Merge pull request #2 from Camillarhi/circuitbreaker4

Circuitbreaker4

Author: Camillarhi

resources/networks/hello/network.yaml

@@ -59,13 +59,6 @@ plugins:  # Each plugin section has a number of hooks available (preDeploy, post
       entrypoint: "../../plugins/hello"  # This entrypoint path is relative to the network.yaml file
       podName: "hello-pre-deploy"
       helloTo: "preDeploy!"
-    circuitbreaker:
-      entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
   postDeploy:
     hello:
       entrypoint: "../../plugins/hello"
@@ -76,54 +69,24 @@ plugins:  # Each plugin section has a number of hooks available (preDeploy, post
       activity: '[{"source": "tank-0003-ln", "destination": "tank-0005-ln", "interval_secs": 1, "amount_msat": 2000}]'
     circuitbreaker:
       entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
+      podName: "circuitbreaker-pod"
+      rpcserver: "172.29.34.166:10009"
+      httplisten: "0.0.0.0:9235"
   preNode:  # preNode plugins run before each node is deployed
     hello:
       entrypoint: "../../plugins/hello"
       helloTo: "preNode!"
-    circuitbreaker:
-      entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
   postNode:
     hello:
       entrypoint: "../../plugins/hello"
       helloTo: "postNode!"
-    circuitbreaker:
-      entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
   preNetwork:
     hello:
       entrypoint: "../../plugins/hello"
       helloTo: "preNetwork!"
       podName: "hello-pre-network"
-    circuitbreaker:
-      entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
   postNetwork:
     hello:
       entrypoint: "../../plugins/hello"
       helloTo: "postNetwork!"
-      podName: "hello-post-network"
-    circuitbreaker:
-      entrypoint: "../../plugins/circuitbreaker"
-      url: "http://127.0.0.1:9235"
-      apiUrl: "/api"
-      mode: "fail"  # Operating mode: fail, queue, or queue_peer_initiated
-      maxPendingHtlcs: 10  # Default maximum pending HTLCs per peer
-      rateLimit: 1  # Minimum seconds between HTLCs (token bucket rate limit)
+      podName: "hello-post-network"

resources/plugins/circuitbreaker/charts/circuitbreaker/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v2
 name: circuitbreaker
 description: A Helm chart to deploy Circuit Breaker
 version: 0.1.0
-appVersion: "0.1.0"
+appVersion: "0.1.0"

resources/plugins/circuitbreaker/charts/circuitbreaker/templates/_helpers.tpl

@@ -0,0 +1,7 @@
+{{- define "mychart.name" -}}
+{{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "mychart.fullname" -}}
+{{- printf "%s-%s" (include "mychart.name" .) .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}

resources/plugins/circuitbreaker/charts/circuitbreaker/templates/configmap.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "mychart.fullname" . }}-data
+data:
+  tls.cert: |
+    -----BEGIN CERTIFICATE-----
+    MIICRTCCAeygAwIBAgIRAMe5IfFsBM9nqG1hwA1tswAwCgYIKoZIzj0EAwIwOzEf
+    MB0GA1UEChMWbG5kIGF1dG9nZW5lcmF0ZWQgY2VydDEYMBYGA1UEAxMPREVTS1RP
+    UC00OEJVR0xTMB4XDTI1MDIwMTE2NDAyNFoXDTI2MDMyOTE2NDAyNFowOzEfMB0G
+    A1UEChMWbG5kIGF1dG9nZW5lcmF0ZWQgY2VydDEYMBYGA1UEAxMPREVTS1RPUC00
+    OEJVR0xTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIl4bWvtGVb1T4iUyjLfj
+    U2IVnF1yJBwbTa2diRJh+a0UbwjUSdn/hIVkNALr9f3NKYWmotyq8IGOmjwhAFis
+    HKOB0DCBzTAOBgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD
+    VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU38wWLmz1lsVv7vtZZamSgkcoQUcwdgYD
+    VR0RBG8wbYIPREVTS1RPUC00OEJVR0xTgglsb2NhbGhvc3SCBHVuaXiCCnVuaXhw
+    YWNrZXSCB2J1ZmNvbm6HBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAGHBAr///6HBKwd
+    IqaHEP6AAAAAAAAAAhVd//6GM+MwCgYIKoZIzj0EAwIDRwAwRAIgNe9zoH9iz7Tw
+    1j8+Jk05DU6nJ48a5mbP0viZ50UGu7sCIEK0AoPBrqxnicdhEEInONWyIm5VUR/l
+    YURZZyNuJ8lJ
+    -----END CERTIFICATE-----
+  admin.macaroon.hex: |
+    0201036C6E6402F801030A107EC4D3E96DE93FA58F70968A1729AE6C1201301A160A0761646472657373120472656164120577726974651A130A04696E666F120472656164120577726974651A170A08696E766F69636573120472656164120577726974651A210A086D616361726F6F6E120867656E6572617465120472656164120577726974651A160A076D657373616765120472656164120577726974651A170A086F6666636861696E120472656164120577726974651A160A076F6E636861696E120472656164120577726974651A140A057065657273120472656164120577726974651A180A067369676E6572120867656E65726174651204726561640000062023AFC3BF7DB1D186342905D79461793FFCB59F583858F495C253F0A1EB4D33C2

