1. Passage du Cluster en mode privée
Stopper les services (3 machines)
[root@node-ipfsl home]# systemctl stop ipfs-cluster.service [root@node-ipfsl home]# systemctl stop ipfs-peer.service [root@node-ipfsp1 home]# systemctl stop ipfs-cluster-peer.service [root@node-ipfsp1 home]# systemctl stop ipfs-peer.service [root@node-ipfsp2 home]# systemctl stop ipfs-cluster-peer.service [root@node-ipfsp2 home]# systemctl stop ipfs-peer.service
Création d’un clef secrète (leader)
Récupération script automatique
[root@node-ipfsl home]# dnf install git [root@node-ipfsl home]# cd /home && go install github.com/Kubuxu/go-ipfs-swarm-key-gen/ipfs-swarm-key-gen@latest go: downloading github.com/Kubuxu/go-ipfs-swarm-key-gen v0.0.0-20170218193930-0ee739ec6d32
Génération de la clef privée
[root@node-ipfsl home]# ipfs-swarm-key-gen > /mnt/ipfs-data/ipfs/swarm.key [root@node-ipfsl home]# cat /mnt/ipfs-data/ipfs/swarm.key /key/swarm/psk/1.0.0/ /base16/ 1c77bfd716e3d5811049260f3aaedcdcadf0997113b02dbddc1ecab3308b15ac
Copie de la clef sur les peers clients
[root@node-ipfsl home]# scp /mnt/ipfs-data/ipfs/swarm.key root@192.168.1.71:/mnt/ipfs-data/ipfs/swarm.key [root@node-ipfsl home]# scp /mnt/ipfs-data/ipfs/swarm.key root@192.168.1.72:/mnt/ipfs-data/ipfs/swarm.key
Activation mode Privée et suppression de tous les « bootstap » (3 machines)
[root@node-ipfsx home]# export LIBP2P_FORCE_PNET=1 [root@node-ipfsx home]# vi $HOME/.bashrc
Node leader
[root@node-ipfsl home]# ipfs bootstrap rm --all removed /dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN removed /dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa removed /dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb removed /dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt removed /dnsaddr/va1.bootstrap.libp2p.io/p2p/12D3KooWKnDdG3iXw9eTFijk3EWSunZcFi54Zka4wmtqtt6rPxc8 removed /ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ removed /ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ
Node peer n°1
[root@node-ipfsp1 home]# ipfs bootstrap rm --all removed /dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN removed /dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa removed /dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb removed /dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt removed /dnsaddr/va1.bootstrap.libp2p.io/p2p/12D3KooWKnDdG3iXw9eTFijk3EWSunZcFi54Zka4wmtqtt6rPxc8 removed /ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ removed /ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ
Node peer n°2
[root@node-ipfsp2 home]# ipfs bootstrap rm --all removed /dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN removed /dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa removed /dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb removed /dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt removed /dnsaddr/va1.bootstrap.libp2p.io/p2p/12D3KooWKnDdG3iXw9eTFijk3EWSunZcFi54Zka4wmtqtt6rPxc8 removed /ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ removed /ip4/104.131.131.82/udp/4001/quic-v1/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ
Spécification système réseau privé (master & clients)
[root@node-ipfsx home]# ipfs config Routing.Type dht [root@node-ipfsx home]# ipfs config --json AutoTLS.Enabled false [root@node-ipfsx home]# ipfs config --json Swarm.Transports.Network.WebTransport false [root@node-ipfsx home]# ipfs config --json Swarm.Transports.Network '{"TCP": true, "QUIC": false, "Websocket": false, "Relay": false, "WebTransport": false, "WebRTCDirect": false}'
Redémarre les services peer sur les machines (master & clients)
Service ipfs (go-ipfs) leader
[root@node-ipfsl home]# systemctl start ipfs-peer.service [root@node-ipfsl home]# systemctl status ipfs-peer.service
Service ipfs (go-ipfs) peers
[root@node-ipfsp1 home]# systemctl start ipfs-peer.service [root@node-ipfsp1 home]# systemctl status ipfs-peer.service
[root@node-ipfsp2 home]# systemctl start ipfs-peer.service [root@node-ipfsp2 home]# systemctl status ipfs-peer.service
Check des peers mode réseau Privé
Sur le leader
[root@node-ipfsl home]# ipfs swarm peers /ip4/192.168.1.71/tcp/4001/p2p/12D3KooWJb4HwVbXFuxZSeFAUjocurt7gPw14G6CsZRwTpVgMNdP /ip4/192.168.1.72/tcp/4001/p2p/12D3KooWQ4VuBLMjVvmW4F4fhKxbArFG4Y9SQ3coVBo1PL29qrJx
Sur le peer n°1
[root@node-ipfsp1 home]# ipfs swarm peers /ip4/192.168.1.70/tcp/4001/p2p/12D3KooWCWwgEQx51YWB54Fn82JVQJ1SNm52sTHmNtQQAvMr6yza /ip4/192.168.1.72/tcp/4001/p2p/12D3KooWQ4VuBLMjVvmW4F4fhKxbArFG4Y9SQ3coVBo1PL29qrJx
Sur le peer n°2
