Added API concept and how to configure content (#37)

* WIP Signed-off-by: Madeline <[email protected]> * API overview and config Signed-off-by: Madeline <[email protected]> * removing file Signed-off-by: Madeline <[email protected]> * rework Signed-off-by: Madeline <[email protected]> * lint Signed-off-by: Madeline <[email protected]> * lint Signed-off-by: Madeline <[email protected]>
Consensys · Dec 14, 2020 · b2cfe27 · b2cfe27
1 parent 0059438
commit b2cfe27
Show file tree

Hide file tree

Showing 6 changed files with 192 additions and 98 deletions.
diff --git a/docs/Concepts/Enclave-types.md b/docs/Concepts/Enclave-types.md
@@ -17,4 +17,5 @@ a clear separation between the enclave and transaction manager.
 
 For additional security, the remote HTTP Enclave can be deployed in a secure environment separate from the transaction manager.
 
-The enclave must be present and running at transaction manager startup.
+The enclave must be present and running at transaction manager startup. Specify the connection details
+for the remote enclave server in the [Tessera configuration file](../HowTo/Configure/Tessera.md).
diff --git a/docs/Concepts/TesseraAPI.md b/docs/Concepts/TesseraAPI.md
@@ -0,0 +1,32 @@
+---
+description: Tessera API 
+---
+
+# Tessera API
+
+The Tessera API consists of three parts:
+
+* [GoQuorum to Tessera](#goquorum-to-tessera-api)
+* [Peer to peer](#peer-to-peer-api)
+* [Third party](#third-party-api).
+
+## GoQuorum to Tessera API
+
+GoQuorum uses the GoQuorum to Tessera API to:
+
+* Check if the associated Tessera node is running.
+* Send and receive private transactions.
+
+## Peer to peer API
+
+Tessera uses the Peer to peer API to:
+
+* Perform discovery.
+* Send and receive encrypted payloads.
+
+## Third party API
+
+Tessera uses the third party API to store encrypted payloads for external applications. For example,
+[Quorum.js](https://github.com/consenSys/quorum.js).
+
+[Configure the Tessera API servers in `serverConfigs` in the Tessera configuration file.](../HowTo/Configure/TesseraAPI.md)
diff --git a/docs/HowTo/Configure/Tessera.md b/docs/HowTo/Configure/Tessera.md
@@ -229,79 +229,28 @@ See [Configure peer discovery](Peer-discovery.md).
 
 See [Configure peer discovery](Peer-discovery.md).
 
-### Server
+### Servers for Tessera API
 
-To allow for a greater level of control, Tessera's API has been separated into distinct groups.
-Each group is only accessible over a specific server type. Tessera can be started with different
-combinations of these servers depending on the functionality required.
-This is defined in the configuration and determines the APIs that are available and how they are accessed.
+See [Configure Tessera API](TesseraAPI.md).
 
-The possible server types are:
+### Server for remote enclave
 
-* `P2P` - Tessera uses this server to communicate with other Transaction Managers (the URI for this
-    server can be shared with other nodes to be used in their `peer` list - see below)
-* `Q2T` - This server is used for communications between Tessera and its corresponding Quorum node
-* `ENCLAVE` - If using a remote enclave, this defines the connection details for the remote enclave
-    server (see the [Enclave docs](../../Concepts/Enclave.md) for more info)
-* `ThirdParty` - This server is used to expose certain Transaction Manager functionality to external
-    services such as Quorum.js
-
-The servers to be started are provided as a list:
+If using an [remote enclave](../../Concepts/Enclave-types.md#remote-http-enclave), configure the
+`ENCLAVE` server.
 
 ```json
 "serverConfigs": [
-   ...<server settings...
-]
+   {
+     "app": "ENCLAVE",
+     "enabled": true,
+     "serverAddress": "http://localhost:9081",
+     //Where to find the remote enclave
+     "communicationType": "REST"
+   }
+ ...
+ ]
 ```
 
