IPFS

Peer

Kotal uses only go-ipfs client for IPFS peers, that's why there's no .spec.client option.

Syntax
Type
Description
Default

Array

List of initial configuration profiles

default-datastore

Array

List of configuration profiles to apply after peer initialization

string

API server host

0.0.0.0

number

API server port

5001

string

Local ipfs gateway host

0.0.0.0

number

Local ipfs gateway port

8080

string

Content routing mechanism

dht

string

Name of the k8s secret holding swarm secret key

object

Compute and storage resources

initProfiles

initProfiles is al list of initial ipfs configuration profile.

initialProfiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.

initProfiles can't be updated (immutable).

profiles

profiles is the list of configuration profiles to apply after peer initialization.

profiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.

apiHost

apiHost is API server host.

If you set apiHost to host other than 0.0.0.0, api calls forwarded to the container won't hit the API server. This is useful if you want to disallow calls to API server.

apiPort

apiPort is API server port.

gatewayHost

gatewayHost is local ipfs gateway host.

If you set gatewayHost to host other than 0.0.0.0, gateway won't work. This is useful if you want to disable to access gateway from outside.

gatewayPort

gatewayPort is API server port.

routing

routing is the content routing mechanism.

routing available values are none, dht, dhtclient, dhtserver.

swarmKeySecretName

swarmKeySecretName is the kubernetes secret name that's holding the swarm key in a key called secret.

kubectl create secret generic swarm-key --from-literal=secret=$w@rmk3y

resources

resources allocates compute and storage resources to the peer.

resources object has the following fields:

Syntax
Type
Description
Defalt

cpu

string

number of cpu cores this peer requires

1

cpuLimit

string

number of cpu cores this peer is limited to

2

memory

string

memory this peer requires

2Gi

memoryLimit

string

memory this peer is limited to

4Gi

storage

string

disk space this peer requires

10Gi

storageClass

string

Node volume storage class

Cluster's default storage class will be used as defined by cluster admin or cloud provider

Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.

cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.

cpuLimit can't be less than cpu.

memoryLimit can't be less than or equal to memory.

storageClass field is immutable, it cannot be changed after creation.

ClusterPeer

Kotal uses only ipfs-cluster-service for IPFS cluster peers that runs along with go-ipfs, that's why there's no .spec.client option.

Syntax
Type
Description
Default

string

Cluster peer ID

string

Name of the k8s secret holding cluster peer privatekey

* if consensus is crdt

array

Peer IDs that can manage the pinset in crdt consensus

array

Peers to connect to on startup

string

Cluster consensus algorithm

crdt

string

ipfs peer http API endpoint

string

Name of the k8s secret holding cluster secret

object

Compute and storage resources

id

id is cluster peer id derived from private key.

id is required if privateKeySecretName is provided.

id can be generated using ipfs-key tool.

ipfs-key -type ed25519 | base64

It will return an output similar to the following:

Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=

privateKeySecretName

privateKeySecretName is the name of the k8s secret holding base64 cluster peer privatekey in a key called key.

privateKeySecretName is required if id is provided.

privateKeySecretName can be generated using ipfs-key tool.

ipfs-key -type ed25519 | base64

It will return an output similar to the following:

Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=

trustedPeers

trustedPeers is a list of peer IDs that can manage the cluster pinset in crdt consensus clusters.

trustedPeers is ignored in raft consensus clusters.

trustedPeers default value is * which is trust all peers.

bootstrapPeers

bootstrapPeers is a list of peers to connect to on startup.

bootstrapPeers will be trusted peers in crdt clusters.

consensus

consensus is the cluster consensus algorithm.

peerEndpoint

peerEndpoint id ipfs peer http API endpoint.

peerEndpoint is required for the cluster peer to function correctly.

clusterSecretName

clusterSecretName is the k8s secret name holding 32-bit hex-encoded (without 0x) cluster secret in a key called secret.

clusterSecretName can be generated using openssl tool:

CLUSTER_SECRET=$(openssl rand -hex 32)
kubectl create secret generic cluster-secret --from-literal=secret=$CLUSTER_SECRET

resources

resources allocates compute and storage resources to the peer.

resources object has the following fields:

Syntax
Type
Description
Defalt

cpu

string

number of cpu cores this peer requires

1

cpuLimit

string

number of cpu cores this peer is limited to

2

memory

string

memory this peer requires

2Gi

memoryLimit

string

memory this peer is limited to

4Gi

storage

string

disk space this peer requires

10Gi

Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.

cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.

cpuLimit can't be less than cpu.

memoryLimit can't be less than or equal to memory.

Last updated