From 8c2c215d79902549247037c574ddabd9b84a7bba Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Sun, 20 Aug 2023 12:41:17 +0200 Subject: [PATCH 1/5] modifications --- k8s/certificates.yaml | 2 +- k8s/issuer.yaml | 8 ++++++ k8s/ksox-exchange.yaml | 49 ----------------------------------- postgres/k8s/postgres.yaml | 13 ++++++++++ redis/k8s/redis.yaml | 13 ++++++++++ server/k8s/worker.yaml | 6 ++--- web/k8s/dashboard.yaml | 6 ++--- web/k8s/exchange-landing.yaml | 6 ++--- web/k8s/exchange.yaml | 6 ++--- web/k8s/processor.yaml | 6 ++--- 10 files changed, 50 insertions(+), 65 deletions(-) delete mode 100644 k8s/ksox-exchange.yaml diff --git a/k8s/certificates.yaml b/k8s/certificates.yaml index cb668754..503f4dc1 100644 --- a/k8s/certificates.yaml +++ b/k8s/certificates.yaml @@ -12,4 +12,4 @@ spec: - pay.ksox.finance - dashboard.ksox.finance issuerRef: - name: ksox-finance-letsencrypt-http01 + name: ksox-finance-selfsigned diff --git a/k8s/issuer.yaml b/k8s/issuer.yaml index fe3d7498..2f25f6a8 100644 --- a/k8s/issuer.yaml +++ b/k8s/issuer.yaml @@ -16,3 +16,11 @@ spec: selector: dnsZones: - ksox.finance + +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: ksox-finance-selfsigned + namespace: ksox-finance +spec: + selfSigned: {} \ No newline at end of file diff --git a/k8s/ksox-exchange.yaml b/k8s/ksox-exchange.yaml deleted file mode 100644 index e45d9b65..00000000 --- a/k8s/ksox-exchange.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: ksox-exchange-issuer - namespace: ksox-finance -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: pavlnowak@gmail.com - privateKeySecretRef: - name: ksox-exchange-issuer-account-key - solvers: - - http01: - ingress: - ingressClassName: ingress-nginx - selector: - dnsZones: - - ksox.exchange ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: ksox-exchange-cert - namespace: ksox-finance -spec: - secretName: ksox-exchange-tls - dnsNames: - - ksox.exchange - - www.ksox.exchange - issuerRef: - name: ksox-exchange-issuer ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: redirect-ingress - namespace: ksox-finance - annotations: - nginx.ingress.kubernetes.io/permanent-redirect: https://www.ksox.finance -spec: - ingressClassName: ingress-nginx - tls: - - hosts: - - ksox.exchange - - www.ksox.exchange - secretName: ksox-exchange-tls - rules: - - host: ksox.exchange - - host: www.ksox.exchange diff --git a/postgres/k8s/postgres.yaml b/postgres/k8s/postgres.yaml index b531f05f..0941067e 100644 --- a/postgres/k8s/postgres.yaml +++ b/postgres/k8s/postgres.yaml @@ -1,3 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pv-claim + namespace: ksox-finance +spec: + storageClassName: rook-ceph-ec-block + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1024Gi +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/redis/k8s/redis.yaml b/redis/k8s/redis.yaml index 1f571686..83e9e90a 100644 --- a/redis/k8s/redis.yaml +++ b/redis/k8s/redis.yaml @@ -1,3 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: redis-pv-claim + namespace: ksox-finance +spec: + storageClassName: rook-ceph-ec-block + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 32Gi +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/server/k8s/worker.yaml b/server/k8s/worker.yaml index f9eab826..3fe45657 100644 --- a/server/k8s/worker.yaml +++ b/server/k8s/worker.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: - name: server-worker-deployment + name: server-worker-daemonset namespace: ksox-finance labels: app: server-worker @@ -91,7 +91,7 @@ metadata: nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/rewrite-target: /$2 spec: - ingressClassName: ingress-nginx + ingressClassName: ingress-nginx-prod tls: - hosts: - app.ksox.finance diff --git a/web/k8s/dashboard.yaml b/web/k8s/dashboard.yaml index fc85f52f..d66c6d85 100644 --- a/web/k8s/dashboard.yaml +++ b/web/k8s/dashboard.