DEVHIDE
Login Or Sign up

Unable to create a tree in Trillian log mysql database

104 Views Asked by At

I am using an on premise kubernetes cluster (with istio) to integrate my application with Trillian. I have deployed a mysql database together with a personality, a server and a signer, but I am not able to create a tree using the command here (https://github.com/google/trillian/blob/master/examples/deployment/kubernetes/provision_tree.sh#L27)

echo TREE=$(curl -sb -X POST ${LOG_URL}/v1beta1/trees -d '{ "tree":{ "tree_state":"ACTIVE", "tree_type":"LOG", "hash_strategy":"RFC6962_SHA256", "signature_algorithm":"ECDSA", "max_root_duration":"0", "hash_algorithm":"SHA256" }, "key_spec":{ "ecdsa_params":{ "curve":"P256" } } }') When I execute the command, I get 404 page not found as result.

The .yaml file of the trillian-server is defined as following:

apiVersion: v1
kind: ConfigMap
metadata:
  name: tr-server-list
data: # TODO optional add env parameter initialization
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: tr-server
  labels:
    name: tr-server
    app: tr-server-app
spec:
  replicas: 1
  selector:
    matchLabels:
      name: tr-server-pod
      db: trdb
      app: tr-server-app
  template: 
    metadata:
      labels:  
        name: tr-server-pod
        db: trdb
        app: tr-server-app
    spec:
      containers:
      - name: trillian-log-server
        image: docker.io/fortissleviathan123/trillian-log-server:latest
        imagePullPolicy: IfNotPresent
        args: [
        "--storage_system=mysql",
        "--mysql_uri=test:zaphod@tcp(trdb.default.svc.cluster.local:3306)/test",
        "--rpc_endpoint=0.0.0.0:8090",
        "--http_endpoint=0.0.0.0:8091",
        "--alsologtostderr",
        ]
        envFrom:
          - configMapRef:
              name: tr-server-list
        ports:
        - name: grpc
          containerPort: 8090
        - name: https
          containerPort: 8091
---
apiVersion: v1
kind: Service
metadata:
  name: tr-server
  labels:
    name: tr-server
    app: tr-server-app
spec:
  ports:
  - name: http
    port: 8091
    targetPort: 8091
  - name: grpc
    port: 8090
    targetPort: 8090
  selector:
    name: tr-server-pod
    db: trdb
    app: tr-server-app

The services are running:


trdb-0                            2/2     Running            6 (70m ago)      40h
tr-personality-5ffbfb44cb-2vp89   2/2     Running            3 (69m ago)      11h
tr-server-59d8bbd4c-kxkxs         2/2     Running            14 (69m ago)     38h
tr-signer-78b74df645-j5p7j        2/2     Running            15 (69m ago)     38h

Is there anything wrong with this deployment?

mysql kubernetes merkle-tree certificate-transparency
Original Q&A
1

There are 1 best solutions below

0
On

The solution is to use an application provided by google to create the tree, since servers' REST API is supposed to be old. Answer can be found here: https://github.com/google/trillian/issues/2675

Related Questions in MYSQL

Related Questions in KUBERNETES

Related Questions in MERKLE-TREE

Related Questions in CERTIFICATE-TRANSPARENCY

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.