resources/plugins/circuitbreaker/charts/circuitbreaker/templates/pod.yaml

@@ -1,16 +1,46 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: {{ .Values.name }}
+  name: {{ include "mychart.fullname" . }}
   labels:
-    app: {{ .Chart.Name }}
+    app: {{ include "mychart.name" . }}
+    mission: {{ .Values.name }}
 spec:
+  initContainers:
+    - name: "init"
+      image: "busybox"
+      command:
+        - "sh"
+        - "-c"
+      args:
+        - >
+          mkdir -p /shared/.lnd/data/chain/bitcoin/mainnet &&
+          cp /configmap/tls.cert /shared/.lnd/tls.cert &&
+          cat /configmap/admin.macaroon.hex | xxd -r -p > /shared/.lnd/data/chain/bitcoin/mainnet/admin.macaroon
+      volumeMounts:
+        - name: shared-volume
+          mountPath: /shared
+        - name: configmap-volume
+          mountPath: /configmap
   containers:
-    - name: {{ .Values.name }}-container
+    - name: {{ .Values.name }}
       image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
       imagePullPolicy: {{ .Values.image.pullPolicy }}
-      command: ["sh", "-c"]
+      command:
+        - "sh"
+        - "-c"
       args:
-      - echo "Hello {{ .Values.name }}";
-      resources: {}
-     
+        - >
+          mkdir -p /root/.lnd/data/chain/bitcoin/mainnet &&
+          ln -s /shared/.lnd/tls.cert /root/.lnd/tls.cert &&
+          ln -s /shared/.lnd/data/chain/bitcoin/mainnet/admin.macaroon /root/.lnd/data/chain/bitcoin/mainnet/admin.macaroon &&
+          circuitbreaker --rpcserver={{ .Values.lnd.rpcserver }} --httplisten={{ .Values.lnd.httplisten }}
+      volumeMounts:
+        - name: shared-volume
+          mountPath: /shared
+  volumes:
+    - name: configmap-volume
+      configMap:
+        name: {{ include "mychart.fullname" . }}-data
+    - name: shared-volume
+      emptyDir: {}

resources/plugins/circuitbreaker/charts/circuitbreaker/templates/service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "mychart.fullname" . }}-service
+  labels:
+    app: {{ include "mychart.name" . }}
+spec:
+  type: NodePort
+  ports:
+    - port: 9235
+      targetPort: 9235
+      nodePort: 30000  # Choose a port between 30000-32767
+  selector:
+    app: {{ include "mychart.name" . }}

resources/plugins/circuitbreaker/charts/circuitbreaker/values.yaml

@@ -2,4 +2,13 @@ name: "circuitbreaker"
 image:
   repository: "camillarhi/circuitbreaker"
   tag: "latest"
-  pullPolicy: IfNotPresent
+  pullPolicy: IfNotPresent
+workingVolume:
+  name: working-volume
+  mountPath: /working
+configmapVolume:
+  name: configmap-volume
+  mountPath: /configmap
+lnd:
+  rpcserver: "172.29.34.166:10009"  # Default LND RPC server address
+  httplisten: "0.0.0.0:9235"  # Default HTTP listen address

resources/plugins/circuitbreaker/plugin.py

@@ -3,6 +3,7 @@
 import logging
 from enum import Enum
 from pathlib import Path
+import subprocess
 import time
 from typing import Optional
 
