Peer

initProfiles

initProfiles is al list of initial ipfs configuration profile.

initialProfiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.

initProfiles can't be updated (immutable).

profiles

profiles is the list of configuration profiles to apply after peer initialization.

profiles available values are server, randomports, default-datastore, local-discovery, test, default-networking, flatfs, badgerds, and lowpower.

apiHost

apiHost is API server host.

apiPort

apiPort is API server port.

gatewayHost

gatewayHost is local ipfs gateway host.

gatewayPort

gatewayPort is API server port.

routing

routing is the content routing mechanism.

routing available values are none, dht, dhtclient, dhtserver.

swarmKeySecretName

swarmKeySecretName is the kubernetes secret name that's holding the swarm key in a key called secret.

kubectl create secret generic swarm-key --from-literal=secret=$w@rmk3y

resources

resources allocates compute and storage resources to the peer.

resources object has the following fields:

Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.

cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.

cpuLimit can't be less than cpu.

memoryLimit can't be less than or equal to memory.

storageClass field is immutable, it cannot be changed after creation.

ClusterPeer

id

id is cluster peer id derived from private key.

id is required if privateKeySecretName is provided.

id can be generated using ipfs-key tool.

ipfs-key -type ed25519 | base64

It will return an output similar to the following:

Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=

privateKeySecretName

privateKeySecretName is the name of the k8s secret holding base64 cluster peer privatekey in a key called key.

privateKeySecretName is required if id is provided.

privateKeySecretName can be generated using ipfs-key tool.

ipfs-key -type ed25519 | base64

It will return an output similar to the following:

Generating a 2048 bit ed25519 key...
Success!
ID for generated key: 12D3KooWT2bqgwZPxHthAGBV9Ut8ZLraz1LARtB7vG3mF26Mtof1
CAESQLepaunFGa/PI0oNS3plrbVSInqab/X/U1laEDe2V2cL/7kbF9H6x3xBiwpbVnYT/jDA8EhAznXALlbwzEsuKaw=

trustedPeers

trustedPeers is a list of peer IDs that can manage the cluster pinset in crdt consensus clusters.

trustedPeers is ignored in raft consensus clusters.

trustedPeers default value is * which is trust all peers.

bootstrapPeers

bootstrapPeers is a list of peers to connect to on startup.

consensus

consensus is the cluster consensus algorithm.

peerEndpoint

peerEndpoint id ipfs peer http API endpoint.

peerEndpoint is required for the cluster peer to function correctly.

clusterSecretName

clusterSecretName is the k8s secret name holding 32-bit hex-encoded (without 0x) cluster secret in a key called secret.

clusterSecretName can be generated using openssl tool:

CLUSTER_SECRET=$(openssl rand -hex 32)
kubectl create secret generic cluster-secret --from-literal=secret=$CLUSTER_SECRET

resources

resources allocates compute and storage resources to the peer.

resources object has the following fields:

Memory and storage requests and limits must use the pattern ^[1-9][0-9]*[KMGTPE]i$ for example 1500Mi, 30Gi, and 1Ti.

cpu requests and limits must use the pattern ^[1-9][0-9]*m?$ for example 1000m (which is equal to 1 core), 1500m which is 1.5 core, 2 cores, and 4 cores.

cpuLimit can't be less than cpu.

memoryLimit can't be less than or equal to memory.