Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jun 20 2018 20:45

    traviscrist on nl-remove-host-wiki

    (compare)

  • Jun 20 2018 20:45

    traviscrist on master

    feat: remove adding hosts to wi… Merge pull request #3 from codi… (compare)

  • Jun 20 2018 20:45
    traviscrist closed #3
  • Jun 20 2018 20:32
    njlie opened #3
  • Jun 20 2018 20:31

    njlie on nl-remove-host-wiki

    feat: remove adding hosts to wi… (compare)

  • Jun 15 2018 23:03

    njlie on master

    fix: typo (compare)

  • Jun 15 2018 22:07

    njlie on nl-updates

    (compare)

  • Jun 15 2018 18:10

    njlie on master

    feat: more examples (compare)

  • Jun 14 2018 00:19

    njlie on master

    feat: add wiki and mailing list (compare)

  • Jun 13 2018 00:09

    njlie on master

    fix: git url typo (compare)

  • Jun 12 2018 19:17

    njlie on master

    fix: docs use bootstrap nodes i… (compare)

  • Jun 07 2018 21:05

    njlie on master

    feat: host architecture doc (compare)

  • Jun 07 2018 17:09

    njlie on master

    fix: four components -> three c… (compare)

  • Jun 07 2018 00:32

    njlie on master

    fix: proper blog links (compare)

  • Jun 07 2018 00:13

    njlie on master

    fix: broken links Merge branch 'nl-updates' (compare)

  • Jun 07 2018 00:10

    njlie on nl-updates

    fix: broken links (compare)

  • Jun 06 2018 15:50

    njlie on master

    feat: updates to latest codius … Merge pull request #2 from codi… (compare)

  • Jun 06 2018 15:50
    njlie closed #2
  • Jun 06 2018 15:50
    njlie opened #2
  • Jun 06 2018 15:50

    njlie on nl-updates

    feat: updates to latest codius … (compare)

Brandon Wilson
@wilsonianb
# kubectl get services -A
NAMESPACE       NAME                   TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)                        AGE
acme-dns        acme-dns               ClusterIP      10.43.174.99    <none>          443/TCP,80/TCP,53/TCP,53/UDP   84d
cert-manager    cert-manager-webhook   ClusterIP      10.43.202.63    <none>          443/TCP                        84d
codiusd         codiusd-service        LoadBalancer   10.43.10.165    147.75.109.65   3000:31955/TCP                 84d
default         kubernetes             ClusterIP      10.43.0.1       <none>          443/TCP                        84d
ingress-nginx   ingress-nginx          ClusterIP      10.43.155.132   <none>          80/TCP,443/TCP,53/TCP,53/UDP   84d
kube-system     calico-typha           ClusterIP      10.43.130.214   <none>          5473/TCP                       84d
kube-system     kube-dns               ClusterIP      10.43.0.10      <none>          53/UDP,53/TCP,9153/TCP         84d
kube-system     traefik                LoadBalancer   10.43.132.134   147.75.109.65   80:31076/TCP,443:31892/TCP     84d
moneyd          moneyd                 NodePort       10.43.238.50    <none>          7768:31873/TCP                 84d
^not using the latest version of the installer, so there's a few differences
Jon Nilsen
@jonaagenilsen_twitter
Smart, you sorted it
So so inner workings are missing a firewall-rule or more in Kubernetes. Question is how easy is it to fix? :)
I'm still stuck on kubectl wait --for=condition=Ready --timeout=600s -n codiusd certificate/codius-host-certificateto get the ball running
Brandon Wilson
@wilsonianb
I think the fact that the svclb-* pods are using host network ports isn't represented by the services details
Jon Nilsen
@jonaagenilsen_twitter
Being new to k3s and stuff feels like navigating on a battleship only being used to a small motorboat ;)
Brandon Wilson
@wilsonianb

The certificate hang seems cert-manager specific

So must be firewall out from one of those interfaces created during installation (lack of allow).. hmm