@@ -25,11 +26,9 @@
 
 PLUGIN_DIR_TAG = "plugin_dir"
 
-
 class PluginError(Exception):
     pass
 
-
 log = logging.getLogger(MISSION)
 if not log.hasHandlers():
     console_handler = logging.StreamHandler()
@@ -41,9 +40,9 @@ class PluginError(Exception):
 log.propagate = True
 
 class PluginContent(Enum):
-    MODE = "mode"
-    MAX_PENDING_HTLCS = "maxPendingHtlcs"
-    RATE_LIMIT = "rateLimit"
+    POD_NAME = "podName"
+    LND_RPC_SERVER = "rpcserver"
+    HTTP_LISTEN = "httplisten"
 
 @click.group()
 @click.pass_context
@@ -85,48 +84,121 @@ def _entrypoint(ctx, plugin_content: dict, warnet_content: dict):
     hook_value = warnet_content[WarnetContent.HOOK_VALUE.value]
 
     match hook_value:
-        case (
-            HookValue.PRE_NETWORK
-            | HookValue.POST_NETWORK
-            | HookValue.PRE_DEPLOY
-            | HookValue.POST_DEPLOY
-        ):
+        case HookValue.POST_DEPLOY:
             data = get_data(plugin_content)
             if data:
-                _launch_circuit_breaker(ctx, node_name=hook_value.value.lower()+"breaker",hook_value=hook_value.value)
+                _launch_pod(ctx, install_name="circuitbreaker", **data)
             else:
-                _launch_circuit_breaker(ctx, node_name=hook_value.value.lower()+"breaker",hook_value=hook_value.value)
-        case HookValue.PRE_NODE:
-            name = warnet_content[PLUGIN_ANNEX][AnnexMember.NODE_NAME.value] + "-pre-pod"
-            _launch_circuit_breaker(ctx, node_name=hook_value.value.lower() + "-" + name, hook_value=hook_value.value)
-        case HookValue.POST_NODE:
-            name = warnet_content[PLUGIN_ANNEX][AnnexMember.NODE_NAME.value] + "-post-pod"
-            _launch_circuit_breaker(ctx, node_name=hook_value.value.lower() + "-" + name, hook_value=hook_value.value)
+                _launch_pod(ctx, install_name="circuitbreaker")
+        case _:
+            log.info(f"No action required for hook {hook_value}")
 
 def get_data(plugin_content: dict) -> Optional[dict]:
     data = {
         key: plugin_content.get(key)
-        for key in (PluginContent.MAX_PENDING_HTLCS.value, PluginContent.RATE_LIMIT.value)
+        for key in (PluginContent.POD_NAME.value, PluginContent.LND_RPC_SERVER.value, PluginContent.HTTP_LISTEN.value)
         if plugin_content.get(key)
     }
     return data or None
 
+# def _create_secrets():
+#     """Use local LND files for testing"""
+#     log.info("Using local LND files for testing")
+#     tls_cert_path = Path.home() / ".lnd" / "tls.cert"
+#     admin_macaroon_path = Path.home() / ".lnd" / "data" / "chain" / "bitcoin" / "signet" / "admin.macaroon"
 
