From be737e0047c0d1962b29255dbd73e8d4c77f7e62 Mon Sep 17 00:00:00 2001 From: Miguel Portilla Date: Tue, 6 May 2014 12:53:50 -0400 Subject: [PATCH] Enable Snappy compression for NodeStore backends. * Configured via config.cfg --- .../VisualStudio2013/RippleD.vcxproj.filters | 3 + doc/rippled-example.cfg | 1753 +++++++++-------- .../nodestore/backend/LevelDBFactory.cpp | 8 + .../nodestore/backend/RocksDBFactory.cpp | 8 + src/ripple_leveldb/ripple_leveldb.h | 1 + 5 files changed, 897 insertions(+), 876 deletions(-) diff --git a/Builds/VisualStudio2013/RippleD.vcxproj.filters b/Builds/VisualStudio2013/RippleD.vcxproj.filters index c1dbd1d5c..28ca11e3c 100644 --- a/Builds/VisualStudio2013/RippleD.vcxproj.filters +++ b/Builds/VisualStudio2013/RippleD.vcxproj.filters @@ -1740,6 +1740,9 @@ [0] Libraries\snappy + + [1] Ripple\common\tests + diff --git a/doc/rippled-example.cfg b/doc/rippled-example.cfg index a1ca279d3..23c759ea0 100644 --- a/doc/rippled-example.cfg +++ b/doc/rippled-example.cfg @@ -1,876 +1,877 @@ -#------------------------------------------------------------------------------- -# -# Rippled Server Instance Configuration Example -# -#------------------------------------------------------------------------------- -# -# Contents -# -# 1. Peer Networking -# -# 2. Websocket Networking -# -# 3. RPC Networking -# -# 4. SMS Gateway -# -# 5. Ripple Protcol -# -# 6. HTTPS Client -# -# 7. Database -# -# 8. Diagnostics -# -#------------------------------------------------------------------------------- -# -# Purpose -# -# This file documents and provides examples of all rippled server process -# configuration options. When the rippled server instance is lanched, it looks -# for a file with the following name: -# -# rippled.cfg -# -# For more information on where the rippled serer instance searches for -# the file please visit the Ripple wiki. Specifically, the section explaining -# the --conf command line option: -# -# https://ripple.com/wiki/Rippled#--conf.3Dpath -# -# This file should be named rippled.cfg. This file is UTF-8 with Dos, UNIX, -# or Mac style end of lines. Blank lines and lines beginning with '#' are -# ignored. Undefined sections are reserved. No escapes are currently defined. -# -# -# -#------------------------------------------------------------------------------- -# -# 1. Peer Networking -# -#------------------- -# -# These settings control security and access attributes of the Peer to Peer -# server section of the rippled process. Peer Networking implements the -# Ripple Payment protocol. It is over peer connections that transactions -# and validations are passed from to machine to machine, to make up the -# components of closed ledgers. -# -# -# -# [ips] -# -# List of hostnames or ips where the Ripple protocol is served. For a starter -# list, you can either copy entries from: https://ripple.com/ripple.txt or if -# you prefer you can specify r.ripple.com 51235 -# -# One IPv4 address or domain names per line is allowed. A port may optionally -# be specified after adding a space to the address. By convention, if known, -# IPs are listed in from most to least trusted. -# -# Examples: -# 192.168.0.1 -# 192.168.0.1 3939 -# r.ripple.com 51235 -# -# This will give you a good, up-to-date list of addresses: -# -# [ips] -# r.ripple.com 51235 -# -# -# -# [ips_fixed] -# -# List of IP addresses or hostnames to which rippled should always attempt to -# maintain peer connections with. This is useful for manually forming private -# networks, for example to configure a validation server that connects to the -# Ripple network through a public-facing server, or for building a set -# of cluster peers. -# -# One IPv4 address or domain names per line is allowed. A port may optionally -# be specified after adding a space to the address. -# -# -# -# [peer_ip] -# -# IP address or domain to bind to allow external connections from peers. -# Defaults to not binding, which disallows external connections from peers. -# -# Examples: 0.0.0.0 - Bind on all interfaces. -# -# -# -# [peer_port] -# -# If peer_ip is supplied, corresponding port to bind to for peer connections. -# -# -# -# [peer_port_proxy] -# -# An optional, additional listening port number for peers. Incoming -# connections on this port will be required to provide a PROXY Protocol -# handshake, described in this document (external link): -# -# http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt -# -# The PROXY Protocol is a popular method used by elastic load balancing -# service providers such as Amazon, to identify the true IP address and -# port number of external incoming connections. -# -# In addition to enabling this setting, it will also be required to -# use your provider-specific control panel or administrative web page -# to configure your server instance to receive PROXY Protocol handshakes, -# and also to restrict access to your instance to the Elastic Load Balancer. -# -# -# -# [peer_private] -# -# 0 or 1. -# -# 0: Request peers to broadcast your address. Normal outbound peer connections [default] -# 1: Request peers not broadcast your address. Only connect to configured peers. -# -# -# -# [max_peers] -# -# The largest number of desired peer connections (incoming or outgoing). -# Cluster and fixed peers do not count towards this total. There are -# implementation-defined lower limits imposed on this value for security -# purposes. -# -# -# -# [peer_ssl_cipher_list] -# -# A colon delimited string with the allowed SSL cipher modes for peer. The -# choices for for ciphers are defined by the OpenSSL API function -# SSL_CTX_set_cipher_list, documented here (external link): -# -# http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtpc2%2Fcpp_ssl_ctx_set_cipher_list.html -# -# The default setting is "ALL:!LOW:!EXP:!MD5:@STRENGTH", which allows -# non-authenticated peer connections (they are, however, secure). -# -# -# -# [node_seed] -# -# This is used for clustering. To force a particular node seed or key, the -# key can be set here. The format is the same as the validation_seed field. -# To obtain a validation seed, use the validation_create command. -# -# Examples: RASH BUSH MILK LOOK BAD BRIM AVID GAFF BAIT ROT POD LOVE -# shfArahZT9Q9ckTf3s1psJ7C7qzVN -# -# -# -# [cluster_nodes] -# -# To extend full trust to other nodes, place their node public keys here. -# Generally, you should only do this for nodes under common administration. -# Node public keys start with an 'n'. To give a node a name for identification -# place a space after the public key and then the name. -# -# -# -# [sntp_servers] -# -# IP address or domain