d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/reports/VMID2400_DEPENDENCY_ISSUES_REPORT.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

277 lines
6.8 KiB
Markdown
Raw Permalink Blame History

# VMID 2400 RPC Translator - Dependency Services Investigation Report
**Date**: 2026-01-09
**VMID**: 2400 (thirdweb-rpc-1)
**IP**: 192.168.11.240
**Status**: ⚠️ **Degraded - Dependency Services Issues**
---
## Executive Summary
The RPC Translator service on VMID 2400 is operational but reports **degraded health** due to issues with three supporting services:
1. **Redis (VMID 106)**: Service running but misconfigured - bound to localhost only
2. **Web3Signer (VMID 107)**: Service not running
3. **Vault (VMID 108)**: Service not running
---
## Issue Details
### 1. Redis (VMID 106) - Configuration Issue
**Location**: r630-01 (192.168.11.11)
**IP**: 192.168.11.110
**Port**: 6379
**Status**:
- ✅ Container: Running
- ✅ Service: Active (redis-server)
-**Configuration**: Bound to `127.0.0.1:6379` instead of `192.168.11.110:6379`
-**Protected Mode**: Enabled (blocks external connections)
**Current Configuration**:
```
bind 127.0.0.1 ::1
protected-mode yes
```
**Problem**:
- Redis is only listening on localhost (127.0.0.1)
- Protected mode is enabled, preventing external connections
- VMID 2400 cannot connect from 192.168.11.240
**Error from RPC Translator**:
```
Redis connection error: Error: connect ECONNREFUSED 192.168.11.110:6379
```
**Fix Required**:
1. Update `/etc/redis/redis.conf` to bind to `192.168.11.110`
2. Disable protected mode OR configure password authentication
3. Restart redis-server service
---
### 2. Web3Signer (VMID 107) - Service Not Running
**Location**: r630-01 (192.168.11.11)
**IP**: 192.168.11.111
**Port**: 9000
**Status**:
- ✅ Container: Running
-**Service**: Inactive/Not Running
-**Systemd Unit**: Not found or not enabled
**Problem**:
- Web3Signer service is not started
- No systemd service entries found
- Service may not be installed or configured
**Error from RPC Translator**:
```
Web3Signer: connect ECONNREFUSED 192.168.11.111:9000
```
**Fix Required**:
1. Verify Web3Signer installation
2. Create/configure systemd service
3. Start and enable web3signer service
4. Verify service is listening on 192.168.11.111:9000
---
### 3. Vault (VMID 108) - Service Not Running
**Location**: r630-01 (192.168.11.11)
**IP**: 192.168.11.112
**Port**: 8200
**Status**:
- ✅ Container: Running
-**Service**: Inactive (disabled)
-**Systemd Unit**: Disabled
**Problem**:
- Vault service exists but is disabled
- Service has never been started
- Vault may not be initialized
**Error from RPC Translator**:
```
Vault: Vault not initialized
```
**Fix Required**:
1. Initialize Vault (if not already done)
2. Enable vault systemd service
3. Start vault service
4. Verify service is listening on 192.168.11.112:8200
5. Configure AppRole authentication (if needed)
---
## Impact Assessment
### Current Functionality
**Working**:
- ✅ Besu RPC service (direct access on port 8545)
- ✅ RPC Translator HTTP endpoint (port 9545)
- ✅ RPC Translator WebSocket endpoint (port 9546)
- ✅ Basic RPC functionality (read operations)
**Degraded**:
- ⚠️ Nonce management (requires Redis)
- ⚠️ Transaction signing (requires Web3Signer)
- ⚠️ Configuration management (requires Vault)
### Service Dependencies
| Service | Required For | Impact if Down |
|---------|-------------|----------------|
| Redis | Nonce locking, caching | Transaction conflicts possible |