-def _launch_circuit_breaker(ctx, node_name: str, hook_value: str):
+#     if not tls_cert_path.exists():
+#         raise PluginError(f"TLS certificate not found at {tls_cert_path}")
+#     if not admin_macaroon_path.exists():
+#         raise PluginError(f"Admin macaroon not found at {admin_macaroon_path}")
+
+#     log.info(f"Using TLS certificate: {tls_cert_path}")
+#     log.info(f"Using admin macaroon: {admin_macaroon_path}")
+    
+# def _create_secrets():
+#     """Create Kubernetes secrets for each LND node"""
+#     lnd_pods = subprocess.check_output(["kubectl", "get", "pods", "-l", "mission=lightning", "-o", "name"]).decode().splitlines()
+#     # lnd_pods = subprocess.check_output(["kubectl", "get", "pods", "-l", "app=warnet", "-l", "mission=lightning", "-o", "name"]).decode().splitlines()
+#     for node in lnd_pods:
+#         node_name = node.split('/')[-1]
+#         log.info(f"Waiting for {node_name} to be ready...")
+#         wait_for_init(node_name, namespace=get_default_namespace(), quiet=True)
+#         log.info(f"Creating secrets for {node_name}")
+#         subprocess.run(["kubectl", "cp", f"{node}:/root/.lnd/tls.cert", "./tls.cert"], check=True)
+#         subprocess.run(["kubectl", "cp", f"{node}:/root/.lnd/data/chain/bitcoin/regtest/admin.macaroon", "./admin.macaroon"], check=True)
+#         subprocess.run(["kubectl", "create", "secret", "generic", f"lnd-tls-cert-{node_name}", "--from-file=tls.cert=./tls.cert"], check=True)
+#         subprocess.run(["kubectl", "create", "secret", "generic", f"lnd-macaroon-{node_name}", "--from-file=admin.macaroon=./admin.macaroon"], check=True)
+        
+def _create_secrets():
+    """Create Kubernetes secrets for each LND node"""
+    lnd_pods = subprocess.check_output(
+        ["kubectl", "get", "pods", "-l", "mission=lightning", "-o", "name"]
+    ).decode().splitlines()
+
+    for node in lnd_pods:
+        node_name = node.split('/')[-1]
+        log.info(f"Waiting for {node_name} to be ready...")
+
+        # Wait for the pod to be ready
+        max_retries = 10
+        retry_delay = 10  # seconds
+        for attempt in range(max_retries):
+            try:
+                # Check if the pod is ready
+                pod_status = subprocess.check_output(
+                    ["kubectl", "get", "pod", node_name, "-o", "jsonpath='{.status.phase}'"]
+                ).decode().strip("'")
+
+                if pod_status == "Running":
+                    log.info(f"{node_name} is ready.")
+                    break
+                else:
+                    log.info(f"{node_name} is not ready yet (status: {pod_status}). Retrying in {retry_delay} seconds...")
+            except subprocess.CalledProcessError as e:
+                log.error(f"Failed to check pod status for {node_name}: {e}")
+                if attempt == max_retries - 1:
+                    raise PluginError(f"Pod {node_name} did not become ready after {max_retries} attempts.")
+
+            time.sleep(retry_delay)
+
+        # Create secrets for the pod
+        log.info(f"Creating secrets for {node_name}")
+        try:
+            subprocess.run(
+                ["kubectl", "cp", f"{node_name}:/root/.lnd/tls.cert", "./tls.cert"],
+                check=True
+            )
+            subprocess.run(
+                ["kubectl", "cp", f"{node_name}:/root/.lnd/data/chain/bitcoin/regtest/admin.macaroon", "./admin.macaroon"],
+                check=True
+            )
+            subprocess.run(
+                ["kubectl", "create", "secret", "generic", f"lnd-tls-cert-{node_name}", "--from-file=tls.cert=./tls.cert"],
+                check=True
+            )
+            subprocess.run(
+                ["kubectl", "create", "secret", "generic", f"lnd-macaroon-{node_name}", "--from-file=admin.macaroon=./admin.macaroon"],
+                check=True
+            )
+        except subprocess.CalledProcessError as e:
+            log.error(f"Failed to create secrets for {node_name}: {e}")
+            raise PluginError(f"Failed to create secrets for {node_name}.")
+
+def _launch_pod(ctx,
+                install_name: str = "circuitbreaker", 
+                podName: str = "circuitbreaker-pod", 
+                rpcserver: str = "localhost:10009", 
+                httplisten: str = "0.0.0.0:9235"):
     timestamp = int(time.time())
-    release_name = f"cb-{node_name}"
+    # release_name = f"cb-{install_name}"
 
-    # command = f"helm upgrade --install {release_name} {ctx.obj[PLUGIN_DIR_TAG]}/charts/circuitbreaker"
     command = (
-        f"helm upgrade --install {release_name} {ctx.obj[PLUGIN_DIR_TAG]}/charts/circuitbreaker "
-        f"--set name={release_name}"
+        f"helm upgrade --install {install_name} {ctx.obj[PLUGIN_DIR_TAG]}/charts/circuitbreaker "
+        f"--set podName={podName} --set rpcserver={rpcserver} --set httplisten={httplisten}"
     )
-    log.info(command)
-    run_command(command)
 
-    if(hook_value==HookValue.POST_DEPLOY):
-        wait_for_init(release_name, namespace=get_default_namespace(), quiet=True)
-
+    log.info(command)
+    log.info(run_command(command))
 
 if __name__ == "__main__":
     circuitbreaker()