Jon Nilsen
@jonaagenilsen_twitter
Something like that
I've studied this battleship a bit firewall-wise. Doesn't seem to matter what firewall-rules one has before installing. Because this stuff is "smart" and injects mainrules in linenumber 1 on any given chain
Brandon Wilson
@wilsonianb
I'm working on updating the installer to optionally take an existing SSL certificate, which let's us leave out cert-manager + acme-dns
Jon Nilsen
@jonaagenilsen_twitter
Quite smart indeed
Ok? Shouldn't the installer fix 'everything'?
No-one deals with certificates manually anymore? :)
Brandon Wilson
@wilsonianb
At the very least it's gonna save me from running into let's encrypt rate limits.
It may also tell us if we can get everything else working with firewalls when excluding cert-manager stuff
Jon Nilsen
@jonaagenilsen_twitter
Ok. Debug-shortcut in other words :)
And if it gets codius up on http.. only cert-manager left
I've wondered a few times how you got your one 2-preview host up? ;)
Manual hacking not replicated in the installer? :)
Nice work anyways. Codius is not to be recognized compared to 1.2.5
Brandon Wilson
@wilsonianb
I'm also thinking about packaging up the whole ssl certificate stuff separately (cert-manager + acme-dns) so that it can be used in other projects
because afaict no else has an auto-renewing wildcard cert solution with kubernetes
The preview host was pure installer but no firewall
Jon Nilsen
@jonaagenilsen_twitter
Could be a smart thing
Easier todo stuff by dividing it up in object
Brandon Wilson
@wilsonianb
ok, install script now asks if you want to use an existing ssl certificate
wilsonianb/codius-install@e4849ce
so for instance, I'll be doing a normal install that generates a certificate and then exporting the certificate and key by running the following in order to re-use them while testing changes to the install process
kubectl get secret -n codiusd codiusd-certificate -o go-template='{{ index .data "tls.crt" | base64decode }}' > tls.crt
kubectl get secret -n codiusd codiusd-certificate -o go-template='{{ index .data "tls.key" | base64decode }}' > tls.key
Jon Nilsen
@jonaagenilsen_twitter
Cool. Will take a look 🙂
Jon Nilsen
@jonaagenilsen_twitter
@wilsonianb
Any idea what these imply?
Sep 27 11:06:12 hodling-xrp k3s: W0927 11:06:12.902490 1486489 reflector.go:302] object-"kube-system"/"coredns": watch of *v1.ConfigMap ended with: too old resource version: 527 (1381)
Sep 27 11:06:18 hodling-xrp k3s: W0927 11:06:18.762159 1486489 reflector.go:302] object-"acme-dns"/"acme-dns-config": watch of *v1.ConfigMap ended with: too old resource version: 637 (1389)
Brandon Wilson
@wilsonianb
Not off hand, but I seem to have them in my k3s logs as well
This guy says the messages are benign
https://github.com/kubernetes/kubernetes/issues/22024#issuecomment-479741335
Jon Nilsen
@jonaagenilsen_twitter
Good to know
Jon Nilsen
@jonaagenilsen_twitter
Difficult to get a full grasp on Kubernetes .. argh :)
kubectl describe orders -A that doesn't get through.. How do I 'retry' that one? :)
Need to read docs, no time
Jon Nilsen
@jonaagenilsen_twitter
image.png
Still at it .. So many friggin chains on that Kubernetes-firewall. Impossible to tailor a allow-rule :(
Jon Nilsen
@jonaagenilsen_twitter
What's your wallet address?
Jon Nilsen
@jonaagenilsen_twitter
@wilsonianb How's moneyd configured in Codius 2?
Guess the ILP-connector is obsolete?
Brandon Wilson
@wilsonianb
I'm not sure exactly (re: changes to ilp connector implementations)
I think the primary hurdle is having a btp uplink at all for moneyd to connect to: https://forum.interledger.org/t/community-call-september-18th-2019/753/3
My understanding is that ilp wallets will start offering btp access to their users (as opposed to connecting moneyd to public connectors https://github.com/interledgerjs/moneyd-uplink-xrp/blob/master/connector_list.json#L3)
I'm also looking into having a variation of codius that uses web monetization so that the host only needs an ilp payment pointer (and no moneyd!)
Kev King
@KevinKing64_twitter
wow, I need to get up to speed with all these developments ;)
Jon Nilsen
@jonaagenilsen_twitter
From what I can tell, web monetization makes it easier for admins to fire up a Codius host 🙂
Jon Nilsen
@jonaagenilsen_twitter
If a Codiushost is depending on something setup by volunteers, it's a risk. Should be something that will always be there. Firing up Codius now is impossible due to not being able to create a payment channel (pre 2.0). Sucks big time to say it simple
Coil is here to stay I guess we can agree on 😁
Kev King
@KevinKing64_twitter
:P
Jon Nilsen
@jonaagenilsen_twitter
Hm. Is it even possible to use Moneyd for ILP -> xrptipbot, or is there an other setup for this?
Since secret is not known for xrptipbot-users
Brandon Wilson
@wilsonianb

Hm. Is it even possible to use Moneyd for ILP -> xrptipbot, or is there an other setup for this?

you'd need a btp uplink (probably via an ilp wallet) which aren't widely available currently afaict

Brandon Wilson
@wilsonianb
latest k3s includes local storage and network policy support, which means codius setup no longer needs to install local-path-provisioner and calico
https://github.com/rancher/k3s/releases/tag/v0.10.0
That said, I'm actually working on codius setup instructions for installing on an already running kubernetes cluster without all of the sed shortcuts in the current install script. Then I hope to update the zero-to-codius script (with k3s) accordingly
Kev King
@KevinKing64_twitter
your a ruddy star @wilsonianb :)
Greg Osuri
@gosuri
@wilsonianb if you're running on packet, we helped implement the container storage interfaces (CSI). Here's the helm template https://github.com/ovrclk/disco/tree/master/layer1/csi/packet
Jon Nilsen
@jonaagenilsen_twitter

Do tell when zero-to-codius script is up for testing @wilsonianb :)

Great work!