-
Notifications
You must be signed in to change notification settings - Fork 0
/
deploy_with_node.sh
149 lines (132 loc) · 5.81 KB
/
deploy_with_node.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
#!/bin/bash
set -eux -o pipefail
SECRET=""
HOST_NAME=""
while [[ $# -gt 0 ]]; do
case $1 in
--secret)
SECRET="$2"
shift
shift
;;
--hostname)
HOST_NAME="$2"
shift
shift
;;
-*|--*)
echo "Unknown option $1"
exit 1
;;
esac
done
if [[ -z "${SECRET// }" ]]; then
echo "Secret variable cannot be empty."
exit 1
fi
if [[ -z "${HOST_NAME// }" ]]; then
echo "Secret variable cannot be empty."
exit 1
fi
if [ "$EUID" -ne 0 ]
then echo "This script must be run as root"
exit 1
fi
# Check HW suitability
apt update
apt install -y fio jq
READ_IOPS_PREQUIRED=150
WRITE_IOPS_REQUIRED=60
HT_REQUIRED=8
MEM_REQUIRED=61 # rounding error must be tolerated
SPACE_REQUIRED=400
ERROR_COMMON_MESSAGE="Validator engine cannot effectively work on"
OVERALL_THREADS=$(lscpu --json | jq '(.lscpu[] | select(.field=="CPU(s):") | .data | tonumber) * (.lscpu[] | select(.field=="Thread(s) per core:") | .data | tonumber)')
if [ $OVERALL_THREADS -lt $HT_REQUIRED ]; then
echo $ERROR_COMMON_MESSAGE "nodes with less than $HT_REQUIRED hyperthreads. Got $OVERALL_THREADS instead."
exit 1
fi
OVERALL_MEM=$(cat /proc/meminfo | numfmt --field 2 --from-unit=Ki --to-unit=Gi | sed 's/ kB//g' | grep MemTotal | sed "s@MemTotal:[ \t]*@@g")
if [ $OVERALL_MEM -lt $MEM_REQUIRED ]; then
echo $ERROR_COMMON_MESSAGE "nodes with less than $MEM_REQUIRED Gb of RAM. Got $OVERALL_MEM instead."
exit 1
fi
BENCH_RESULT=$(fio --randrepeat=1 --ioengine=libaio --direct=1 --gtod_reduce=1 --name=test --filename=test --bs=1M --iodepth=$OVERALL_THREADS --size=4G --readwrite=randrw --rwmixread=75 --output-format=json | jq '.jobs[] | {write: .write.iops | round, read: .read.iops | round}')
rm -f test
READ_IOPS=$(echo $BENCH_RESULT | jq '.read')
WRITE_IOPS=$(echo $BENCH_RESULT | jq '.write')
if [ $READ_IOPS -lt $READ_IOPS_PREQUIRED ]; then
echo $ERROR_COMMON_MESSAGE "disks/arrays with less than $READ_IOPS_PREQUIRED IOPs with 1M blocks for read. Got $READ_IOPS instaed."
exit 1
fi
if [ $WRITE_IOPS -lt $WRITE_IOPS_REQUIRED ]; then
echo $ERROR_COMMON_MESSAGE "disks/arrays with less than $READ_IOPS_PREQUIRED IOPs with 1M blocks for write. Got WRITE_IOPS instead."
exit 1
fi
if [ $(grep PermitRootLogin /etc/ssh/sshd_config | grep yes | wc -l) -ne 0 ]; then
echo "Security policies does not allow sshd with pwauth enabled. Please disable it and restart sshd rervice to apply new config."
