[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-grid5k] 69/189: add secondary initialization
From: |
gnunet |
Subject: |
[taler-grid5k] 69/189: add secondary initialization |
Date: |
Thu, 28 Apr 2022 10:47:19 +0200 |
This is an automated email from the git hooks/post-receive script.
marco-boss pushed a commit to branch master
in repository grid5k.
commit 87f106dd33d87185e5ddf27b6759c707f2ae2476
Author: Boss Marco <bossm8@bfh.ch>
AuthorDate: Sat Mar 12 12:30:20 2022 +0100
add secondary initialization
---
configs/etc/taler/conf.d/exchange-secmod.conf | 6 +++---
experiment/scripts/exchange.sh | 31 ++++++++++++++++-----------
experiment/scripts/helpers.sh | 6 ++++--
experiment/scripts/run.sh | 11 ++++++++--
4 files changed, 35 insertions(+), 19 deletions(-)
diff --git a/configs/etc/taler/conf.d/exchange-secmod.conf
b/configs/etc/taler/conf.d/exchange-secmod.conf
index 9fa8e3a..ebea894 100644
--- a/configs/etc/taler/conf.d/exchange-secmod.conf
+++ b/configs/etc/taler/conf.d/exchange-secmod.conf
@@ -1,17 +1,17 @@
[taler-exchange-secmod-rsa]
LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/secmod-private-key
KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-rsa/keys
[taler-exchange-secmod-eddsa]
LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/secmod-private-key
KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-eddsa/keys
[taler-exchange-secmod-cs]
LOOKAHEAD_SIGN = 2 days
-SM_RPIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-cs/secmod-private-key
+SM_PRIV_KEY = <SM_KEY_DIR_HERE>/exchange-secmod-cs/secmod-private-key
KEY_DIR = <SM_KEY_DIR_HERE>/exchange-secmod-cs/keys
diff --git a/experiment/scripts/exchange.sh b/experiment/scripts/exchange.sh
index 7151920..9c5b773 100755
--- a/experiment/scripts/exchange.sh
+++ b/experiment/scripts/exchange.sh
@@ -22,7 +22,7 @@ set -eux
source ~/scripts/helpers.sh
# Setup the configuration in /etc/taler
-function setup_config() {
+function setup_primary_config() {
# Setup the base configuration (helpers.sh)
setup_exchange_config_without_master_key
@@ -52,12 +52,12 @@ function start_other_exchange_binaries() {
}
# Setup the exchange with the taler-exchange-offline signing procedure
-function setup_exchange() {
+function setup_primary_exchange() {
# Setup the shared key directory when we use a secondary node
if [[ ${SECEXCH_HOSTS} != "none" ]]; then
- rm -rf "/home/${G5K_USER}/taler" || true
- mkdir -p "/home/${G5K_USER}/taler/exchange-secmod-{cs,rsa,eddsa}"
+ rm -rf /home/${G5K_USER}/taler || true
+ mkdir -p /home/${G5K_USER}/taler/exchange-secmod-{cs,rsa,eddsa}
fi
systemctl restart taler-exchange-httpd@80.service
@@ -79,15 +79,19 @@ function setup_exchange() {
# Initialize all stuff needed
# logs, configs, exchanges
-function init_exchanges() {
-
+# For the primary node which is responsible for key creation
+function init_primary_exchange() {
restart_rsyslog
-
- setup_config
-
+ setup_primary_config
wait_for_db
+ setup_primary_exchange
+}
- setup_exchange
+# Initialize all stuff needed for secondary exchange nodes
+# They use the key material from the primary exchange
+function init_secondary_exchange() {
+ restart_rsyslog
+ setup_exchange_config_master_key_from_api
}
# Start N new exchange-http daemons
@@ -117,10 +121,13 @@ function stop_exchanges() {
}
case $1 in
- init)
- init_exchanges
+ init-primary)
+ init_primary_exchange
start_exchanges "$((${NUM_EXCHANGE_PROCESSES}-1))"
