d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
3e9645274a5f6e2cbc5bae1dff55d3aed0295cbf
proxmox/reports/VMID2400_DEPENDENCY_ISSUES_REPORT.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

6.8 KiB
Raw Blame History

VMID 2400 RPC Translator - Dependency Services Investigation Report

Date: 2026-01-09
VMID: 2400 (thirdweb-rpc-1)
IP: 192.168.11.240
Status: ⚠️ Degraded - Dependency Services Issues

Executive Summary

The RPC Translator service on VMID 2400 is operational but reports degraded health due to issues with three supporting services:

  1. Redis (VMID 106): Service running but misconfigured - bound to localhost only
  2. Web3Signer (VMID 107): Service not running
  3. Vault (VMID 108): Service not running

Issue Details

1. Redis (VMID 106) - Configuration Issue

Location: r630-01 (192.168.11.11)
IP: 192.168.11.110
Port: 6379

Status:

  • Container: Running
  • Service: Active (redis-server)
  • Configuration: Bound to 127.0.0.1:6379 instead of 192.168.11.110:6379
  • Protected Mode: Enabled (blocks external connections)

Current Configuration:

bind 127.0.0.1 ::1
protected-mode yes

Problem:

  • Redis is only listening on localhost (127.0.0.1)
  • Protected mode is enabled, preventing external connections
  • VMID 2400 cannot connect from 192.168.11.240

Error from RPC Translator:

Redis connection error: Error: connect ECONNREFUSED 192.168.11.110:6379

Fix Required:

  1. Update /etc/redis/redis.conf to bind to 192.168.11.110
  2. Disable protected mode OR configure password authentication
  3. Restart redis-server service

2. Web3Signer (VMID 107) - Service Not Running

Location: r630-01 (192.168.11.11)
IP: 192.168.11.111
Port: 9000

Status:

  • Container: Running
  • Service: Inactive/Not Running
  • Systemd Unit: Not found or not enabled

Problem:

  • Web3Signer service is not started
  • No systemd service entries found
  • Service may not be installed or configured

Error from RPC Translator:

Web3Signer: connect ECONNREFUSED 192.168.11.111:9000

Fix Required:

  1. Verify Web3Signer installation
  2. Create/configure systemd service
  3. Start and enable web3signer service
  4. Verify service is listening on 192.168.11.111:9000

3. Vault (VMID 108) - Service Not Running

Location: r630-01 (192.168.11.11)
IP: 192.168.11.112
Port: 8200

Status:

  • Container: Running
  • Service: Inactive (disabled)
  • Systemd Unit: Disabled

Problem:

  • Vault service exists but is disabled
  • Service has never been started
  • Vault may not be initialized

Error from RPC Translator:

Vault: Vault not initialized

Fix Required:

  1. Initialize Vault (if not already done)
  2. Enable vault systemd service
  3. Start vault service
  4. Verify service is listening on 192.168.11.112:8200
  5. Configure AppRole authentication (if needed)

Impact Assessment

Current Functionality

Working:

  • Besu RPC service (direct access on port 8545)
  • RPC Translator HTTP endpoint (port 9545)
  • RPC Translator WebSocket endpoint (port 9546)
  • Basic RPC functionality (read operations)

Degraded:

  • ⚠️ Nonce management (requires Redis)
  • ⚠️ Transaction signing (requires Web3Signer)
  • ⚠️ Configuration management (requires Vault)

Service Dependencies

Service Required For Impact if Down
Redis Nonce locking, caching Transaction conflicts possible
Web3Signer Transaction signing eth_sendTransaction will fail
Vault Config management Falls back to env vars (may be OK)

Recommended Fixes

Priority 1: Redis (Critical for Transaction Handling)

# On r630-01 (192.168.11.11)
ssh root@192.168.11.11

# Edit Redis configuration
pct exec 106 -- nano /etc/redis/redis.conf

# Change:
# bind 127.0.0.1 ::1
# To:
# bind 192.168.11.110

# Change:
# protected-mode yes
# To:
# protected-mode no
# OR configure password authentication

# Restart Redis
pct exec 106 -- systemctl restart redis-server

# Verify
pct exec 106 -- redis-cli -h 192.168.11.110 ping
# Should return: PONG

# Test from VMID 2400
ssh root@192.168.11.10 "pct exec 2400 -- nc -zv 192.168.11.110 6379"

Priority 2: Web3Signer (Required for Transaction Signing)

# On r630-01 (192.168.11.11)
ssh root@192.168.11.11

# Check if Web3Signer is installed
pct exec 107 -- ls -la /opt/web3signer* 2>/dev/null || echo "Not installed"

# If installed, check configuration
pct exec 107 -- cat /opt/web3signer-*/web3signer.yml 2>/dev/null

# Check for systemd service file
pct exec 107 -- ls -la /etc/systemd/system/web3signer.service 2>/dev/null

# If service exists, enable and start
pct exec 107 -- systemctl enable web3signer
pct exec 107 -- systemctl start web3signer
pct exec 107 -- systemctl status web3signer

# Verify
curl http://192.168.11.111:9000/upcheck
# Should return: OK

Priority 3: Vault (Optional - Config Management)

# On r630-01 (192.168.11.11)
ssh root@192.168.11.11

# Check Vault installation
pct exec 108 -- which vault

# Check if Vault is initialized
pct exec 108 -- vault status 2>/dev/null || echo "Not initialized"

# Enable and start service
pct exec 108 -- systemctl enable vault
pct exec 108 -- systemctl start vault
pct exec 108 -- systemctl status vault

# Verify
curl http://192.168.11.112:8200/v1/sys/health

Network Connectivity

All services are on the same network (192.168.11.0/24), so network connectivity should work once services are properly configured and running.

Firewall Rules (if applicable):

  • VMID 2400 → VMID 106 (Redis): TCP 6379
  • VMID 2400 → VMID 107 (Web3Signer): TCP 9000
  • VMID 2400 → VMID 108 (Vault): TCP 8200

Testing After Fixes

  1. Test Redis:

    ssh root@192.168.11.10 "pct exec 2400 -- redis-cli -h 192.168.11.110 ping"

  2. Test Web3Signer:

    curl http://192.168.11.111:9000/upcheck

  3. Test Vault:

    curl http://192.168.11.112:8200/v1/sys/health

  4. Test RPC Translator Health:

    curl http://192.168.11.240:9545/health
# Should show all components as healthy

Next Steps

  1. Investigation Complete - All issues identified
  2. Fix Redis Configuration - Update bind address and protected mode
  3. Start Web3Signer Service - Verify installation and start service
  4. Start Vault Service - Enable and start service, verify initialization
  5. Verify Connectivity - Test all connections from VMID 2400
  6. Monitor Health - Check RPC Translator health endpoint

References

  • Redis Configuration: /etc/redis/redis.conf on VMID 106
  • Web3Signer Config: /opt/web3signer-*/web3signer.yml on VMID 107
  • Vault Config: /etc/vault.d/vault.hcl on VMID 108
  • RPC Translator Config: /opt/rpc-translator-138/.env on VMID 2400
  • Deployment Docs: rpc-translator-138/DEPLOYMENT.md
  • Services Config: rpc-translator-138/SERVICES_CONFIGURED.md
Reference in New Issue View Git Blame Copy Permalink