of NTP servers to use for time synchronization. -# -# These NTP servers are suitable for rippled servers located in the United -# States: -# time.windows.com -# time.apple.com -# time.nist.gov -# pool.ntp.org -# -# -# -#------------------------------------------------------------------------------- -# -# 2. Websocket Networking -# -#------------------------ -# -# These settings control security and access attributes of the Websocket -# server section of the rippled process, primarily used to service -# client requests and backend applications. -# -# -# -# [websocket_public_ip] -# -# IP address or domain to bind to allow untrusted connections from clients. -# In the future, this option will go away and the peer_ip will accept -# websocket client connections. -# -# Examples: 0.0.0.0 - Bind on all interfaces. -# 127.0.0.1 - Bind on localhost interface. Only local programs may connect. -# -# -# -# [websocket_public_port] -# -# Port to bind to allow untrusted connections from clients. In the future, -# this option will go away and the peer_ip will accept websocket client -# connections. -# -# -# -# [websocket_public_secure] -# -# 0, 1 or 2. -# 0: Provide ws service for websocket_public_ip/websocket_public_port. -# 1: Provide both ws and wss service for websocket_public_ip/websocket_public_port. [default] -# 2: Provide wss service only for websocket_public_ip/websocket_public_port. -# -# Browser pages like the Ripple client will not be able to connect to a secure -# websocket connection if a self-signed certificate is used. As the Ripple -# reference client currently shares secrets with its server, this should be -# enabled. -# -# -# -# [websocket_ping_frequency] -# -# -# -# The amount of time to wait in seconds, before sending a websocket 'ping' -# message. Ping messages are used to determine if the remote end of the -# connection is no longer availabile. -# -# -# -# [websocket_ip] -# -# IP address or domain to bind to allow trusted ADMIN connections from backend -# applications. -# -# Examples: 0.0.0.0 - Bind on all interfaces. -# 127.0.0.1 - Bind on localhost interface. Only local programs may connect. -# -# -# -# [websocket_port] -# -# Port to bind to allow trusted ADMIN connections from backend applications. -# -# -# -# [websocket_secure] -# -# 0, 1, or 2. -# 0: Provide ws service only for websocket_ip/websocket_port. [default] -# 1: Provide ws and wss service for websocket_ip/websocket_port -# 2: Provide wss service for websocket_ip/websocket_port. -# -# -# -# [websocket_ssl_cert] -# -# Specify the path to the SSL certificate file in PEM format. -# This is not needed if the chain includes it. -# -# -# -# [websocket_ssl_chain] -# -# If you need a certificate chain, specify the path to the certificate chain -# here. The chain may include the end certificate. -# -# -# -# [websocket_ssl_key] -# -# Specify the filename holding the SSL key in PEM format. -# -# -# -#------------------------------------------------------------------------------- -# -# 3. RPC Networking -# -#------------------ -# -# This group of settings configures security and access attributes of the -# RPC server section of the rippled process, used to service both local -# an optional remote clients. -# -# -# -# [rpc_allow_remote] -# -# 0 or 1. -# -# 0: Allow RPC connections only from 127.0.0.1. [default] -# 1: Allow RPC connections from any IP. -# -# -# -# [rpc_admin_allow] -# -# Specify an list of IP addresses allowed to have admin access. One per line. -# If you want to test the output of non-admin commands add this section and -# just put an ip address not under your control. -# Defaults to 127.0.0.1. -# -# -# -# [rpc_admin_user] -# -# As a server, require this as the admin user to be specified. Also, require -# rpc_admin_user and rpc_admin_password to be checked for RPC admin functions. -# The request must specify these as the admin_user and admin_password in the -# request object. -# -# As a client, supply this to the server in the request object. -# -# -# -# [rpc_admin_password] -# -# As a server, require this as the admin pasword to be specified. Also, -# require rpc_admin_user and rpc_admin_password to be checked for RPC admin -# functions. The request must specify these as the admin_user and -# admin_password in the request object. -# -# As a client, supply this to the server in the request object. -# -# -# -# [rpc_ip] -# -# IP address or domain to bind to allow insecure RPC connections. -# Defaults to not binding, which disallows RPC connections. -# -# -# -# [rpc_port] -# -# If rpc_ip is supplied, corresponding port to bind to for peer connections. -# -# -# -# [rpc_user] -# -# As a server, require a this user to specified and require rpc_password to -# be checked for RPC access via the rpc_ip and rpc_port. The user and password -# must be specified via HTTP's basic authentication method. -# As a client, supply this to the server via HTTP's basic authentication -# method. -# -# -# -# [rpc_password] -# -# As a server, require a this password to specified and require rpc_user to -# be checked for RPC access via the rpc_ip and rpc_port. The user and password -# must be specified via HTTP's basic authentication method. -# As a client, supply this to the server via HTTP's basic authentication -# method. -# -# -# -# [rpc_startup] -# -# Specify a list of RPC commands to run at startup. -# -# Examples: -# { "command" : "server_info" } -# { "command" : "log_level", "partition" : "ripplecalc", "severity" : "trace" } -# -# -# -# [rpc_secure] -# -# 0 or 1. -# -# 0: Server certificates are not provided for RPC clients using SSL [default] -# 1: Client RPC connections wil be provided with SSL certificates. -# -# Note that if rpc_secure is enabled, it will also be necessasry to configure the -# certificate file settings located in rpc_ssl_cert, rpc_ssl_chain, and rpc_ssl_key -# -# -# -# [rpc_ssl_cert] -# -# -# -# A file system path leading to the SSL certificate file to use for secure RPC. -# The file is in PEM format. The file is not needed if the chain includes it. -# -# -# -# [rpc_ssl_chain] -# -# -# -# A file system path leading to the file with the certificate chain. -# The chain may include the end certificate. -# -# -# -# [rpc_ssl_key] -# -# -# -# A file system path leading to the file with the SSL key. -# The file is in PEM format. -# -# -# -#------------------------------------------------------------------------------- -# -# 4. SMS Gateway -# -#--------------- -# -# If you have a certain SMS messaging provider you can configure these -# settings to allow the rippled server instance to send an SMS text to the -# configured