# Kubernetes deployment This orchestration is Work in Progress. Help from expert in K8S is very appreciated. Rewarded (Sats) tasks can be created to finalize this work. # dev environment Needs microk8s / minikube, kubectl and helm. Add helm bitnami repo ``` helm repo add bitnami https://charts.bitnami.com/bitnami ``` # microk8s Install ``` snap install microk8s --classic ``` Add rights to your user ``` sudo usermod -a -G microk8s sudo chown -f -R ~/.kube newgrp microk8s ``` Shortcut for kubectl as mkctl (feel free to add bashrc `nano ~/.bashrc`) ``` alias mkctl="microk8s kubectl" ``` Install ISCi for Ubuntu (prerequisit of OpenEBS) ``` sudo apt-get update sudo apt-get install open-iscsi -y sudo systemctl enable --now iscsid ``` Start microk8s ``` micrk8s start ``` Enable dns, community and openebs storage ``` microk8s enable dns microk8s enable community microk8s enable openebs ``` Enable Dashboard ``` microk8s enable dashboard microk8s dashboard-proxy ``` Delete default coredns configmap (we override it to add hosts) ``` mkctl delete configmap coredns -n kube-system ``` Apply all cluster configuration for a variant, e.g. testnet ``` cd robosats-deploy/k8s mkctl apply -k base ``` More info on openebs-hostpath volumes in https://openebs.io/docs/user-guides/localpv-hostpath (also guides to backup). Local data within the PVCs will be stored persistently in the pvc directories under ``` /var/snap/microk8s/common/var/openebs/local/ ``` Set default namespace for mkctl commands ``` mkctl config set-context --current --namespace=testnet ``` Create onion-service secret with privkey from existing Onion V3 files ``` mkctl create secret generic my-full-onion-secret \ --from-file=privateKeyFile=~/path/to/hs_ed25519_secret_key \ --from-file=publicKeyFile=~/path/to/hs_ed25519_public_key \ --from-file=onionAddress=~/path/to/hostname ``` Print onion hostname ``` mkctl exec -- cat /var/lib/tor/robosite/hostname ``` Export .yml of a resource ``` mkctl get -o yaml > .yml ``` First time start up of LND. Create wallet. First comment out the auto-unlock-file line. Then apply the statefulset lnd ``` # create wallet mkctl exec -it lnd-0 -- lncli create ``` ## TODO - [ ] Implement CLN service for coordinators that prefer core-lightning - [ ] Bitcoind use onlynets Tor / I2P - [ ] Open I2P to other hosts - [ ] Run LND - [ ] Mount LND dir to gunicorn, celery-worker and follow invoices - [ ] Learn configmaps (put variables into deployment for example: gunicorn number of workers... now hardcoded as 2) - [ ] Also study this: Kubernetes namespace kustomizations https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/ - [ ] Research whitenoise to improve static serving directly with gunicorn: http://whitenoise.evans.io/en/stable/django.html - [ ] Implement torrc cookie authentication method - [ ] Network File Storage so multiple nodes of MicroK8s can access data https://microk8s.io/docs/nfs - [ ]Research OpenEBS storage solution ``` mkctl apply -f https://openebs.github.io/charts/openebs-operator.yaml ``` ## Locally using robosats ``` minikube service gunicorn -n testnet --url > http://192.168.49.2:30677 ``` Use in browser ## First start up run for all .yml on k8s folder ``` kubectl apply -f . ``` Create database and admin ``` kubectl exec -it -n testnet -- bash python3 manage.py makemigrations control api chat python3 manage.py migrate python3 manage.py createsuperuser python3 manage.py collectstatic ``` Warning django webserver will start up faster than postgres. Needs to be staged. ## For convenience change kubectl default namespace to testnet or mainnet ``` kubectl config set-context --current --namespace=testnet ``` ## k8s dev tricks used Create a configmap.yml or secret.yml from any file. Then mount the configmap as a file. https://stackoverflow.com/questions/58407501/how-to-deploy-nginx-config-file-in-kubernetes ``` kubectl create configmap nginx-configmap --from-file=./nginx.conf kubectl get configmap nginx-configmap -n testnet -o yaml > nginx-configmap.yml ```