs/templates/configmap.yaml new file mode 100644 index 00000000..f89616dc --- /dev/null +++ b/charts/ethereumjs/templates/configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "ethereumjs.fullname" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +data: + ethereumjs.toml: | + {{- .Values.config | nindent 4 }} \ No newline at end of file diff --git a/charts/ethereumjs/templates/ingress.yaml b/charts/ethereumjs/templates/ingress.yaml new file mode 100644 index 00000000..0d8e891b --- /dev/null +++ b/charts/ethereumjs/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ethereumjs.fullname" . -}} +{{- $svcPort := .Values.rpcPort -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/ethereumjs/templates/poddisruptionbudget.yaml b/charts/ethereumjs/templates/poddisruptionbudget.yaml new file mode 100644 index 00000000..14fc4b60 --- /dev/null +++ b/charts/ethereumjs/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ include "ethereumjs.fullname" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +spec: +{{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} +{{- end }} +{{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} +{{- end }} + selector: + matchLabels: + {{- include "ethereumjs.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/ethereumjs/templates/role.yaml b/charts/ethereumjs/templates/role.yaml new file mode 100644 index 00000000..d6e58c88 --- /dev/null +++ b/charts/ethereumjs/templates/role.yaml @@ -0,0 +1,10 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.rules | nindent 0 }} +{{- end }} diff --git a/charts/ethereumjs/templates/rolebinding.yaml b/charts/ethereumjs/templates/rolebinding.yaml new file mode 100644 index 00000000..d1936838 --- /dev/null +++ b/charts/ethereumjs/templates/rolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ethereumjs.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "ethereumjs.serviceAccountName" . }} +{{- end }} diff --git a/charts/ethereumjs/templates/secret.yaml b/charts/ethereumjs/templates/secret.yaml new file mode 100644 index 00000000..d700f794 --- /dev/null +++ b/charts/ethereumjs/templates/secret.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ethereumjs.fullname" . }}-env + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +data: +{{- range $key, $value := .Values.secretEnv }} + {{ $key }}: {{ $value | b64enc }} +{{- end }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ethereumjs.fullname" . }}-jwt +type: Opaque +data: + jwt.hex: {{ .Values.jwt | b64enc }} \ No newline at end of file diff --git a/charts/ethereumjs/templates/service-headless.yaml b/charts/ethereumjs/templates/service-headless.yaml new file mode 100644 index 00000000..b629329d --- /dev/null +++ b/charts/ethereumjs/templates/service-headless.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ethereumjs.fullname" . }}-headless + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - port: {{ include "ethereumjs.p2pPort" . }} + targetPort: p2p-tcp + protocol: TCP + name: p2p-tcp + - port: {{ include "ethereumjs.p2pPort" . }} + targetPort: p2p-udp + protocol: UDP + name: p2p-udp + - port: {{ .Values.rpcPort }} + targetPort: http-rpc + protocol: TCP + name: http-rpc + - port: {{ .Values.wsPort }} + targetPort: ws-rpc + protocol: TCP + name: ws-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if .Values.extraPorts }} + {{ toYaml .Values.extraPorts | nindent 4}} + {{- end }} + selector: + {{- include "ethereumjs.selectorLabels" . | nindent 4 }} diff --git a/charts/ethereumjs/templates/service.p2p.nodeport.yaml b/charts/ethereumjs/templates/service.p2p.nodeport.yaml new file mode 100644 index 00000000..31ee77f2 --- /dev/null +++ b/charts/ethereumjs/templates/service.p2p.nodeport.yaml @@ -0,0 +1,30 @@ +{{- if .Values.p2pNodePort.enabled -}} + +{{- $port := $.Values.p2pNodePort.port -}} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ethereumjs.fullname" $ }}-p2p-0 + labels: + {{- include "ethereumjs.labels" $ | nindent 4 }} + pod: {{ include "ethereumjs.fullname" $ }}-0 + type: p2p +spec: + type: NodePort + externalTrafficPolicy: Local + ports: + - name: p2p-tcp + port: {{ include "ethereumjs.p2pPort" $ }} + protocol: TCP + targetPort: p2p-tcp + nodePort: {{ $port }} + - name: p2p-udp + port: {{ include "ethereumjs.p2pPort" $ }} + protocol: UDP + targetPort: p2p-udp + nodePort: {{ $port }} + selector: + {{- include "ethereumjs.selectorLabels" $ | nindent 4 }} + statefulset.kubernetes.io/pod-name: "{{ include "ethereumjs.fullname" $ }}-0" +{{- end }} diff --git a/charts/ethereumjs/templates/service.yaml b/charts/ethereumjs/templates/service.yaml new file mode 100644 index 00000000..6a66e533 --- /dev/null +++ b/charts/ethereumjs/templates/service.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ethereumjs.fullname" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: {{ include "ethereumjs.p2pPort" . }} + targetPort: p2p-tcp + protocol: TCP + name: p2p-tcp + - port: {{ include "ethereumjs.p2pPort" . }} + targetPort: p2p-udp + protocol: UDP + name: p2p-udp + - port: {{ .Values.rpcPort }} + targetPort: http-rpc + protocol: TCP + name: http-rpc + - port: {{ .Values.wsPort }} + targetPort: ws-rpc + protocol: TCP + name: ws-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if .Values.extraPorts }} + {{ toYaml .Values.extraPorts | nindent 4}} + {{- end }} + selector: + {{- include "ethereumjs.selectorLabels" . | nindent 4 }} diff --git a/charts/ethereumjs/templates/serviceaccount.yaml b/charts/ethereumjs/templates/serviceaccount.yaml new file mode 100644 index 00000000..03ea2606 --- /dev/null +++ b/charts/ethereumjs/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/ethereumjs/templates/servicemonitor.yaml b/charts/ethereumjs/templates/servicemonitor.yaml new file mode 100644 index 00000000..e6e03903 --- /dev/null +++ b/charts/ethereumjs/templates/servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "ethereumjs.serviceAccountName" . }} + {{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} + {{- if .Values.serviceMonitor.labels }} + {{- toYaml .Values.serviceMonitor.labels | nindent 4 }} + {{- end }} + {{- if .Values.serviceMonitor.annotations }} + annotations: + {{ toYaml .Values.serviceMonitor.annotations | nindent 4 }} + {{- end }} +spec: + endpoints: + - interval: {{ .Values.serviceMonitor.interval }} + {{- if .Values.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + {{- end }} + honorLabels: true + port: metrics + path: {{ .Values.serviceMonitor.path }} + scheme: {{ .Values.serviceMonitor.scheme }} + {{- if .Values.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml .Values.serviceMonitor.tlsConfig | nindent 6 }} + {{- end }} + {{- if .Values.serviceMonitor.relabelings }} + relabelings: + {{- toYaml .Values.serviceMonitor.relabelings | nindent 4 }} + {{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "ethereumjs.selectorLabels" . | nindent 8 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/charts/ethereumjs/templates/statefulset.yaml b/charts/ethereumjs/templates/statefulset.yaml new file mode 100644 index 00000000..bdada773 --- /dev/null +++ b/charts/ethereumjs/templates/statefulset.yaml @@ -0,0 +1,206 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "ethereumjs.fullname" . }} + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.annotations | nindent 4 }} +spec: + podManagementPolicy: {{ .Values.podManagementPolicy }} + replicas: {{ include "ethereumjs.replicas" . }} + selector: + matchLabels: + {{- include "ethereumjs.selectorLabels" . | nindent 6 }} + serviceName: {{ include "ethereumjs.fullname" . }}-headless + updateStrategy: + {{- toYaml .Values.updateStrategy | nindent 4 }} + template: + metadata: + labels: + {{- include "ethereumjs.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/secrets: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "ethereumjs.serviceAccountName" . }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 8 }} + initContainers: + {{- if .Values.initContainers }} + {{- tpl (toYaml .Values.initContainers | nindent 8) $ }} + {{- end }} + {{- if .Values.p2pNodePort.enabled }} + - name: init-nodeport + image: "{{ .Values.p2pNodePort.initContainer.image.repository }}:{{ .Values.p2pNodePort.initContainer.image.tag }}" + imagePullPolicy: {{.Values.p2pNodePort.initContainer.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: + - sh + - -c + - > + export EXTERNAL_PORT=$(kubectl get services -l "pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); + export EXTERNAL_IP=$(kubectl get nodes "${NODE_NAME}" -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}'); + echo "EXTERNAL_PORT=$EXTERNAL_PORT" > /env/init-nodeport; + echo "EXTERNAL_IP=$EXTERNAL_IP" >> /env/init-nodeport; + cat /env/init-nodeport; + volumeMounts: + - name: env-nodeport + mountPath: /env + {{- end }} + {{- if .Values.initChownData.enabled }} + - name: init-chown-data + image: "{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}" + imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }}", "/data"] + resources: + {{ toYaml .Values.initChownData.resources | nindent 12 }} + volumeMounts: + - name: storage + mountPath: "/data" + {{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + {{- if gt (len .Values.customCommand) 0 }} + {{- toYaml .Values.customCommand | nindent 12}} + {{- else }} + {{- include "ethereumjs.defaultCommand" . | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 12 }} + volumeMounts: + {{- if .Values.extraVolumeMounts }} + {{ toYaml .Values.extraVolumeMounts | nindent 12}} + {{- end }} + {{- if .Values.p2pNodePort.enabled }} + - name: env-nodeport + mountPath: /env + {{- end }} + - name: storage + mountPath: "/data" + - name: jwt + mountPath: "/data/jwt.hex" + subPath: jwt.hex + readOnly: true + - name: config + mountPath: "/config" + readOnly: true + ports: + {{- if .Values.extraContainerPorts }} + {{ toYaml .Values.extraContainerPorts | nindent 12}} + {{- end }} + - name: p2p-tcp + containerPort: {{ include "ethereumjs.p2pPort" . }} + protocol: TCP + - name: p2p-udp + containerPort: {{ include "ethereumjs.p2pPort" . }} + protocol: UDP + - name: http-rpc + containerPort: {{ .Values.rpcPort }} + protocol: TCP + - name: ws-rpc + containerPort: {{ .Values.wsPort }} + protocol: TCP + - name: auth-rpc + containerPort: {{ .Values.authPort }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- range $key, $value := .Values.secretEnv }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ include "ethereumjs.fullname" $ }}-env + key: {{ $key }} + {{- end }} + {{- if .Values.extraEnv }} + {{- toYaml .Values.extraEnv | nindent 12 }} + {{- end }} + {{- if .Values.extraContainers }} + {{ tpl (toYaml .Values.extraContainers | nindent 8) $ }} + {{- end }} + nodeSelector: + {{- toYaml .Values.nodeSelector | nindent 8 }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + tolerations: + {{- toYaml .Values.tolerations | nindent 8 }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + volumes: + - name: jwt + secret: + secretName: {{ include "ethereumjs.fullname" . }}-jwt + {{- if .Values.p2pNodePort.enabled }} + - name: env-nodeport + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{ toYaml .Values.extraVolumes | nindent 8}} + {{- end }} + - name: config + configMap: + name: {{ include "ethereumjs.fullname" . }} + {{- if not .Values.persistence.enabled }} + - name: storage + emptyDir: {} + {{- else if .Values.persistence.existingClaim }} + - name: storage + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim }} + {{- else }} + volumeClaimTemplates: + - metadata: + name: storage + annotations: + {{- toYaml .Values.persistence.annotations | nindent 8 }} + spec: + accessModes: + {{- toYaml .Values.persistence.accessModes | nindent 8 }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + storageClassName: {{ .Values.persistence.storageClassName }} + {{- if .Values.persistence.selector }} + selector: + {{- toYaml .Values.persistence.selector | nindent 8 }} + {{- end }} + {{- end }} diff --git a/charts/ethereumjs/templates/tests/test-connection.yaml b/charts/ethereumjs/templates/tests/test-connection.yaml new file mode 100644 index 00000000..6c998baa --- /dev/null +++ b/charts/ethereumjs/templates/tests/test-connection.yaml @@ -0,0 +1,24 @@ + +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ethereumjs.fullname" . }}-test-connection" + labels: + {{- include "ethereumjs.