1. Inventaire des 2 nouveaux peers
Hostname
- Node-ipfsp5 : IP = 192.168.1.75 (peer)
- Node-ipfsp6 : IP = 192.168.1.76 (peer)
HDD
- Disque SCSI0 : Système
- Disque SCSI1 & SCSI2 : RAID1
2. Installation de Cluster-ssh
Installation du paquet parallèle SSH
[root@node-ipfsl ~]# dnf config-manager --set-enabled crb
[root@node-ipfsl ~]# dnf makecache
[root@node-ipfsl ~]# dnf install pssh
Configuration des hosts machines IPFS
[root@node-ipfsl ~]# echo "root@192.168.1.75" >> ~/.prod_ipfs.txt
[root@node-ipfsl ~]# echo "root@192.168.1.76" >> ~/.prod_ipfs.txt
[root@node-ipfsl ~]# echo "root@192.168.1.75" >> ~/.prod_ipfsp5.txt
[root@node-ipfsl ~]# echo "root@192.168.1.76" >> ~/.prod_ipfsp6.txt
Echange de clef de connexion du leader sur les peers
[root@node-ipfsl ~]# ssh-keygen
[root@node-ipfsl ~]# ssh-copy-id root@192.168.1.75
[root@node-ipfsl ~]# ssh-copy-id root@192.168.1.76
3. Installation des prérequis IPFS via pssh
Set le hotsname des machines
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp5.txt -i "hostnamectl hostname ipfsp5"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp6.txt -i "hostnamectl hostname ipfsp6"
Désactiver le SELinux
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "setenforce 0"
Set le NTP sur le fuseau de PARIS
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "timedatectl set-timezone Europe/Paris"
Mise à jour du système d’exploitation
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "yes | dnf -y update"
Ajout des dépendances pour IPFS
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "dnf install epel-release net-tools nmap wget tar git -y"
4. Installation du RAID1
Prédisposition du RAID Logiciel
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "dnf -y install mdadm"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "echo "modprobe raid1" >> /etc/rc.local"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "chmod +x /etc/rc.local && source /etc/rc.local"
Partitionnement des disques en mode
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "parted -s /dev/sdb mklabel msdos && parted -s /dev/sdc mklabel msdos"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "parted -s /dev/sdb mkpart primary 1MiB 100% && parted -s /dev/sdc mkpart primary 1MiB 100%"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "parted -s /dev/sdb set 1 raid on && parted -s /dev/sdc set 1 raid on"
Création du RAID1
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "yes | mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb1 /dev/sdc1"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cat /proc/mdstat"
Préparation du volume RAID
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "yes|mkfs.ext4 /dev/md0 "
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "mkdir -p /mnt/ipfs-data"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "echo "/dev/md0 /mnt/ipfs-data ext4 defaults 0 2" >> /etc/fstab"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "systemctl daemon-reload"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "mount -a"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "df -Th|grep ipfs"
5. Installation des règles Firewall
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "firewall-cmd --add-port={4001,5001,9094,9095,9096,8080}/tcp --permanent"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "firewall-cmd --add-port=4001/udp --permanent"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "firewall-cmd --remove-service={cockpit,dhcpv6-client} --permanent"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "firewall-cmd --reload"
6. Installation des middleware IPFS et Cluster
Installation langage GO
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cd /home && wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cd /home && tar -xvf go1.24.4.linux-amd64.tar.gz && mv go /usr/local"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "mkdir $HOME/gopath"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i 'echo "export GOROOT=/usr/local/go" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i 'echo "export GOPATH=$HOME/gopath" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "sed -i 's/export PATH/#export PATH/g' $HOME/.bashrc"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i 'echo "export PATH=$PATH:$GOROOT/bin:$GOPATH/bin" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i 'source ~/.bashrc && go version'
Installation Go-ipfs KUBO
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cd /home && wget https://dist.ipfs.tech/kubo/v0.35.0/kubo_v0.35.0_linux-amd64.tar.gz"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cd /home && tar -xzvf kubo_v0.35.0_linux-amd64.tar.gz kubo/"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "cd /home/kubo && bash install.sh"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -v -i "ipfs --version"
Installation IPFS Cluster service
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "cd /home && wget https://dist.ipfs.tech/ipfs-cluster-service/v1.1.4/ipfs-cluster-service_v1.1.4_linux-amd64.tar.gz"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "cd /home && tar -xzvf ipfs-cluster-service_v1.1.4_linux-amd64.tar.gz ipfs-cluster-service/"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "cd /home && mv ipfs-cluster-service/ipfs-cluster-service /usr/local/bin/"
