From c7d55b7302a42ac152dcb08d300d29cf07dbb762 Mon Sep 17 00:00:00 2001 From: cjorge-graphops <128147788+cjorge-graphops@users.noreply.github.com> Date: Mon, 10 Feb 2025 13:15:18 +0000 Subject: [PATCH] feat(nimbus): default to archive, enable era files download (#473) --- charts/nimbus/Chart.yaml | 2 +- charts/nimbus/README.md | 12 +++-- .../nimbus/templates/nimbus/statefulset.yaml | 48 ++++++++++++++++++- charts/nimbus/values.yaml | 16 ++++++- 4 files changed, 71 insertions(+), 7 deletions(-) diff --git a/charts/nimbus/Chart.yaml b/charts/nimbus/Chart.yaml index 320fe717..f26f555e 100644 --- a/charts/nimbus/Chart.yaml +++ b/charts/nimbus/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.23 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/nimbus/README.md b/charts/nimbus/README.md index 4b5fe053..053ef660 100644 --- a/charts/nimbus/README.md +++ b/charts/nimbus/README.md @@ -2,7 +2,7 @@ Deploy and scale [Nimbus](https://github.com/status-im/nimbus-eth2) inside Kubernetes with ease -[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Version: 0.5.23](https://img.shields.io/badge/Version-0.5.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: multiarch-v25.1.0](https://img.shields.io/badge/AppVersion-multiarch--v25.1.0-informational?style=flat-square) +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: multiarch-v25.1.0](https://img.shields.io/badge/AppVersion-multiarch--v25.1.0-informational?style=flat-square) ## Chart Features @@ -112,6 +112,7 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nimbus.extraContainers | Additional containers to inject to this graph node group - an array of Container objects | list | `[]` | | nimbus.extraInitContainers | Additional init containers to inject to this graph node group - an array of Container objects | list | `[]` | | nimbus.extraLabels | Extra labels to attach to the Pod for matching against | object | `{}` | + | nimbus.history | History preservation mode, archive or prune | string | `"archive"` | | nimbus.initChownData.enabled | Init container to set the correct permissions to access data directories | bool | `true` | | nimbus.initChownData.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | nimbus.initChownData.image.repository | Container repository | string | `"busybox"` | @@ -143,11 +144,16 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | nimbus.terminationGracePeriodSeconds | Amount of time to wait before force-killing the container | int | `60` | | nimbus.tolerations | | list | `[]` | | nimbus.trustedNodeSync.enabled | Enable init container to do a trusted checkpoint sync from another Consensus Client (be careful) | bool | `false` | + | nimbus.trustedNodeSync.eraFiles | Use era files for an archive node | bool | `true` | + | nimbus.trustedNodeSync.eraFilesUrl | URL for downloading era files | string | `"https://mainnet.era.nimbus.team/"` | | nimbus.trustedNodeSync.extraArgs | Additional CLI arguments | list | `[]` | + | nimbus.trustedNodeSync.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | + | nimbus.trustedNodeSync.initContainer.image.repository | Container image to fetch era files | string | `"ghcr.io/graphops/docker-builds/init-stream-download"` | + | nimbus.trustedNodeSync.initContainer.image.tag | Container tag | string | `"latest"` | | nimbus.trustedNodeSync.trustedNodeUrl | URL to the Trusted Consensus Client Node URL. See https://eth-clients.github.io/checkpoint-sync-endpoints/ | string | `""` | | nimbus.updateStrategyType | Choice of StatefulSet updateStrategy (OnDelete|RollingUpdate) | string | `"RollingUpdate"` | - | nimbus.volumeClaimSpec | [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage | object | `{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"300Gi"}},"storageClassName":null}` | - | nimbus.volumeClaimSpec.resources.requests.storage | The amount of disk space to provision | string | `"300Gi"` | + | nimbus.volumeClaimSpec | [PersistentVolumeClaimSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#persistentvolumeclaimspec-v1-core) for storage | object | `{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"2Ti"}},"storageClassName":null}` | + | nimbus.volumeClaimSpec.resources.requests.storage | The amount of disk space to provision | string | `"2Ti"` | | nimbus.volumeClaimSpec.storageClassName | The storage class to use when provisioning a persistent volume | string | `nil` | | prometheus.serviceMonitors.enabled | Enable monitoring by creating `ServiceMonitor` CRDs ([prometheus-operator](https://github.com/prometheus-operator/prometheus-operator)) | bool | `false` | | prometheus.serviceMonitors.interval | | string | `nil` | diff --git a/charts/nimbus/templates/nimbus/statefulset.yaml b/charts/nimbus/templates/nimbus/statefulset.yaml index 87f0f740..b553db12 100644 --- a/charts/nimbus/templates/nimbus/statefulset.yaml +++ b/charts/nimbus/templates/nimbus/statefulset.yaml @@ -142,6 +142,43 @@ spec: mountPath: "/storage" {{- end }} {{- if $values.trustedNodeSync.enabled }} + {{- if $values.trustedNodeSync.eraFiles }} + - name: init-era-files + image: "{{ $values.trustedNodeSync.initContainer.image.repository }}:{{ $values.trustedNodeSync.initContainer.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + env: + - name: ERA_FILES_URL + value: {{ $values.trustedNodeSync.eraFilesUrl }} + command: + - sh + - -ac + - | + set -x; + ERA_FILES_STATE_FILE=/storage/era/.init-era-files + TRUSTED_NODE_SYNC_STATE_FILE=/storage/.init-trusted-node-sync + if [ -f "$TRUSTED_NODE_SYNC_STATE_FILE" ]; then + echo "Trusted Node Sync already ran. Skipping..." + elif [ ! -f "$ERA_FILES_STATE_FILE" ]; then + mkdir -p /storage/era + cd /storage/era + wget --no-parent -A '*.era' -q --show-progress -nd -r -c "$ERA_FILES_URL" + [ "$?" != "0" ] && echo "Download failed" && exit 1 + echo $ERA_FILES_URL > $ERA_FILES_STATE_FILE + else + cat $ERA_FILES_STATE_FILE + echo "Era files already downloaded. Skipping..." + fi + volumeMounts: + - name: storage + mountPath: /storage + - name: tmp + mountPath: /tmp + {{- end }} - name: init-trusted-node-sync image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -161,12 +198,18 @@ spec: /home/user/nimbus-eth2/build/nimbus_beacon_node \ trustedNodeSync \ --data-dir=/storage \ + {{- if $values.trustedNodeSync.eraFiles }} + --reindex=true \ + {{- end }} {{- range $arg := $values.trustedNodeSync.extraArgs }} {{- $arg | nindent 18 }} \ {{- end }} --trusted-node-url=$TRUSTED_NODE_URL - echo $? - echo $TRUSTED_NODE_URL > $TRUSTED_NODE_SYNC_STATE_FILE + if [ $? -eq 0 ]; then + echo $TRUSTED_NODE_URL > $TRUSTED_NODE_SYNC_STATE_FILE + else + exit 1 + fi else cat $TRUSTED_NODE_SYNC_STATE_FILE echo "Trusted node sync already run. Skipping..." @@ -207,6 +250,7 @@ spec: set -ex; exec /home/user/nimbus-eth2/build/nimbus_beacon_node \ --data-dir=/storage \ + --history={{ $values.history }} \ {{- if $values.executionClientUrl }} --web3-url={{ $values.executionClientUrl }} \ {{- end }} diff --git a/charts/nimbus/values.yaml b/charts/nimbus/values.yaml index 4649e52b..5b05bb64 100644 --- a/charts/nimbus/values.yaml +++ b/charts/nimbus/values.yaml @@ -70,6 +70,8 @@ grafana: nimbus: # -- URL to the Execution Client Engine API. Will use configured JWT to authenticate. executionClientUrl: "" # e.g. http://erigon:8551 + # -- History preservation mode, archive or prune + history: archive # -- JWT to use to authenticate with Execution Client. Specify either `existingSecret` OR `fromLiteral`. jwt: # -- Load the JWT from an existing Kubernetes Secret. Takes precedence over `fromLiteral` if set. @@ -95,7 +97,7 @@ nimbus: resources: requests: # -- The amount of disk space to provision - storage: 300Gi + storage: 2Ti # Increasing the grace termination period prevents Kubernetes # from killing the node process prematurely. Premature shutdown @@ -180,6 +182,18 @@ nimbus: trustedNodeUrl: "" # -- Additional CLI arguments extraArgs: [] + # -- Use era files for an archive node + eraFiles: true + # -- URL for downloading era files + eraFilesUrl: https://mainnet.era.nimbus.team/ + initContainer: + image: + # -- Container image to fetch era files + repository: ghcr.io/graphops/docker-builds/init-stream-download + # -- Container tag + tag: latest + # -- Container pull policy + pullPolicy: IfNotPresent p2pNodePort: # -- Expose P2P port via NodePort