gateway in response to an admin-level RPC command "sms" with -# one parameter, 'text' containing the message to send. This allows backend -# applications to use the rippled instance to securely notify administrators -# of custom events or information via SMS gateway. -# -# When the 'sms' RPC command is issued, the configured SMS gateway will be -# contacted via HTTPS GET at the URL indicated by sms_url. The URI formed -# will be in this format: -# -# [sms_url]?from=[sms_from]&to=[sms_to]&api_key=[sms_key]&api_secret=[sms_secret]&text=['text'] -# -# Where [...] are the corresponding valus from the configuration file, and -# ['test'] is the value of the JSON field with name 'text'. -# -# [sms_url] -# -# The URL to contact via HTTPS when sending SMS messages -# -# [sms_from] -# [sms_to] -# [sms_key] -# [sms_secret] -# -# These are all strings passed directly in the URI as query parameters -# to the provider of the SMS gateway. -# -# -# -#------------------------------------------------------------------------------- -# -# 5. Ripple Protocol -# -#------------------ -# -# These settings affect the behavior of the server instance with respect -# to Ripple payment protocol level activities such as validating and -# closing ledgers, establishing a quorum, or adjusting fees in response -# to server overloads. -# -# -# -# [node_size] -# -# Tunes the servers based on the expected load and available memory. Legal -# sizes are "tiny", "small", "medium", "large", and "huge". We recommend -# you start at the default and raise the setting if you have extra memory. -# The default is "tiny". -# -# -# -# [validation_quorum] -# -# Sets the minimum number of trusted validations a ledger must have before -# the server considers it fully validated. Note that if you are validating, -# your validation counts. -# -# -# -# [ledger_history] -# -# The number of past ledgers to acquire on server startup and the minimum to -# maintain while running. -# -# To serve clients, servers need historical ledger data. Servers that don't -# need to serve clients can set this to "none". Servers that want complete -# history can set this to "full". -# -# The default is: 256 -# -# -# -# [fetch_depth] -# -# The number of past ledgers to serve to other peers that request historical -# ledger data (or "full" for no limit). -# -# Servers that require low latency and high local performance may wish to -# restrict the historical ledgers they are willing to serve. Setting this -# below 32 can harm network stability as servers require easy access to -# recent history to stay in sync. Values below 128 are not recommended. -# -# The default is: full -# -# -# -# [validation_seed] -# -# To perform validation, this section should contain either a validation seed -# or key. The validation seed is used to generate the validation -# public/private key pair. To obtain a validation seed, use the -# validation_create command. -# -# Examples: RASH BUSH MILK LOOK BAD BRIM AVID GAFF BAIT ROT POD LOVE -# shfArahZT9Q9ckTf3s1psJ7C7qzVN -# -# -# -# [validators] -# -# List of nodes to always accept as validators. Nodes are specified by domain -# or public key. -# -# For domains, rippled will probe for https web servers at the specified -# domain in the following order: ripple.DOMAIN, www.DOMAIN, DOMAIN -# -# For public key entries, a comment may optionally be spcified after adding a -# space to the pulic key. -# -# Examples: -# ripple.com -# n9KorY8QtTdRx7TVDpwnG9NvyxsDwHUKUEeDLY3AkiGncVaSXZi5 -# n9MqiExBcoG19UXwoLjBJnhsxEhAZMuWwJDRdkyDz1EkEkwzQTNt John Doe -# -# -# -# [validators_file] -# -# Path to file contain a list of nodes to always accept as validators. Use -# this to specify a file other than this file to manage your validators list. -# -# If this entry is not present or empty and no nodes from previous runs were -# found in the database, rippled will look for a validators.txt in the config -# directory. If not found there, it will attempt to retrieve the file from -# the [validators_site] web site. -# -# After specifying a different [validators_file] or changing the contents of -# the validators file, issue a RPC unl_load command to have rippled load the -# file. -# -# Specify the file by specifying its full path. -# -# Examples: -# C:/home/johndoe/ripple/validators.txt -# /home/johndoe/ripple/validators.txt -# -# -# -# [validators_site] -# -# Specifies where to find validators.txt for UNL boostrapping and RPC -# unl_network command. -# -# Example: ripple.com -# -# -# -# [path_search] -# When searching for paths, the default search aggressiveness. This can take -# exponentially more resources as the size is increased. -# -# The default is: 7 -# -# [path_search_fast] -# [path_search_max] -# When seaching for paths, the minimum and maximum search aggressiveness. -# -# The default for 'path_search_fast' is 2. The default for 'path_search_max' is 10. -# -# [path_search_old] -# -# For clients that use the legacy path finding interfaces, the search -# agressiveness to use. The default is 7. -# -# -# -#------------------------------------------------------------------------------- -# -# 6. HTTPS Client -# -#---------------- -# -# The rippled server instance uses HTTPS GET requests in a variety of -# circumstances, including but not limited to the SMS Messaging Gateway -# feature and also for contacting trusted domains to fetch information -# such as mapping an email address to a Ripple Payment Network address. -# -# [ssl_verify] -# -# 0 or 1. -# -# 0. HTTPS client connections will not verify certificates. -# 1. Certificates will be checked for HTTPS client connections . -# -# -# -# [ssl_verify_file] -# -# -# -# A file system path leading to the certificate verification file for -# HTTPS client requests. -# -# -# -# [ssl_verify_dir] -# -# -# -# -# A file system path leading to a file or directory containing the root -# certificates that the server will accept for verifying HTTP servers. -# Used only for outbound HTTPS client connections. -# -# -# -#------------------------------------------------------------------------------- -# -# 7. Database -# -#------------ -# -# rippled creates 4 SQLite database to hold bookkeeping information -# about transactions, local credentials, and various other things. -# It also creates the NodeDB, which holds all the objects that -# make up the current and historical ledgers. The size of the NodeDB -# grows in proportion to the amount of new data and the amount of -# historical data (a configurable setting). -# -# The performance of the underlying storage media where the NodeDB -# is placed can affect the performance of