Skip to content
Snippets Groups Projects

document bootstrap process

Merged document bootstrap process
hugo-issue-91 into master
Merged Hugo Trentesaux requested to merge hugo-issue-91 into master
Viewing commit 7a673caf
Show latest version
2 files
+ 68
51
Compare changes
  • Side-by-side
  • Inline
Files
2
docs/dev/launch-a-live-network.md
+ 27
51
@@ -7,55 +7,26 @@ Launching a new live network is more difficult than spawning a local blockchain.
@@ -7,55 +7,26 @@ Launching a new live network is more difficult than spawning a local blockchain.
In order to build in a standardized environment, you need Docker.
In order to build in a standardized environment, you need Docker.
- see docker docs to [install docker](https://docs.docker.com/engine/install/)
- see docker docs to [install docker](https://docs.docker.com/engine/install/)
- make sure you can run docker as non-root user with `docker info`
- make sure you can run docker as non-root user with `docker info` or so
## Preparation
## Preparation
### Runtime tag
When launching a new network, you're likely to use a new runtime. See how to [release a new runtime](./release-new-runtime.md).
When launching a new network, you're likely to use a new runtime for the genesis. Our runtime tags use `xxyy` version numbers where `x` corresponds to major change and `y` hotfix or minor change.
### Inject runtime code in chainspec
1. Make sure to move any issue or merge request assigned to the choosen milestone `runtime-xxyy` to the next one. This prevents from forgetting unfinished work.
FIXME order?
1. Check that the [CI on master](https://git.duniter.org/nodes/rust/duniter-v2s/-/pipelines?scope=all&page=1&ref=master) is passing. This is necessary to build the docker images.
Once you updated your session keys, inject the runtime code built with srtool inside the raw chainspec file.
1. Increment the `spec_version` in the code. Example `spec_version: 300` -> `spec_version: 400`.
At this point, you might want to merge this commit in master and publish the branch (TODO automate).
### Release tasks
We choose [`xtask`](https://github.com/matklad/cargo-xtask/) to run Rust scripts using `cargo`. To build these scripts, just run:
```bash
```bash
cargo xtask # this will build the scripts and show the available commands
cargo xtask inject-runtime-code --runtime runtime/gdev/target/srtool/release/wbuild/gdev-runtime/gdev_runtime.compact.compressed.wasm --raw-spec resources/gdev-raw.json
```
To interact with GitLab, the `release_runtime` script uses the environment variable `GITLAB_TOKEN` which must contain a token with write permission on the repository. Go to your [personal access token preferences](https://git.duniter.org/-/profile/personal_access_tokens) to generate one and `export` it (you might want to add it to your `.bashrc`). You can then run this command:
```bash
cargo xtask release-runtime 400 # requires to run docker as non-root user
```
```
This command does the following things (use your system monitor to track de progress as it produces not log):
## Bootstraping
1. download the [`paritytech/srtool`](https://docs.substrate.io/reference/command-line-tools/srtool/) (Substrate Runtime TOOLbox) docker image (about 2 minutes with a good connection). It is a docker container enabling to build the Substrate WebAssembly runtime in a deterministic way (machine-independant).
1. build gdev runtime in release mode using `srtool` (about 5 minutes depending on your computing power). The target is put in the `runtime/gdev/target` folder (about 2GB).
1. generate release notes using the template in `xtask/res`
1. publish the relase with the notes on GitLab using your `GITLAB_TOKEN`
### Substrate client docker image
Go to the pipeline and run the manual tasks as shown on the below screenshot.
- `build_release_manual`
- `deploy_docker_release_sha`
![pipeline screenshot](./img/pipeline_screenshot.png)
## Deployment
### Choose the currency type
### Choose the currency type
Ensure that the currency type you want has the requirements.
Ensure that the currency type you want has the requirements (TODO explain).
For now, only `gdev` is supported.
For now, only `gdev` is supported.
@@ -67,7 +38,7 @@ currency type you have chosen.
@@ -67,7 +38,7 @@ currency type you have chosen.
Choose the docker image that contains the version of the code that you want to use.
Choose the docker image that contains the version of the code that you want to use.
In the commands that will be indicated afterwards, you will have to replace `TAG` by the tag of the
In the commands that will be indicated afterwards, you will have to replace `TAG` by the tag of the
docker image that you have chosen.
docker image that you have chosen (example : runtime-400).
### Generate the session keys of genesis authority
### Generate the session keys of genesis authority
@@ -114,41 +85,46 @@ This builds the specs using debug version of Duniter.
@@ -114,41 +85,46 @@ This builds the specs using debug version of Duniter.
./scripts/create-live-network.sh "<your secret phrase>" CURRENCY "<path/to/dist/folder>"
./scripts/create-live-network.sh "<your secret phrase>" CURRENCY "<path/to/dist/folder>"
```
```
The distribution folder can then be copied to a server, then the compose must be launched from the
The new distribution folder can be copied to a server
root of the distribution folder:
```bash
```bash
scp -r -P SSH_PORT "<path/to/dist/folder>" user@ip:/remote/dist/path
scp -r "<path/to/dist/folder>" <server>:/remote/dist/path
```
```
Then, on the server:
then on the server, launch the compose file from the the distribution folder's root:
```bash
```bash
 
ssh <server>
cd "<path/to/dist/folder>"
cd "<path/to/dist/folder>"
docker compose up -d
docker compose up -d
```
```
 
This is the first node of the new live network.
 
## Finalization
## Finalization
The following steps should be completed when you are satisfied with the network.
The following steps should be completed once you are satisfied with the new live network.
### Rotate session keys
### Rotate session keys
You should rotate session keys for more secured keys (the one you used before are still in your bash history and your clipboard and could have been intercepted by an attacker). Update the raw chainspec json file with your new session keys.
You should rotate session keys for more secured keys produced on the server (the one you used before are still in your develop machine bash history and clipboard).
TODO explain how with polkadotjs + vpn
TODO explain how with polkadotjs + vpn (?)
### Inject chainspec
Then update the raw chainspec file with your new session keys. (FIXME is this right?)
Once you updated your session keys, inject the runtime code inside the raw chainspec.
### Embed the raw chainspec in the binary
 
 
TODO embed the raw chain spec in the binary with include_bytes! macro
```bash
cargo xtask inject-runtime-code --runtime runtime/gdev/target/srtool/release/wbuild/gdev-runtime/gdev_runtime.compact.compressed.wasm --raw-spec resources/gdev-raw.json
```
### Publish image
### Publish image
TODO
With these new session keys in the chainspec and the runtime build with srtool, you can release the new runtime again with:
 
 
```bash
 
cargo xtask release-runtime 400
 
```
### Tell the other smith
### Tell the other smith