Installation IPFS Cluster ctl
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "cd /home && wget https://dist.ipfs.tech/ipfs-cluster-ctl/v1.1.4/ipfs-cluster-ctl_v1.1.4_linux-amd64.tar.gz"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "cd /home && mv ipfs-cluster-ctl/ipfs-cluster-ctl /usr/local/bin/"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs-cluster-ctl --version"
Installation des variables ENV ipfs
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'echo "export IPFS_PATH=/mnt/ipfs-data/ipfs" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'echo "export IPFS_CLUSTER_PATH=/mnt/ipfs-data/ipfs-cluster" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'echo "export LIBP2P_FORCE_PNET=1" >> $HOME/.bashrc'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'source $HOME/.bashrc'
7. Initialisation et service IPFS Kubo
Initialisation du Peer
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs init"
Paramétrage du peer
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'ipfs config Datastore.StorageMax \"40GB\"'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i 'ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001'
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '[\"*\"]'"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '[\"PUT\", \"POST\"]'"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp5.txt -i "ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '[\"http://192.168.1.75:5001\", \"http://localhost:3000\", \"http://127.0.0.1:5001\", \"https://node-ipfsp5.house.cp\"]'"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp6.txt -i "ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '[\"http://192.168.1.76:5001\", \"http://localhost:3000\", \"http://127.0.0.1:5001\", \"https://node-ipfsp6.house.cp\"]'"
Paramétrage mode Privé
[root@node-ipfsl ~]# for i in {5..6}; do scp /mnt/ipfs-data/ipfs/swarm.key root@192.168.1.7$i:/mnt/ipfs-data/ipfs/swarm.key ;done
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs bootstrap rm --all"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config Routing.Type dht"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config --json AutoTLS.Enabled false"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config --json Swarm.Transports.Network.WebTransport false"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs config --json Swarm.Transports.Network '{\"TCP\": true, \"QUIC\": false, \"Websocket\": false, \"Relay\": false, \"WebTransport\": false, \"WebRTCDirect\": false}'"
Service ipfs peer
[root@node-ipfsl ~]# for i in {5..6}; do scp /etc/systemd/system/ipfs-peer.service root@192.168.1.7$i:/etc/systemd/system/ipfs-peer.service ;done
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl daemon-reexec && systemctl daemon-reload"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl enable ipfs-peer.service && systemctl restart ipfs-peer.service"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl status ipfs-peer.service"
8. Initialisation et service IPFS Cluster
Initialisation du Cluster-service
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "ipfs-cluster-service init"
Ajout de la clef privée du cluster
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "sed -i 's/\"secret\": \".*\"/\"secret\": \"9dc28eb1c943ec508cc9f5a8b4c4726a5398be979c62521dd93252d62cb72196\"/' /mnt/ipfs-data/ipfs-cluster/service.json"
Service ipfs Cluster
[root@node-ipfsl ~]# for i in {5..6}; do scp root@192.168.1.74:/etc/systemd/system/ipfs-cluster-peer.service root@192.168.1.7$i:/etc/systemd/system/ipfs-cluster-peer.service ;done
Ouverture des accès web API 9094
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "sed -i 's|"/ip4/127.0.0.1/tcp/9094"|"/ip4/0.0.0.0/tcp/9094"|' /mnt/ipfs-data/ipfs-cluster/service.json"
Ouverture des accès Web URL 8080
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "sed -i 's|"/ip4/127.0.0.1/tcp/8080"|"/ip4/0.0.0.0/tcp/8080"|' /mnt/ipfs-data/ipfs/config"
Démarrage de l’ensemble des service IPS et IPS Cluster
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "sed -i 's|"/ip4/127.0.0.1/tcp/8080"|"/ip4/0.0.0.0/tcp/8080"|' /mnt/ipfs-data/ipfs/config"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl stop ipfs-peer && systemctl start ipfs-peer"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl daemon-reexec && systemctl daemon-reload"
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfs.txt -i "systemctl enable ipfs-cluster-peer.service && systemctl start ipfs-cluster-peer.service"
9. Résultat du déploiement via parallèle SSH
Liste les nœuds du cluster IPFS
[root@node-ipfsl ~]# ipfs-cluster-ctl peers ls |grep "192.168.1.7"
Liste les nœuds connectés sur le peer n°5
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp5.txt -i "ipfs swarm peers"
Liste les nœuds connectés sur le peer n°6
[root@node-ipfsl ~]# pssh -h ~/.prod_ipfsp6.txt -i "ipfs swarm peers"
Accès du fichier «Bob_l_eponge.jpg » répliqué précédemment
Views: 0