the server. Some virtual -# hosting providers offer high speed secondary storage, with the -# caveat that the data is not persisted across launches. If rippled -# runs in such an environment, it can be beneficial to configure the -# temp_db setting, which activates a secondary "look-aside" cache -# that can speed up the server. Some testing is suggested to determine -# if the temp_db setting is an improvement for your environment -# -# Partial pathnames will be considered relative to the location of -# the rippled.cfg file. -# -# [node_db] Settings for the NodeDB (required) -# [temp_db] Settings for the look-aside temporary db (optional) -# [import_db] Settings for performing a one-time import (optional) -# -# Format (without spaces): -# One or more lines of key / value pairs: -# '=' -# ... -# -# Examples: -# type=HyperLevelDB -# path=db/hyperldb -# -# Choices for 'type' (not case-sensitive) -# HyperLevelDB Use an improved version of LevelDB (preferred) -# LevelDB Use Google's LevelDB database (deprecated) -# none Use no backend -# RocksDB Use Facebook's RocksDB database -# SQLite Use SQLite -# -# Required keys: -# path Location to store the database (all types) -# -# Optional keys: -# (none yet) -# -# Notes: -# The 'node_db' entry configures the primary, persistent storage. -# -# The 'temp_db' configures a look-aside cache for high volume storage -# which doesn't necessarily persist between server launches. This -# is an optional configuration parameter. If it is left out then -# no look-aside database is created or used. -# -# The 'import_db' is used with the '--import' command line option to -# migrate the specified database into the current database given -# in the [node_db] section. -# -# [database_path] Path to the book-keeping databases. -# -# There are 4 book-keeping SQLite database that the server creates and -# maintains. If you omit this configuration setting, it will default to -# creating a directory called "db" located in the same place as your -# rippled.cfg file. -# -# -# -#------------------------------------------------------------------------------- -# -# 8. Diagnostics -# -#--------------- -# -# These settings are designed to help server administrators diagnose -# problems, and obtain detailed information about the activities being -# performed by the rippled process. -# -# -# -# [debug_logfile] -# -# Specifies were a debug logfile is kept. By default, no debug log is kept. -# Unless absolute, the path is relative the directory containing this file. -# -# Example: debug.log -# -# -# -# [insight] -# -# Configuration parameters for the Beast.Insight stats collection module. -# -# Insight is a module that collects information from the areas of rippled -# that have instrumentation. The configuration paramters control where the -# collection metrics are sent. The parameters are expressed as key = value -# pairs with no white space. The main parameter is the choice of server: -# -# "server" -# -# Choice of server to send metrics to. Currently the only choice is -# "statsd" which sends UDP packets to a StatsD daemon, which must be -# running while rippled is running. More information on StatsD is -# available here: -# https://github.com/b/statsd_spec -# -# When server=statsd, these additional keys are used: -# -# "address" The UDP address and port of the listening StatsD server, -# in the format, n.n.n.n:port. -# -# "prefix" A string prepended to each collected metric. This is used -# to distinguish between different running instances of rippled. -# -# If this section is missing, or the server type is unspecified or unknown, -# statistics are not collected or reported. -# -# Example: -# -# [insight] -# server=statsd -# address=192.168.0.95:4201 -# prefix=my_validator -# -#------------------------------------------------------------------------------- - -# Allow other peers to connect to this server. -# -[peer_ip] -0.0.0.0 - -[peer_port] -51235 - -# Allow untrusted clients to connect to this server. -# -[websocket_public_ip] -0.0.0.0 - -[websocket_public_port] -5006 - -# Provide trusted websocket ADMIN access to the localhost. -# -[websocket_ip] -127.0.0.1 - -[websocket_port] -6006 - -# Provide trusted json-rpc ADMIN access to the localhost. -# -[rpc_ip] -127.0.0.1 - -[rpc_port] -5005 - -[rpc_allow_remote] -0 - -[node_size] -medium - -# This is primary persistent datastore for rippled. This includes transaction -# metadata, account states, and ledger headers. Helpful information can be -# found here: https://ripple.com/wiki/NodeBackEnd -[node_db] -type=RocksDB -path=/var/lib/rippled/db/rocksdb -open_files=2000 -filter_bits=12 -cache_mb=256 -file_size_mb=8 -file_size_mult=2 - -[database_path] -/var/lib/rippled/db - -# This needs to be an absolute directory reference, not a relative one. -# Modify this value as required. -[debug_logfile] -/var/log/rippled/debug.log - -[sntp_servers] -time.windows.com -time.apple.com -time.nist.gov -pool.ntp.org - -# Where to find some other servers speaking the Ripple protocol. -# -[ips] -r.ripple.com 51235 - -# These validators are taken from the v0.16 release notes on the wiki: -# https://ripple.com/wiki/Latest_rippled_release_notes -[validators] -n949f75evCHwgyP4fPVgaHqNHxUVN15PsJEZ3B3HnXPcPjcZAoy7 RL1 -n9MD5h24qrQqiyBC8aeqqCWvpiBiYQ3jxSr91uiDvmrkyHRdYLUj RL2 -n9L81uNCaPgtUJfaHh89gmdvXKAmSt5Gdsw2g1iPWaPkAHW5Nm4C RL3 -n9KiYM9CgngLvtRCQHZwgC2gjpdaZcCcbt3VboxiNFcKuwFVujzS RL4 -n9LdgEtkmGB9E2h3K4Vp7iGUaKuq23Zr32ehxiU8FWY7xoxbWTSA RL5 - -# Ditto. -[validation_quorum] -3 - -# Turn down default logging to save disk space in the long run. -# Valid values here are trace, debug, info, warning, error, and fatal -[rpc_startup] -{ "command": "log_level", "severity": "warning" } - -# Configure SSL for WebSockets. Not enabled by default because not everybody -# has an SSL cert on their server, but if you uncomment the following lines and -# set the path to the SSL certificate and private key the WebSockets protocol -# will be protected by SSL/TLS. -#[websocket_secure] -#1 - -#[websocket_ssl_cert] -#/etc/ssl/certs/server.crt - -#[websocket_ssl_key] -#/etc/ssl/private/server.key - -# Defaults to 0 ("no") so that you can use self-signed SSL certificates for -# development, or internally. -#[ssl_verify] -#0 - - +#------------------------------------------------------------------------------- +# +# Rippled Server Instance Configuration Example +# +#------------------------------------------------------------------------------- +# +# Contents +# +# 1. Peer Networking +# +# 2. Websocket Networking +# +# 3. RPC Networking +# +# 4. SMS Gateway +# +# 5. Ripple Protcol +# +# 6. HTTPS Client +# +# 7. Database +# +# 8. Diagnostics +# +#------------------------------------------------------------------------------- +# +# Purpose +# +# This file documents and provides examples of all rippled server process +# configuration options. When the rippled server instance is lanched, it looks +# for a file with the following name: +# +# rippled.cfg +# +# For more information on where the rippled serer instance searches for +# the file please visit the Ripple wiki. Specifically, the section explaining +# the --conf command line option: +# +# https://ripple.com/wiki/Rippled#--conf.3Dpath +# +# This file should be named rippled.cfg. This file is UTF-8 with Dos, UNIX, +# or Mac style end of lines. Blank lines and lines beginning with '#' are +# ignored. Undefined sections are reserved. No escapes are currently defined. +# +# +# +#------------------------------------------------------------------------------- +# +# 1. Peer Networking +# +#------------------- +# +# These settings control security and access attributes of the Peer to Peer +# server section of the rippled process. Peer Networking implements the +# Ripple Payment protocol. It is over peer connections that transactions +# and validations are passed from to machine to machine, to make up the +# components of closed ledgers. +# +# +# +# [ips] +# +# List of hostnames or ips where the Ripple protocol is served. For a starter +# list, you can either copy entries from: https://ripple.com/ripple.txt or if +# you prefer you can specify r.ripple.com 51235 +# +# One IPv4 address or domain names per line is allowed. A port may optionally +# be specified after adding a space to the address. By convention, if known, +# IPs are listed in from most to least trusted. +# +# Examples: +# 192.168.0.1 +# 192.168.0.1 3939 +# r.ripple.com 51235 +# +# This will give you a good, up-to-date list of addresses: +# +# [ips] +# r.ripple.com 51235 +# +# +# +# [ips_fixed] +# +# List of IP addresses or hostnames to which rippled should always attempt to +# maintain peer connections with. This is useful for manually forming private +# networks, for example to configure a validation server that connects to the +# Ripple network through a public-facing server, or for building a set +# of cluster peers. +# +# One IPv4 address or domain names per line is allowed. A port may optionally +# be specified after adding a space to the address. +# +# +# +# [peer_ip] +# +# IP address or domain to bind to allow external connections from peers. +# Defaults to not binding, which disallows external connections from peers. +# +# Examples: 0.0.0.0 - Bind on all interfaces. +# +# +# +# [peer_port] +# +# If peer_ip is supplied, corresponding port to bind to for peer connections. +# +# +# +# [peer_port_proxy] +# +# An optional, additional listening port number for peers. Incoming +# connections on this port will be required to provide a PROXY Protocol +# handshake, described in this document (external link): +# +# http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt +# +# The PROXY Protocol is a popular method used by elastic load balancing +# service providers such as Amazon, to identify the true IP address and +# port number of external incoming connections. +# +# In addition to enabling this setting, it will also be required to +# use your provider-specific control panel or administrative web page +# to configure your server instance to receive PROXY Protocol handshakes, +# and also to restrict access to your instance to the Elastic Load Balancer. +# +# +# +# [peer_private] +# +# 0 or 1. +# +# 0: Request peers to broadcast your address. Normal outbound peer connections [default] +# 1: Request peers not broadcast your address. Only connect to configured peers. +# +# +# +# [max_peers] +# +# The largest number of desired peer connections (incoming or outgoing). +# Cluster and fixed peers do not count towards this total. There are +# implementation-defined lower limits imposed on this value for security +# purposes. +# +# +# +# [peer_ssl_cipher_list] +# +# A colon delimited string with the allowed SSL cipher modes for peer. The +# choices for for ciphers are defined by the OpenSSL API function +# SSL_CTX_set_cipher_list, documented here (external link): +# +# http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtpc2%2Fcpp_ssl_ctx_set_cipher_list.html +# +# The default setting is "ALL:!LOW:!EXP:!MD5:@STRENGTH", which allows +# non-authenticated peer connections (they are, however, secure). +# +# +# +# [node_seed] +# +# This is used for clustering. To force a particular node seed or key, the +# key can be set here. The format is the same as the validation_seed field. +# To obtain a validation seed, use the validation_create command. +# +# Examples: RASH BUSH MILK LOOK BAD BRIM AVID GAFF BAIT ROT POD LOVE +# shfArahZT9Q9ckTf3s1psJ7C7qzVN +# +# +# +# [cluster_nodes] +# +# To extend full trust to other nodes, place their node public keys here. +# Generally, you should only do this for nodes under common administration. +# Node public keys start with an 'n'. To give a node a name for identification +# place a space after the public key and then the name. +# +# +# +# [sntp_servers] +# +# IP address or domain of NTP servers to use for time synchronization. +# +# These NTP servers are suitable for rippled servers located in the United +# States: +# time.windows.com +# time.apple.com +# time.nist.gov +# pool.ntp.org +# +# +# +#------------------------------------------------------------------------------- +# +# 2. Websocket Networking +# +#------------------------ +# +# These settings control security and access attributes of the Websocket +# server section of the rippled process, primarily used to service +# client requests and backend applications. +# +# +# +# [websocket_public_ip] +# +# IP address or domain to bind to allow untrusted connections from clients. +# In the future, this option will go away and the peer_ip will accept +# websocket client connections. +# +# Examples: 0.0.0.0 - Bind on all interfaces. +# 127.0.0.1 - Bind on localhost interface. Only local programs may connect. +# +# +# +# [websocket_public_port] +# +# Port to bind to allow untrusted connections from clients. In the future, +# this option will go away and the peer_ip will accept websocket client +# connections. +# +# +# +# [websocket_public_secure] +# +# 0, 1 or 2. +# 0: Provide ws service for websocket_public_ip/websocket_public_port. +# 1: Provide both ws and wss service for websocket_public_ip/websocket_public_port. [default] +# 2: Provide wss service only for