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: curl + image: curlimages/curl + command: ['curl'] + args: + - --location + - --request + - POST + - '{{ include "ethereumjs.fullname" . }}:{{ .Values.rpcPort }}/' + - --header + - 'Content-Type: application/json' + - --data-raw + - '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":67}' + restartPolicy: Never diff --git a/charts/ethereumjs/values.yaml b/charts/ethereumjs/values.yaml new file mode 100644 index 00000000..6205eb59 --- /dev/null +++ b/charts/ethereumjs/values.yaml @@ -0,0 +1,338 @@ +# -- Overrides the chart's name +nameOverride: "" + +# -- Overrides the chart's computed fullname +fullnameOverride: "" + +# -- Number of replicas +replicas: 1 + +image: + # -- ethereumjs container image repository + repository: ethpandaops/ethereumjs + # -- ethereumjs container image tag + tag: master + # -- ethereumjs container pull policy + pullPolicy: IfNotPresent + +# -- Extra args for the ethereumjs container +extraArgs: [] + #- --goerli + +# -- TOML config file +# @default -- See `values.yaml` for example +config: | + [Node.P2P] + DialRatio = 3 + +# -- JWT secret used by client as a configMap. Change this value. +jwt: ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a + +# -- Template used for the default command +# @default -- See `values.yaml` +defaultCommandTemplate: | + - sh + - -ac + - > + {{- if .Values.p2pNodePort.enabled }} + . /env/init-nodeport; + {{- end }} + exec ethereumjs + --dataDir=/data + {{- if .Values.p2pNodePort.enabled }} + {{- if not (contains "--extIP=" (.Values.extraArgs | join ",")) }} + --extIP=extip:$EXTERNAL_IP + {{- end }} + {{- if not (contains "--port=" (.Values.extraArgs | join ",")) }} + --port=$EXTERNAL_PORT + {{- end }} + {{- else }} + {{- if not (contains "--extIP=" (.Values.extraArgs | join ",")) }} + --extIP=extip:$(POD_IP) + {{- end }} + {{- if not (contains "--port=" (.Values.extraArgs | join ",")) }} + --port={{ include "ethereumjs.p2pPort" . }} + {{- end }} + {{- end }} + --rpc + --rpcAddr=0.0.0.0 + --rpcPort={{ .Values.rpcPort }} + --rpcCors=* + --ws + --wsAddr=0.0.0.0 + --wsPort={{ .Values.wsPort }} + --wsEngineAddr=0.0.0.0 + --wsEnginePort={{ .Values.wsPort }} + --jwtSecret=/data/jwt.hex + --rpcEngine + --rpcEngineAddr=0.0.0.0 + --rpcEnginePort={{ .Values.authPort }} + {{- range .Values.extraArgs }} + {{ tpl . $ }} + {{- end }} + +# -- Legacy way of overwriting the default command. You may prefer to change defaultCommandTemplate instead. +customCommand: [] + +# When p2pNodePort is enabled, your P2P port will be exposed via service type NodePort. +# This is useful if you want to expose and announce your node to the Internet. +# Limitation: You can only one have one replica when exposing via NodePort. +# Check the chart README.md for more details +p2pNodePort: + # -- Expose P2P port via NodePort + enabled: false + # -- NodePort to be used + port: 31000 + initContainer: + image: + # -- Container image to fetch nodeport information + repository: lachlanevenson/k8s-kubectl + # -- Container tag + tag: v1.21.3 + # -- Container pull policy + pullPolicy: IfNotPresent + portForwardContainer: + image: + # -- Container image for the port forwarder + repository: alpine/socat + # -- Container tag + tag: latest + # -- Container pull policy + pullPolicy: IfNotPresent + +ingress: + # -- Ingress resource for the HTTP API + enabled: false + # -- Annotations for Ingress + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # -- Ingress host + hosts: + - host: chart-example.local + paths: [] + # -- Ingress TLS + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# -- Affinity configuration for pods +affinity: {} + +# -- Image pull secrets for Docker images +imagePullSecrets: [] + +# -- Annotations for the StatefulSet +annotations: {} + +# -- Liveness probe +# @default -- See `values.yaml` +livenessProbe: + tcpSocket: + port: http-rpc + initialDelaySeconds: 60 + periodSeconds: 120 + +# -- Readiness probe +# @default -- See `values.yaml` +readinessProbe: + tcpSocket: + port: http-rpc + initialDelaySeconds: 10 + periodSeconds: 10 + +# -- HTTP Port +rpcPort: 8545 + +# -- WS Port +wsPort: 8545 + +# -- Engine Port (Auth Port) +authPort: 8551 + +# -- Node selector for pods +nodeSelector: {} + +persistence: + # -- Uses an EmptyDir when not enabled + enabled: false + # -- Use an existing PVC when persistence.enabled + existingClaim: null + # -- Access mode for the volume claim template + accessModes: + - ReadWriteOnce + # -- Requested size for volume claim template + size: 20Gi + # -- Use a specific storage class + # E.g 'local-path' for local storage to achieve best performance + # Read more (https://github.com/rancher/local-path-provisioner) + storageClassName: null + # -- Annotations for volume claim template + annotations: {} + # -- Selector for volume claim template + selector: {} + # matchLabels: + # app.kubernetes.io/name: something + +# -- Pod labels +podLabels: {} + +# -- Pod annotations +podAnnotations: {} + +# -- Pod management policy +podManagementPolicy: OrderedReady + +# -- Pod priority class +priorityClassName: null + +rbac: + # -- Specifies whether RBAC resources are to be created + create: true + # -- Required ClusterRole rules + # @default -- See `values.yaml` + clusterRules: + # Required to obtain the nodes external IP + - apiGroups: [""] + resources: + - nodes + verbs: + - get + - list + - watch + # -- Required ClusterRole rules + # @default -- See `values.yaml` + rules: + # Required to get information about the serices nodePort. + - apiGroups: [""] + resources: + - services + verbs: + - get + - list + - watch + +# -- Resource requests and limits +resources: {} +# limits: +# cpu: 500m +# memory: 2Gi +# requests: +# cpu: 300m +# memory: 1Gi + +# -- The security context for pods +# @default -- See `values.yaml` +securityContext: + fsGroup: 10001 + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + +# -- The security context for containers +# @default -- See `values.yaml` +containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- How long to wait until the pod is forcefully terminated +terminationGracePeriodSeconds: 300 + +# -- Tolerations for pods +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +# -- Define the PodDisruptionBudget spec +# If not set then a PodDisruptionBudget will not be created +podDisruptionBudget: {} +# minAvailable: 1 +# maxUnavailable: 1 + +# -- Update stategy for the Statefulset +updateStrategy: + # -- Update stategy type + type: RollingUpdate + +# -- Additional init containers +initContainers: [] +# - name: my-init-container +# image: busybox:latest +# command: ['sh', '-c', 'echo hello'] + +# -- Additional containers +extraContainers: [] + +# -- Additional volumes +extraVolumes: [] + +# -- Additional volume mounts +extraVolumeMounts: [] + +# -- Additional ports. Useful when using extraContainers or extraContainerPorts +extraPorts: [] + +# -- Additional ports for the main container +extraContainerPorts: [] + +# -- Additional env variables +extraEnv: [] + +# -- Additional env variables injected via a created secret +secretEnv: {} +# MY_PASSWORD: supersecret + +initChownData: + # -- Init container to set the correct permissions to access data directories + enabled: true + image: + # -- Container repository + repository: busybox + # -- Container tag + tag: 1.34.0 + # -- Container pull policy + pullPolicy: IfNotPresent + # -- Resource requests and limits + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +serviceMonitor: + # -- If true, a ServiceMonitor CRD is created for a prometheus operator + # https://github.com/coreos/prometheus-operator + enabled: false + # -- Path to scrape + path: /debug/metrics/prometheus + # -- Alternative namespace for ServiceMonitor + namespace: null + # -- Additional ServiceMonitor labels + labels: {} + # -- Additional ServiceMonitor annotations + annotations: {} + # -- ServiceMonitor scrape interval + interval: 1m + # -- ServiceMonitor scheme + scheme: http + # -- ServiceMonitor TLS configuration + tlsConfig: {} + # -- ServiceMonitor scrape timeout + scrapeTimeout: 30s + # -- ServiceMonitor relabelings + relabelings: [] From 7faaab9dd5654a4d8141a538d42655178a85d490 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:27:15 +0200 Subject: [PATCH 02/23] fix docs --- charts/ethereumjs/README.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md index 565eb030..9ad0ebc3 100644 --- a/charts/ethereumjs/README.md +++ b/charts/ethereumjs/README.md @@ -1,15 +1,15 @@ # ethereumjs -![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) -Go Ethereum (ethereumjs for short) is one of the original implementations of the Ethereum protocol. Currently, it is the most widespread client with the biggest user base and variety of tooling for users and developers. It is written in Go, fully open source and licensed under the GNU LGPL v3 +The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or Nethermind) written in TypeScript/JavaScript, the non-Smart-Contract language Ethereum dApp developers are most familiar with. It is targeted to be a client for research and development and not meant to be used in production on mainnet for the foreseeable future (out of resource and security considerations). -**Homepage:** +**Homepage:** ## Source Code -* +* ## Values @@ -30,10 +30,9 @@ Go Ethereum (ethereumjs for short) is one of the original implementations of the | extraVolumeMounts | list | `[]` | Additional volume mounts | | extraVolumes | list | `[]` | Additional volumes | | fullnameOverride | string | `""` | Overrides the chart's computed fullname | -| rpcPort | int | `8545` | HTTP Port | | image.pullPolicy | string | `"IfNotPresent"` | ethereumjs container pull policy | -| image.repository | string | `"ethereum/client-go"` | ethereumjs container image repository | -| image.tag | string | `"stable"` | ethereumjs container image tag | +| image.repository | string | `"ethpandaops/ethereumjs"` | ethereumjs container image repository | +| image.tag | string | `"master"` | ethereumjs container image tag | | imagePullSecrets | list | `[]` | Image pull secrets for Docker images | | ingress.annotations | object | `{}` | Annotations for Ingress | | ingress.enabled | bool | `false` | Ingress resource for the HTTP API | @@ -48,7 +47,6 @@ Go Ethereum (ethereumjs for short) is one of the original implementations of the | initContainers | list | `[]` | Additional init containers | | jwt | string | `"ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a"` | JWT secret used by client as a configMap. Change this value. | | livenessProbe | object | See `values.yaml` | Liveness probe | -| metricsPort | int | `6060` | Metrics Port | | nameOverride | string | `""` | Overrides the chart's name | | nodeSelector | object | `{}` | Node selector for pods | | p2pNodePort.enabled | bool | `false` | Expose P2P port via NodePort | @@ -77,6 +75,7 @@ Go Ethereum (ethereumjs for short) is one of the original implementations of the | readinessProbe | object | See `values.yaml` | Readiness probe | | replicas | int | `1` | Number of replicas | | resources | object | `{}` | Resource requests and