From e8d63c95f2109d28e8170d4754db1e2d22b6c209 Mon Sep 17 00:00:00 2001 From: Ravin Perera <33562092+ravinsp@users.noreply.github.com> Date: Fri, 23 Apr 2021 13:28:47 +0530 Subject: [PATCH] Improved vmscripts and js client lib reliability. (#293) * Added certbot ssl support to vm scripts. * Client lib blake3 init improvement. * Client lib connection review process improvement. --- examples/js_client/hp-client-lib.js | 32 +++++++++--- test/vm-cluster/cluster.sh | 77 ++++++++++++++--------------- test/vm-cluster/setup-hp.sh | 10 ++++ test/vm-cluster/setup-vm.sh | 2 +- 4 files changed, 72 insertions(+), 49 deletions(-) diff --git a/examples/js_client/hp-client-lib.js b/examples/js_client/hp-client-lib.js index 09c00f5f..3e0880a3 100644 --- a/examples/js_client/hp-client-lib.js +++ b/examples/js_client/hp-client-lib.js @@ -166,6 +166,8 @@ // 0 indicates we are not missing any connections. This will be initially set when connect() is called. let connectionsMissingFrom = 0; + let reviewConnectionsTimer = null; + // Checks for missing connections and attempts to establish them. const reviewConnections = () => { @@ -173,7 +175,7 @@ return; // Check for connection changes periodically. - setTimeout(() => { + reviewConnectionsTimer = setTimeout(() => { reviewConnections(); }, connectionCheckIntervalMs); @@ -304,6 +306,12 @@ return; status = 2; + + if (reviewConnectionsTimer) { + clearTimeout(reviewConnectionsTimer); + reviewConnectionsTimer = null; + } + emitter.clear(events.connectionChange); emitter.clear(events.contractOutput); emitter.clear(events.contractReadResponse); @@ -718,8 +726,10 @@ emitter = null; - if (handshakeTimer) + if (handshakeTimer) { clearTimeout(handshakeTimer); + handshakeTimer = null; + } // If there are any ongoing resolvers resolve them with error output. @@ -776,6 +786,7 @@ }); } else { + ws.close(); return Promise.resolve(); } } @@ -1102,16 +1113,23 @@ } let blake3Resolver = null; + let blake3awaiter = null; // Set blake3 reference. async function initBlake3() { - if (blake3) // If already set, do nothing. + if (blake3) { // If already set, do nothing. return; - else if (isBrowser && window.blake3) // browser (if blake3 already loaded) + } + else if (isBrowser && window.blake3) {// browser (if blake3 already loaded) blake3 = window.blake3; - else if (isBrowser && !window.blake3) // If blake3 not yet loaded in browser, wait for it. - blake3 = await new Promise(resolve => blake3Resolver = resolve); - else if (!isBrowser) // nodejs + } + else if (isBrowser && !window.blake3) { // If blake3 not yet loaded in browser, wait for it. + if (!blake3awaiter) + blake3awaiter = new Promise(resolve => blake3Resolver = resolve); + blake3 = await blake3awaiter; + } + else if (!isBrowser) { // nodejs blake3 = require('blake3'); + } if (!blake3) throw "Blake3 reference not found."; diff --git a/test/vm-cluster/cluster.sh b/test/vm-cluster/cluster.sh index 51a080f6..2b1e0ee6 100755 --- a/test/vm-cluster/cluster.sh +++ b/test/vm-cluster/cluster.sh @@ -47,16 +47,23 @@ contdir=$basedir/$CONTRACT vmcount=${#vmaddrs[@]} mode=$1 hpcore=$(realpath ../..) -let nodeid=$2-1 + +# Check if second arg (nodeid) is a number or not. +# If it's a number then reduce 1 from it to get zero-based node index. +if ! [[ $2 =~ ^[0-9]+$ ]] ; then + let nodeid=-1 +else + let nodeid=$2-1 +fi if [ "$mode" = "info" ] || [ "$mode" = "new" ] || [ "$mode" = "update" ] || [ "$mode" = "reconfig" ] || \ [ "$mode" = "start" ] || [ "$mode" = "stop" ] || [ "$mode" = "check" ] || [ "$mode" = "log" ] || [ "$mode" = "kill" ] || \ - [ "$mode" = "ssh" ] || [ "$mode" = "reboot" ] || [ "$mode" = "dns" ] || [ "$mode" = "ssl" ] || [ "$mode" = "lcl" ] || [ "$mode" = "pubkey" ]; then + [ "$mode" = "ssh" ] || [ "$mode" = "reboot" ] || [ "$mode" = "ssl" ] || [ "$mode" = "lcl" ] || [ "$mode" = "pubkey" ]; then echo "mode: $mode ($contdir)" else echo "Invalid command. [ info | new | update | reconfig" \ " | start [N] | stop [N] | check [N] | log | kill [N] | reboot | ssh or" \ - " | dns | ssl | lcl | pubkey ] expected." + " | ssl or | lcl | pubkey ] expected." exit 1 fi @@ -72,8 +79,7 @@ fi # kill - Force kill hot pocket (if running) on specified vm node or entire cluster. # reboot - Reboot specified vm node. # ssh - Open up an ssh terminal for the specified vm node. -# dns - Uploads given zerossl domain verification file to vm and starts http server for DNS check. -# ssl - Uploads matching zerossl certificate bundle from ~/downloads/ to the contract. +# ssl - Creates LetsEncrypt ssl certs matching with the vm domain name. # lcl - Displays the lcls of all nodes. # pubkey - Displays the pubkey on specified vm node or entire cluster. @@ -175,7 +181,7 @@ fi if [ $mode = "ssh" ]; then if [ $nodeid = -1 ]; then if [ -n "$2" ]; then - # Interprit second arg as a command to execute on all nodes. + # Interpret second arg as a command to execute on all nodes. command=${*:2} echo "Executing '$command' on all nodes..." for (( i=0; i<$vmcount; i++ )) @@ -197,44 +203,33 @@ if [ $mode = "ssh" ]; then fi fi -if [ $mode = "dns" ]; then - if [ $nodeid = -1 ]; then - echo "Please specify node no." - exit 1 - fi - if [[ $3 = "" ]]; then - echo "Please provide zerossl domain verification txt file path." - exit 1 - fi - vmaddr=${vmaddrs[$nodeid]} - sshpass -p $vmpass ssh $vmuser@$vmaddr "mkdir -p $basedir/web80/.well-known/pki-validation" - sshpass -p $vmpass scp $3 $vmuser@$vmaddr:$basedir/web80/.well-known/pki-validation/ - sshpass -p $vmpass ssh $vmuser@$vmaddr "sudo apt-get install -y python" - sshpass -p $vmpass ssh $vmuser@$vmaddr -t "cd $basedir/web80 && sudo python -m SimpleHTTPServer 80" - exit 0 -fi - if [ $mode = "ssl" ]; then if [ $nodeid = -1 ]; then - echo "Please specify node no." - exit 1 + if [ -n "$2" ]; then + # If nodeid is not specified, interpret second arg as the ssl account notification email. + command="$contdir/ssl.sh $2" + for (( i=0; i<$vmcount; i++ )) + do + vmaddr=${vmaddrs[i]} + let nodeid=$i+1 + echo "node"$nodeid":" $(sshpass -p $vmpass