Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
  • Improved CI + Tags PR
  • Controller
  • Container Tagging


Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Attendance

In Progress

Network connectivity Script

Indy 1.13.2~RC4 Testing

  •  Christian wants to test the new release candidate → upgrade ubuntu20 test image todayish

Indy VDR Containers

Improve CI + Tagging of Container releases

  • We could Improve the CI pipelines to not run if not necessary (e.g. not run if only md files are changed)
  • Already tried this once → need to put work into required merge job cheks
  • Include indy node version
    • currently RELEASE-FLAVOUR
    • Decision today: update to: NODE_VERSION-FLAVOUR-RELEASE
      • e.g. FLAVOUR=ubuntu20
      • e.g. FLAVOUR=debian10
  • Release less flavours
    • Remove when 1.13 is there
    • Comment into readme now: deprecated ubuntu16, debian10,...

Indy Node Controller

  • Suggestion: Build one controller image with and one without podmanPhilipp Schlarb (esatus AG)  <p.schlarb@esatus.com>

Indy Node Controller

  • Controller purpose
    • Network Restart
      • No Ledger Transaction
      • Nodes communicate "Action"
    • Node Upgrades
      • Ledger Transaction
  • Current State
  • The principal Controller solution mounting the host docker socket into the controller container might be re-discussed as well
  • Next meeting: Controller Discussion: 2022-11-04 9:15-10:00 (Berlin time)
  • Next regular
    • Seperate meeting: 2022-11-17 10:00 - 11:00 Berline time
    • Idea Sebastian: Controller = process on Container Host
    • Idea Christian: Kubernetes Operator
  • https://github.com/hyperledger/indy-node-container/issues/108#issuecomment-1270047470
    • → we should use the container name = host name to reach the controller from the indy node container instead of "localhost"
    • @tsurai

Container

Stale

Issues

Network connectivity test script

Idea: Script to test that IP Tables rules are as they should be

  • At least check that node can connect (TCP lvl) to all other nodes
  • Bonus: Check that connection from outside is not possible

Still 2do

Load Test Script by Christian Bormann

  • on hold

Alerting

Logging

Metrics

Security

The node keys handling is currently sub optimal (env variable). Should be improved to e.g. file based setup: https://github.com/IDunion/indy-node-container/issues/52

Indy-Test-Automation

Support for non-docker setup

Next Meeting

    • Container mounting docker socket
      • We deliver the orchestrated setup
      • Problem: Indy Node calls apt to check for package upgrades before forwarding the upgrade to the controller!
    • Process on Container Host
      • Quick and Dirty
        • Needs Docker rights
          • Security Implications!
      • Greatest flexibility
      • Needs to survive restarts → e.g. systemd
      • Not worth it
    • Kubernetes Operator
      • Needs Kubernetes Setup
        • Local install (e.g. K3S) not to dificult
        • But high maintenance effort
        • For production: Tell people to go to a Kubernetes provider!
      • Advantage: Runs on e.g. open shift, google, amazon, etc.
      • Clean Setup with pure container tech
      • Currently: probably to much effort for nobody in ID Union using a Kubernetes based setup
      • Biggest problem: No ressources in our group to develop this


Conclusion

  • We keep the current setup of running the Controller.
  • We Issue a Change proposal in indy node to refactor all upgrading into the controller

Next Meeting

  • Next meeting: 2022-11-11 9:15-10:00 (Berlin time)

...