limits | +| rpcPort | int | `8545` | HTTP Port | | secretEnv | object | `{}` | Additional env variables injected via a created secret | | securityContext | object | See `values.yaml` | The security context for pods | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | @@ -96,7 +95,7 @@ Go Ethereum (ethereumjs for short) is one of the original implementations of the | tolerations | list | `[]` | Tolerations for pods | | updateStrategy | object | `{"type":"RollingUpdate"}` | Update stategy for the Statefulset | | updateStrategy.type | string | `"RollingUpdate"` | Update stategy type | -| wsPort | int | `8546` | WS Port | +| wsPort | int | `8545` | WS Port | # Examples From c042a8caec4f98143a71eb73130bf7fa8a0c9b78 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:34:39 +0200 Subject: [PATCH 03/23] change default ws port to 8546, add ethereumjs to combined chart --- charts/ethereum-node/Chart.yaml | 27 ++++++++++++--------- charts/ethereum-node/templates/NOTES.txt | 4 +++ charts/ethereum-node/values.yaml | 31 ++++++++++++++++++++---- charts/ethereumjs/values.yaml | 2 +- 4 files changed, 47 insertions(+), 17 deletions(-) diff --git a/charts/ethereum-node/Chart.yaml b/charts/ethereum-node/Chart.yaml index 4dd60865..4aa27c1c 100644 --- a/charts/ethereum-node/Chart.yaml +++ b/charts/ethereum-node/Chart.yaml @@ -8,22 +8,12 @@ icon: https://avatars.githubusercontent.com/u/6250754?s=200&v=4 sources: - https://github.com/ethpandaops/ethereum-helm-charts type: application -version: 0.0.1 +version: 0.0.2 maintainers: - name: skylenet email: rafael@skyle.net dependencies: -- name: geth - version: "1.0.2" - #repository: "https://ethpandaops.github.io/ethereum-helm-charts" - repository: "file://../geth" - condition: geth.enabled -- name: nethermind - version: "1.0.2" - #repository: "https://ethpandaops.github.io/ethereum-helm-charts" - repository: "file://../nethermind" - condition: nethermind.enabled - name: besu version: "1.0.2" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" @@ -34,6 +24,21 @@ dependencies: #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../erigon" condition: erigon.enabled +- name: ethereumjs + version: "0.0.1" + #repository: "https://ethpandaops.github.io/ethereum-helm-charts" + repository: "file://../ethereumjs" + condition: ethereumjs.enabled +- name: geth + version: "1.0.2" + #repository: "https://ethpandaops.github.io/ethereum-helm-charts" + repository: "file://../geth" + condition: geth.enabled +- name: nethermind + version: "1.0.2" + #repository: "https://ethpandaops.github.io/ethereum-helm-charts" + repository: "file://../nethermind" + condition: nethermind.enabled - name: lighthouse version: "1.0.2" diff --git a/charts/ethereum-node/templates/NOTES.txt b/charts/ethereum-node/templates/NOTES.txt index d2931df1..44329474 100644 --- a/charts/ethereum-node/templates/NOTES.txt +++ b/charts/ethereum-node/templates/NOTES.txt @@ -18,6 +18,10 @@ To learn more about the release, try: {{ $elCount = add1 $elCount -}} {{ $elName = "erigon" -}} {{- end -}} +{{- if .Values.ethereumjs.enabled -}} +{{ $elCount = add1 $elCount -}} +{{ $elName = "ethereumjs" -}} +{{- end -}} {{- if .Values.besu.enabled -}} {{ $elCount = add1 $elCount -}} {{ $elName = "besu" -}} diff --git a/charts/ethereum-node/values.yaml b/charts/ethereum-node/values.yaml index 4fca0fbf..df2cf955 100644 --- a/charts/ethereum-node/values.yaml +++ b/charts/ethereum-node/values.yaml @@ -16,6 +16,7 @@ global: execution: besu: [] erigon: [] + ethereumjs: [] geth: [] nethermind: [] consensus: @@ -30,6 +31,8 @@ global: - --network=goerli erigon: - --chain=goerli + ethereumjs: + - --network=goerli geth: - --goerli nethermind: @@ -51,6 +54,8 @@ global: - --network=sepolia erigon: - --chain=sepolia + ethereumjs: + - --network=sepolia geth: - --sepolia nethermind: @@ -90,14 +95,14 @@ besu: {{- end -}} {{- end }} -geth: +erigon: enabled: false nameOverride: execution httpPort: 8545 extraArgs: - >- {{- with( index .Values.global.clientArgs.networks .Values.global.main.network ) }} - {{- range $i, $v := .execution.geth }} + {{- range $i, $v := .execution.erigon }} {{- if (eq $i 0) }} {{- $v }} {{- else }} @@ -105,15 +110,32 @@ geth: {{- end }} {{- end -}} {{- end }} + --externalcl -erigon: +ethereumjs: + enabled: false + nameOverride: execution + rpcPort: 8545 + extraArgs: + - >- + {{- with( index .Values.global.clientArgs.networks .Values.global.main.network ) }} + {{- range $i, $v := .execution.ethereumjs }} + {{- if (eq $i 0) }} + {{- $v }} + {{- else }} + {{ $v }} + {{- end }} + {{- end -}} + {{- end }} + +geth: enabled: false nameOverride: execution httpPort: 8545 extraArgs: - >- {{- with( index .Values.global.clientArgs.networks .Values.global.main.network ) }} - {{- range $i, $v := .execution.erigon }} + {{- range $i, $v := .execution.geth }} {{- if (eq $i 0) }} {{- $v }} {{- else }} @@ -121,7 +143,6 @@ erigon: {{- end }} {{- end -}} {{- end }} - --externalcl nethermind: enabled: false diff --git a/charts/ethereumjs/values.yaml b/charts/ethereumjs/values.yaml index 6205eb59..84eb0c75 100644 --- a/charts/ethereumjs/values.yaml +++ b/charts/ethereumjs/values.yaml @@ -146,7 +146,7 @@ readinessProbe: rpcPort: 8545 # -- WS Port -wsPort: 8545 +wsPort: 8546 # -- Engine Port (Auth Port) authPort: 8551 From 610d3ec3262a8c7fccb79f64a54d6474a47ba579 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:36:58 +0200 Subject: [PATCH 04/23] fix readme --- charts/ethereum-node/README.md | 3 ++- charts/ethereumjs/README.md | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/ethereum-node/README.md b/charts/ethereum-node/README.md index b5ecd94a..00536d21 100644 --- a/charts/ethereum-node/README.md +++ b/charts/ethereum-node/README.md @@ -1,7 +1,7 @@ # ethereum-node -![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) This chart acts as an umbrella chart and allows to run a ethereum execution and consensus layer client. It's also able to deploy optional monitoring applications. @@ -17,6 +17,7 @@ This chart acts as an umbrella chart and allows to run a ethereum execution and | file://../besu | besu | 1.0.2 | | file://../erigon | erigon | 1.0.2 | | file://../ethereum-metrics-exporter | ethereum-metrics-exporter | 0.1.3 | +| file://../ethereumjs | ethereumjs | 0.0.1 | | file://../geth | geth | 1.0.2 | | file://../lighthouse | lighthouse | 1.0.2 | | file://../lodestar | lodestar | 1.0.2 | diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md index 9ad0ebc3..5c2dee59 100644 --- a/charts/ethereumjs/README.md +++ b/charts/ethereumjs/README.md @@ -95,7 +95,7 @@ The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or | tolerations | list | `[]` | Tolerations for pods | | updateStrategy | object | `{"type":"RollingUpdate"}` | Update stategy for the Statefulset | | updateStrategy.type | string | `"RollingUpdate"` | Update stategy type | -| wsPort | int | `8545` | WS Port | +| wsPort | int | `8546` | WS Port | # Examples From da53a8db8d32613412f3b6a1ad10a3c8ae684f9c Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:38:10 +0200 Subject: [PATCH 05/23] fix chart dependency --- charts/ethereum-node/Chart.lock | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/charts/ethereum-node/Chart.lock b/charts/ethereum-node/Chart.lock index b1222ada..5bf101e0 100644 --- a/charts/ethereum-node/Chart.lock +++ b/charts/ethereum-node/Chart.lock @@ -1,16 +1,19 @@ dependencies: -- name: geth - repository: file://../geth - version: 1.0.2 -- name: nethermind - repository: file://../nethermind - version: 1.0.2 - name: besu repository: file://../besu version: 1.0.2 - name: erigon repository: file://../erigon version: 1.0.2 +- name: ethereumjs + repository: file://../ethereumjs + version: 0.0.1 +- name: geth + repository: file://../geth + version: 1.0.2 +- name: nethermind + repository: file://../nethermind + version: 1.0.2 - name: lighthouse repository: file://../lighthouse version: 1.0.2 @@ -32,5 +35,5 @@ dependencies: - name: xatu-sentry repository: file://../xatu-sentry version: 0.0.6 -digest: sha256:815a0a66e2ea4451da3337bc34c5c21f28a04859645c466891c36bf657c884ce -generated: "2023-04-06T15:29:54.434957+02:00" +digest: sha256:1ace42c8a9868c6ca5d83823c8758264684c730663f024ec6c8325752dc99c34 +generated: "2023-05-01T14:37:42.892842+02:00" From c871d18e7074684629b3bcc77d89dcbc1f538b33 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:48:37 +0200 Subject: [PATCH 06/23] fix ethereumjs startup arg --- charts/ethereumjs/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/ethereumjs/values.yaml b/charts/ethereumjs/values.yaml index 84eb0c75..296e9aa9 100644 --- a/charts/ethereumjs/values.yaml +++ b/charts/ethereumjs/values.yaml @@ -17,7 +17,7 @@ image: # -- Extra args for the ethereumjs container extraArgs: [] - #- --goerli + #- --network=goerli # -- TOML config file # @default -- See `values.yaml` for example @@ -37,7 +37,7 @@ defaultCommandTemplate: | {{- if .Values.p2pNodePort.enabled }} . /env/init-nodeport; {{- end }} - exec ethereumjs + node /usr/app/ethereumjs-monorepo/packages/client/dist/bin/cli.js --dataDir=/data {{- if .Values.p2pNodePort.enabled }} {{- if not (contains "--extIP=" (.Values.extraArgs | join ",")) }} From d2428be324ea86f6daafdbf3fcb42adf74412870 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:50:30 +0200 Subject: [PATCH 07/23] add ethereumjs to combined ci --- charts/ethereum-node/ci/clients/execution/ethereumjs.yaml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 charts/ethereum-node/ci/clients/execution/ethereumjs.yaml diff --git a/charts/ethereum-node/ci/clients/execution/ethereumjs.yaml b/charts/ethereum-node/ci/clients/execution/ethereumjs.yaml new file mode 100644 index 00000000..5940f6db --- /dev/null +++ b/charts/ethereum-node/ci/clients/execution/ethereumjs.yaml @@ -0,0 +1,2 @@ +ethereumjs: + enabled: true From 10d54c702cd0ebb4485eed9dac9d396ab87ea412 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 14:59:51 +0200 Subject: [PATCH 08/23] add remove wsEngine, remove config --- charts/ethereumjs/README.md | 3 +-- charts/ethereumjs/templates/configmap.yaml | 9 --------- charts/ethereumjs/templates/statefulset.yaml | 7 ------- charts/ethereumjs/values.yaml | 10 +--------- 4 files changed, 2 insertions(+), 27 deletions(-) delete mode 100644 charts/ethereumjs/templates/configmap.yaml diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md index 5c2dee59..41f8edcd 100644 --- a/charts/ethereumjs/README.md +++ b/charts/ethereumjs/README.md @@ -18,7 +18,6 @@ The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or | affinity | object | `{}` | Affinity configuration for pods | | annotations | object | `{}` | Annotations for the StatefulSet | | authPort | int | `8551` | Engine Port (Auth Port) | -| config | string | See `values.yaml` for example | TOML config file | | containerSecurityContext | object | See `values.yaml` | The security context for containers | | customCommand | list | `[]` | Legacy way of overwriting the default command. You may prefer to change defaultCommandTemplate instead. | | defaultCommandTemplate | string | See `values.yaml` | Template used for the default command | @@ -45,7 +44,7 @@ The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or | initChownData.image.tag | string | `"1.34.0"` | Container tag | | initChownData.resources | object | `{}` | Resource requests and limits | | initContainers | list | `[]` | Additional init containers | -| jwt | string | `"ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a"` | JWT secret used by client as a configMap. Change this value. | +| jwt | string | `"ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a"` | JWT secret is attached as a secret object. Change this value. | | livenessProbe | object | See `values.yaml` | Liveness probe | | nameOverride | string | `""` | Overrides the chart's name | | nodeSelector | object | `{}` | Node selector for pods | diff --git a/charts/ethereumjs/templates/configmap.yaml b/charts/ethereumjs/templates/configmap.yaml deleted file mode 100644 index f89616dc..00000000 --- a/charts/ethereumjs/templates/configmap.