exit 1
fi
if [ $(grep $HOST_NAME /etc/hostname | wc -l) -lt 1 ]; then
echo "Please adjust your hostname to match $HOST_NAME"
exit 1
fi
if [ $(grep $HOST_NAME /etc/hosts | wc -l) -lt 1 ]; then
echo "Please adjust your /etc/hosts so at least one record matches $HOST_NAME"
exit 1
fi
FREE_ON_VAR=$(df | grep $(findmnt -n -o SOURCE --target /var) | awk '{print $4}' | numfmt --from-unit=Ki --to-unit=Gi)
if [ $FREE_ON_VAR -le $SPACE_REQUIRED ]; then
echo "Mountpoint /var has only $FREE_ON_VAR Gb, but validator requires at least $SPACE_REQUIRED Gb."
exit 1
fi
# Install validator and configure it
wget https://raw.githubusercontent.com/ton-blockchain/mytonctrl/master/scripts/install.sh
bash -eux install.sh -m full -d -c https://configs-tonhub.fra1.digitaloceanspaces.com/latest_config.conf
systemctl stop validator
systemctl stop mytoncore
tee /etc/systemd/system/validator.service << EndOfMessage
[Unit]
Description = validator service. Created by https://github.com/igroman787/mypylib.
After = network.target
[Service]
Type = simple
Restart = always
RestartSec = 30
ExecStart = /usr/bin/ton/validator-engine/validator-engine --threads $OVERALL_THREADS --daemonize --global-config /usr/bin/ton/global.config.json --db /var/ton-work/db/ --logname /var/ton-work/log --state-ttl 259200 --archive-ttl 604800 --verbosity 3
ExecStopPost = /bin/echo service down
User = validator
Group = validator
LimitNOFILE = infinity
LimitNPROC = infinity
LimitMEMLOCK = infinity
[Install]
WantedBy = multi-user.target
EndOfMessage
systemctl daemon-reload
# apt -y install plzip jq vim
# mv /var/ton-work/db /var/ton-work/db-old
# wget -q --show-progress https://dump.ton.org/dumps/latest.tar.lz
# sudo mkdir /var/ton-work/db
# mv latest.tar.lz /var/ton-work/db/
# cd /var/ton-work/db/
# plzip -cd latest.tar.lz | tar -xf -
# cp -r /var/ton-work/db-old/keyring /var/ton-work/db/
# cp /var/ton-work/db-old/config.json /var/ton-work/db/
# rm latest.tar.lz
# sudo chown -R validator:validator .
systemctl start validator
systemctl start mytoncore
sleep 50
while [ $(python3 -c 'import sys; sys.path.append("/usr/src/mytonctrl"); import mytoncore; c = 1000; c = mytoncore.MyTonCore().GetValidatorStatus().get("outOfSync"); print(c)') -gt 10 ]; do
sleep 10
echo "wating full sync..."
done
# Setup minotorings
mkdir -p /etc/etcd-registrar/; echo $SECRET | base64 -d | gunzip | jq ".etcd_config" -r | base64 -d > /etc/etcd-registrar/config.secrets
echo $SECRET | base64 -d | gunzip | jq ".grafana_agent_config" -r | base64 -d > /etc/default/grafana-agent
curl https://raw.githubusercontent.com/tonwhales/validator-monitoring/master/deploy.sh | bash -eux -s -- --role validator
apt install -y vim jq
echo "Copy this text and send it back to whales:"
set +x
echo -en ' {\n "clientSecret": "'; base64 /var/ton-work/keys/client | tr -d "\n"; echo -en '",\n "serverPublic": "'; base64 /var/ton-work/keys/server.pub | tr -d "\n"; echo -en '",\n "endpoint": "'; ip a | grep "/32" | sed "s@ inet @@g" | sed "s@/32 scope.*@@g" | tr -d "\n"; echo -n ":"; jq -r ".control | .[].port" /var/ton-work/db/config.json | tr -d "\n"; echo -en '",\n "adnl": "'; mytonctrl <<< status 2>&1 | grep -v "\[debug\]\|\[warning\]\|\[info\]\|Welcome to the console\|Bye" | grep "ADNL address of local validator" | sed "s@ADNL address of local validator: @@g"| tr -d "\n" | sed -e 's/\x1b\[[0-9;]*m//g' ; echo -e '"\n }'