Support for GCP

README.md

@@ -10,3 +10,45 @@ Documentation on Corda Enterprise Network Manager (CENM) can be found at [CENM D
 | 1.5.9                        | git checkout v1.5.9 |
 <!-- | 1.3.5 (no longer maintained) | git checkout v1.3.5 |
 | 1.4.4 (no longer maintained) | git checkout v1.4.4 | -->
+
+
+## AMENDED FOR GCP
+#### Assumptions:
+- the namespace used is cenm. It is hardcoded in the pre-requesite script.
+- Your GCP API are all enabled (Filestore, Kubernetes, Artifactory, etc.)
+- your loadbalancer is delegated to GKE
+- GKE has its CSIFilestore driver enabled running with n1-standard-1 and n1-standard-4 machines.
+
+
+#### DevOps local machine preparation:
+Clone locally this repo.
+
+#### login first to your Google Artifactory
+>  gcloud auth configure-docker us-central1-docker.pkg.dev
+
+#### Create the docker secret:
+> kubectl create secret docker-registry cenm-registry \
+ --docker-server=https:<<URL-TO-YOUR-GCR>>\
+--docker-username=oauth2accesstoken \
+--docker-password="$(gcloud auth print-access-token)" \
+[email protected] \
+-n cenm
+
+Run the pre-requesite  _./prereq.sh_ script to:
+- create the cenm Kubernetes namespace
+- create two new _StorageClasses_ (_cenm_, and _cenm-shared_)
+- create the linked role and rolebinding.
+- Please add the user pod subnetwork used by the GKE into the filestore configurations (currently left with "default" value). 
+  As indicated below:
+    -         parameters:
+                  tier: standard
+                  network: YOUR_NETWORK_NAME
+
+Navigate to k8s directory and run:
+> ./bootstrap.cenm --ACCEPT_LICENSE Y --auto
+
+- you should 
+
+To Remove the CENM deployment run the below commands:
+> export CENM_PREFIX=cenm
+> helm delete ${CENM_PREFIX}-auth ${CENM_PREFIX}-gateway ${CENM_PREFIX}-idman ${CENM_PREFIX}-nmap ${CENM_PREFIX}-notary ${CENM_PREFIX}-pki ${CENM_PREFIX}-hsm ${CENM_PREFIX}-signer ${CENM_PREFIX}-zone ${CENM_PREFIX}-idman-ip ${CENM_PREFIX}-notary-ip

k8s/cenm.yaml

@@ -1,9 +1,9 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cenm
-
----
+#apiVersion: v1
+#kind: Namespace
+#metadata:
+#  name: cenm
+#
+#---
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:

k8s/cleanNamespaceNStorageClasses.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# cleanup_cenm.sh with colorized output
+
+# Define color codes
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No color
+
+# Function to print error messages in red and exit
+error_exit() {
+  echo -e "${RED}Error: $1${NC}"
+  exit 1
+}
+
+echo -e "${YELLOW}Starting cleanup process...${NC}"
+
+# Step 1: Delete the 'cenm-shared' StorageClass
+echo -e "${YELLOW}Step 1: Deleting StorageClass 'cenm-shared'...${NC}"
+kubectl delete storageclass cenm-shared
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to delete StorageClass 'cenm-shared'"
+else
+  echo -e "${GREEN}StorageClass 'cenm-shared' deleted successfully.${NC}"
+fi
+
+# Step 2: Delete the 'cenm' StorageClass
+echo -e "${YELLOW}Step 2: Deleting StorageClass 'cenm'...${NC}"
+kubectl delete storageclass cenm
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to delete StorageClass 'cenm'"
+else
+  echo -e "${GREEN}StorageClass 'cenm' deleted successfully.${NC}"
+fi
+
+# Step 3: Delete the 'cenm' namespace
+echo -e "${YELLOW}Step 3: Deleting namespace 'cenm'...${NC}"
+kubectl delete namespace cenm
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to delete namespace 'cenm'"
+else
+  echo -e "${GREEN}Namespace 'cenm' deleted successfully.${NC}"
+fi
+
+echo -e "${GREEN}Cleanup process completed successfully.${NC}"