websocket_public_ip/websocket_public_port. +# +# Browser pages like the Ripple client will not be able to connect to a secure +# websocket connection if a self-signed certificate is used. As the Ripple +# reference client currently shares secrets with its server, this should be +# enabled. +# +# +# +# [websocket_ping_frequency] +# +# +# +# The amount of time to wait in seconds, before sending a websocket 'ping' +# message. Ping messages are used to determine if the remote end of the +# connection is no longer availabile. +# +# +# +# [websocket_ip] +# +# IP address or domain to bind to allow trusted ADMIN connections from backend +# applications. +# +# Examples: 0.0.0.0 - Bind on all interfaces. +# 127.0.0.1 - Bind on localhost interface. Only local programs may connect. +# +# +# +# [websocket_port] +# +# Port to bind to allow trusted ADMIN connections from backend applications. +# +# +# +# [websocket_secure] +# +# 0, 1, or 2. +# 0: Provide ws service only for websocket_ip/websocket_port. [default] +# 1: Provide ws and wss service for websocket_ip/websocket_port +# 2: Provide wss service for websocket_ip/websocket_port. +# +# +# +# [websocket_ssl_cert] +# +# Specify the path to the SSL certificate file in PEM format. +# This is not needed if the chain includes it. +# +# +# +# [websocket_ssl_chain] +# +# If you need a certificate chain, specify the path to the certificate chain +# here. The chain may include the end certificate. +# +# +# +# [websocket_ssl_key] +# +# Specify the filename holding the SSL key in PEM format. +# +# +# +#------------------------------------------------------------------------------- +# +# 3. RPC Networking +# +#------------------ +# +# This group of settings configures security and access attributes of the +# RPC server section of the rippled process, used to service both local +# an optional remote clients. +# +# +# +# [rpc_allow_remote] +# +# 0 or 1. +# +# 0: Allow RPC connections only from 127.0.0.1. [default] +# 1: Allow RPC connections from any IP. +# +# +# +# [rpc_admin_allow] +# +# Specify an list of IP addresses allowed to have admin access. One per line. +# If you want to test the output of non-admin commands add this section and +# just put an ip address not under your control. +# Defaults to 127.0.0.1. +# +# +# +# [rpc_admin_user] +# +# As a server, require this as the admin user to be specified. Also, require +# rpc_admin_user and rpc_admin_password to be checked for RPC admin functions. +# The request must specify these as the admin_user and admin_password in the +# request object. +# +# As a client, supply this to the server in the request object. +# +# +# +# [rpc_admin_password] +# +# As a server, require this as the admin pasword to be specified. Also, +# require rpc_admin_user and rpc_admin_password to be checked for RPC admin +# functions. The request must specify these as the admin_user and +# admin_password in the request object. +# +# As a client, supply this to the server in the request object. +# +# +# +# [rpc_ip] +# +# IP address or domain to bind to allow insecure RPC connections. +# Defaults to not binding, which disallows RPC connections. +# +# +# +# [rpc_port] +# +# If rpc_ip is supplied, corresponding port to bind to for peer connections. +# +# +# +# [rpc_user] +# +# As a server, require a this user to specified and require rpc_password to +# be checked for RPC access via the rpc_ip and rpc_port. The user and password +# must be specified via HTTP's basic authentication method. +# As a client, supply this to the server via HTTP's basic authentication +# method. +# +# +# +# [rpc_password] +# +# As a server, require a this password to specified and require rpc_user to +# be checked for RPC access via the rpc_ip and rpc_port. The user and password +# must be specified via HTTP's basic authentication method. +# As a client, supply this to the server via HTTP's basic authentication +# method. +# +# +# +# [rpc_startup] +# +# Specify a list of RPC commands to run at startup. +# +# Examples: +# { "command" : "server_info" } +# { "command" : "log_level", "partition" : "ripplecalc", "severity" : "trace" } +# +# +# +# [rpc_secure] +# +# 0 or 1. +# +# 0: Server certificates are not provided for RPC clients using SSL [default] +# 1: Client RPC connections wil be provided with SSL certificates. +# +# Note that if rpc_secure is enabled, it will also be necessasry to configure the +# certificate file settings located in rpc_ssl_cert, rpc_ssl_chain, and rpc_ssl_key +# +# +# +# [rpc_ssl_cert] +# +# +# +# A file system path leading to the SSL certificate file to use for secure RPC. +# The file is in PEM format. The file is not needed if the chain includes it. +# +# +# +# [rpc_ssl_chain] +# +# +# +# A file system path leading to the file with the certificate chain. +# The chain may include the end certificate. +# +# +# +# [rpc_ssl_key] +# +# +# +# A file system path leading to the file with the SSL key. +# The file is in PEM format. +# +# +# +#------------------------------------------------------------------------------- +# +# 4. SMS Gateway +# +#--------------- +# +# If you have a certain SMS messaging provider you can configure these +# settings to allow the rippled server instance to send an SMS text to the +# configured gateway in response to an admin-level RPC command "sms" with +# one parameter, 'text' containing the message to send. This allows backend +# applications to use the rippled instance to securely notify administrators +# of custom events or information via SMS gateway. +# +# When the 'sms' RPC command is issued, the configured SMS gateway will be +# contacted via HTTPS GET at the URL indicated by sms_url. The URI formed +# will be in this format: +# +# [sms_url]?from=[sms_from]&to=[sms_to]&api_key=[sms_key]&api_secret=[sms_secret]&text=['text'] +# +# Where [...] are the corresponding valus from the configuration file, and +# ['test'] is the value of the JSON field with name 'text'. +# +# [sms_url] +# +# The URL to contact via HTTPS when sending SMS messages +# +# [sms_from] +# [sms_to] +# [sms_key] +# [sms_secret] +# +# These are all strings passed directly in the URI as query parameters +# to the provider of the SMS gateway. +# +# +# +#------------------------------------------------------------------------------- +# +# 5. Ripple Protocol +# +#------------------ +# +# These settings affect the behavior of the server instance with respect +# to Ripple payment protocol level activities such as validating and +# closing ledgers, establishing a quorum, or adjusting fees in response +# to server overloads. +# +# +# +# [node_size] +# +# Tunes the servers