;;
+ init-secondary)
+ init_secondary_exchange
+ start_exchanges "${NUM_EXCHANGE_PROCESSES}"
start)
start_exchanges $2
;;
diff --git a/experiment/scripts/helpers.sh b/experiment/scripts/helpers.sh
index 2da6525..a461bce 100755
--- a/experiment/scripts/helpers.sh
+++ b/experiment/scripts/helpers.sh
@@ -143,10 +143,12 @@ function setup_exchange_config_without_master_key() {
if [[ ${SECEXCH_HOSTS} != "none" ]]; then
# Use a shared NFS key directory when we have multiple exchange-httpd
servers
- sed -i "s|<SM_KEY_DIR_HERE>|/home/${G5K_USER}/taler|g"
+ sed -i "s|<SM_KEY_DIR_HERE>|/home/${G5K_USER}/taler|g" \
+ /etc/taler/conf.d/exchange-secmod.conf
else
# Use the default path if we have only one exchange-httpd server
- sed -i 's/<SM_KEY_DIR_HERE>/${TALER_DATA_HOME}/g'
+ sed -i 's/<SM_KEY_DIR_HERE>/${TALER_DATA_HOME}/g' \
+ /etc/taler/conf.d/exchange-secmod.conf
fi
}
diff --git a/experiment/scripts/run.sh b/experiment/scripts/run.sh
index 742cf58..2f96557 100644
--- a/experiment/scripts/run.sh
+++ b/experiment/scripts/run.sh
@@ -31,12 +31,19 @@ elif [[ "${HOSTNAME}" =~ ${SHARD_HOSTS} ]]; then
enable_logrotate
exec ~/scripts/shard.sh init
elif [[ "${HOSTNAME}" =~ ${EXCHANGE_HOSTS} ]]; then
- set_host exchange
+ set_host primary-exchange
set_ddn ${EXCHANGE_DOMAIN}
setup_log
enable_logrotate
enable_netdelay ${DATABASE_DOMAIN}
- exec ~/scripts/exchange.sh init
+ exec ~/scripts/exchange.sh init-primary
+elif [[ "${HOSTNAME}" =~ ${SECEXCH_HOSTS} ]]; then
+ set_host secondary-exchange
+ #set_ddn ${EXCHANGE_DOMAIN}
+ setup_log
+ enable_logrotate
+ enable_netdelay ${DATABASE_DOMAIN}
+ exec ~/scripts/exchange.sh init-secondary
elif [[ "${HOSTNAME}" =~ ${AGGREGATOR_HOSTS} ]]; then
set_host exchange-aggregator
set_ddn ${EXCH_AGGREGATOR_DOMAIN}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-grid5k] 48/189: fix, (continued)
- [taler-grid5k] 48/189: fix, gnunet, 2022/04/28
- [taler-grid5k] 52/189: update merchant conf, gnunet, 2022/04/28
- [taler-grid5k] 58/189: try --unsafe-perm, gnunet, 2022/04/28
- [taler-grid5k] 54/189: coin lookahead sign 2 weeks only, -O2, gnunet, 2022/04/28
- [taler-grid5k] 11/189: update permissions for db, gnunet, 2022/04/28
- [taler-grid5k] 36/189: updated deployed image, gnunet, 2022/04/28
- [taler-grid5k] 40/189: include partition logic of taler, gnunet, 2022/04/28
- [taler-grid5k] 50/189: add offloaded processes, gnunet, 2022/04/28
- [taler-grid5k] 104/189: fix, gnunet, 2022/04/28
- [taler-grid5k] 122/189: support for multiple merchant nodes, gnunet, 2022/04/28
- [taler-grid5k] 69/189: add secondary initialization,
gnunet <=
- [taler-grid5k] 66/189: move database to /tmp as it is mounted on the primary disk in grid5000 environments, gnunet, 2022/04/28
- [taler-grid5k] 65/189: update persistance script, gnunet, 2022/04/28
- [taler-grid5k] 113/189: some doc about explain.py, gnunet, 2022/04/28
- [taler-grid5k] 87/189: cflags via variables, gnunet, 2022/04/28
- [taler-grid5k] 100/189: correct time calculation, gnunet, 2022/04/28
- [taler-grid5k] 119/189: add docker-compose to explain-visualizer, gnunet, 2022/04/28
- [taler-grid5k] 83/189: finished configuration for secondary exchanges, gnunet, 2022/04/28
- [taler-grid5k] 123/189: update url's to match node names, gnunet, 2022/04/28
- [taler-grid5k] 81/189: change denominations 1,4,8, gnunet, 2022/04/28
- [taler-grid5k] 04/189: if not exists, gnunet, 2022/04/28