[root@node-ipfsp2 home]# ipfs swarm peers /ip4/192.168.1.70/tcp/4001/p2p/12D3KooWCWwgEQx51YWB54Fn82JVQJ1SNm52sTHmNtQQAvMr6yza /ip4/192.168.1.71/tcp/4001/p2p/12D3KooWJb4HwVbXFuxZSeFAUjocurt7gPw14G6CsZRwTpVgMNdP
Redémarre les services cluster sur les machines (master & clients)
[root@node-ipfsl home]# systemctl start ipfs-cluster.service [root@node-ipfsl home]# systemctl status ipfs-cluster.service
[root@node-ipfsp1 home]# systemctl start ipfs-cluster-peer.service [root@node-ipfsp1 home]# systemctl status ipfs-cluster-peer.service
[root@node-ipfsp2 home]# systemctl start ipfs-cluster-peer.service [root@node-ipfsp2 home]# systemctl status ipfs-cluster-peer.service
Check des cluster ipfs mode réseau Privé
[root@node-ipfsl home]# ipfs-cluster-ctl peers ls
2. Autoriser l’accès à l’API Cluster (master & clients)
Check port API
[root@node-ipfsx home]# lsof -i :9094
Stopper les services cluster (dans l’ordre)
[root@node-ipfsl home]# systemctl stop ipfs-cluster.service [root@node-ipfsp1 home]# systemctl stop ipfs-cluster-peer.service [root@node-ipfsp2 home]# systemctl stop ipfs-cluster-peer.service
Modification l’écoute
[root@node-ipfsx home]# vi /mnt/ipfs-data/ipfs-cluster/service.json
Modifier par la configuration ci-dessous
Démarrer les services cluster (dans l’ordre)
[root@node-ipfsl home]# systemctl start ipfs-cluster.service [root@node-ipfsp1 home]# systemctl start ipfs-cluster-peer.service [root@node-ipfsp2 home]# systemctl start ipfs-cluster-peer.service
[root@node-ipfsl home]# ipfs-cluster-ctl peers ls |grep "192.168.1.7"
[root@node-ipfsx home]# lsof -i :9094
Inventaire du nœud leader
[root@node-ipfsl home]# curl -s http://192.168.1.70:9094/id | jq .
Liste les nœuds du cluster
- http://192.168.1.50:9094/peers
3. Des fichiers sur le cluster
Ajout de fichier
[root@node-ipfsl home]# echo "Nouveau Cluster IPFS - Chris" > IPFS_file01.txt [root@node-ipfsl home]# ipfs-cluster-ctl add IPFS_file01.txt added QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei IPFS_file01.txt
«Add sur le nœud leader avec succès »
[root@ node-ipfsl home]# ipfs cat QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei
Check de la réplication du fichier mode Block
[root@node-ipfsp1 home]# journalctl -f
«Add sur le nœud peer n°1 avec succès »
[root@node-ipfsp1 home]# ipfs cat QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei
[root@node-ipfsp2 home]# journalctl –f
«Add sur le nœud peer n°2 avec succès »
[root@node-ipfsp2 home]# ipfs cat QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei
Liste du fichier sur le Cluster
[root@node-ipfsp2 home]# curl -s http://192.168.1.70:9094/pins | jq .|grep cid "cid": "QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei", [root@node-ipfsl home]# ipfs-cluster-ctl status QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei QmP1zpXsnefj7eskAruAje8dgbKcKBaBviCEYWQStDCRei: > node-ipfsp2 : PINNED | 2025-07-12T15:05:16Z | Attempts: 0 | Priority: false > node-ipfsl : PINNED | 2025-07-12T17:05:16+02:00 | Attempts: 0 | Priority: false > node-ipfsp1 : PINNED | 2025-07-12T15:05:16Z | Attempts: 0 | Priority: false
4. Autoriser l’accès à Web URL (master & clients)
Check port Web URL
[root@node-ipfsx home]# lsof -i :8080 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ipfs 7968 root 13u IPv4 64280 0t0 TCP localhost:webcache (LISTEN)
Stopper les services (3 machines)
[root@node-ipfsl home]# systemctl stop ipfs-peer.service [root@node-ipfsp1 home]# systemctl stop ipfs-peer.service [root@node-ipfsp2 home]# systemctl stop ipfs-peer.service
Modifier le fichier de conf (3 machines)
[root@node-ipfspx ~]# vi /mnt/ipfs-data/ipfs/config
Modifier comme ci-dessous
Redémarrer les services (3 machines)
[root@node-ipfsl home]# systemctl stop ipfs-peer.service [root@node-ipfsp1 home]# systemctl stop ipfs-peer.service [root@node-ipfsp2 home]# systemctl stop ipfs-peer.service
Ouvrir les flux firewall pour le port 8080/tcp (3 machines)
[root@node-ipfsx ~]# firewall-cmd --add-port=8080/tcp --permanent [root@node-ipfsx ~]# firewall-cmd --reload [root@node-ipfsx ~]# firewall-cmd --list-all
5. Ajouter et consulter une image sur le cluster IPFS
[root@node-ipfsl ~]# cd /home [root@node-ipfsl home]# wget https://media.senscritique.com/media/000011292508/source_big/Bob_l_eponge.jpg [root@node-ipfsl home]# ipfs-cluster-ctl add Bob_l_eponge.jpg added QmP5rxgZxYjit96NnKqLB7KduPA79nmBwEJAAuxpcqefnm Bob_l_eponge.jpg [root@node-ipfsl home]# ipfs-cluster-ctl status QmP5rxgZxYjit96NnKqLB7KduPA79nmBwEJAAuxpcqefnm
Accès du fichier via le leader & peers
Via le leader
Via le peer n°1
Via le peer n°2
Views: 0