based on the expected load and available memory. Legal +# sizes are "tiny", "small", "medium", "large", and "huge". We recommend +# you start at the default and raise the setting if you have extra memory. +# The default is "tiny". +# +# +# +# [validation_quorum] +# +# Sets the minimum number of trusted validations a ledger must have before +# the server considers it fully validated. Note that if you are validating, +# your validation counts. +# +# +# +# [ledger_history] +# +# The number of past ledgers to acquire on server startup and the minimum to +# maintain while running. +# +# To serve clients, servers need historical ledger data. Servers that don't +# need to serve clients can set this to "none". Servers that want complete +# history can set this to "full". +# +# The default is: 256 +# +# +# +# [fetch_depth] +# +# The number of past ledgers to serve to other peers that request historical +# ledger data (or "full" for no limit). +# +# Servers that require low latency and high local performance may wish to +# restrict the historical ledgers they are willing to serve. Setting this +# below 32 can harm network stability as servers require easy access to +# recent history to stay in sync. Values below 128 are not recommended. +# +# The default is: full +# +# +# +# [validation_seed] +# +# To perform validation, this section should contain either a validation seed +# or key. The validation seed is used to generate the validation +# public/private key pair. To obtain a validation seed, use the +# validation_create command. +# +# Examples: RASH BUSH MILK LOOK BAD BRIM AVID GAFF BAIT ROT POD LOVE +# shfArahZT9Q9ckTf3s1psJ7C7qzVN +# +# +# +# [validators] +# +# List of nodes to always accept as validators. Nodes are specified by domain +# or public key. +# +# For domains, rippled will probe for https web servers at the specified +# domain in the following order: ripple.DOMAIN, www.DOMAIN, DOMAIN +# +# For public key entries, a comment may optionally be spcified after adding a +# space to the pulic key. +# +# Examples: +# ripple.com +# n9KorY8QtTdRx7TVDpwnG9NvyxsDwHUKUEeDLY3AkiGncVaSXZi5 +# n9MqiExBcoG19UXwoLjBJnhsxEhAZMuWwJDRdkyDz1EkEkwzQTNt John Doe +# +# +# +# [validators_file] +# +# Path to file contain a list of nodes to always accept as validators. Use +# this to specify a file other than this file to manage your validators list. +# +# If this entry is not present or empty and no nodes from previous runs were +# found in the database, rippled will look for a validators.txt in the config +# directory. If not found there, it will attempt to retrieve the file from +# the [validators_site] web site. +# +# After specifying a different [validators_file] or changing the contents of +# the validators file, issue a RPC unl_load command to have rippled load the +# file. +# +# Specify the file by specifying its full path. +# +# Examples: +# C:/home/johndoe/ripple/validators.txt +# /home/johndoe/ripple/validators.txt +# +# +# +# [validators_site] +# +# Specifies where to find validators.txt for UNL boostrapping and RPC +# unl_network command. +# +# Example: ripple.com +# +# +# +# [path_search] +# When searching for paths, the default search aggressiveness. This can take +# exponentially more resources as the size is increased. +# +# The default is: 7 +# +# [path_search_fast] +# [path_search_max] +# When seaching for paths, the minimum and maximum search aggressiveness. +# +# The default for 'path_search_fast' is 2. The default for 'path_search_max' is 10. +# +# [path_search_old] +# +# For clients that use the legacy path finding interfaces, the search +# agressiveness to use. The default is 7. +# +# +# +#------------------------------------------------------------------------------- +# +# 6. HTTPS Client +# +#---------------- +# +# The rippled server instance uses HTTPS GET requests in a variety of +# circumstances, including but not limited to the SMS Messaging Gateway +# feature and also for contacting trusted domains to fetch information +# such as mapping an email address to a Ripple Payment Network address. +# +# [ssl_verify] +# +# 0 or 1. +# +# 0. HTTPS client connections will not verify certificates. +# 1. Certificates will be checked for HTTPS client connections . +# +# +# +# [ssl_verify_file] +# +# +# +# A file system path leading to the certificate verification file for +# HTTPS client requests. +# +# +# +# [ssl_verify_dir] +# +# +# +# +# A file system path leading to a file or directory containing the root +# certificates that the server will accept for verifying HTTP servers. +# Used only for outbound HTTPS client connections. +# +# +# +#------------------------------------------------------------------------------- +# +# 7. Database +# +#------------ +# +# rippled creates 4 SQLite database to hold bookkeeping information +# about transactions, local credentials, and various other things. +# It also creates the NodeDB, which holds all the objects that +# make up the current and historical ledgers. The size of the NodeDB +# grows in proportion to the amount of new data and the amount of +# historical data (a configurable setting). +# +# The performance of the underlying storage media where the NodeDB +# is placed can affect the performance of the server. Some virtual +# hosting providers offer high speed secondary storage, with the +# caveat that the data is not persisted across launches. If rippled +# runs in such an environment, it can be beneficial to configure the +# temp_db setting, which activates a secondary "look-aside" cache +# that can speed up the server. Some testing is suggested to determine +# if the temp_db setting is an improvement for your environment +# +# Partial pathnames will be considered relative to the location of +# the rippled.cfg file. +# +# [node_db] Settings for the NodeDB (required) +# [temp_db] Settings for the look-aside temporary db (optional) +# [import_db] Settings for performing a one-time import (optional) +# +# Format (without spaces): +# One or more lines of key / value pairs: +# '=' +# ... +# +# Examples: +# type=HyperLevelDB +# path=db/hyperldb +# compression=0 +# +# Choices for 'type' (not case-sensitive) +# HyperLevelDB Use an improved version of LevelDB (preferred) +# LevelDB Use Google's LevelDB database (deprecated) +# none Use no backend +# RocksDB Use Facebook's RocksDB database +# SQLite Use SQLite +# +# Required keys: +# path Location to store the database (all types) +# +# Optional keys: +# compression 0 for none, 1 for Snappy compression +# +# Notes: +# The 'node_db' entry configures the primary, persistent storage. +# +# The 'temp_db' configures