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: - name: web-dashboard-deployment + name: web-dashboard-daemonset namespace: ksox-finance labels: app: web-dashboard @@ -49,7 +49,7 @@ metadata: nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: - ingressClassName: ingress-nginx + ingressClassName: ingress-nginx-prod tls: - hosts: - dashboard.ksox.finance diff --git a/web/k8s/exchange-landing.yaml b/web/k8s/exchange-landing.yaml index 3b56e3c0..f8982491 100644 --- a/web/k8s/exchange-landing.yaml +++ b/web/k8s/exchange-landing.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: - name: web-exchange-landing-deployment + name: web-exchange-landing-daemonset namespace: ksox-finance labels: app: web-exchange-landing @@ -50,7 +50,7 @@ metadata: nginx.ingress.kubernetes.io/rewrite-target: /$1 nginx.ingress.kubernetes.io/from-to-www-redirect: "true" spec: - ingressClassName: ingress-nginx + ingressClassName: ingress-nginx-prod tls: - hosts: - ksox.finance diff --git a/web/k8s/exchange.yaml b/web/k8s/exchange.yaml index 7e5a0216..e26d6b65 100644 --- a/web/k8s/exchange.yaml +++ b/web/k8s/exchange.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: - name: web-exchange-deployment + name: web-exchange-daemonset namespace: ksox-finance labels: app: web-exchange @@ -49,7 +49,7 @@ metadata: nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: - ingressClassName: ingress-nginx + ingressClassName: ingress-nginx-prod tls: - hosts: - app.ksox.finance diff --git a/web/k8s/processor.yaml b/web/k8s/processor.yaml index 8303ec37..c6a6859f 100644 --- a/web/k8s/processor.yaml +++ b/web/k8s/processor.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 -kind: Deployment +kind: DaemonSet metadata: - name: web-processor-deployment + name: web-processor-daemonset namespace: ksox-finance labels: app: web-processor @@ -49,7 +49,7 @@ metadata: nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: - ingressClassName: ingress-nginx + ingressClassName: ingress-nginx-prod tls: - hosts: - pay.ksox.finance From 1183f8f6396975f46fa7ca558b869362c20729f4 Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Sun, 20 Aug 2023 12:48:06 +0200 Subject: [PATCH 2/5] envs --- server/k8s/engagement.yaml | 24 ++++++++++++++++++++---- server/k8s/engine.yaml | 24 ++++++++++++++++++++---- server/k8s/worker.yaml | 28 ++++++++++++++++++++-------- 3 files changed, 60 insertions(+), 16 deletions(-) diff --git a/server/k8s/engagement.yaml b/server/k8s/engagement.yaml index a22b2498..e1ec1f14 100644 --- a/server/k8s/engagement.yaml +++ b/server/k8s/engagement.yaml @@ -27,10 +27,26 @@ spec: memory: 400Mi cpu: 400m env: - - name: DATABASE_URL - value: postgresql://ksoxuser:ksoxuserp4ssword@postgres-service/ksox - - name: ENGINE_FRACTION_ACCURACY - value: 1/10000 + - name: KSOX_SERVER_BLOCKCHAIN_URL + value: "http://ksox-server-blockchain/" + - name: KSOX_WS_BLOCKCHAIN_URL + value: "ws://ksox-blockchain:8545/" + - name: KSOX_POSTGRES_URL + value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" + - name: KSOX_REDIS_URL + value: "redis://ksox-redis/" + - name: KSOX_SERVER_ENGINE_URL + value: "http://ksox-server-engine/" + - name: CONTRACT_PRIVATE_KEY + value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + - name: CONTRACT_ADDRESS + value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + - name: DEPOSIT_CONFIRMATIONS + value: "5" + - name: TESTS_CASES + value: "10000" + - name: TESTS_FRACTION_BYTES + value: "2" initContainers: - name: wait-for-postgres image: busybox diff --git a/server/k8s/engine.yaml b/server/k8s/engine.yaml index b969debb..78d0389c 100644 --- a/server/k8s/engine.yaml +++ b/server/k8s/engine.yaml @@ -27,10 +27,26 @@ spec: memory: 500Mi cpu: 500m env: - - name: DATABASE_URL - value: postgresql://ksoxuser:ksoxuserp4ssword@postgres-service/ksox - - name: ENGINE_FRACTION_ACCURACY - value: 1/10000 + - name: KSOX_SERVER_BLOCKCHAIN_URL + value: "http://ksox-server-blockchain/" + - name: KSOX_WS_BLOCKCHAIN_URL + value: "ws://ksox-blockchain:8545/" + - name: KSOX_POSTGRES_URL + value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" + - name: KSOX_REDIS_URL + value: "redis://ksox-redis/" + - name: KSOX_SERVER_ENGINE_URL + value: "http://ksox-server-engine/" + - name: CONTRACT_PRIVATE_KEY + value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + - name: CONTRACT_ADDRESS + value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + - name: DEPOSIT_CONFIRMATIONS + value: "5" + - name: TESTS_CASES + value: "10000" + - name: TESTS_FRACTION_BYTES + value: "2" initContainers: - name: wait-for-postgres image: busybox diff --git a/server/k8s/worker.yaml b/server/k8s/worker.yaml index 3fe45657..5a0fe05a 100644 --- a/server/k8s/worker.yaml +++ b/server/k8s/worker.yaml @@ -27,14 +27,26 @@ spec: memory: 500Mi cpu: 500m env: - - name: DATABASE_URL - value: postgresql://ksoxuser:ksoxuserp4ssword@postgres-service/ksox - - name: ENGINE_URL - value: http://server-engine-service/ - - name: REDIS_URL - value: redis://redis-service/ - - name: WORKER_FRACTION_ACCURACY - value: 1/10000 + - name: KSOX_SERVER_BLOCKCHAIN_URL + value: "http://ksox-server-blockchain/" + - name: KSOX_WS_BLOCKCHAIN_URL + value: "ws://ksox-blockchain:8545/" + - name: KSOX_POSTGRES_URL + value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" + - name: KSOX_REDIS_URL + value: "redis://ksox-redis/" + - name: KSOX_SERVER_ENGINE_URL + value: "http://ksox-server-engine/" + - name: CONTRACT_PRIVATE_KEY + value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + - name: CONTRACT_ADDRESS + value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + - name: DEPOSIT_CONFIRMATIONS + value: "5" + - name: TESTS_CASES + value: "10000" + - name: TESTS_FRACTION_BYTES + value: "2" initContainers: - name: wait-for-postgres image: busybox From a1d76768e2c8ae40e2eed6af66644304ee9a9ae3 Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Sun, 20 Aug 2023 14:54:38 +0200 Subject: [PATCH 3/5] secrets and configmaps --- k8s/pvcs.yaml | 25 ------------------- server/k8s/engagement.yaml | 10 ++++++-- server/k8s/engine.yaml | 10 ++++++-- server/k8s/worker.yaml | 10 ++++++-- .../providers/ContractAddressProvider.tsx | 1 + 5 files changed, 25 insertions(+), 31 deletions(-) delete mode 100644 k8s/pvcs.yaml diff --git a/k8s/pvcs.yaml b/k8s/pvcs.yaml deleted file mode 100644 index 260f4157..00000000 --- a/k8s/pvcs.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: postgres-pv-claim - namespace: ksox-finance -spec: - storageClassName: openebs-hostpath - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 512Gi ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: redis-pv-claim - namespace: ksox-finance -spec: - storageClassName: openebs-hostpath - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 256Gi diff --git a/server/k8s/engagement.yaml b/server/k8s/engagement.yaml index e1ec1f14..8474a456 100644 --- a/server/k8s/engagement.yaml +++ b/server/k8s/engagement.yaml @@ -38,9 +38,15 @@ spec: - name: KSOX_SERVER_ENGINE_URL value: "http://ksox-server-engine/" - name: CONTRACT_PRIVATE_KEY - value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + valueFrom: + secretKeyRef: + name: contract-private-key + key: key - name: CONTRACT_ADDRESS - value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + valueFrom: + configMapKeyRef: + name: server-config + key: contract-address - name: DEPOSIT_CONFIRMATIONS value: "5" - name: TESTS_CASES diff --git a/server/k8s/engine.yaml b/server/k8s/engine.yaml index 78d0389c..974823c1 100644 --- a/server/k8s/engine.yaml +++ b/server/k8s/engine.yaml @@ -38,9 +38,15 @@ spec: - name: KSOX_SERVER_ENGINE_URL value: "http://ksox-server-engine/" - name: CONTRACT_PRIVATE_KEY - value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + valueFrom: + secretKeyRef: + name: contract-private-key + key: key - name: CONTRACT_ADDRESS - value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + valueFrom: + configMapKeyRef: + name: server-config + key: contract-address - name: DEPOSIT_CONFIRMATIONS value: "5" - name: TESTS_CASES diff --git a/server/k8s/worker.yaml b/server/k8s/worker.yaml index 5a0fe05a..71e86ea0 100644 --- a/server/k8s/worker.yaml +++ b/server/k8s/worker.yaml @@ -38,9 +38,15 @@ spec: - name: KSOX_SERVER_ENGINE_URL value: "http://ksox-server-engine/" - name: CONTRACT_PRIVATE_KEY - value: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" + valueFrom: + secretKeyRef: + name: contract-private-key + key: key - name: CONTRACT_ADDRESS - value: "0xCf7Ed3AccA5a467e9e704C703E8D87F634fB0Fc9" + valueFrom: + configMapKeyRef: + name: server-config + key: contract-address - name: DEPOSIT_CONFIRMATIONS value: "5" - name: TESTS_CASES diff --git a/web/packages/components/providers/ContractAddressProvider.tsx b/web/packages/components/providers/ContractAddressProvider.tsx index 397ef16c..565d6a24 100644 --- a/web/packages/components/providers/ContractAddressProvider.tsx +++ b/web/packages/components/providers/ContractAddressProvider.tsx @@ -5,6 +5,7 @@ import { createResource, createSignal, JSX, + onMount, useContext, } from "solid-js"; import { ContractResponse } from "@packages/types/contract"; From 6bc0faaf6ea5aa67c3d9f32085bd650be86fab59 Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Sun, 20 Aug 2023 14:56:48 +0200 Subject: [PATCH 4/5] ingore secrets --- .gitignore | 3 +++ server/k8s/config.yaml | 7 +++++++ 2 files changed, 10 insertions(+) create mode 100644 server/k8s/config.yaml diff --git a/.gitignore b/.gitignore index 94e26991..991be12d 100644 --- a/.gitignore +++ b/.gitignore @@ -53,3 +53,6 @@ **/.Trashes **/ehthumbs.db **/Thumbs.db + +# K8s secrets +secret.yaml \ No newline at end of file diff --git a/server/k8s/config.yaml b/server/k8s/config.yaml new file mode 100644 index 00000000..0d853863 --- /dev/null +++ b/server/k8s/config.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: server-config + namespace: ksox-finance +data: + contract-address: "0x7a51979FD280B0A3210E115c0810298A7Bff98D3" \ No newline at end of file From 1b03fa768b3f5e4f1dbf99b5a9c272e9fe48372b Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Sun, 20 Aug 2023 15:01:29 +0200 Subject: [PATCH 5/5] secret blockchain url --- server/k8s/engagement.yaml | 5 ++++- server/k8s/engine.yaml | 5 ++++- server/k8s/worker.yaml | 5 ++++- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/server/k8s/engagement.yaml b/server/k8s/engagement.yaml index 8474a456..69d204ed 100644 --- a/server/k8s/engagement.yaml +++ b/server/k8s/engagement.yaml @@ -30,7 +30,10 @@ spec: - name: KSOX_SERVER_BLOCKCHAIN_URL value: "http://ksox-server-blockchain/" - name: KSOX_WS_BLOCKCHAIN_URL - value: "ws://ksox-blockchain:8545/" + valueFrom: + secretKeyRef: + name: ws-blockchain-url + key: url - name: KSOX_POSTGRES_URL value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" - name: KSOX_REDIS_URL diff --git a/server/k8s/engine.yaml b/server/k8s/engine.yaml index 974823c1..5d24c89a 100644 --- a/server/k8s/engine.yaml +++ b/server/k8s/engine.yaml @@ -30,7 +30,10 @@ spec: - name: KSOX_SERVER_BLOCKCHAIN_URL value: "http://ksox-server-blockchain/" - name: KSOX_WS_BLOCKCHAIN_URL - value: "ws://ksox-blockchain:8545/" + valueFrom: + secretKeyRef: + name: ws-blockchain-url + key: url - name: KSOX_POSTGRES_URL value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" - name: KSOX_REDIS_URL diff --git a/server/k8s/worker.yaml b/server/k8s/worker.yaml index 71e86ea0..736c78ad 100644 --- a/server/k8s/worker.yaml +++ b/server/k8s/worker.yaml @@ -30,7 +30,10 @@ spec: - name: KSOX_SERVER_BLOCKCHAIN_URL value: "http://ksox-server-blockchain/" - name: KSOX_WS_BLOCKCHAIN_URL - value: "ws://ksox-blockchain:8545/" + valueFrom: + secretKeyRef: + name: ws-blockchain-url + key: url - name: KSOX_POSTGRES_URL value: "postgresql://ksoxuser:ksoxuserp4ssword@ksox-postgres/ksox" - name: KSOX_REDIS_URL