Feature/remove docker sentry nodes #410
Conversation
konradkonrad
force-pushed
the
feature/remove-docker-sentry-nodes
branch
from
7cddf66
to
9b59cba
Compare
Currently all validators connect to validator-0 instead of bootstrap (see `02-init-chain.sh:56`)
This changes the `validator` role to create a configuration for a network exposed validator. The previous setting, where `--role validator` set the parameters for an isolated validator behind a `sentry` mode can now be configured by using `--role isolated-validator`. This is now more in line with the setup used in https://github.com/shutter-network/snapshot-keyper which means less configuration changes are needed during the setup. It also allows for a simpler local docker compose test setup.
ulope
force-pushed
the
feature/remove-docker-sentry-nodes
branch
from
9b59cba
to
2e36e74
Compare
| Str("stateFile", privValStateFile). | ||
| Msg("Generated private validator") | ||
| } | ||
| if slices.Contains([]string{VALIDATOR, ISOLATEDVALIDATOR}, config.Role) { |
There was a problem hiding this comment.
SEED role also needs privkey files
There was a problem hiding this comment.
Ehh, are you sure about that?
AFAICS the point of the seed role is to not be an actual part of the network but just to exchange peer information.
There was a problem hiding this comment.
No not sure, but IIRC the seed role node errored on me because it was looking for the file that was configured in the config.
Before this PR, the seed validator did get a privkey file.
So maybe it doesn't need it, but then this needs to be reflected in the tendermint config file as well.
Maybe the config entry for the privkey file has to be the empty string then.
There was a problem hiding this comment.
And apart from that - wouldn't it make sense that also seed nodes are authenticated by address /signature?
There was a problem hiding this comment.
They do need a node key (node_key_file in the config) for participating on the p2p network but what we're talking about here is the validator key.
I've just checked the boot nodes on the shapshot installation. They definitely don't have the priv_* key files.
| ${BB} sed -i "/^unconditional_peer_ids =/c\unconditional_peer_ids = \"${validator_id}\"" data/${sentry_cmd}/config/config.toml | ||
| ${BB} sed -i "/^external_address =/c\external_address = \"${sentry_cmd}:${TM_P2P_PORT}\"" data/${sentry_cmd}/config/config.toml | ||
| # set seed node for chain bootstrap | ||
| ${BB} sed -i "/^bootstrap_peers =/c\bootstrap_peers = \"${seed_node}\"" "${validator_config_path}" |
There was a problem hiding this comment.
In the 0.0.37-rc2 this is call seeds now
This changes the local docker test setup for snapshot shutter to run without
sentrynodes / without validator isolation.It changes the
chain initparameter--role validatorto use parameters for an exposed validator. The old functionality is preserved in--role isolated-validator.This now is a better match for the keyper configuration in https://github.com/rolling-shutter/snapshot-keyper