a look-aside cache for high volume storage +# which doesn't necessarily persist between server launches. This +# is an optional configuration parameter. If it is left out then +# no look-aside database is created or used. +# +# The 'import_db' is used with the '--import' command line option to +# migrate the specified database into the current database given +# in the [node_db] section. +# +# [database_path] Path to the book-keeping databases. +# +# There are 4 book-keeping SQLite database that the server creates and +# maintains. If you omit this configuration setting, it will default to +# creating a directory called "db" located in the same place as your +# rippled.cfg file. +# +# +# +#------------------------------------------------------------------------------- +# +# 8. Diagnostics +# +#--------------- +# +# These settings are designed to help server administrators diagnose +# problems, and obtain detailed information about the activities being +# performed by the rippled process. +# +# +# +# [debug_logfile] +# +# Specifies were a debug logfile is kept. By default, no debug log is kept. +# Unless absolute, the path is relative the directory containing this file. +# +# Example: debug.log +# +# +# +# [insight] +# +# Configuration parameters for the Beast.Insight stats collection module. +# +# Insight is a module that collects information from the areas of rippled +# that have instrumentation. The configuration paramters control where the +# collection metrics are sent. The parameters are expressed as key = value +# pairs with no white space. The main parameter is the choice of server: +# +# "server" +# +# Choice of server to send metrics to. Currently the only choice is +# "statsd" which sends UDP packets to a StatsD daemon, which must be +# running while rippled is running. More information on StatsD is +# available here: +# https://github.com/b/statsd_spec +# +# When server=statsd, these additional keys are used: +# +# "address" The UDP address and port of the listening StatsD server, +# in the format, n.n.n.n:port. +# +# "prefix" A string prepended to each collected metric. This is used +# to distinguish between different running instances of rippled. +# +# If this section is missing, or the server type is unspecified or unknown, +# statistics are not collected or reported. +# +# Example: +# +# [insight] +# server=statsd +# address=192.168.0.95:4201 +# prefix=my_validator +# +#------------------------------------------------------------------------------- + +# Allow other peers to connect to this server. +# +[peer_ip] +0.0.0.0 + +[peer_port] +51235 + +# Allow untrusted clients to connect to this server. +# +[websocket_public_ip] +0.0.0.0 + +[websocket_public_port] +5006 + +# Provide trusted websocket ADMIN access to the localhost. +# +[websocket_ip] +127.0.0.1 + +[websocket_port] +6006 + +# Provide trusted json-rpc ADMIN access to the localhost. +# +[rpc_ip] +127.0.0.1 + +[rpc_port] +5005 + +[rpc_allow_remote] +0 + +[node_size] +medium + +# This is primary persistent datastore for rippled. This includes transaction +# metadata, account states, and ledger headers. Helpful information can be +# found here: https://ripple.com/wiki/NodeBackEnd +[node_db] +type=RocksDB +path=/var/lib/rippled/db/rocksdb +open_files=2000 +filter_bits=12 +cache_mb=256 +file_size_mb=8 +file_size_mult=2 + +[database_path] +/var/lib/rippled/db + +# This needs to be an absolute directory reference, not a relative one. +# Modify this value as required. +[debug_logfile] +/var/log/rippled/debug.log + +[sntp_servers] +time.windows.com +time.apple.com +time.nist.gov +pool.ntp.org + +# Where to find some other servers speaking the Ripple protocol. +# +[ips] +r.ripple.com 51235 + +# These validators are taken from the v0.16 release notes on the wiki: +# https://ripple.com/wiki/Latest_rippled_release_notes +[validators] +n949f75evCHwgyP4fPVgaHqNHxUVN15PsJEZ3B3HnXPcPjcZAoy7 RL1 +n9MD5h24qrQqiyBC8aeqqCWvpiBiYQ3jxSr91uiDvmrkyHRdYLUj RL2 +n9L81uNCaPgtUJfaHh89gmdvXKAmSt5Gdsw2g1iPWaPkAHW5Nm4C RL3 +n9KiYM9CgngLvtRCQHZwgC2gjpdaZcCcbt3VboxiNFcKuwFVujzS RL4 +n9LdgEtkmGB9E2h3K4Vp7iGUaKuq23Zr32ehxiU8FWY7xoxbWTSA RL5 + +# Ditto. +[validation_quorum] +3 + +# Turn down default logging to save disk space in the long run. +# Valid values here are trace, debug, info, warning, error, and fatal +[rpc_startup] +{ "command": "log_level", "severity": "warning" } + +# Configure SSL for WebSockets. Not enabled by default because not everybody +# has an SSL cert on their server, but if you uncomment the following lines and +# set the path to the SSL certificate and private key the WebSockets protocol +# will be protected by SSL/TLS. +#[websocket_secure] +#1 + +#[websocket_ssl_cert] +#/etc/ssl/certs/server.crt + +#[websocket_ssl_key] +#/etc/ssl/private/server.key + +# Defaults to 0 ("no") so that you can use self-signed SSL certificates for +# development, or internally. +#[ssl_verify] +#0 + + diff --git a/src/ripple_core/nodestore/backend/LevelDBFactory.cpp b/src/ripple_core/nodestore/backend/LevelDBFactory.cpp index edb0fc59d..19f89b725 100644 --- a/src/ripple_core/nodestore/backend/LevelDBFactory.cpp +++ b/src/ripple_core/nodestore/backend/LevelDBFactory.cpp @@ -71,6 +71,14 @@ public: options.max_open_files = keyValues["open_files"].getIntValue(); } + if (! keyValues["compression"].isEmpty ()) + { + if (keyValues["compression"].getIntValue () == 0) + { + options.compression = leveldb::kNoCompression; + } + } + leveldb::DB* db = nullptr; leveldb::Status status = leveldb::DB::Open (options, m_name, &db); if (!status.ok () || !db) diff --git a/src/ripple_core/nodestore/backend/RocksDBFactory.cpp b/src/ripple_core/nodestore/backend/RocksDBFactory.cpp index 2899500f6..5578d76df 100644 --- a/src/ripple_core/nodestore/backend/RocksDBFactory.cpp +++ b/src/ripple_core/nodestore/backend/RocksDBFactory.cpp @@ -155,6 +155,14 @@ public: options.max_background_flushes = highThreads; } + if (! keyValues["compression"].isEmpty ()) + { + if (keyValues["compression"].getIntValue () == 0) + { + options.compression = rocksdb::kNoCompression; + } + } + rocksdb::DB* db = nullptr; rocksdb::Status status = rocksdb::DB::Open (options, m_name, &db); if (!status.ok () || !db) diff --git a/src/ripple_leveldb/ripple_leveldb.h b/src/ripple_leveldb/ripple_leveldb.h index e86b89cd2..38a7822e3 100644 --- a/src/ripple_leveldb/ripple_leveldb.h +++ b/src/ripple_leveldb/ripple_leveldb.h @@ -20,6 +20,7 @@ #ifndef RIPPLE_LEVELDB_H_INCLUDED #define RIPPLE_LEVELDB_H_INCLUDED +#define SNAPPY #include "leveldb/cache.h" #include "leveldb/filter_policy.h" #include "leveldb/db.h"