-!!! note
-
-    There are two server addresses configuration entries:
-
-    - `serverAddress` - In normal use, you will only need this (e.g. `http://localhost:9001`).
-    - `bindingAddress` - This is an optional endpoint to use for the binding. This is useful if you need
-       to bind to an internal IP whilst advertising an external IP using `serverAddress`.
-
-    Each server is individually configurable and can advertise over HTTP, HTTPS or a Unix Socket.
-
-#### Server configuration
-
-=== "HTTP"
-
-    ```json
-    {
-        "app": "<app type",
-        "enabled": <boolean,
-        "serverAddress":"http://[host]:[port]/[path]",
-        "communicationType" : "REST"
-    }
-    ```
-
-=== "HTTPS"
-
-    ```json
-    {
-        "app": "<app type",
-        "enabled": <boolean,
-        "serverAddress":"https://[host]:[port]/[path]",
-        "communicationType" : "REST",
-        "sslConfig": {
-            ...<SSL settings, see below...
-        }
-    }
-    ```
-
-=== "Unix Socket"
-
-    ```json
-    {
-        "app": "<app type",
-        "enabled": <boolean,
-        "serverAddress":"unix://[path]",
-        "communicationType" : "REST"
-    }
-    ```
-
 ### TLS/SSL: Server sub-config
 
 See [TLS/SSL](TLS.md) page.

diff --git a/docs/HowTo/Configure/TesseraAPI.md b/docs/HowTo/Configure/TesseraAPI.md
@@ -0,0 +1,133 @@
+---
+description: Configure servers for Tessera API 
+---
+
+# Configure servers for Tessera API
+
+Configure the [servers for the Tessera API](../../Concepts/TesseraAPI.md) in the
+[Tessera configuration file](Tessera.md).
+
+Specify the servers to be started as a list in `serverConfigs`.
+
+```json
+"serverConfigs": [
+   <server settings>
+]
+```
+
+## Server Addresses
+
+The server configuration has two address entries:
+
+- `serverAddress` - Always specified.
+- `bindingAddress` - Optional endpoint to use for the binding. Specify
+to bind to an internal IP while advertising an external IP using `serverAddress`.
+
+Each server is individually configured and can advertise over HTTP, HTTPS, or a Unix Socket.
+
+### HTTP server configuration
+
+=== "HTTP"
+
+    ```json
+    {
+        "app": "<app type>",
+        "enabled": <boolean>,
+        "serverAddress":"http://[host]:[port]/[path]",
+        "communicationType" : "REST"
+    }
+    ```
+
+=== "Third Party Example"
+
+    ```json
+    {
+       "app": "ThirdParty",
+       "enabled": true,
+       "serverAddress": "http://localhost:9081",
+       "communicationType": "REST"
+    }
+    ```
+
+### HTTPS server configuration
+
+=== "HTTPS"
+
+    ```json
+    {
+        "app": "<app type>",
+        "enabled": <boolean>,
+        "serverAddress":"https://[host]:[port]/[path]",
+        "communicationType" : "REST",
+        "sslConfig": {
+            <SSL settings> 
+        }
+    }
+    ```
+
+=== "P2P Example"
+
+    ```json
+    {
+        "app": "P2P",
+          "enabled": true,
+          "serverAddress": "http://localhost:9001",
+          "sslConfig": {
+            "tls": "enum STRICT,OFF",
+            "generateKeyStoreIfNotExisted": "boolean",
+            "serverKeyStore": "Path",
+            "serverTlsKeyPath": "Path",
+            "serverTlsCertificatePath": "Path",
+            "serverKeyStorePassword": "String",
+            "serverTrustStore": "Path",
+            "serverTrustCertificates": [
+              "Path"
+            ],
+            "serverTrustStorePassword": "String",
+            "serverTrustMode": "TOFU",
+            "clientKeyStore": "Path",
+            "clientTlsKeyPath": "Path",
+            "clientTlsCertificatePath": "Path",
+            "clientKeyStorePassword": "String",
+            "clientTrustStore": "Path",
+            "clientTrustCertificates": [
+              "Path"
+            ],
+            "clientTrustStorePassword": "String",
+            "clientTrustMode": "TOFU",
+            "knownClientsFile": "Path",
+            "knownServersFile": "Path"
+          },
+          "communicationType": "REST",
+          "properties": {
+             "partyInfoInterval": "Long",
+             "enclaveKeySyncInterval": "Long",
+             "syncInterval": "Long",
+             "resendWaitTime": "Long"
+          }
+        }
+    ```
+
+### Unix socket server configuration
+
+=== "Unix socket"
+
+    ```json
+    {
+        "app": "<app type",
+        "enabled": <boolean,
+        "serverAddress":"unix://[path]",
+        "communicationType" : "REST"
+    }
+    ```
+
+=== "Q2T Example"
+
+    ```json
+    {
+        "app": "Q2T",
+        "enabled": true,
+        "serverAddress": "unix:/tmp/tm.ipc",
+        "communicationType": "REST"
+    }
+    ```
diff --git a/docs/Reference/REST-API.md b/docs/Reference/REST-API.md
@@ -1,42 +1,19 @@
 ---
-description: REST API overview
+description: REST API reference
 ---
 
