8月 102018
 

Ripple管理rippled服务器之集群rippled服务器

https://developers.ripple.com/cluster-rippled-servers.html
https://developers.ripple.com/validation_create.html

Cluster rippled Servers
集群rippled服务器

If you are running multiple rippled servers in a single datacenter, you can configure those servers into a cluster to maximize efficiency. Running your rippled servers in a cluster provides the following benefits:

如果用户在单个数据中心中运行多个ripple服务器实例的话,Ripple建议这些服务器集群化以提升效率。在集群模式下运行rippled服务器将带来以下优势:

Clustered rippled servers share the work of cryptography. If one server has verified the authenticity of a message, the other servers in the cluster trust it and do not re-verify.
集群化的rippled服务器共享密码学工作。如果一台服务器已验证一条消息的真实性,则集群中的其他服务器将直接信息该消息而不再重复验证。

Clustered servers share information about peers and API clients that are misbehaving or abusing the network. This makes it harder to attack all servers of the cluster at once.
集群化的服务器共享有关对等节点和API客户端不当或滥用网络的信息。使其很难一次性攻击集群中的所有服务器。

Clustered servers always propagate transactions throughout the cluster, even if the transaction does not meet the current load-based transaction fee on some of them.
集群化的服务器始终在集群中传递交易,即使该交易不满足某些服务器上基于负载的交易费用要求。

To enable clustering, change the following sections of your config file for each server:
要启用集群,在要加入集群的每个服务器中修改配置文件的以下部分:

List the IP address and port of each other server under the [ips_fixed] section. The port should be the one from the other servers’ protocol = peer setting in their rippled.cfg. Example:
在[ips_fixed]中列出所有其他对端服务器IP和端口号。端口号必须是对端服务器中配置文件所指定的端口号。

[ips_fixed]
192.168.0.1 51235
192.168.0.2 51235

Generate a unique seed (using the validation_create method) for each of your servers, and configure it under the [node_seed] section. The rippled server uses this key to sign its messages to other servers in the peer-to-peer network.
为每个服务器生成唯一种子(使用validation_create方法),并在[node_seed]下配置。rippled服务器使用这个密钥在P2P网络中签名其消息。

Add the public keys (for peer communication) of each of your other servers under the [cluster_nodes] section.
在[cluster_nodes]中添加其他每个服务器的公钥(用于对等网络通信)。

集群节点种子的生成示例

[root@rippled ~]# rippled validation_create
Loading: "/etc/opt/ripple/rippled.cfg"
2018-Aug-10 08:07:19.453274432 HTTPClient:NFO Connecting to 127.0.0.1:5005

{
"result" : {
"status" : "success",
"validation_key" : "ANNA GEM DATA WAD MIRE WAS JUNO GOLF HOT TINA JEFF HOOD",
"validation_private_key" : "pa18XCwH3Kkg9Eu2gGns7UBMDE9crZUs8q2hqUkrdp8dxS832pw",
"validation_public_key" : "n9JmBJKugB6NJBnnLMvFGsvph8A6kuLLWkJ65oX2QAarf2MaCWGH",
"validation_seed" : "ssR4ENi7YxdQBjKWrwD5WTcuDRF6q"
}
}
[root@rippled ~]#
8月 102018
 

安装

MacBookAir:~ harveymei$ brew install ansible
==> Installing dependencies for ansible: libyaml, openssl, gdbm, readline, sqlite, python@2
==> Installing ansible dependency: libyaml
==> Downloading https://homebrew.bintray.com/bottles/libyaml-0.2.1.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring libyaml-0.2.1.high_sierra.bottle.tar.gz
? /usr/local/Cellar/libyaml/0.2.1: 9 files, 298.9KB
==> Installing ansible dependency: openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2o_2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring openssl-1.0.2o_2.high_sierra.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added ina
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> Summary
? /usr/local/Cellar/openssl/1.0.2o_2: 1,792 files, 12.3MB
==> Installing ansible dependency: gdbm
==> Downloading https://homebrew.bintray.com/bottles/gdbm-1.17.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring gdbm-1.17.high_sierra.bottle.tar.gz
? /usr/local/Cellar/gdbm/1.17: 20 files, 581.4KB
==> Installing ansible dependency: readline
==> Downloading https://homebrew.bintray.com/bottles/readline-7.0.5.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring readline-7.0.5.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> Summary
? /usr/local/Cellar/readline/7.0.5: 46 files, 1.5MB
==> Installing ansible dependency: sqlite
==> Downloading https://homebrew.bintray.com/bottles/sqlite-3.24.0.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring sqlite-3.24.0.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> Summary
? /usr/local/Cellar/sqlite/3.24.0: 11 files, 3.5MB
==> Installing ansible dependency: python@2
==> Downloading https://homebrew.bintray.com/bottles/python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
######################################################################## 100.0%
==> Pouring python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> Caveats
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
==> Summary
? /usr/local/Cellar/python@2/2.7.15_1: 4,672 files, 82.6MB
==> Installing ansible
==> Downloading https://homebrew.bintray.com/bottles/ansible-2.6.2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring ansible-2.6.2.high_sierra.bottle.tar.gz
? /usr/local/Cellar/ansible/2.6.2: 12,187 files, 153.4MB
==> Caveats
==> openssl
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added in
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> readline
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> sqlite
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> python@2
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
MacBookAir:~ harveymei$

配置

手动建立目录/etc/ansible/
手动建立主机配置文件/etc/ansible/hosts
密钥保存路径:/用户/harveymei/.ssh/