Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add websocket for celestia-node #14

Closed
wants to merge 15 commits into from
Closed

feat: add websocket for celestia-node #14

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
f68d5e2
add p2p webtransport port
aWN4Y25pa2EK Jul 11, 2024
c64609e
add p2p webtransport port
aWN4Y25pa2EK Jul 11, 2024
e9cfe93
add p2p webtransport port
aWN4Y25pa2EK Jul 11, 2024
0ba113a
add websocket support
aWN4Y25pa2EK Jul 11, 2024
ea3dd40
add websocket support
aWN4Y25pa2EK Jul 11, 2024
49e2972
add websocket support
aWN4Y25pa2EK Jul 11, 2024
ca6caee
add websocket support
aWN4Y25pa2EK Jul 17, 2024
5aff279
add wss unique secret name
aWN4Y25pa2EK Aug 5, 2024
a2e3756
add wss unique secret name
aWN4Y25pa2EK Aug 5, 2024
ed12297
add wss unique secret name
aWN4Y25pa2EK Aug 5, 2024
b7e4367
add wss unique secret name
aWN4Y25pa2EK Aug 5, 2024
6d4fc64
Update examples/celestia-node/lunar-bridge-6.yaml
aWN4Y25pa2EK Aug 7, 2024
655b529
add booleand for wssTLS volume mount
aWN4Y25pa2EK Aug 7, 2024
55e3fb6
add booleand for wssTLS volume mount
aWN4Y25pa2EK Aug 7, 2024
dd8a8de
Merge branch 'task/add-web-socket' of github.com:celestiaorg/helm-cha…
aWN4Y25pa2EK Aug 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions charts/celestia-node/templates/service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,19 @@ spec:
loadBalancerIP: {{ .Values.service.external.loadBalancerIP }}
{{- end }}
ports:
{{- if .Values.service.external.ports.ws }}
- name: p2p-ws
port: {{ .Values.service.external.ports.ws }}
{{- if not (eq .Values.service.external.ports.ws .Values.node.containerPorts.ws) }}
targetPort: {{ .Values.node.containerPorts.ws }}
{{- end }}
protocol: TCP
{{- if and (or (eq .Values.service.external.type "NodePort") (eq .Values.service.external.type "LoadBalancer")) (not (empty .Values.service.external.nodePorts.ws)) }}
nodePort: {{ .Values.service.external.nodePorts.ws }}
{{- else if eq .Values.service.external.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- end }}
{{- if .Values.service.external.ports.p2p }}
- name: p2p-tcp
port: {{ .Values.service.external.ports.p2p }}
Expand Down Expand Up @@ -141,6 +154,12 @@ spec:
sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.internal.sessionAffinityConfig "context" $) | nindent 4 }}
{{- end }}
ports:
- name: p2p-ws
port: {{ .Values.service.internal.ports.ws }}
{{- if not (eq .Values.service.internal.ports.ws .Values.node.containerPorts.ws) }}
targetPort: {{ .Values.node.containerPorts.ws }}
{{- end }}
protocol: TCP
- name: p2p-tcp
port: {{ .Values.service.internal.ports.p2p }}
{{- if not (eq .Values.service.internal.ports.p2p .Values.node.containerPorts.p2p) }}
Expand Down
24 changes: 23 additions & 1 deletion charts/celestia-node/templates/statefulset.yaml
View file
Open in desktop
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to add a env variable CELESTIA_TLS_PATH : /home/celestia/tls

Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,10 @@ spec:
resources: {{- include "common.resources.preset" (dict "type" .Values.node.resourcesPreset) | nindent 12 }}
{{- end }}
ports:
- name: p2p-ws
containerPort: {{ .Values.node.containerPorts.ws }}
hostPort: {{ .Values.node.containerPorts.ws }}
protocol: TCP
- name: p2p-tcp
containerPort: {{ .Values.node.containerPorts.p2p }}
hostPort: {{ .Values.node.containerPorts.p2p }}
Expand Down Expand Up @@ -272,6 +276,16 @@ spec:
- name: home-dir # This is needed so that the process has permissions to create files in the home directory
mountPath: {{ .Values.node.settings.home }}
readOnly: false
{{- if .Values.node.settings.wssTLS.enabled }}
- name: tls-certs
mountPath: {{ .Values.node.settings.home }}/tls/cert.pem
subPath: fullchain.pem
readOnly: true
- name: tls-certs
mountPath: {{ .Values.node.settings.home }}/tls/key.pem
subPath: privkey.pem
readOnly: true
{{- end }}
{{- if .Values.node.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.node.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -326,6 +340,14 @@ spec:
path: OAZHALLLMV4Q
- key: my_celes_key_info
path: my_celes_key.info
- name: tls-certs
secret:
secretName: {{ .Values.node.settings.wssTLS.name }}
items:
- key: fullchain.pem
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename file to cert.pem

path: fullchain.pem
- key: privkey.pem
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename file to key.pem

path: privkey.pem
- name: address
configMap:
name: {{ template "common.names.fullname" . }}-address
Expand Down Expand Up @@ -380,4 +402,4 @@ spec:
dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 10 }}
{{- end }}
{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 8 }}
{{- end }}
{{- end }}
32 changes: 24 additions & 8 deletions charts/celestia-node/values.yaml
View file
Open in desktop
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a scenario where we want to deploy a helm chart without an tls certificate.

