2022-11-10 Indy Container Meeting #47
Improved CI + Tags PR
Controller
Container Tagging
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Attendance
@Sebastian Schmittner (EECC)
@Christian Bormann (Robert Bosch GmbH)
Guido Wischrop
Cristian Kubis
In Progress
Network connectivity Script
Indy 1.13.2~RC4 Testing
Indy VDR Containers
Christian discovered Indy VDR using home brewn indy node containers for testing.
https://github.com/hyperledger/indy-vdr/blob/main/ci/indy-pool.dockerfile
Christian: PR → our containers as base for their testing
Improve CI + Tagging of Container releases
fixed by Philipp in https://github.com/hyperledger/indy-node-container/pull/121 :tada:
We could Improve the CI pipelines to not run if not necessary (e.g. not run if only md files are changed)
Already tried this once → need to put work into required merge job cheks
Include indy node version
currently RELEASE-FLAVOUR
Decision today: update to: NODE_VERSION-FLAVOUR-RELEASE
e.g. FLAVOUR=ubuntu20
e.g. FLAVOUR=debian10
Release less flavours
Remove when 1.13 is there
Comment into readme now: deprecated ubuntu16, debian10,...
Indy Node Controller
Suggestion: Build one controller image with and one without podman
The principal Controller solution mounting the host docker socket into the controller container might be re-discussed as well
Seperate meeting: 2022-11-17 10:00 - 11:00 Berline time
Idea Sebastian: Controller = process on Container Host
Idea Christian: Kubernetes Operator
https://github.com/hyperledger/indy-node-container/issues/108#issuecomment-1270047470
→ we should use the container name = host name to reach the controller from the indy node container instead of "localhost"
@tsurai
Container
Use smaller base images
python-slim + pypi indy packages?
Phillipp: Caution: pypi packages are not identical to deb versions
differences regarding config files for indy-node (https://github.com/hyperledger/indy-node/blob/ubuntu-20.04-upgrade/build-scripts/ubuntu-2004/prepare-package.sh)
Stale
Issues
https://github.com/hyperledger/indy-node-container/issues/96
probably resolved?
Maintainers.md: https://github.com/hyperledger/indy-node-container/issues/98
Network connectivity test script
Idea: Script to test that IP Tables rules are as they should be
At least check that node can connect (TCP lvl) to all other nodes
Bonus: Check that connection from outside is not possible
Still 2do
Load Test Script by @Christian Bormann
on hold
Alerting
Sebastian Z finished work on slack alerting action.
Send webhook to @Sebastian Schmittner → Forward to @Stephen Curranto add to github repo, then MR github action
Replace scan → github security alerts or do both?
BOTH
@Sebastian Schmittner
Logging
Stale PR https://github.com/hyperledger/indy-node-container/pull/83
Discussion today:
Rather document how to edit the https://github.com/hyperledger/indy-node-container/blob/main/run/etc_indy/indy_config.py then overwriting those variables at container start through init script
Network Name → same!?
Definietly keep READE + docker logging explanation
→ sesinsible default for logging in docker compose
@Sebastian Schmittner
Metrics
https://github.com/WadeBarnes/indy-node-monitor/tree/monitoring-stack
Existing Prometheus + Grafana setup by IFIS
Security
The node keys handling is currently sub optimal (env variable). Should be improved to e.g. file based setup: https://github.com/IDunion/indy-node-container/issues/52
Cristian already has a nice setup elsewhere and offers to port it
Merge of IFIS repo?
Indy-Test-Automation
Issue#102: Indy Node system tests depend on the Sovrin package
Improve our own testing!
Support for non-docker setup
Helm Charts
Might geht interesting at some point in the future
Potential Clients Spherity/MGM
Podman
Next Meeting
Next meeting: Controller Discussion: 2022-11-04 9:15-10:00 (Berlin time)
Next regular meeting: 2022-11-11 9:15-10:00 (Berlin time)