ssh $vmuser@$vmaddr $command) & + done + wait + else + echo "Please specify node no. or ssl account notification email." + exit 1 + fi + else + # if nodeid is specified, interpret third arg as the ssl account notification email. + if [ -n "$3" ]; then + command="$contdir/ssl.sh $3" + vmaddr=${vmaddrs[$nodeid]} + sshpass -p $vmpass ssh $vmuser@$vmaddr $command + else + echo "Please specify ssl account notification email." + exit 1 + fi fi - vmaddr=${vmaddrs[$nodeid]} - - sudo apt-get install -y unzip - unzip -d ~/downloads/$vmaddr/ ~/downloads/$vmaddr.zip || exit 1; - pushd ~/downloads/$vmaddr > /dev/null 2>&1 - mkdir certs - cat certificate.crt <(echo) ca_bundle.crt > certs/tlscert.pem - mv private.key certs/tlskey.pem - popd > /dev/null 2>&1 - - echo "Sending tls certs to the contract..." - sshpass -p $vmpass scp ~/downloads/$vmaddr/certs/* $vmuser@$vmaddr:$basedir/hpfiles/ssl/ - sshpass -p $vmpass ssh $vmuser@$vmaddr cp -rf $basedir/hpfiles/ssl/* $contdir/cfg/ - - rm -r ~/downloads/$vmaddr - echo "Done" exit 0 fi diff --git a/test/vm-cluster/setup-hp.sh b/test/vm-cluster/setup-hp.sh index 241555fa..e58eaf81 100755 --- a/test/vm-cluster/setup-hp.sh +++ b/test/vm-cluster/setup-hp.sh @@ -3,6 +3,7 @@ mode=$1 basedir=$2 contdir=$3 # Contract directory +vmaddr=$4 if [[ ! -f /swapfile ]] then @@ -87,6 +88,15 @@ if [ $mode = "new" ] || [ $mode = "reconfig" ]; then echo "echo \"select seq_no || '-' || lower(hex(ledger_hash)) from ledger order by seq_no DESC limit 1;\" | sqlite3 file:$contdir/ledger_fs/seed/primary/\$max_shard_no/ledger.sqlite?mode=ro" >> $contdir/lcl.sh sudo chmod +x $contdir/lcl.sh + # Create ssl.sh script + # This installs LetsEncrypt certbot and generates the SSL certs matching with vm domain name. + echo "snap install --classic certbot && ln -s /snap/bin/certbot /usr/bin/certbot > /dev/null 2>&1" > $contdir/ssl.sh + echo "certbot certonly --standalone -n -m \$1 --agree-tos -d $vmaddr" >> $contdir/ssl.sh + echo "cp /etc/letsencrypt/live/$vmaddr/fullchain.pem $basedir/hpfiles/ssl/tlscert.pem" >> $contdir/ssl.sh + echo "cp /etc/letsencrypt/live/$vmaddr/privkey.pem $basedir/hpfiles/ssl/tlskey.pem" >> $contdir/ssl.sh + echo "cp -rf $basedir/hpfiles/ssl/* $contdir/cfg/" >> $contdir/ssl.sh + sudo chmod +x $contdir/ssl.sh + # Configure .screenrc pushd $contdir > /dev/null 2>&1 echo "chdir $contdir" >> hp.screenrc diff --git a/test/vm-cluster/setup-vm.sh b/test/vm-cluster/setup-vm.sh index 6790736f..a867cc00 100755 --- a/test/vm-cluster/setup-vm.sh +++ b/test/vm-cluster/setup-vm.sh @@ -19,6 +19,6 @@ fi if [ $mode = "new" ] || [ $mode = "reconfig" ]; then # Run hp setup script on the VM and download the generated hp.cfg echo "Configuring HP..." - sshpass -p $vmpass ssh $vmuser@$vmaddr $basedir/hpfiles/setup-hp.sh $mode $basedir $contdir + sshpass -p $vmpass ssh $vmuser@$vmaddr $basedir/hpfiles/setup-hp.sh $mode $basedir $contdir $vmaddr sshpass -p $vmpass scp $vmuser@$vmaddr:$contdir/cfg/hp.cfg ./cfg/node$nodeid.cfg fi \ No newline at end of file