 # REST API
 
-The Tessera REST API consists of 3 parts.
+The Rest API consists of three parts: [Peer to Peer, GoQuorum to Tessera, and Third Party](../Concepts/TesseraAPI.md).
 
-## Peer-to-peer APIs
+[Configure the API servers in the Tessera configuration file](../HowTo/Configure/TesseraAPI.md).
 
-Tessera nodes communicate with each other using this API to:
+For the API methods, refer to the [API reference](https://consensys.github.io/doc.tessera/).
 
-- Perform discovery
-- Send and receive encrypted payloads
+## Defining API versions
 
-!!! Warning "Defining First API Version"
+Every client side request (that is, `/push` and [`/partyinfo`](https://consensys.github.io/tessera/#operation/broadcastPartyInfo))
+includes a header parameter listing the supported API versions. The parameter is called `tesseraSupportedApiVersions`.
 
-    From version 0.11.0, for every client side request i.e., `/push` and `/partyinfo`, Tessera will
-    now include a parameter which is a list of API versions that it supports into the http header called `supportedApiVersions`.
-
-    Release 0.11.0 defines the first API version and during the `partyinfo` exchange these values will be
-    stored against the node in the `NetworkStore` so that a Tessera node at any time will be aware of
-    the versions that its peers currently support.
-
-    This can later be used to ensure that a remote peer is actively supporting a certain feature before forwarding a transaction.
-    Refer [API Reference site](https://consensys.github.io/doc.tessera/) for more information.
-
-## Third party APIs
-
-Tessera nodes communicate with third parties using this API to:
-
-- Store encrypted payloads for external applications
-
-## GoQuorum to Tessera APIs (default)
-
-GoQuorum uses this API to:
-
-- Check if the local Tessera node is running
-- Send and receive details of private transactions
-
-This API is described in the OpenAPIv3 format available on
-[Tessera API reference site](https://consensys.github.io/doc.tessera/).
+Exchanging and storing the supported API versions enables Tessera nodes to know which API
+versions are supported by peers.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -65,6 +65,7 @@ nav:
       - Enclave: HowTo/Configure/Enclave.md
       - Keys: HowTo/Configure/Keys.md
       - Peer discovery: HowTo/Configure/Peer-discovery.md
+      - Tessera API: HowTo/Configure/TesseraAPI.md
       - TLS: HowTo/Configure/TLS.md
       - Key vault:
          - Hashicorp Vault: HowTo/Configure/KeyVault/Hashicorp-Vault.md
@@ -83,6 +84,7 @@ nav:
     - Enclave: Concepts/Enclave.md
     - Enclave types: Concepts/Enclave-types.md
     - Peer discovery: Concepts/p2p-discovery.md
+    - Tessera API: Concepts/TesseraAPI.md
   - Reference:
     - Configuration file: Reference/SampleConfiguration.md
     - Bootstrap node configuration file: Reference/BootstrapSampleConfiguration.md