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "ethereumjs.fullname" . }} - labels: - {{- include "ethereumjs.labels" . | nindent 4 }} -data: - ethereumjs.toml: | - {{- .Values.config | nindent 4 }} \ No newline at end of file diff --git a/charts/ethereumjs/templates/statefulset.yaml b/charts/ethereumjs/templates/statefulset.yaml index bdada773..4b6890e0 100644 --- a/charts/ethereumjs/templates/statefulset.yaml +++ b/charts/ethereumjs/templates/statefulset.yaml @@ -23,7 +23,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} checksum/secrets: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} @@ -112,9 +111,6 @@ spec: mountPath: "/data/jwt.hex" subPath: jwt.hex readOnly: true - - name: config - mountPath: "/config" - readOnly: true ports: {{- if .Values.extraContainerPorts }} {{ toYaml .Values.extraContainerPorts | nindent 12}} @@ -176,9 +172,6 @@ spec: {{- if .Values.extraVolumes }} {{ toYaml .Values.extraVolumes | nindent 8}} {{- end }} - - name: config - configMap: - name: {{ include "ethereumjs.fullname" . }} {{- if not .Values.persistence.enabled }} - name: storage emptyDir: {} diff --git a/charts/ethereumjs/values.yaml b/charts/ethereumjs/values.yaml index 296e9aa9..239737b2 100644 --- a/charts/ethereumjs/values.yaml +++ b/charts/ethereumjs/values.yaml @@ -19,13 +19,7 @@ image: extraArgs: [] #- --network=goerli -# -- TOML config file -# @default -- See `values.yaml` for example -config: | - [Node.P2P] - DialRatio = 3 - -# -- JWT secret used by client as a configMap. Change this value. +# -- JWT secret is attached as a secret object. Change this value. jwt: ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a # -- Template used for the default command @@ -61,8 +55,6 @@ defaultCommandTemplate: | --ws --wsAddr=0.0.0.0 --wsPort={{ .Values.wsPort }} - --wsEngineAddr=0.0.0.0 - --wsEnginePort={{ .Values.wsPort }} --jwtSecret=/data/jwt.hex --rpcEngine --rpcEngineAddr=0.0.0.0 From f2986d75a24b25e1c609b6572dc54a5da8048c41 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 15:02:44 +0200 Subject: [PATCH 09/23] fix ethereumjs readme --- charts/ethereumjs/README.md | 3 +-- charts/ethereumjs/README.md.gotmpl | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md index 41f8edcd..02d57cee 100644 --- a/charts/ethereumjs/README.md +++ b/charts/ethereumjs/README.md @@ -102,8 +102,7 @@ The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or ```yaml extraArgs: - - --goerli - - --maxpeers=60 + - --network=goerli ``` ## Exposing the P2P service via NodePort diff --git a/charts/ethereumjs/README.md.gotmpl b/charts/ethereumjs/README.md.gotmpl index e5208894..7f419e8b 100644 --- a/charts/ethereumjs/README.md.gotmpl +++ b/charts/ethereumjs/README.md.gotmpl @@ -20,8 +20,7 @@ ```yaml extraArgs: - - --goerli - - --maxpeers=60 + - --network=goerli ``` ## Exposing the P2P service via NodePort From 101fa125d2d3ce1884eee449991a238d2a327b2d Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 15:40:23 +0200 Subject: [PATCH 10/23] fix ethereumjs with services --- charts/ethereumjs/README.md | 3 ++- charts/ethereumjs/templates/service-headless.yaml | 14 +++++++++++--- charts/ethereumjs/templates/service.yaml | 14 +++++++++++--- charts/ethereumjs/templates/statefulset.yaml | 3 +++ charts/ethereumjs/values.yaml | 7 ++++++- 5 files changed, 33 insertions(+), 8 deletions(-) diff --git a/charts/ethereumjs/README.md b/charts/ethereumjs/README.md index 02d57cee..3a84d81a 100644 --- a/charts/ethereumjs/README.md +++ b/charts/ethereumjs/README.md @@ -94,7 +94,8 @@ The EthereumJS Client is an Ethereum Execution Client (similar to go-ethereum or | tolerations | list | `[]` | Tolerations for pods | | updateStrategy | object | `{"type":"RollingUpdate"}` | Update stategy for the Statefulset | | updateStrategy.type | string | `"RollingUpdate"` | Update stategy type | -| wsPort | int | `8546` | WS Port | +| wsAuthPort | int | `8551` | WS Engine Auth Port | +| wsPort | int | `8545` | WS Port | # Examples diff --git a/charts/ethereumjs/templates/service-headless.yaml b/charts/ethereumjs/templates/service-headless.yaml index b629329d..a203d20a 100644 --- a/charts/ethereumjs/templates/service-headless.yaml +++ b/charts/ethereumjs/templates/service-headless.yaml @@ -19,14 +19,22 @@ spec: targetPort: http-rpc protocol: TCP name: http-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if ne .Values.rpcPort .Values.wsPort }} - port: {{ .Values.wsPort }} targetPort: ws-rpc protocol: TCP name: ws-rpc - - port: {{ .Values.authPort }} - targetPort: auth-rpc + {{- end }} + {{- if ne .Values.authPort .Values.wsAuthPort }} + - port: {{ .Values.wsAuthPort }} + targetPort: ws-auth-rpc protocol: TCP - name: auth-rpc + name: ws-auth-rpc + {{- end }} {{- if .Values.extraPorts }} {{ toYaml .Values.extraPorts | nindent 4}} {{- end }} diff --git a/charts/ethereumjs/templates/service.yaml b/charts/ethereumjs/templates/service.yaml index 6a66e533..5c1520b3 100644 --- a/charts/ethereumjs/templates/service.yaml +++ b/charts/ethereumjs/templates/service.yaml @@ -19,14 +19,22 @@ spec: targetPort: http-rpc protocol: TCP name: http-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if ne .Values.rpcPort .Values.wsPort }} - port: {{ .Values.wsPort }} targetPort: ws-rpc protocol: TCP name: ws-rpc - - port: {{ .Values.authPort }} - targetPort: auth-rpc + {{- end }} + {{- if ne .Values.authPort .Values.wsAuthPort }} + - port: {{ .Values.wsAuthPort }} + targetPort: ws-auth-rpc protocol: TCP - name: auth-rpc + name: ws-auth-rpc + {{- end }} {{- if .Values.extraPorts }} {{ toYaml .Values.extraPorts | nindent 4}} {{- end }} diff --git a/charts/ethereumjs/templates/statefulset.yaml b/charts/ethereumjs/templates/statefulset.yaml index 4b6890e0..a5162912 100644 --- a/charts/ethereumjs/templates/statefulset.yaml +++ b/charts/ethereumjs/templates/statefulset.yaml @@ -130,6 +130,9 @@ spec: - name: auth-rpc containerPort: {{ .Values.authPort }} protocol: TCP + - name: ws-auth-rpc + containerPort: {{ .Values.wsAuthPort }} + protocol: TCP livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: diff --git a/charts/ethereumjs/values.yaml b/charts/ethereumjs/values.yaml index 239737b2..169f1519 100644 --- a/charts/ethereumjs/values.yaml +++ b/charts/ethereumjs/values.yaml @@ -59,6 +59,8 @@ defaultCommandTemplate: | --rpcEngine --rpcEngineAddr=0.0.0.0 --rpcEnginePort={{ .Values.authPort }} + --wsEngineAddr=0.0.0.0 + --wsEnginePort={{ .Values.wsAuthPort }} {{- range .Values.extraArgs }} {{ tpl . $ }} {{- end }} @@ -138,11 +140,14 @@ readinessProbe: rpcPort: 8545 # -- WS Port -wsPort: 8546 +wsPort: 8545 # -- Engine Port (Auth Port) authPort: 8551 +# -- WS Engine Auth Port +wsAuthPort: 8551 + # -- Node selector for pods nodeSelector: {} From 60986fededa36927dcdf0c87a278d96d46bc30c0 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 16:08:10 +0200 Subject: [PATCH 11/23] erigon dropped externalcl flag --- charts/ethereum-node/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/ethereum-node/values.yaml b/charts/ethereum-node/values.yaml index df2cf955..ed6f4f00 100644 --- a/charts/ethereum-node/values.yaml +++ b/charts/ethereum-node/values.yaml @@ -110,7 +110,6 @@ erigon: {{- end }} {{- end -}} {{- end }} - --externalcl ethereumjs: enabled: false From 79d512c5fa010e963ca24fc8b2ff42f560ee36a5 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 17:13:51 +0200 Subject: [PATCH 12/23] add reth --- README.md | 1 + charts/reth/.helmignore | 23 ++ charts/reth/Chart.yaml | 13 + charts/reth/README.md | 123 +++++++ charts/reth/README.md.gotmpl | 40 +++ charts/reth/ci/default-values.yaml | 1 + charts/reth/templates/NOTES.txt | 0 charts/reth/templates/_cmd.tpl | 6 + charts/reth/templates/_helpers.tpl | 78 ++++ charts/reth/templates/clusterrole.yaml | 10 + charts/reth/templates/clusterrolebinding.yaml | 16 + charts/reth/templates/ingress.yaml | 61 ++++ .../reth/templates/poddisruptionbudget.yaml | 18 + charts/reth/templates/role.yaml | 10 + charts/reth/templates/rolebinding.yaml | 15 + charts/reth/templates/secret.yaml | 18 + charts/reth/templates/service-headless.yaml | 36 ++ .../reth/templates/service.p2p.nodeport.yaml | 30 ++ charts/reth/templates/service.yaml | 42 +++ charts/reth/templates/serviceaccount.yaml | 13 + charts/reth/templates/servicemonitor.yaml | 43 +++ charts/reth/templates/statefulset.yaml | 202 +++++++++++ .../reth/templates/tests/test-connection.yaml | 24 ++ charts/reth/values.yaml | 333 ++++++++++++++++++ 24 files changed, 1156 insertions(+) create mode 100644 charts/reth/.helmignore create mode 100644 charts/reth/Chart.yaml create mode 100644 charts/reth/README.md create mode 100644 charts/reth/README.md.gotmpl create mode 100644 charts/reth/ci/default-values.yaml create mode 100644 charts/reth/templates/NOTES.txt create mode 100644 charts/reth/templates/_cmd.tpl create mode 100644 charts/reth/templates/_helpers.tpl create mode 100644 charts/reth/templates/clusterrole.yaml create mode 100644 charts/reth/templates/clusterrolebinding.yaml create mode 100644 charts/reth/templates/ingress.yaml create mode 100644 charts/reth/templates/poddisruptionbudget.yaml create mode 100644 charts/reth/templates/role.yaml create mode 100644 charts/reth/templates/rolebinding.yaml create mode 100644 charts/reth/templates/secret.yaml create mode 100644 charts/reth/templates/service-headless.yaml create mode 100644 charts/reth/templates/service.p2p.nodeport.yaml create mode 100644 charts/reth/templates/service.yaml create mode 100644 charts/reth/templates/serviceaccount.yaml create mode 100644 charts/reth/templates/servicemonitor.yaml create mode 100644 charts/reth/templates/statefulset.yaml create mode 100644 charts/reth/templates/tests/test-connection.yaml create mode 100644 charts/reth/values.yaml diff --git a/README.md b/README.md index c06dd812..ed04e93d 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ Execution layer clients - [`ethereumjs`](charts/ethereumjs) - [`geth`](charts/geth) - [`nethermind`](charts/nethermind) +- ['reth'](charts/reth) Consensus layer clients diff --git a/charts/reth/.helmignore b/charts/reth/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/reth/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/reth/Chart.yaml b/charts/reth/Chart.yaml new file mode 100644 index 00000000..dcad42da --- /dev/null +++ b/charts/reth/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: reth +description: > + Reth (short for Rust Ethereum, pronunciation) is a new Ethereum full node implementation that is focused on being user-friendly, highly modular, as well as being fast and efficient. Reth is an Execution Layer (EL) and is compatible with all Ethereum Consensus Layer (CL) implementations that support the Engine API. It is originally built and driven forward by Paradigm, and is licensed under the Apache and MIT licenses. +home: https://www.paradigm.xyz/2022/12/reth +icon: https://github.com/paradigmxyz/reth/raw/main/assets/reth.jpg +sources: + - https://github.com/paradigmxyz/reth/ +type: application +version: 0.0.1 +maintainers: + - name: barnabasbusa + email: busa.barnabas@gmail.com diff --git a/charts/reth/README.md b/charts/reth/README.md new file mode 100644 index 00000000..b3646f09 --- /dev/null +++ b/charts/reth/README.md @@ -0,0 +1,123 @@ + +# reth + +![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Reth (short for Rust Ethereum, pronunciation) is a new Ethereum full node implementation that is focused on being user-friendly, highly