- Upstream Contribution
- Debian Images
- Logging
- Trivy Scan → ID Union Slack Notifications
Attendance
- Sebastian Schmittner (EECC)
- Sebastian Zickau (Stadt Köln)
- Guido Wischrop (MGM)
- Aljoscha Schulte (TU Berlin)
- Niclas Mietz (Spherity)
In Progress
Upstream Contribution
We have contributed our repo to Hyperledger: https://github.com/hyperledger/indy-node-container
HL Teams: https://github.com/orgs/hyperledger/teams/indy-node-container-maintainers
- Adapt Readme https://github.com/hyperledger/indy-node-container/pull/80
- run/READM -> links
- container refs (run) -> hyperledger
- https://github.com/hyperledger/indy-node-container/blob/main/.github/workflows/trivy-all.yml
- tryvy ref -> HL (owner like in other action)
- Fixing Trivy Action
- Minutes
- Move to HL Confluence
- @Echsecutor -> ask ??? for Confluence Space
- First meeting notes written in Confluence: 2022-03-04 Indy Container Meeting #34
- First Release in Hyper Ledger repo
- → latest Images in ghcr / hyperledger
Fixing current images write consensus
- Ubuntu 20 / node 1.13.0~dev206 eventually runs into consensus problems
- do not use 1.13.0~dev206 for Debian images (for now)!
- Todo: rather produce Debioan images similar to https://github.com/IDunion/indy-node-container/blob/main/build/Dockerfile.ubuntu18
Release automation / Scans
- https://github.com/hyperledger/indy-node-container/issues/46
- Add Slack bot
- https://action-slack.netlify.app/usage was added to ID Union Slack
- Sebastian Zickau continues in a personal fork
Logging
- limit docker logs
- https://docs.docker.com/config/containers/logging/configure/
- TBD local / json-file
- document anyway!
- log rotation anyway!
logging:
driver: "json-file"
options:
max-file: "5"
max-size: "100m"
default log level?
mounting log files (
/var/log/indy
)- https://github.com/hyperledger/indy-node-container/blob/main/run/docker-compose.yml
- rotation?
- += run/README
journals stuff -> not!
Stale
Contribution to Node 1.13.0 / Ubuntu 20.04 Release
- Concretely: Need Ubuntu 20.04 systemd container
- https://github.com/hyperledger/indy-test-automation/blob/main/system_node_only/docker/node/Dockerfile.ubuntu-2004
- Hyperledger Indy has a Test Automation Suite which starts the Indy software as a systemd service in a container to simulate operation in a VM. Mainly it is about Pool Restart, Upgrade, Start & Stop Node
- Could probably be based on https://github.com/solita/docker-systemd/tree/master (which is not maintained anymore)
- other examples
- requires sysbox-runc: https://github.com/nestybox/dockerfiles/blob/master/ubuntu-focal-systemd/Dockerfile
- requires privileged mode: https://github.com/fauust/docker-systemd
- requires privileged mode: https://github.com/robertdebock/docker-ubuntu-systemd
See https://github.com/hyperledger/indy-test-automation/blob/main/system_node_only/docker_setup.py#L78
Update from @Robin today: Looks promising!
Metrics
- Carlos: https://github.com/IDunion/indy-node-monitor
- https://github.com/WadeBarnes/indy-node-monitor/tree/monitoring-stack
- Existing Prometheus + Grafana setup by IFIS
Security
The node keys handling is currently sub optimal (env variable). Should be improved to e.g. file based setup: https://github.com/IDunion/indy-node-container/issues/52
- Cristian already has a nice setup elsewhere and offers to port it
- https://github.com/internet-sicherheit/sovrin-container
- Merge of IFIS repo?
Indy-Test-Automation
- Issue#102: Indy Node system tests depend on the Sovrin package
- Improve our own testing!
Support for non-docker setup
- Helm Charts
- Might geht interesting at some point in the future
- Potential Clients Spherity/MGM
- Might geht interesting at some point in the future
- Podman
Next Meeting
- Weekly Fri 9:15-10:00 (UTC+1)
- Probably skip 2022-03-11 => Next Meeting 2022-03-18