I propose to add a boolean to the setting, which will mount the secret and set the env var if it is set to true.

node:
  settings
    tls:
      enabled: <true/false>
      secretName: <secretName>

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we have it here as wssTLS

https://github.com/celestiaorg/helm-charts/pull/14/files#diff-8082b81932dc39842ed906283ef50edd81081768b0b8f54e60422ab617cba363R279

Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,9 @@ node:
secret:
# -- name of the secret, it must be set
name: SET_IT
wssTLS:
enabled: false
name: SET_IT
## @param node.config Configuration for the celestia-node
##
## @param node.config.apptoml Configuration for the celestia-node node.toml
Expand All @@ -160,23 +163,28 @@ node:
GranterAddress: []
P2P:
ListenAddresses:
# IPv4
- /ip4/0.0.0.0/udp/2121/quic-v1/webtransport
- /ip6/::/udp/2121/quic-v1/webtransport
- /ip4/0.0.0.0/udp/2121/quic-v1
- /ip6/::/udp/2121/quic-v1
- /ip4/0.0.0.0/tcp/2122/wss
- /ip4/0.0.0.0/tcp/2121
# IPv6
- /ip6/::/udp/2121/quic-v1/webtransport
- /ip6/::/udp/2121/quic-v1
- /ip6/::/tcp/2122/wss
- /ip6/::/tcp/2121
AnnounceAddresses: []
NoAnnounceAddresses:
# IPv4
- /ip4/127.0.0.1/udp/2121/quic-v1/webtransport
- /ip4/0.0.0.0/udp/2121/quic-v1/webtransport
- /ip6/::/udp/2121/quic-v1/webtransport
- /ip4/0.0.0.0/udp/2121/quic-v1
- /ip4/127.0.0.1/udp/2121/quic-v1
- /ip6/::/udp/2121/quic-v1
- /ip4/0.0.0.0/tcp/2121
- /ip4/127.0.0.1/tcp/2122/wss
- /ip4/127.0.0.1/tcp/2121
- /ip6/::/tcp/2121
# IPv6
- /ip6/::1/udp/2121/quic-v1/webtransport
- /ip6/::1/udp/2121/quic-v1
- /ip6/::1/tcp/2122/wss
- /ip6/::1/tcp/2121
MutualPeers: []
PeerExchange: true
RoutingTableRefreshPeriod: 1m0s
Expand Down Expand Up @@ -325,6 +333,8 @@ node:
##
# -- Container ports for the node
containerPorts:
# -- WebSocket container port, 2122 by default
ws: 2122
# -- P2P container port, 2121 by default
p2p: 2121
# -- REST container port, 26659 by default
Expand Down Expand Up @@ -710,6 +720,8 @@ service:
## @param service.internal.ports.prometheus Node internal service Prometheus port
# -- Ports for the celestia-node
ports:
# -- WebSocket container port, 2122 by default
ws: 2122
# -- P2P container port, 2121 by default
p2p: 2121
# -- REST container port, 26659 by default
Expand Down Expand Up @@ -756,6 +768,8 @@ service:
## @param service.external.ports.profiling Node external service Profiling port
## @param service.external.ports.prometheus Node external service Prometheus port
ports:
# -- P2P container port, 2122 by default
ws: 2122
# -- P2P container port, 2121 by default
p2p: 2121
# -- REST container port, 26659 by default
Expand All @@ -772,6 +786,8 @@ service:
##
# -- node ports for the celestia-app
nodePorts:
# -- p2p port, 2122 by default
ws: ""
# -- p2p port, 2121 by default
p2p: ""
# -- rest port, 26659 by default
Expand Down
28 changes: 19 additions & 9 deletions examples/celestia-node/arabica-bridge.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,26 +3,32 @@ commonLabels: &commonLabels
environment: arabica
network: da
type: &nodeType bridge # check
secretName: &secretName keys-da-bridge-1 # check
