{% hint style="info" %}
Kotal uses only go-ipfs client for IPFS peers, that's why there's no .spec.client option.
{% endhint %}
| Syntax | Type | Description | Default |
|---|---|---|---|
| initProfiles | Array | List of initial configuration profiles | default-datastore |
| profiles | Array | List of configuration profiles to apply after peer initialization | |
| apiHost | string | API server host | 0.0.0.0 |
| apiPort | number | API server port | 5001 |
| gatewayHost | string | Local ipfs gateway host | 0.0.0.0 |
| gatewayPort | number | Local ipfs gateway port | 8080 |
| routing | string | Content routing mechanism | dht |
| swarmKeySecretName | string | Name of the k8s secret holding swarm secret key | |
| resources | object | Compute and storage resources |
initProfiles is al list of initial ipfs configuration profile.
initialProfiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.
initProfiles can't be updated (immutable).
profiles is the list of configuration profiles to apply after peer initialization.
profiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.
apiHost is API server host.
{% hint style="info" %}
If you set apiHost to host other than 0.0.0.0, api calls forwarded to the container won't hit the API server. This is useful if you want to disallow calls to API server.
{% endhint %}
apiPort is API server port.
gatewayHost is local ipfs gateway host.
{% hint style="info" %}
If you set gatewayHost to host other than 0.0.0.0, gateway won't work. This is useful if you want to disable to access gateway from outside.
{% endhint %}
gatewayPort is API server port.
routing is the content routing mechanism.
routing available values are none, dht, dhtclient, dhtserver.
swarmKeySecretName is the kubernetes secret name that's holding the swarm key in a key called secret.
kubectl create secret generic swarm-key --from-literal=secret=$w@rmk3yresources allocates compute and storage resources to the peer.
resources object has the following fields:
| Syntax | Type | Description | Defalt |
|---|---|---|---|
| cpu | string | number of cpu cores this peer requires | 1 |
| cpuLimit | string | number of cpu cores this peer is limited to | 2 |
| memory | string | memory this peer requires | 2Gi |
| memoryLimit | string | memory this peer is limited to | 4Gi |
| storage | string | disk space this peer requires | 10Gi |
| storageClass | string | Node volume storage class | Cluster's default storage class will be used as defined by cluster admin or cloud provider |
Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.
cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.
cpuLimit can't be less than cpu.
memoryLimit can't be less than or equal to memory.
storageClass field is immutable, it cannot be changed after creation.
{% hint style="info" %}
Kotal uses only ipfs-cluster-service for IPFS cluster peers that runs along with go-ipfs, that's why there's no .spec.client option.
{% endhint %}
| Syntax | Type | Description | Default |
|---|---|---|---|
| id | string | Cluster peer ID | |
| privateKeySecretName | string | Name of the k8s secret holding cluster peer privatekey | * if consensus is crdt |
| trustedPeers | array | Peer IDs that can manage the pinset in crdt consensus |
|
| bootstrapPeers | array | Peers to connect to on startup | |
| consensus | string | Cluster consensus algorithm | crdt |
| peerEndpoint required | string | ipfs peer http API endpoint | |
| clusterSecretName required | string | Name of the k8s secret holding cluster secret | |
| resources | object | Compute and storage resources |
id is cluster peer id derived from private key.
id is required if privateKeySecretName is provided.
id can be generated using ipfs-key tool.
ipfs-key -type ed25519 | base64It will return an output similar to the following:
Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=
privateKeySecretName is the name of the k8s secret holding base64 cluster peer privatekey in a key called key.
privateKeySecretName is required if id is provided.
privateKeySecretName can be generated using ipfs-key tool.
ipfs-key -type ed25519 | base64It will return an output similar to the following:
Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=
trustedPeers is a list of peer IDs that can manage the cluster pinset in crdt consensus clusters.
trustedPeers is ignored in raft consensus clusters.
trustedPeers default value is * which is trust all peers.
bootstrapPeers is a list of peers to connect to on startup.
{% hint style="warning" %}
bootstrapPeers will be trusted peers in crdt clusters.
{% endhint %}
consensus is the cluster consensus algorithm.
peerEndpoint id ipfs peer http API endpoint.
peerEndpoint is required for the cluster peer to function correctly.
clusterSecretName is the k8s secret name holding 32-bit hex-encoded (without 0x) cluster secret in a key called secret.
clusterSecretName can be generated using openssl tool:
CLUSTER_SECRET=$(openssl rand -hex 32)
kubectl create secret generic cluster-secret --from-literal=secret=$CLUSTER_SECRETresources allocates compute and storage resources to the peer.
resources object has the following fields:
| Syntax | Type | Description | Defalt |
|---|---|---|---|
| cpu | string | number of cpu cores this peer requires | 1 |
| cpuLimit | string | number of cpu cores this peer is limited to | 2 |
| memory | string | memory this peer requires | 2Gi |
| memoryLimit | string | memory this peer is limited to | 4Gi |
| storage | string | disk space this peer requires | 10Gi |
Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.
cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.
cpuLimit can't be less than cpu.
memoryLimit can't be less than or equal to memory.