modular, as well as being fast and efficient. Reth is an Execution Layer (EL) and is compatible with all Ethereum Consensus Layer (CL) implementations that support the Engine API. It is originally built and driven forward by Paradigm, and is licensed under the Apache and MIT licenses. + +**Homepage:** + +## Source Code + +* + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Affinity configuration for pods | +| annotations | object | `{}` | Annotations for the StatefulSet | +| authPort | int | `8551` | Engine Port (Auth Port) | +| containerSecurityContext | object | See `values.yaml` | The security context for containers | +| customCommand | list | `[]` | Legacy way of overwriting the default command. You may prefer to change defaultCommandTemplate instead. | +| defaultCommandTemplate | string | See `values.yaml` | Template used for the default command | +| extraArgs | list | `[]` | Extra args for the reth container | +| extraContainerPorts | list | `[]` | Additional ports for the main container | +| extraContainers | list | `[]` | Additional containers | +| extraEnv | list | `[]` | Additional env variables | +| extraPorts | list | `[]` | Additional ports. Useful when using extraContainers or extraContainerPorts | +| extraVolumeMounts | list | `[]` | Additional volume mounts | +| extraVolumes | list | `[]` | Additional volumes | +| fullnameOverride | string | `""` | Overrides the chart's computed fullname | +| httpPort | int | `8545` | HTTP Port | +| image.pullPolicy | string | `"IfNotPresent"` | reth container pull policy | +| image.repository | string | `"ethpandaops/reth"` | reth container image repository | +| image.tag | string | `"main"` | reth container image tag | +| imagePullSecrets | list | `[]` | Image pull secrets for Docker images | +| ingress.annotations | object | `{}` | Annotations for Ingress | +| ingress.enabled | bool | `false` | Ingress resource for the HTTP API | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | Ingress TLS | +| initChownData.enabled | bool | `true` | Init container to set the correct permissions to access data directories | +| initChownData.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| initChownData.image.repository | string | `"busybox"` | Container repository | +| initChownData.image.tag | string | `"1.34.0"` | Container tag | +| initChownData.resources | object | `{}` | Resource requests and limits | +| initContainers | list | `[]` | Additional init containers | +| jwt | string | `"ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a"` | JWT secret is attached as a secret object. Change this value. | +| livenessProbe | object | See `values.yaml` | Liveness probe | +| nameOverride | string | `""` | Overrides the chart's name | +| nodeSelector | object | `{}` | Node selector for pods | +| p2pNodePort.enabled | bool | `false` | Expose P2P port via NodePort | +| p2pNodePort.initContainer.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| p2pNodePort.initContainer.image.repository | string | `"lachlanevenson/k8s-kubectl"` | Container image to fetch nodeport information | +| p2pNodePort.initContainer.image.tag | string | `"v1.21.3"` | Container tag | +| p2pNodePort.port | int | `31000` | NodePort to be used | +| p2pNodePort.portForwardContainer.image.pullPolicy | string | `"IfNotPresent"` | Container pull policy | +| p2pNodePort.portForwardContainer.image.repository | string | `"alpine/socat"` | Container image for the port forwarder | +| p2pNodePort.portForwardContainer.image.tag | string | `"latest"` | Container tag | +| persistence.accessModes | list | `["ReadWriteOnce"]` | Access mode for the volume claim template | +| persistence.annotations | object | `{}` | Annotations for volume claim template | +| persistence.enabled | bool | `false` | Uses an EmptyDir when not enabled | +| persistence.existingClaim | string | `nil` | Use an existing PVC when persistence.enabled | +| persistence.selector | object | `{}` | Selector for volume claim template | +| persistence.size | string | `"20Gi"` | Requested size for volume claim template | +| persistence.storageClassName | string | `nil` | Use a specific storage class E.g 'local-path' for local storage to achieve best performance Read more (https://github.com/rancher/local-path-provisioner) | +| podAnnotations | object | `{}` | Pod annotations | +| podDisruptionBudget | object | `{}` | Define the PodDisruptionBudget spec If not set then a PodDisruptionBudget will not be created | +| podLabels | object | `{}` | Pod labels | +| podManagementPolicy | string | `"OrderedReady"` | Pod management policy | +| priorityClassName | string | `nil` | Pod priority class | +| rbac.clusterRules | list | See `values.yaml` | Required ClusterRole rules | +| rbac.create | bool | `true` | Specifies whether RBAC resources are to be created | +| rbac.rules | list | See `values.yaml` | Required ClusterRole rules | +| readinessProbe | object | See `values.yaml` | Readiness probe | +| replicas | int | `1` | Number of replicas | +| resources | object | `{}` | Resource requests and limits | +| secretEnv | object | `{}` | Additional env variables injected via a created secret | +| securityContext | object | See `values.yaml` | The security context for pods | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceMonitor.annotations | object | `{}` | Additional ServiceMonitor annotations | +| serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator | +| serviceMonitor.interval | string | `"1m"` | ServiceMonitor scrape interval | +| serviceMonitor.labels | object | `{}` | Additional ServiceMonitor labels | +| serviceMonitor.namespace | string | `nil` | Alternative namespace for ServiceMonitor | +| serviceMonitor.path | string | `"/debug/metrics/prometheus"` | Path to scrape | +| serviceMonitor.relabelings | list | `[]` | ServiceMonitor relabelings | +| serviceMonitor.scheme | string | `"http"` | ServiceMonitor scheme | +| serviceMonitor.scrapeTimeout | string | `"30s"` | ServiceMonitor scrape timeout | +| serviceMonitor.tlsConfig | object | `{}` | ServiceMonitor TLS configuration | +| terminationGracePeriodSeconds | int | `300` | How long to wait until the pod is forcefully terminated | +| tolerations | list | `[]` | Tolerations for pods | +| updateStrategy | object | `{"type":"RollingUpdate"}` | Update stategy for the Statefulset | +| updateStrategy.type | string | `"RollingUpdate"` | Update stategy type | +| wsAuthPort | int | `8551` | WS Engine Auth Port | +| wsPort | int | `8545` | WS Port | + +# Examples + +## Connecting to the goerli test network + +```yaml +extraArgs: + - --network=goerli +``` + +## Exposing the P2P service via NodePort + +This will make your node accessible via the Internet using a service of type [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport). +When using `p2pNodePort.enabled` the exposed IP address on your ENR record will be the "External IP" of the node where the pod is running. + +**Limitations:** You can only run a single replica per chart deployment when using `p2pNodePort.enabled=true`.If you need N nodes, simply deploy the chart N times. +Currently reth doesn't allow you to announce a a different discovery port, which would be a requirement to run multiple replicas within the same chart. + +```yaml +replicas: 1 + +p2pNodePort: + enabled: true + port: 31000 +``` diff --git a/charts/reth/README.md.gotmpl b/charts/reth/README.md.gotmpl new file mode 100644 index 00000000..081f1b7b --- /dev/null +++ b/charts/reth/README.md.gotmpl @@ -0,0 +1,40 @@ + +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +# Examples + +## Connecting to the goerli test network + +```yaml +extraArgs: + - --network=goerli +``` + +## Exposing the P2P service via NodePort + +This will make your node accessible via the Internet using a service of type [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport). +When using `p2pNodePort.enabled` the exposed IP address on your ENR record will be the "External IP" of the node where the pod is running. + +**Limitations:** You can only run a single replica per chart deployment when using `p2pNodePort.enabled=true`.If you need N nodes, simply deploy the chart N times. +Currently reth doesn't allow you to announce a a different discovery port, which would be a requirement to run multiple replicas within the same chart. + +```yaml +replicas: 1 + +p2pNodePort: + enabled: true + port: 31000 +``` diff --git a/charts/reth/ci/default-values.yaml b/charts/reth/ci/default-values.yaml new file mode 100644 index 00000000..7cf9a955 --- /dev/null +++ b/charts/reth/ci/default-values.yaml @@ -0,0 +1 @@ +# Leave empty so that CT tests with default values diff --git a/charts/reth/templates/NOTES.txt b/charts/reth/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/charts/reth/templates/_cmd.tpl b/charts/reth/templates/_cmd.tpl new file mode 100644 index 00000000..f88200aa --- /dev/null +++ b/charts/reth/templates/_cmd.tpl @@ -0,0 +1,6 @@ +{{/* +# Default command +*/}} +{{- define "reth.defaultCommand" -}} +{{- tpl .Values.defaultCommandTemplate . }} +{{- end }} diff --git a/charts/reth/templates/_helpers.tpl b/charts/reth/templates/_helpers.tpl new file mode 100644 index 00000000..b0783c8b --- /dev/null +++ b/charts/reth/templates/_helpers.tpl @@ -0,0 +1,78 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "reth.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "reth.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "reth.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "reth.labels" -}} +helm.sh/chart: {{ include "reth.chart" . }} +{{ include "reth.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "reth.selectorLabels" -}} +app.kubernetes.io/name: {{ include "reth.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "reth.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "reth.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "reth.p2pPort" -}} +{{- if .Values.p2pNodePort.enabled }} +{{- print .Values.p2pNodePort.port }} +{{- else }} +{{- printf "30303" -}} +{{- end }} +{{- end -}} + +{{- define "reth.replicas" -}} +{{- if .Values.p2pNodePort.enabled }} +{{- print 1 }} +{{ else }} +{{- print .Values.replicas }} +{{- end}} +{{- end -}} diff --git a/charts/reth/templates/clusterrole.yaml b/charts/reth/templates/clusterrole.yaml new file mode 100644 index 00000000..bc9169a8 --- /dev/null +++ b/charts/reth/templates/clusterrole.yaml @@ -0,0 +1,10 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "reth.serviceAccountName" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.clusterRules | nindent 0 }} +{{- end }} diff --git a/charts/reth/templates/clusterrolebinding.yaml b/charts/reth/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..2bf92409 --- /dev/null +++ b/charts/reth/templates/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "reth.serviceAccountName" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "reth.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "reth.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/reth/templates/ingress.yaml b/charts/reth/templates/ingress.yaml new file mode 100644 index 00000000..d73e068b --- /dev/null +++ b/charts/reth/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "reth.fullname" . -}} +{{- $svcPort := .Values.httpPort -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "reth.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/reth/templates/poddisruptionbudget.yaml b/charts/reth/templates/poddisruptionbudget.yaml new file mode 100644 index 00000000..8f02e3eb --- /dev/null +++ b/charts/reth/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ include "reth.fullname" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +spec: +{{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} +{{- end }} +{{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} +{{- end }} + selector: + matchLabels: + {{- include "reth.