Validator Custom Resource Definition

Introduction

This document provides an overview of the Validator Custom Resource Definition (CRD) in the Catalyst Blockchain Manager Canton system. It outlines the structure of the CRD, and the components it deploys

Structure of the spec

The spec specifies every component needed to deploy a validator separately bellow is a list of components and where they are speccified

Validator

The specifications for the Validator component are at the top level of the spec

ANS/CNS UI

The specifications for the Amulet/Canton Name Service Application are under this path in the yaml

spec.applicationCantonNameServer.spec

Wallet UI

The specifications for the Wallet UI Application are under this path in the yaml

spec.walletUI.spec

Participant Node

The specifications for the participant are under this path of the yaml

spec.participant.spec

Provisioned Postgres Database

The database that is created is not represented on the spec. To increase the volume size (decreases are ignored) use:

spec.storageSize

Changing components specification

Environment Variables

For all components the environment variables are present under spec.envVars

These are can have the same format as in Pods and Deployments

Resources

All components have a resource specification like this

resources:
    cpuLimit: '2'
    cpuRequested: '1'
    imagePullSecret: intellecteu-gitlab-access
    memoryLimit: 2Gi
    memoryRequested: 1Gi
    replicas: 1
  • cpuLimit: Maximum CPU allocation.

  • cpuRequested: Minimum CPU allocation.

  • memoryLimit: Maximum memory allocation.

  • memoryRequested: Minimum memory allocation.

  • replicas: Number of instances (can be set to 0 or 1).

To scale down the validator, set every replicas field to 0.

Example

apiVersion: catalyst.manager.canton/v1
kind: Validator
metadata:
  name: validator1st
  namespace: canton-dev
spec:
  application:
    spec:
      domain: participant-validator1st
      resources:
        cpuLimit: '2'
        cpuRequested: '1'
        imagePullSecret: intellecteu-gitlab-access
        memoryLimit: 2Gi
        memoryRequested: 1Gi
        replicas: 1
      type: backend
      validatorParent: validator1st
    status:
      phase: Pending
  applicationCantonNameServer:
    spec:
      domain: cns-validator1st
      envVars:
        - name: SPLICE_APP_CNS_UI_AUTH_URL
          valueFrom:
# <removed for brevity>
      image: >-
        digitalasset-canton-network-docker.jfrog.io/digitalasset/ans-web-ui:0.3.15
      resources:
        cpuLimit: '1'
        cpuRequested: '0.1'
        imagePullSecret: intellecteu-gitlab-access
        memoryLimit: 1536Mi
        memoryRequested: 240Mi
        replicas: 1
      type: ui
    status:
      phase: Pending
  applicationWallet:
    spec:
      domain: wallet-validator1st
      envVars:
        - name: SPLICE_APP_WALLET_UI_AUTH_URL
          valueFrom:
# <removed for brevity>
      image: >-
        digitalasset-canton-network-docker.jfrog.io/digitalasset/wallet-web-ui:0.3.15
      resources:
        cpuLimit: '1'
        cpuRequested: '0.1'
        imagePullSecret: intellecteu-gitlab-access
        memoryLimit: 1536Mi
        memoryRequested: 240Mi
        replicas: 1
      type: ui
    status:
      phase: Pending
  customAuth: false
  disableAutoInit: false
  envVars:
    - name: ADDITIONAL_CONFIG_NO_ONBOARDING
      value: canton.validator-apps.validator_backend.onboarding = null
# <removed for brevity>
  image: digitalasset-canton-network-docker.jfrog.io/digitalasset/validator-app:0.3.15
  imageRepo: digitalasset-canton-network-docker.jfrog.io/digitalasset
  imageTag: 0.3.15
  migrationAttachPVC: 'false'
  migrationId: '0'
  migrationMigrating: false
  onboardingSecretName: cn-app-validator1st-onboarding-validator
  participant:
    spec:
      adminPort: '5002'
      auth: true
      authProvider: keycloak
      authorization:
        jwksUrl: >-
          https://keycloak.testing.catalyst.intellecteu.io/auth/realms/canton-dev/protocol/openid-connect/certs
      daemon: false
      enterprise: true
      envVars:
        - name: JAVA_TOOL_OPTIONS
          value: '-Xms1152M -Xmx1152M -Dscala.concurrent.context.minThreads=4'
# <removed for brevity>
      ha: false
      image: >-
        digitalasset-canton-network-docker.jfrog.io/digitalasset/canton-participant:0.3.15
      jsonapi: false
      jsonapiQueryStore: false
      ledgerPort: '5001'
      logLevel: INFO
      navigator: false
      resources:
        cpuLimit: '2'
        cpuRequested: '1'
        imagePullSecret: intellecteu-gitlab-access
        memoryLimit: 2Gi
        memoryRequested: 1Gi
        replicas: 1
      storage: {}
      storageType: Shared Postgres
    status:
      phase: Pending
  resources:
    cpuLimit: '2'
    cpuRequested: '1'
    imagePullSecret: intellecteu-gitlab-access
    memoryLimit: 2Gi
    memoryRequested: 1Gi
    replicas: 1
  storageSize: 20Gi
  walletEnabled: true