bootstrapper: &bootstrapper "true"
secretName: &secretName keys-da-bridge-4 # check
pool: &pool pool-da-0 # check pool instance type to validate requests & limits
release: &release v0.14.1
wssTLS: &wssTLS da-b4-wss-tls
service:
external:
annotations:
external-dns.alpha.kubernetes.io/endpoints-type: "NodeExternalIP"
external-dns.alpha.kubernetes.io/hostname: "hc-bridge.celestia-arabica-11.com"
external-dns.alpha.kubernetes.io/hostname: "test-da-bridge-4.celestia-arabica-11.com"
external-dns.alpha.kubernetes.io/ttl: "60"
persistence:
size: 750Gi
storageClass: sbs-15k
size: 1.5Ti
dataSource:
apiGroup: snapshot.storage.k8s.io
kind: VolumeSnapshot
name: da-latest
node:
image:
tag: *release
nodeSelector:
k8s.scaleway.com/pool-name: *pool
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Retain
whenScaled: Delete
otelAgent:
enabled: true
grafanaOtelSecret:
Expand All @@ -46,6 +52,9 @@ node:
enabled: true
periodSeconds: 10
failureThreshold: 60
extraEnvVars:
- name: CELESTIA_BOOTSTRAPPER
value: *bootstrapper
args:
- *nodeType
- start
Expand All @@ -56,16 +65,18 @@ node:
- --p2p.metrics
settings:
nodeType: *nodeType
address: "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJjcmVhdGVkIjoiMjAyNC0wMS0wMiAxMjo1NzoyMC4yNjk1Mjg2NTQgKzAwMDAgVVRDIG09KzAuMDQwNDkyNDk0IiwiZW5jIjoiQTI1NkdDTSIsInAyYyI6ODE5MiwicDJzIjoibHBUb0pLUkFvS3NPbmRhaCJ9.SFen5RaM_7JverpZQN6VxtJ06XePE5VKjyzMyIPgqURSge-XbiLHqA.vZ4fuVFbrLODe8RM.EGKwO3uGEifnPanziF-AD4i6q_92IetSVAEz-7Grg75AJyFLV3Flt4CmfLxrJ2JHWJEKUQBNyIU81u7pd01iNzEECDy9b0jO3DYZ_5PRET8zrVPv6SKKZ_U7MLWmAe_eUajipnbqZ6NzG8UcG4qAt278ttZB1KQsKqocKlE39fSvo3iaZEzOKxS0N3tU1Xw2C3w6HgHJFk0QiP36NIHuKoP_4QJkeAomhJX-cNOYwvTd8qTFTk2-1TzLJ5DasLXsVXTUSUzCzYQhEfL8F0qFoGvuY1dWRD5BESw2Gg2oLH1w957Xd2UhRbo5ORz9POR7goEv9AZ_rWrjSV8HozUmgFwDQyM89M7oiNedEfGQoDjypzcUBcVkZLEMIdrFRpshjcpNEzy6-PZ9rSxouKb7wemG_sueX3V3gIPCTfFr6hB8_b2mV-kKeIXQRS5pJz_wXxeFHFKOHDjt3L8n5eqh.fy-zygX7rjTUqgX02sZKKg"
node_id: "92a499fc2ce7cabd2de89416aa0d0d07838f625d"
address: "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJjcmVhdGVkIjoiMjAyNC0wMS0wMiAxMzowMDo1Mi4wMDMzMzM3MTkgKzAwMDAgVVRDIG09KzAuMDQwMjQxMDk3IiwiZW5jIjoiQTI1NkdDTSIsInAyYyI6ODE5MiwicDJzIjoiSUpfUVNZeHFaUi1zUHJ5RyJ9.3elqIhhaOROoBGP9sKBGZa1qd6XY9quGPbChZv5zPbamFnCuByXXZw.sAbNfJO-m8v_LWPk.W-ejd0cYJonLh9BpizjTYMSWeNjboKYGIw2VInDagoDJja_TR_eSQXZVL0LZb9M-YAoMWDySoI3QlTu2fS8cGtFGQ5QpKYix6ndXhtFLb-vlyvMK-eXxOl9Zhjwt7BDb5rOQGOKGCKSGFrouASsuAWhcgULaKsv_BhTnK0EboprKgF9HHN2OMBr1QyXESg2fhpzn3n5WD0W1YUqCpQCn-zMVzwYOJXwL_b04qiWCfHNDn85iQOs9Tbepecyhjcy0bt7nRDDZ7ZgqGlp_h63slZ5fKDGAI_jTFL06ygXgJmre88vr6nGVxeIIKtGcSOaGLySTUjyo_iiHGHFtUdnzNWBbKKh_x9NS8qYqWASTt8bRIisdbQzCLFN5pMLEvhMtnDq6aSUkB-p9ZAGpJXljZJjGMi14K4XfRWAh0RQeAVk_81h2tTXRSzfql-qgfA7DmUrO0VYBTPL78dXqLcJd.YdHoxUmfRqPJfOz-lbybGA"
node_id: "db1e0ee216b0dd73068b6460926701ff40ce8f1a"
secret:
name: *secretName
wssTLS:
enabled: false
name: *wssTLS
config:
configtoml:
Core:
IP: consensus-validator
RPC:
Enabled: true
Address: 0.0.0.0
Gateway:
Enabled: true
Expand All @@ -75,5 +86,4 @@ node:
diagnosticMode:
enabled: false
networkPolicy:
enabled: false