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/reth/templates/role.yaml b/charts/reth/templates/role.yaml new file mode 100644 index 00000000..1a06f9fc --- /dev/null +++ b/charts/reth/templates/role.yaml @@ -0,0 +1,10 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "reth.serviceAccountName" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +rules: +{{- toYaml .Values.rbac.rules | nindent 0 }} +{{- end }} diff --git a/charts/reth/templates/rolebinding.yaml b/charts/reth/templates/rolebinding.yaml new file mode 100644 index 00000000..591be226 --- /dev/null +++ b/charts/reth/templates/rolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "reth.serviceAccountName" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "reth.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ include "reth.serviceAccountName" . }} +{{- end }} diff --git a/charts/reth/templates/secret.yaml b/charts/reth/templates/secret.yaml new file mode 100644 index 00000000..1376538a --- /dev/null +++ b/charts/reth/templates/secret.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "reth.fullname" . }}-env + labels: + {{- include "reth.labels" . | nindent 4 }} +data: +{{- range $key, $value := .Values.secretEnv }} + {{ $key }}: {{ $value | b64enc }} +{{- end }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "reth.fullname" . }}-jwt +type: Opaque +data: + jwt.hex: {{ .Values.jwt | b64enc }} \ No newline at end of file diff --git a/charts/reth/templates/service-headless.yaml b/charts/reth/templates/service-headless.yaml new file mode 100644 index 00000000..55aec918 --- /dev/null +++ b/charts/reth/templates/service-headless.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "reth.fullname" . }}-headless + labels: + {{- include "reth.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - port: {{ include "reth.p2pPort" . }} + targetPort: p2p-tcp + protocol: TCP + name: p2p-tcp + - port: {{ include "reth.p2pPort" . }} + targetPort: p2p-udp + protocol: UDP + name: p2p-udp + - port: {{ .Values.httpPort }} + targetPort: http-rpc + protocol: TCP + name: http-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if ne .Values.httpPort .Values.wsPort }} + - port: {{ .Values.wsPort }} + targetPort: ws-rpc + protocol: TCP + name: ws-rpc + {{- end }} + {{- if .Values.extraPorts }} + {{ toYaml .Values.extraPorts | nindent 4}} + {{- end }} + selector: + {{- include "reth.selectorLabels" . | nindent 4 }} diff --git a/charts/reth/templates/service.p2p.nodeport.yaml b/charts/reth/templates/service.p2p.nodeport.yaml new file mode 100644 index 00000000..6640b98d --- /dev/null +++ b/charts/reth/templates/service.p2p.nodeport.yaml @@ -0,0 +1,30 @@ +{{- if .Values.p2pNodePort.enabled -}} + +{{- $port := $.Values.p2pNodePort.port -}} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "reth.fullname" $ }}-p2p-0 + labels: + {{- include "reth.labels" $ | nindent 4 }} + pod: {{ include "reth.fullname" $ }}-0 + type: p2p +spec: + type: NodePort + externalTrafficPolicy: Local + ports: + - name: p2p-tcp + port: {{ include "reth.p2pPort" $ }} + protocol: TCP + targetPort: p2p-tcp + nodePort: {{ $port }} + - name: p2p-udp + port: {{ include "reth.p2pPort" $ }} + protocol: UDP + targetPort: p2p-udp + nodePort: {{ $port }} + selector: + {{- include "reth.selectorLabels" $ | nindent 4 }} + statefulset.kubernetes.io/pod-name: "{{ include "reth.fullname" $ }}-0" +{{- end }} diff --git a/charts/reth/templates/service.yaml b/charts/reth/templates/service.yaml new file mode 100644 index 00000000..a5030b10 --- /dev/null +++ b/charts/reth/templates/service.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "reth.fullname" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: {{ include "reth.p2pPort" . }} + targetPort: p2p-tcp + protocol: TCP + name: p2p-tcp + - port: {{ include "reth.p2pPort" . }} + targetPort: p2p-udp + protocol: UDP + name: p2p-udp + - port: {{ .Values.httpPort }} + targetPort: http-rpc + protocol: TCP + name: http-rpc + - port: {{ .Values.authPort }} + targetPort: auth-rpc + protocol: TCP + name: auth-rpc + {{- if ne .Values.httpPort .Values.wsPort }} + - port: {{ .Values.wsPort }} + targetPort: ws-rpc + protocol: TCP + name: ws-rpc + {{- end }} + {{- if ne .Values.authPort .Values.wsAuthPort }} + - port: {{ .Values.wsAuthPort }} + targetPort: ws-auth-rpc + protocol: TCP + name: ws-auth-rpc + {{- end }} + {{- if .Values.extraPorts }} + {{ toYaml .Values.extraPorts | nindent 4}} + {{- end }} + selector: + {{- include "reth.selectorLabels" . | nindent 4 }} diff --git a/charts/reth/templates/serviceaccount.yaml b/charts/reth/templates/serviceaccount.yaml new file mode 100644 index 00000000..07e25217 --- /dev/null +++ b/charts/reth/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "reth.serviceAccountName" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/reth/templates/servicemonitor.yaml b/charts/reth/templates/servicemonitor.yaml new file mode 100644 index 00000000..b8329849 --- /dev/null +++ b/charts/reth/templates/servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "reth.serviceAccountName" . }} + {{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "reth.labels" . | nindent 4 }} + {{- if .Values.serviceMonitor.labels }} + {{- toYaml .Values.serviceMonitor.labels | nindent 4 }} + {{- end }} + {{- if .Values.serviceMonitor.annotations }} + annotations: + {{ toYaml .Values.serviceMonitor.annotations | nindent 4 }} + {{- end }} +spec: + endpoints: + - interval: {{ .Values.serviceMonitor.interval }} + {{- if .Values.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + {{- end }} + honorLabels: true + port: metrics + path: {{ .Values.serviceMonitor.path }} + scheme: {{ .Values.serviceMonitor.scheme }} + {{- if .Values.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml .Values.serviceMonitor.tlsConfig | nindent 6 }} + {{- end }} + {{- if .Values.serviceMonitor.relabelings }} + relabelings: + {{- toYaml .Values.serviceMonitor.relabelings | nindent 4 }} + {{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "reth.selectorLabels" . | nindent 8 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/charts/reth/templates/statefulset.yaml b/charts/reth/templates/statefulset.yaml new file mode 100644 index 00000000..4644d6fe --- /dev/null +++ b/charts/reth/templates/statefulset.yaml @@ -0,0 +1,202 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "reth.fullname" . }} + labels: + {{- include "reth.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.annotations | nindent 4 }} +spec: + podManagementPolicy: {{ .Values.podManagementPolicy }} + replicas: {{ include "reth.replicas" . }} + selector: + matchLabels: + {{- include "reth.selectorLabels" . | nindent 6 }} + serviceName: {{ include "reth.fullname" . }}-headless + updateStrategy: + {{- toYaml .Values.updateStrategy | nindent 4 }} + template: + metadata: + labels: + {{- include "reth.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/secrets: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "reth.serviceAccountName" . }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + securityContext: + {{- toYaml .Values.securityContext | nindent 8 }} + initContainers: + {{- if .Values.initContainers }} + {{- tpl (toYaml .Values.initContainers | nindent 8) $ }} + {{- end }} + {{- if .Values.p2pNodePort.enabled }} + - name: init-nodeport + image: "{{ .Values.p2pNodePort.initContainer.image.repository }}:{{ .Values.p2pNodePort.initContainer.image.tag }}" + imagePullPolicy: {{.Values.p2pNodePort.initContainer.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: + - sh + - -c + - > + export EXTERNAL_PORT=$(kubectl get services -l "pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); + export EXTERNAL_IP=$(kubectl get nodes "${NODE_NAME}" -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}'); + echo "EXTERNAL_PORT=$EXTERNAL_PORT" > /env/init-nodeport; + echo "EXTERNAL_IP=$EXTERNAL_IP" >> /env/init-nodeport; + cat /env/init-nodeport; + volumeMounts: + - name: env-nodeport + mountPath: /env + {{- end }} + {{- if .Values.initChownData.enabled }} + - name: init-chown-data + image: "{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}" + imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }}", "/data"] + resources: + {{ toYaml .Values.initChownData.resources | nindent 12 }} + volumeMounts: + - name: storage + mountPath: "/data" + {{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + {{- if gt (len .Values.customCommand) 0 }} + {{- toYaml .Values.customCommand | nindent 12}} + {{- else }} + {{- include "reth.defaultCommand" . | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 12 }} + volumeMounts: + {{- if .Values.extraVolumeMounts }} + {{ toYaml .Values.extraVolumeMounts | nindent 12}} + {{- end }} + {{- if .Values.p2pNodePort.enabled }} + - name: env-nodeport + mountPath: /env + {{- end }} + - name: storage + mountPath: "/data" + - name: jwt + mountPath: "/data/jwt.hex" + subPath: jwt.hex + readOnly: true + ports: + {{- if .Values.extraContainerPorts }} + {{ toYaml .Values.extraContainerPorts | nindent 12}} + {{- end }} + - name: p2p-tcp + containerPort: {{ include "reth.p2pPort" . }} + protocol: TCP + - name: p2p-udp + containerPort: {{ include "reth.p2pPort" . }} + protocol: UDP + - name: http-rpc + containerPort: {{ .Values.httpPort }} + protocol: TCP + - name: ws-rpc + containerPort: {{ .Values.wsPort }} + protocol: TCP + - name: auth-rpc + containerPort: {{ .Values.authPort }} + protocol: TCP + - name: ws-auth-rpc + containerPort: {{ .Values.wsAuthPort }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- range $key, $value := .Values.secretEnv }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ include "reth.fullname" $ }}-env + key: {{ $key }} + {{- end }} + {{- if .Values.extraEnv }} + {{- toYaml .Values.extraEnv | nindent 12 }} + {{- end }} + {{- if .Values.extraContainers }} + {{ tpl (toYaml .Values.extraContainers | nindent 8) $ }} + {{- end }} + nodeSelector: + {{- toYaml .Values.nodeSelector | nindent 8 }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + tolerations: + {{- toYaml .Values.tolerations | nindent 8 }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + volumes: + - name: jwt + secret: + secretName: {{ include "reth.fullname" . }}-jwt + {{- if .Values.p2pNodePort.enabled }} + - name: env-nodeport + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{ toYaml .Values.extraVolumes | nindent 8}} + {{- end }} + {{- if not .Values.persistence.enabled }} + - name: storage + emptyDir: {} + {{- else if .Values.persistence.existingClaim }} + - name: storage + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim }} + {{- else }} + volumeClaimTemplates: + - metadata: + name: storage + annotations: + {{- toYaml .Values.persistence.annotations | nindent 8 }} + spec: + accessModes: + {{- toYaml .Values.persistence.accessModes | nindent 8 }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + storageClassName: {{ .Values.persistence.storageClassName }} + {{- if .Values.persistence.selector }} + selector: + {{- toYaml .Values.persistence.selector | nindent 8 }} + {{- end }} + {{- end }} diff --git a/charts/reth/templates/tests/test-connection.yaml b/charts/reth/templates/tests/test-connection.yaml new file mode 100644 index 00000000..e774ca95 --- /dev/null +++ b/charts/reth/templates/tests/test-connection.yaml @@ -0,0 +1,24 @@ + +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "reth.fullname" . }}-test-connection" + labels: + {{- include "reth.