Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to create a tree in Trillian log mysql database #2675

Closed
Leviathan321 opened this issue Feb 17, 2022 · 4 comments
Closed

Unable to create a tree in Trillian log mysql database #2675

Leviathan321 opened this issue Feb 17, 2022 · 4 comments

Comments

@Leviathan321
Copy link

Leviathan321 commented Feb 17, 2022
edited
Loading

I am using an on premise kubernetes cluster (with istio) to integrate my application with Trillian. I have deployed a mysql database together with a personality, a server and a signer, but I am not able to create a tree using the command here (https://github.com/google/trillian/blob/master/examples/deployment/kubernetes/provision_tree.sh#L27)

echo TREE=$(curl -sb -X POST ${LOG_URL}/v1beta1/trees -d '{ "tree":{ "tree_state":"ACTIVE", "tree_type":"LOG", "hash_strategy":"RFC6962_SHA256", "signature_algorithm":"ECDSA", "max_root_duration":"0", "hash_algorithm":"SHA256" }, "key_spec":{ "ecdsa_params":{ "curve":"P256" } } }')
When I execute the command, I get 404 page not found as result.

The .yaml file of the trillian-server is defined as following:

apiVersion: v1
kind: ConfigMap
metadata:
  name: tr-server-list
data: # TODO optional add env parameter initialization
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: tr-server
  labels:
    name: tr-server
    app: tr-server-app
spec:
  replicas: 1
  selector:
    matchLabels:
      name: tr-server-pod
      db: trdb
      app: tr-server-app
  template: 
    metadata:
      labels:  
        name: tr-server-pod
        db: trdb
        app: tr-server-app
    spec:
      containers:
      - name: trillian-log-server
        image: docker.io/fortissleviathan123/trillian-log-server:latest
        imagePullPolicy: IfNotPresent
        args: [
        "--storage_system=mysql",
        "--mysql_uri=test:zaphod@tcp(trdb.default.svc.cluster.local:3306)/test",
        "--rpc_endpoint=0.0.0.0:8090",
        "--http_endpoint=0.0.0.0:8091",
        "--alsologtostderr",
        ]
        envFrom:
          - configMapRef:
              name: tr-server-list
        ports:
        - name: grpc
          containerPort: 8090
        - name: https
          containerPort: 8091
---
apiVersion: v1
kind: Service
metadata:
  name: tr-server
  labels:
    name: tr-server
    app: tr-server-app
spec:
  ports:
  - name: http
    port: 8091
    targetPort: 8091
  - name: grpc
    port: 8090
    targetPort: 8090
  selector:
    name: tr-server-pod
    db: trdb
    app: tr-server-app

The services are running:


trdb-0                            2/2     Running            6 (70m ago)      40h
tr-personality-5ffbfb44cb-2vp89   2/2     Running            3 (69m ago)      11h
tr-server-59d8bbd4c-kxkxs         2/2     Running            14 (69m ago)     38h
tr-signer-78b74df645-j5p7j        2/2     Running            15 (69m ago)     38h

Is there anything wrong with this deployment?
@mhutchinson
Copy link
Contributor

Thanks for getting in touch. This script is doing something quite antiquated; it's been a long time since we've recommended creating trees via the REST API. Indeed, I notice there is a TODO for @AlCutter there to change this over to use the createtree command.

It should be as simple as:

export TREE_ID=$(go run github.com/google/trillian/cmd/createtree --admin_server=${TRILLIAN_LOG_RPC})

I've created an untested PR that makes the changes I believe need to happen: #2676 . If you're willing you could give that a go now and report back. It'll be a while before I could set up a k8s cluster and try this myself otherwise.

@Leviathan321
Copy link
Author

Leviathan321 commented Feb 17, 2022
edited
Loading

Thank your for your quick reply, this is working...yes I have seen from the deployment with docker, but thought it would be convenient to use the REST API. Just a question: to execute this go run command, I would need to run this command from a directory where the required go packages are provided in a go.mod, right? or is there another way doing this?

@mhutchinson
Copy link
Contributor

The assumption with the command above is that you'd be running it from within the context of the trillian checkout, which would use the mod files. If you want to use it from any context, then the following will work (assuming a recent version of go is installed, and you have internet connectivity):

go run github.com/google/trillian/cmd/createtree@latest

The @latest can be swapped for @master to get the latest version committed, or you can use explicit commit or release tags too.

@AlCutter AlCutter mentioned this issue Feb 18, 2022
Merged
@Leviathan321
Copy link
Author

Ok thank you, I was not aware of this @latest statement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mhutchinson @Leviathan321