| Web3Signer | Transaction signing | `eth_sendTransaction` will fail |
| Vault | Config management | Falls back to env vars (may be OK) |
---
## Recommended Fixes
### Priority 1: Redis (Critical for Transaction Handling)
```bash
# On r630-01 (192.168.11.11)
ssh root@192.168.11.11
# Edit Redis configuration
pct exec 106 -- nano /etc/redis/redis.conf
# Change:
# bind 127.0.0.1 ::1
# To:
# bind 192.168.11.110
# Change:
# protected-mode yes
# To:
# protected-mode no
# OR configure password authentication
# Restart Redis
pct exec 106 -- systemctl restart redis-server
# Verify
pct exec 106 -- redis-cli -h 192.168.11.110 ping
# Should return: PONG
# Test from VMID 2400
ssh root@192.168.11.10 "pct exec 2400 -- nc -zv 192.168.11.110 6379"
```
### Priority 2: Web3Signer (Required for Transaction Signing)
```bash
# On r630-01 (192.168.11.11)
ssh root@192.168.11.11
# Check if Web3Signer is installed
pct exec 107 -- ls -la /opt/web3signer* 2>/dev/null || echo "Not installed"
# If installed, check configuration
pct exec 107 -- cat /opt/web3signer-*/web3signer.yml 2>/dev/null
# Check for systemd service file
pct exec 107 -- ls -la /etc/systemd/system/web3signer.service 2>/dev/null
# If service exists, enable and start
pct exec 107 -- systemctl enable web3signer
pct exec 107 -- systemctl start web3signer
pct exec 107 -- systemctl status web3signer
# Verify
curl http://192.168.11.111:9000/upcheck
# Should return: OK
```
### Priority 3: Vault (Optional - Config Management)
```bash
# On r630-01 (192.168.11.11)
ssh root@192.168.11.11
# Check Vault installation
pct exec 108 -- which vault
# Check if Vault is initialized
pct exec 108 -- vault status 2>/dev/null || echo "Not initialized"
# Enable and start service
pct exec 108 -- systemctl enable vault
pct exec 108 -- systemctl start vault
pct exec 108 -- systemctl status vault
# Verify
curl http://192.168.11.112:8200/v1/sys/health
```
---
## Network Connectivity
All services are on the same network (192.168.11.0/24), so network connectivity should work once services are properly configured and running.
**Firewall Rules** (if applicable):
- VMID 2400 → VMID 106 (Redis): TCP 6379
- VMID 2400 → VMID 107 (Web3Signer): TCP 9000
- VMID 2400 → VMID 108 (Vault): TCP 8200
---
## Testing After Fixes
1. **Test Redis**:
```bash
ssh root@192.168.11.10 "pct exec 2400 -- redis-cli -h 192.168.11.110 ping"
```
2. **Test Web3Signer**:
```bash
curl http://192.168.11.111:9000/upcheck
```
3. **Test Vault**:
```bash
curl http://192.168.11.112:8200/v1/sys/health
```
4. **Test RPC Translator Health**:
```bash
curl http://192.168.11.240:9545/health
# Should show all components as healthy
```
---
## Next Steps
1. ✅ **Investigation Complete** - All issues identified
2. ⏳ **Fix Redis Configuration** - Update bind address and protected mode
3. ⏳ **Start Web3Signer Service** - Verify installation and start service
4. ⏳ **Start Vault Service** - Enable and start service, verify initialization
5. ⏳ **Verify Connectivity** - Test all connections from VMID 2400
6. ⏳ **Monitor Health** - Check RPC Translator health endpoint
---
## References
- Redis Configuration: `/etc/redis/redis.conf` on VMID 106
- Web3Signer Config: `/opt/web3signer-*/web3signer.yml` on VMID 107
- Vault Config: `/etc/vault.d/vault.hcl` on VMID 108
- RPC Translator Config: `/opt/rpc-translator-138/.env` on VMID 2400
- Deployment Docs: `rpc-translator-138/DEPLOYMENT.md`
- Services Config: `rpc-translator-138/SERVICES_CONFIGURED.md`
Reference in New Issue View Git Blame Copy Permalink