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: curl + image: curlimages/curl + command: ['curl'] + args: + - --location + - --request + - POST + - '{{ include "reth.fullname" . }}:{{ .Values.httpPort }}/' + - --header + - 'Content-Type: application/json' + - --data-raw + - '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":67}' + restartPolicy: Never diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml new file mode 100644 index 00000000..eefe8f06 --- /dev/null +++ b/charts/reth/values.yaml @@ -0,0 +1,333 @@ +# -- Overrides the chart's name +nameOverride: "" + +# -- Overrides the chart's computed fullname +fullnameOverride: "" + +# -- Number of replicas +replicas: 1 + +image: + # -- reth container image repository + repository: ethpandaops/reth + # -- reth container image tag + tag: main + # -- reth container pull policy + pullPolicy: IfNotPresent + +# -- Extra args for the reth container +extraArgs: [] + #- --network=goerli + +# -- JWT secret is attached as a secret object. Change this value. +jwt: ecb22bc24e7d4061f7ed690ccd5846d7d73f5d2b9733267e12f56790398d908a + +# -- Template used for the default command +# @default -- See `values.yaml` +defaultCommandTemplate: | + - sh + - -ac + - > + {{- if .Values.p2pNodePort.enabled }} + . /env/init-nodeport; + {{- end }} + /usr/local/bin/reth node + --db=/data + {{- if .Values.p2pNodePort.enabled }} + {{- if not (contains "--nat=" (.Values.extraArgs | join ",")) }} + --nat=extip:$EXTERNAL_IP + {{- end }} + {{- if not (contains "--port=" (.Values.extraArgs | join ",")) }} + --port=$EXTERNAL_PORT + {{- end }} + {{- else }} + {{- if not (contains "--nat=" (.Values.extraArgs | join ",")) }} + --nat=extip:$(POD_IP) + {{- end }} + {{- if not (contains "--port=" (.Values.extraArgs | join ",")) }} + --port={{ include "reth.p2pPort" . }} + {{- end }} + {{- end }} + --http + --http.addr=0.0.0.0 + --http.port={{ .Values.httpPort }} + --http.corsdomain=* + --ws + --ws.addr=0.0.0.0 + --ws.port={{ .Values.wsPort }} + --ws.origins=* + --authrpc.jwtsecret=/data/jwt.hex + --authrpc.addr=0.0.0.0 + --authrpc.port={{ .Values.authPort }} + {{- range .Values.extraArgs }} + {{ tpl . $ }} + {{- end }} + +# -- Legacy way of overwriting the default command. You may prefer to change defaultCommandTemplate instead. +customCommand: [] + +# When p2pNodePort is enabled, your P2P port will be exposed via service type NodePort. +# This is useful if you want to expose and announce your node to the Internet. +# Limitation: You can only one have one replica when exposing via NodePort. +# Check the chart README.md for more details +p2pNodePort: + # -- Expose P2P port via NodePort + enabled: false + # -- NodePort to be used + port: 31000 + initContainer: + image: + # -- Container image to fetch nodeport information + repository: lachlanevenson/k8s-kubectl + # -- Container tag + tag: v1.21.3 + # -- Container pull policy + pullPolicy: IfNotPresent + portForwardContainer: + image: + # -- Container image for the port forwarder + repository: alpine/socat + # -- Container tag + tag: latest + # -- Container pull policy + pullPolicy: IfNotPresent + +ingress: + # -- Ingress resource for the HTTP API + enabled: false + # -- Annotations for Ingress + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # -- Ingress host + hosts: + - host: chart-example.local + paths: [] + # -- Ingress TLS + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# -- Affinity configuration for pods +affinity: {} + +# -- Image pull secrets for Docker images +imagePullSecrets: [] + +# -- Annotations for the StatefulSet +annotations: {} + +# -- Liveness probe +# @default -- See `values.yaml` +livenessProbe: + tcpSocket: + port: http-rpc + initialDelaySeconds: 60 + periodSeconds: 120 + +# -- Readiness probe +# @default -- See `values.yaml` +readinessProbe: + tcpSocket: + port: http-rpc + initialDelaySeconds: 10 + periodSeconds: 10 + +# -- HTTP Port +httpPort: 8545 + +# -- WS Port +wsPort: 8545 + +# -- Engine Port (Auth Port) +authPort: 8551 + +# -- WS Engine Auth Port +wsAuthPort: 8551 + +# -- Node selector for pods +nodeSelector: {} + +persistence: + # -- Uses an EmptyDir when not enabled + enabled: false + # -- Use an existing PVC when persistence.enabled + existingClaim: null + # -- Access mode for the volume claim template + accessModes: + - ReadWriteOnce + # -- Requested size for volume claim template + size: 20Gi + # -- Use a specific storage class + # E.g 'local-path' for local storage to achieve best performance + # Read more (https://github.com/rancher/local-path-provisioner) + storageClassName: null + # -- Annotations for volume claim template + annotations: {} + # -- Selector for volume claim template + selector: {} + # matchLabels: + # app.kubernetes.io/name: something + +# -- Pod labels +podLabels: {} + +# -- Pod annotations +podAnnotations: {} + +# -- Pod management policy +podManagementPolicy: OrderedReady + +# -- Pod priority class +priorityClassName: null + +rbac: + # -- Specifies whether RBAC resources are to be created + create: true + # -- Required ClusterRole rules + # @default -- See `values.yaml` + clusterRules: + # Required to obtain the nodes external IP + - apiGroups: [""] + resources: + - nodes + verbs: + - get + - list + - watch + # -- Required ClusterRole rules + # @default -- See `values.yaml` + rules: + # Required to get information about the serices nodePort. + - apiGroups: [""] + resources: + - services + verbs: + - get + - list + - watch + +# -- Resource requests and limits +resources: {} +# limits: +# cpu: 500m +# memory: 2Gi +# requests: +# cpu: 300m +# memory: 1Gi + +# -- The security context for pods +# @default -- See `values.yaml` +securityContext: + fsGroup: 10001 + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + +# -- The security context for containers +# @default -- See `values.yaml` +containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- How long to wait until the pod is forcefully terminated +terminationGracePeriodSeconds: 300 + +# -- Tolerations for pods +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +# -- Define the PodDisruptionBudget spec +# If not set then a PodDisruptionBudget will not be created +podDisruptionBudget: {} +# minAvailable: 1 +# maxUnavailable: 1 + +# -- Update stategy for the Statefulset +updateStrategy: + # -- Update stategy type + type: RollingUpdate + +# -- Additional init containers +initContainers: [] +# - name: my-init-container +# image: busybox:latest +# command: ['sh', '-c', 'echo hello'] + +# -- Additional containers +extraContainers: [] + +# -- Additional volumes +extraVolumes: [] + +# -- Additional volume mounts +extraVolumeMounts: [] + +# -- Additional ports. Useful when using extraContainers or extraContainerPorts +extraPorts: [] + +# -- Additional ports for the main container +extraContainerPorts: [] + +# -- Additional env variables +extraEnv: [] + +# -- Additional env variables injected via a created secret +secretEnv: {} +# MY_PASSWORD: supersecret + +initChownData: + # -- Init container to set the correct permissions to access data directories + enabled: true + image: + # -- Container repository + repository: busybox + # -- Container tag + tag: 1.34.0 + # -- Container pull policy + pullPolicy: IfNotPresent + # -- Resource requests and limits + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +serviceMonitor: + # -- If true, a ServiceMonitor CRD is created for a prometheus operator + # https://github.com/coreos/prometheus-operator + enabled: false + # -- Path to scrape + path: /debug/metrics/prometheus + # -- Alternative namespace for ServiceMonitor + namespace: null + # -- Additional ServiceMonitor labels + labels: {} + # -- Additional ServiceMonitor annotations + annotations: {} + # -- ServiceMonitor scrape interval + interval: 1m + # -- ServiceMonitor scheme + scheme: http + # -- ServiceMonitor TLS configuration + tlsConfig: {} + # -- ServiceMonitor scrape timeout + scrapeTimeout: 30s + # -- ServiceMonitor relabelings + relabelings: [] From b83f3552873857c28a3e240b73ed9439209245f6 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 17:19:52 +0200 Subject: [PATCH 13/23] add reth to combined chart --- .../ci/clients/execution/reth.yaml | 2 ++ charts/ethereum-node/templates/NOTES.txt | 4 ++++ charts/ethereum-node/values.yaml | 21 +++++++++++++++++++ 3 files changed, 27 insertions(+) create mode 100644 charts/ethereum-node/ci/clients/execution/reth.yaml diff --git a/charts/ethereum-node/ci/clients/execution/reth.yaml b/charts/ethereum-node/ci/clients/execution/reth.yaml new file mode 100644 index 00000000..ea10e8b0 --- /dev/null +++ b/charts/ethereum-node/ci/clients/execution/reth.yaml @@ -0,0 +1,2 @@ +reth: + enabled: true diff --git a/charts/ethereum-node/templates/NOTES.txt b/charts/ethereum-node/templates/NOTES.txt index 44329474..907679ed 100644 --- a/charts/ethereum-node/templates/NOTES.txt +++ b/charts/ethereum-node/templates/NOTES.txt @@ -30,6 +30,10 @@ To learn more about the release, try: {{ $elCount = add1 $elCount -}} {{ $elName = "nethermind" -}} {{- end -}} +{{- if .Values.reth.enabled -}} +{{ $elCount = add1 $elCount -}} +{{ $elName = "reth" -}} +{{- end -}} {{- $clName := "" -}} {{- $clCount := 0 | int -}} diff --git a/charts/ethereum-node/values.yaml b/charts/ethereum-node/values.yaml index ed6f4f00..18e867c0 100644 --- a/charts/ethereum-node/values.yaml +++ b/charts/ethereum-node/values.yaml @@ -19,6 +19,7 @@ global: ethereumjs: [] geth: [] nethermind: [] + reth: [] consensus: lighthouse: [] lodestar: [] @@ -37,6 +38,8 @@ global: - --goerli nethermind: - --config=goerli + reth: + - --chain=goerli consensus: lighthouse: - --network=goerli @@ -60,6 +63,8 @@ global: - --sepolia nethermind: - --config=sepolia + reth: + - --chain=sepolia consensus: lighthouse: - --network=sepolia @@ -159,6 +164,22 @@ nethermind: {{- end -}} {{- end }} +reth: + enabled: false + nameOverride: execution + httpPort: 8545 + extraArgs: + - >- + {{- with( index .Values.global.clientArgs.networks .Values.global.main.network ) }} + {{- range $i, $v := .execution.reth }} + {{- if (eq $i 0) }} + {{- $v }} + {{- else }} + {{ $v }} + {{- end }} + {{- end -}} + {{- end }} + ######################## ### ### Consensus clients From 610bf1af82bd6fdd7e1d85384ade9119be4dd41f Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 17:25:13 +0200 Subject: [PATCH 14/23] combined chart fix --- charts/ethereum-node/Chart.lock | 7 +++++-- charts/ethereum-node/Chart.yaml | 7 ++++++- charts/ethereum-node/README.md | 3 ++- charts/ethereum-node/values.yaml | 4 ++-- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/charts/ethereum-node/Chart.lock b/charts/ethereum-node/Chart.lock index 5bf101e0..4905e7d6 100644 --- a/charts/ethereum-node/Chart.lock +++ b/charts/ethereum-node/Chart.lock @@ -14,6 +14,9 @@ dependencies: - name: nethermind repository: file://../nethermind version: 1.0.2 +- name: reth + repository: file://../reth + version: 0.0.1 - name: lighthouse repository: file://../lighthouse version: 1.0.2 @@ -35,5 +38,5 @@ dependencies: - name: xatu-sentry repository: file://../xatu-sentry version: 0.0.6 -digest: sha256:1ace42c8a9868c6ca5d83823c8758264684c730663f024ec6c8325752dc99c34 -generated: "2023-05-01T14:37:42.892842+02:00" +digest: sha256:9967a2ef243e97f0ec6f9a429a8380561f959c3c8e5cf290b5de1ee016d72002 +generated: "2023-05-01T17:23:34.804329+02:00" diff --git a/charts/ethereum-node/Chart.yaml b/charts/ethereum-node/Chart.yaml index 4aa27c1c..e649bec2 100644 --- a/charts/ethereum-node/Chart.yaml +++ b/charts/ethereum-node/Chart.yaml @@ -8,7 +8,7 @@ icon: https://avatars.githubusercontent.com/u/6250754?s=200&v=4 sources: - https://github.com/ethpandaops/ethereum-helm-charts type: application -version: 0.0.2 +version: 0.0.3 maintainers: - name: skylenet email: rafael@skyle.net @@ -39,6 +39,11 @@ dependencies: #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../nethermind" condition: nethermind.enabled +- name: reth + version: "0.0.1" + #repository: "https://ethpandaops.github.io/ethereum-helm-charts" + repository: "file://../reth" + condition: reth.enabled - name: lighthouse version: "1.0.2" diff --git a/charts/ethereum-node/README.md b/charts/ethereum-node/README.md index 00536d21..4f376d09 100644 --- a/charts/ethereum-node/README.md +++ b/charts/ethereum-node/README.md @@ -1,7 +1,7 @@ # ethereum-node -![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) This chart acts as an umbrella chart and allows to run a ethereum execution and consensus layer client. It's also able to deploy optional monitoring applications. @@ -24,6 +24,7 @@ This chart acts as an umbrella chart and allows to run a ethereum execution and | file://../nethermind | nethermind | 1.0.2 | | file://../nimbus | nimbus | 1.0.2 | | file://../prysm | prysm | 1.0.2 | +| file://../reth | reth | 0.0.1 | | file://../teku | teku | 1.0.2 | | file://../xatu-sentry | xatu-sentry | 0.0.6 | diff --git a/charts/ethereum-node/values.yaml b/charts/ethereum-node/values.yaml index 18e867c0..2a40bf2a 100644 --- a/charts/ethereum-node/values.yaml +++ b/charts/ethereum-node/values.yaml @@ -38,7 +38,7 @@ global: - --goerli nethermind: - --config=goerli - reth: + reth: - --chain=goerli consensus: lighthouse: @@ -63,7 +63,7 @@ global: - --sepolia nethermind: - --config=sepolia - reth: + reth: - --chain=sepolia consensus: lighthouse: From 91ddc61b5ad235f49cc11dbb66524e1f42d3ece7 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 17:57:53 +0200 Subject: [PATCH 15/23] add config.toml --- charts/reth/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml index eefe8f06..7996ff74 100644 --- a/charts/reth/values.yaml +++ b/charts/reth/values.yaml @@ -33,6 +33,7 @@ defaultCommandTemplate: | {{- end }} /usr/local/bin/reth node --db=/data + --config=/data/config.toml {{- if .Values.p2pNodePort.enabled }} {{- if not (contains "--nat=" (.Values.extraArgs | join ",")) }} --nat=extip:$EXTERNAL_IP From e817f193fa2374e255a3f83df3335a3b5c47d59f Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Mon, 1 May 2023 18:03:48 +0200 Subject: [PATCH 16/23] add reth to ci --- .github/workflows/test-ethereum-node.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-ethereum-node.yaml b/.github/workflows/test-ethereum-node.yaml index 77795865..61651024 100644 --- a/.github/workflows/test-ethereum-node.yaml +++ b/.github/workflows/test-ethereum-node.yaml @@ -14,7 +14,7 @@ jobs: fail-fast: false matrix: consensus: [teku, prysm, lighthouse, nimbus, lodestar] - execution: [geth, nethermind, erigon, besu] + execution: [geth, nethermind, erigon, besu, ethereumjs, reth] network: [sepolia, mainnet] steps: - name: Checkout From ef4247300221706209b353aa85c85baded7bec09 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Tue, 2 May 2023 23:55:11 +0200 Subject: [PATCH 17/23] Update values.yaml dir to datadir --- charts/reth/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml index 7996ff74..7c7a03ff 100644 --- a/charts/reth/values.yaml +++ b/charts/reth/values.yaml @@ -32,7 +32,7 @@ defaultCommandTemplate: | . /env/init-nodeport; {{- end }} /usr/local/bin/reth node - --db=/data + --datadir=/data --config=/data/config.toml {{- if .Values.p2pNodePort.enabled }} {{- if not (contains "--nat=" (.Values.extraArgs | join ",")) }} From 619cca6b438cab812400d8d071b29b8d1b5f6cbb Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 12:28:42 +0200 Subject: [PATCH 18/23] update corsdomain for ws to match http Signed-off-by: Barnabas Busa --- charts/reth/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml index 7c7a03ff..64ecfe51 100644 --- a/charts/reth/values.yaml +++ b/charts/reth/values.yaml @@ -53,9 +53,11 @@ defaultCommandTemplate: | --http.addr=0.0.0.0 --http.port={{ .Values.httpPort }} --http.corsdomain=* + --http.origins=* --ws --ws.addr=0.0.0.0 --ws.port={{ .Values.wsPort }} + --ws.corsdomain=* --ws.origins=* --authrpc.jwtsecret=/data/jwt.hex --authrpc.addr=0.0.0.0 From 6d117f187a49aa788a73578c353132ed45af60c1 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 12:39:04 +0200 Subject: [PATCH 19/23] Update values.yaml Signed-off-by: Barnabas Busa --- charts/reth/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml index 64ecfe51..0f6faab1 100644 --- a/charts/reth/values.yaml +++ b/charts/reth/values.yaml @@ -53,7 +53,6 @@ defaultCommandTemplate: | --http.addr=0.0.0.0 --http.port={{ .Values.httpPort }} --http.corsdomain=* - --http.origins=* --ws --ws.addr=0.0.0.0 --ws.port={{ .Values.wsPort }} From 71d4d9ce4a284ff8764c07881604f4b494ad4a44 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 14:10:02 +0200 Subject: [PATCH 20/23] update reth values files --- charts/reth/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/reth/values.yaml b/charts/reth/values.yaml index 0f6faab1..7c7a03ff 100644 --- a/charts/reth/values.yaml +++ b/charts/reth/values.yaml @@ -56,7 +56,6 @@ defaultCommandTemplate: | --ws --ws.addr=0.0.0.0 --ws.port={{ .Values.wsPort }} - --ws.corsdomain=* --ws.origins=* --authrpc.jwtsecret=/data/jwt.hex --authrpc.addr=0.0.0.0 From 56f5880264b542c02f7ec45d6813a38f9ae4e2ba Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 16:17:19 +0200 Subject: [PATCH 21/23] bump ethereum-node charts version --- charts/ethereum-node/Chart.yaml | 2 +- charts/ethereum-node/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/ethereum-node/Chart.yaml b/charts/ethereum-node/Chart.yaml index 06d20639..e649bec2 100644 --- a/charts/ethereum-node/Chart.yaml +++ b/charts/ethereum-node/Chart.yaml @@ -8,7 +8,7 @@ icon: https://avatars.githubusercontent.com/u/6250754?s=200&v=4 sources: - https://github.com/ethpandaops/ethereum-helm-charts type: application -version: 0.0.2 +version: 0.0.3 maintainers: - name: skylenet email: rafael@skyle.net diff --git a/charts/ethereum-node/README.md b/charts/ethereum-node/README.md index e9557dfa..4f376d09 100644 --- a/charts/ethereum-node/README.md +++ b/charts/ethereum-node/README.md @@ -1,7 +1,7 @@ # ethereum-node -![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) This chart acts as an umbrella chart and allows to run a ethereum execution and consensus layer client. It's also able to deploy optional monitoring applications. From 39fe430801dd5188126c2537575df29dbe89e3a6 Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 16:23:14 +0200 Subject: [PATCH 22/23] bump ethereum-node charts version --- charts/ethereum-node/Chart.lock | 42 --------------------------------- charts/ethereum-node/Chart.yaml | 10 ++++---- charts/ethereum-node/README.md | 10 ++++---- 3 files changed, 10 insertions(+), 52 deletions(-) delete mode 100644 charts/ethereum-node/Chart.lock diff --git a/charts/ethereum-node/Chart.lock b/charts/ethereum-node/Chart.lock deleted file mode 100644 index 4905e7d6..00000000 --- a/charts/ethereum-node/Chart.lock +++ /dev/null @@ -1,42 +0,0 @@ -dependencies: -- name: besu - repository: file://../besu - version: 1.0.2 -- name: erigon - repository: file://../erigon - version: 1.0.2 -- name: ethereumjs - repository: file://../ethereumjs - version: 0.0.1 -- name: geth - repository: file://../geth - version: 1.0.2 -- name: nethermind - repository: file://../nethermind - version: 1.0.2 -- name: reth - repository: file://../reth - version: 0.0.1 -- name: lighthouse - repository: file://../lighthouse - version: 1.0.2 -- name: teku - repository: file://../teku - version: 1.0.2 -- name: prysm - repository: file://../prysm - version: 1.0.2 -- name: nimbus - repository: file://../nimbus - version: 1.0.2 -- name: lodestar - repository: file://../lodestar - version: 1.0.2 -- name: ethereum-metrics-exporter - repository: file://../ethereum-metrics-exporter - version: 0.1.3 -- name: xatu-sentry - repository: file://../xatu-sentry - version: 0.0.6 -digest: sha256:9967a2ef243e97f0ec6f9a429a8380561f959c3c8e5cf290b5de1ee016d72002 -generated: "2023-05-01T17:23:34.804329+02:00" diff --git a/charts/ethereum-node/Chart.yaml b/charts/ethereum-node/Chart.yaml index e649bec2..fa8f468a 100644 --- a/charts/ethereum-node/Chart.yaml +++ b/charts/ethereum-node/Chart.yaml @@ -20,7 +20,7 @@ dependencies: repository: "file://../besu" condition: besu.enabled - name: erigon - version: "1.0.2" + version: "1.0.3" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../erigon" condition: erigon.enabled @@ -30,12 +30,12 @@ dependencies: repository: "file://../ethereumjs" condition: ethereumjs.enabled - name: geth - version: "1.0.2" + version: "1.0.3" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../geth" condition: geth.enabled - name: nethermind - version: "1.0.2" + version: "1.0.3" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../nethermind" condition: nethermind.enabled @@ -61,12 +61,12 @@ dependencies: repository: "file://../prysm" condition: prysm.enabled - name: nimbus - version: "1.0.2" + version: "1.0.3" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../nimbus" condition: nimbus.enabled - name: lodestar - version: "1.0.2" + version: "1.0.3" #repository: "https://ethpandaops.github.io/ethereum-helm-charts" repository: "file://../lodestar" condition: lodestar.enabled diff --git a/charts/ethereum-node/README.md b/charts/ethereum-node/README.md index 4f376d09..9b7fbc43 100644 --- a/charts/ethereum-node/README.md +++ b/charts/ethereum-node/README.md @@ -15,14 +15,14 @@ This chart acts as an umbrella chart and allows to run a ethereum execution and | Repository | Name | Version | |------------|------|---------| | file://../besu | besu | 1.0.2 | -| file://../erigon | erigon | 1.0.2 | +| file://../erigon | erigon | 1.0.3 | | file://../ethereum-metrics-exporter | ethereum-metrics-exporter | 0.1.3 | | file://../ethereumjs | ethereumjs | 0.0.1 | -| file://../geth | geth | 1.0.2 | +| file://../geth | geth | 1.0.3 | | file://../lighthouse | lighthouse | 1.0.2 | -| file://../lodestar | lodestar | 1.0.2 | -| file://../nethermind | nethermind | 1.0.2 | -| file://../nimbus | nimbus | 1.0.2 | +| file://../lodestar | lodestar | 1.0.3 | +| file://../nethermind | nethermind | 1.0.3 | +| file://../nimbus | nimbus | 1.0.3 | | file://../prysm | prysm | 1.0.2 | | file://../reth | reth | 0.0.1 | | file://../teku | teku | 1.0.2 | From 73a79f6bfe4d818e7dcb1aab518285cbdbce023a Mon Sep 17 00:00:00 2001 From: Barnabas Busa Date: Wed, 3 May 2023 16:24:32 +0200 Subject: [PATCH 23/23] bump ethereum-node charts version --- charts/ethereum-node/Chart.lock | 42 +++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 charts/ethereum-node/Chart.lock diff --git a/charts/ethereum-node/Chart.lock b/charts/ethereum-node/Chart.lock new file mode 100644 index 00000000..c2467041 --- /dev/null +++ b/charts/ethereum-node/Chart.lock @@ -0,0 +1,42 @@ +dependencies: +- name: besu + repository: file://../besu + version: 1.0.2 +- name: erigon + repository: file://../erigon + version: 1.0.3 +- name: ethereumjs + repository: file://../ethereumjs + version: 0.0.1 +- name: geth + repository: file://../geth + version: 1.0.3 +- name: nethermind + repository: file://../nethermind + version: 1.0.3 +- name: reth + repository: file://../reth + version: 0.0.1 +- name: lighthouse + repository: file://../lighthouse + version: 1.0.2 +- name: teku + repository: file://../teku + version: 1.0.2 +- name: prysm + repository: file://../prysm + version: 1.0.2 +- name: nimbus + repository: file://../nimbus + version: 1.0.3 +- name: lodestar + repository: file://../lodestar + version: 1.0.3 +- name: ethereum-metrics-exporter + repository: file://../ethereum-metrics-exporter + version: 0.1.3 +- name: xatu-sentry + repository: file://../xatu-sentry + version: 0.0.6 +digest: sha256:4ded3507f762751a56fc62d8cc16e0951277f74686bd662218ac8184cc00c6fc +generated: "2023-05-03T14:24:19.101996674Z"