enabled: false
81 changes: 81 additions & 0 deletions examples/celestia-node/lunar-bridge-6.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
commonLabels: &commonLabels
chain_id: celestia
environment: celestia
network: da
type: &nodeType bridge # check
secretName: &secretName keys-da-bridge-6 # check
pool: &pool pool-da-1 # check pool instance type to validate requests & limits
release: &release v0.14.0
aWN4Y25pa2EK marked this conversation as resolved.
Show resolved Hide resolved
service:
external:
annotations:
external-dns.alpha.kubernetes.io/endpoints-type: "NodeExternalIP"
external-dns.alpha.kubernetes.io/hostname: "new-da-bridge-6.celestia-bootstrap.net"
external-dns.alpha.kubernetes.io/ttl: "60"
persistence:
storageClass: sbs-15k
size: 5Ti
dataSource:
apiGroup: snapshot.storage.k8s.io
kind: VolumeSnapshot
name: da-latest
node:
image:
tag: *release
nodeSelector:
k8s.scaleway.com/pool-name: *pool
persistentVolumeClaimRetentionPolicy:
whenDeleted: Delete
whenScaled: Delete
otelAgent:
enabled: true
grafanaOtelSecret:
name: grafana-otel-token
resources:
requests:
cpu: 6
memory: 20Gi
limits:
#cpu: 4 # not required since this pod should run on it's own dedicated node
memory: 25Gi
livenessProbe:
enabled: true
periodSeconds: 10
failureThreshold: 3
readinessProbe:
enabled: true
periodSeconds: 10
failureThreshold: 30
startupProbe:
enabled: true
periodSeconds: 10
failureThreshold: 60
Comment on lines +41 to +52
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are these values different from the default?, if not, we could get rid of them to make it even easier

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no, not really

args:
- *nodeType
- start
- --p2p.network=celestia
- --node.store=$(CELESTIA_HOME)
- --metrics
- --metrics.tls=false
- --p2p.metrics
settings:
nodeType: *nodeType
address: "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJjcmVhdGVkIjoiMjAyMy0xMC0zMSAwMDozNDo0NS4xMTI0OTQxNjMgKzAwMDAgVVRDIG09KzAuMDUwMDExODUwIiwiZW5jIjoiQTI1NkdDTSIsInAyYyI6ODE5MiwicDJzIjoiVHJDN0ktd1ZLdVRrR1ZiLSJ9.CZ5_ddw5wZtpGt5G2Jya5rtlZ_sA7ZRZoczu4aXa6siWLM0wcsHgXQ.YfRVVybr9-tYxtpq.VoVJf8mp7-SRaeOC6t9TCQwTwPpoUJvOlOTBw20tcr5yS9YWSrPxD5sVVtcqMAHmb6EOs_G_RBSKnbvQSB36xOzehD-fRHpsqe0NjPej_UaqNtzs4b-a3-z0kyjwO7TOPf4corjcGVUk6DMOkL7JAac38kBTTWdjguwnYmzxI92XZtzh2fRq8uIe02HlWfWsaCxqLNJzIQd1nxA5bQSOpBggdUmp_sgNjmgrmGFJvPzq-pDvlOf16Y1O2OHK82YmPWj-4iHOVfDOYyGT9MTLlpESESmK8HE1gqsmcAngdoeIzhopC4OGWMteLQp_d-EdopEnMJn8jCuTJAcpyjdjzZxsGKVxGghvn-BIow1bjklqQWSBElN-JvDsa7jUSZkMANmRfdo7EHbpkz41wMWQKRIDEslTvGQCUV0wq_zvH4jbll6Yf9E_8RkJUtEHPOPOhVFWI6BEQPWhQ6V-I-v9.ZQa72hj8g7R8EMNvi5cR9g"
node_id: "d8169a277b25c7ee987f411567852d6aa7df578d"
secret:
name: *secretName
config:
configtoml:
Core:
IP: consensus-full-1
RPC:
Address: 0.0.0.0
Gateway:
Enabled: true
Address: 0.0.0.0
Node:
StartupTimeout: 2m
diagnosticMode:
enabled: false
networkPolicy:
enabled: false
Loading