k8s/helm/notary/files/notary.conf

@@ -20,7 +20,7 @@ notary {
 devMode = {{ .Values.devMode }}
 emailAddress : "[email protected]"
 myLegalName : "O=Initial notary for {{ .Values.prefix | upper }} environment,L=Zurich,C=CH"
-p2pAddress : "{{ required "Public IP address required (add --set notaryPublicIP=x.x.x.x to your helm command)" .Values.notaryPublicIP }}:{{ .Values.p2pPort }}"
+p2pAddress : "{{ required "Public IP address required (add --set notaryPublicIP=x.x.x.x to your helm command)" (trimSuffix " VIP" .Values.notaryPublicIP) }}:{{ .Values.p2pPort }}"
 rpcSettings {
     address="{{ .Values.rpcSettingsAddress }}:{{ .Values.rpcSettingsAddressPort }}"
     adminAddress="{{ .Values.rpcSettingsAdminAddress }}:{{ .Values.rpcSettingsAdminAddressPort }}"

k8s/prereq.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# deploy_cenm.sh with colorized output
+
+# Define color codes
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No color
+
+# Function to print error messages in red and exit
+error_exit() {
+  echo -e "${RED}Error: $1${NC}"
+  exit 1
+}
+
+echo -e "${YELLOW}Starting deployment process...${NC}"
+
+# Step 1: Create namespace 'cenm'
+echo -e "${YELLOW}Step 1: Creating namespace 'cenm'...${NC}"
+kubectl create namespace cenm
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to create namespace 'cenm'"
+else
+  echo -e "${GREEN}Namespace 'cenm' created successfully.${NC}"
+fi
+
+# Step 2: Set the current context to use namespace 'cenm'
+echo -e "${YELLOW}Step 2: Setting the current context to namespace 'cenm'...${NC}"
+kubectl config set-context "$(kubectl config current-context)" --namespace=cenm
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to set context to namespace 'cenm'"
+else
+  echo -e "${GREEN}Context set to namespace 'cenm' successfully.${NC}"
+fi
+
+## Step 3: Apply StorageClass configuration (taken care with the first GKE deployment scripts - here only for debugging purpose)
+#echo -e "${YELLOW}Step 3: Applying StorageClass configuration...${NC}"
+#kubectl apply -f storage-class-googlecloud.yaml -n cenm
+#if [[ $? -ne 0 ]]; then
+#  error_exit "Failed to apply StorageClass configuration from storage-class-googlecloud.yaml"
+#else
+#  echo -e "${GREEN}StorageClass configuration applied successfully.${NC}"
+#fi
+
+# Step 4: Deploy cenm resources
+echo -e "${YELLOW}Step 4: Deploying cenm resources...${NC}"
+kubectl apply -f cenm.yaml
+if [[ $? -ne 0 ]]; then
+  error_exit "Failed to apply cenm deployment from cenm.yaml"
+else
+  echo -e "${GREEN}cenm deployment applied successfully.${NC}"
+fi
+
+# Step 5: Initialize Helm deployment
+echo -e "${YELLOW}Step 5: Initializing Helm deployment...${NC}"
+cd helm || error_exit "Failed to change directory to 'helm'"
+./bootstrap.cenm --ACCEPT_LICENSE Y --auto
+if [[ $? -ne 0 ]]; then
+  error_exit "Helm bootstrap failed"
+else
+  echo -e "${GREEN}Helm deployment compled successfully.${NC}"
+fi
+
+echo -e "${GREEN}Deployment process completed successfully.${NC}"

k8s/storage-class-googlecloud.yaml

@@ -0,0 +1,20 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: cenm
+provisioner: pd.csi.storage.gke.io
+volumeBindingMode: WaitForFirstConsumer
+allowVolumeExpansion: true
+parameters:
+  type: pd-balanced
+
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: cenm-shared
+provisioner: filestore.csi.storage.gke.io
+volumeBindingMode: WaitForFirstConsumer
+allowVolumeExpansion: true
+parameters:
+  tier: standard