From 21987c502ec8b1bbeaa7d3640434419e5e642c0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Tue, 30 Apr 2019 17:18:43 +0200 Subject: [PATCH 1/2] Add initial instructions for joining the IPFS cluster Refs #4 --- doc/ipfs_cluster.md | 66 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 doc/ipfs_cluster.md diff --git a/doc/ipfs_cluster.md b/doc/ipfs_cluster.md new file mode 100644 index 0000000..3682fd1 --- /dev/null +++ b/doc/ipfs_cluster.md @@ -0,0 +1,66 @@ +# Join the IPFS cluster + +## On your local machine + +Get the `encrypted_data_bag_secret` from another core member and copy it to +`.chef/encrypted_data_bag_secret`. It is required to decrypt the infrastructure +secrets. The cluster secret can be used to remove peers and pins, so we cannot make it public. + +From a clone of repository: + +``` +$ ./script/bootstrap # Requires Ruby +$ ./bin/knife solo data bag show credentials ipfs_cluster --secret-file .chef/encrypted_data_bag_secret +WARNING: The encrypted_data_bag_secret option defined in knife.rb was overriden by the command line. +id: ipfs_cluster +secret: *SECRET* +``` + +## On your server + +Install the latest version of go-ipfs, as well as ipfs-cluster-ctl and +ipfs-cluster-service 0.10.1 from https://dist.ipfs.io/ + +ipfs-cluster-ctl and ipfs-cluster-service must be the same version as the rest +of the cluster. + +For basic usage of IPFS, see [the docs](https://docs.ipfs.io/introduction/usage/) + +You need to open port 9096 from the outside using your firewall for the cluster + +Join the cluster through a known host (andromeda): + +``` +ipfs@your_server:~$ CLUSTER_SECRET=*SECRET* ipfs-cluster-service daemon --bootstrap "/ip4/46.4.18.160/tcp/9096/ipfs/QmNVfAhxJrmkqkCHdoD6iZgJJaWkhehskeWWZ9cNZxNwo1" +``` + +If joining was successful, you should see your server in the list of peers of +the cluster, and each peer should see the same number of peers. Here's an +example of the current peers: + +``` +ipfs@andromeda:~$ ipfs-cluster-ctl peers ls +QmNVfAhxJrmkqkCHdoD6iZgJJaWkhehskeWWZ9cNZxNwo1 | andromeda.kosmos.org | Sees 1 other peers + > Addresses: + - /ip4/127.0.0.1/tcp/9096/ipfs/QmNVfAhxJrmkqkCHdoD6iZgJJaWkhehskeWWZ9cNZxNwo1 + - /ip4/46.4.18.160/tcp/9096/ipfs/QmNVfAhxJrmkqkCHdoD6iZgJJaWkhehskeWWZ9cNZxNwo1 + - /p2p-circuit/ipfs/QmNVfAhxJrmkqkCHdoD6iZgJJaWkhehskeWWZ9cNZxNwo1 + > IPFS: QmZ4Lpzhz8bafbTYvEMMCmrbrMM4JfyHDR23WbCSAd9bo7 + - /ip4/127.0.0.1/tcp/4001/ipfs/QmZ4Lpzhz8bafbTYvEMMCmrbrMM4JfyHDR23WbCSAd9bo7 + - /ip4/46.4.18.160/tcp/4001/ipfs/QmZ4Lpzhz8bafbTYvEMMCmrbrMM4JfyHDR23WbCSAd9bo7 + - /ip6/2a01:4f8:221:39c1::2/tcp/4001/ipfs/QmZ4Lpzhz8bafbTYvEMMCmrbrMM4JfyHDR23WbCSAd9bo7 + - /ip6/::1/tcp/4001/ipfs/QmZ4Lpzhz8bafbTYvEMMCmrbrMM4JfyHDR23WbCSAd9bo7 +QmTVC6eguRWoS2W18QnPHt64h8t5yQmYRhvoZcdgr4Ax2V | dev | Sees 1 other peers + > Addresses: + - /ip4/127.0.0.1/tcp/9096/ipfs/QmTVC6eguRWoS2W18QnPHt64h8t5yQmYRhvoZcdgr4Ax2V + - /ip4/144.76.39.171/tcp/9096/ipfs/QmTVC6eguRWoS2W18QnPHt64h8t5yQmYRhvoZcdgr4Ax2V + - /p2p-circuit/ipfs/QmTVC6eguRWoS2W18QnPHt64h8t5yQmYRhvoZcdgr4Ax2V + > IPFS: QmWY7vNysM1jgHFBuSr9Y2ayG5tUeKmGBjwjN9x6pEVxRb + - /ip4/127.0.0.1/tcp/4001/ipfs/QmWY7vNysM1jgHFBuSr9Y2ayG5tUeKmGBjwjN9x6pEVxRb + - /ip4/144.76.39.171/tcp/4001/ipfs/QmWY7vNysM1jgHFBuSr9Y2ayG5tUeKmGBjwjN9x6pEVxRb + - /ip6/2a01:4f8:191:40aa::2/tcp/4001/ipfs/QmWY7vNysM1jgHFBuSr9Y2ayG5tUeKmGBjwjN9x6pEVxRb + - /ip6/::1/tcp/4001/ipfs/QmWY7vNysM1jgHFBuSr9Y2ayG5tUeKmGBjwjN9x6pEVxRb +``` + +You can now stop the daemon process (ctrl+c) and start it using the service of your choice +(probably Systemd) \ No newline at end of file From 339f32c957e06ee8cf952ec57a7132458ffbcd61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Tue, 28 May 2019 13:05:52 +0200 Subject: [PATCH 2/2] Simplify the instructions to get the cluster secret --- doc/ipfs_cluster.md | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/doc/ipfs_cluster.md b/doc/ipfs_cluster.md index 3682fd1..38484ae 100644 --- a/doc/ipfs_cluster.md +++ b/doc/ipfs_cluster.md @@ -1,20 +1,7 @@ # Join the IPFS cluster -## On your local machine - -Get the `encrypted_data_bag_secret` from another core member and copy it to -`.chef/encrypted_data_bag_secret`. It is required to decrypt the infrastructure -secrets. The cluster secret can be used to remove peers and pins, so we cannot make it public. - -From a clone of repository: - -``` -$ ./script/bootstrap # Requires Ruby -$ ./bin/knife solo data bag show credentials ipfs_cluster --secret-file .chef/encrypted_data_bag_secret -WARNING: The encrypted_data_bag_secret option defined in knife.rb was overriden by the command line. -id: ipfs_cluster -secret: *SECRET* -``` +Get the cluster secret from a core team member. The cluster secret can be used +to remove peers and pins, so we cannot make it public. ## On your server @@ -63,4 +50,4 @@ QmTVC6eguRWoS2W18QnPHt64h8t5yQmYRhvoZcdgr4Ax2V | dev | Sees 1 other peers ``` You can now stop the daemon process (ctrl+c) and start it using the service of your choice -(probably Systemd) \ No newline at end of file +(probably Systemd)