Single-machine multi-node mixed cluster CI prerequisites

[deepfire]

This supplies the necessary changes for a mixed-cluster integration test, as per IntersectMBO/cardano-node#255 :

1. mainnet_ci_full genesis & configuration, starting in OBFT node
2. fix for an OBFT EBB rollback issue, which was trying to erase EBB even if the chain was started in OBFT mode, leading to Mixed cluster in CI IntersectMBO/cardano-node#255 (comment)
3. change in network-transport-tcp to be more lenient regarding remote address claims: deepfire/network-transport-tcp@44f84a8. This is necessary to avoid problems when starting multiple nodes on the same machine.
4. small improvements in genesis generation

Additionally, this resets the protocol version for the shelley_staging_short_full configuration to 0 -- a prerequisite for its respin.

NOTE: perhaps this PR should be split. But then, this repository sees very little activity, so perhaps the separation wouldn't have much benefit. I don't have a strong opinion myself.

[intricate]

Good work! Just a few concerns.

I don't think this is worth splitting into multiple PRs. It's already quite small and your commits clearly separate the work done for each concern.

We should also request review from someone who also worked on this OBFT stuff like @mhuesch or @erikd.

[avieth]

change in network-transport-tcp to be more lenient regarding remote address claims: deepfire/network-transport-tcp@44f84a8. This is necessary to avoid problems when starting multiple nodes on the same machine.

What exactly is the problem? That patch to nt-tcp opens up a denial of service attack. The check was put there for good reason.

[avieth]

network-transport-tcp changes are not acceptable

[avieth]

If you really must disable the hostname check, you can set it in TCPParameters http://hackage.haskell.org/package/network-transport-tcp-0.6.0/docs/Network-Transport-TCP.html#t:TCPParameters

tcpCheckPeerHost :: Bool

If True, new connections will be accepted only if the socket's host matches the host that the peer claims in its EndPointAddress. This is useful when operating on untrusted networks, because the peer could otherwise deny service to some victim by claiming the victim's address.

But beware! Your node will be vulnerable.

[deepfire]

@avieth, thank you! I've missed the check at https://github.com/avieth/network-transport-tcp/blob/csl-2.0.0/src/Network/Transport/TCP.hs#L1044

[deepfire]

@avieth, the example failure:

Sep 09 01:46:48 a-node xadsbs7wlnm94wv14v9w8c0ba1dpjsyw-unit-script-cardano-node-legacy_-start[22055]: [cardano-sl.diffusion.outboundqueue.c-a-2:Warning:ThreadId 150] [2001-09-09 01:46:48.23 UTC] sending MsgAnnounceBlockHeader OriginSender to NodeId 10.1.0.3:3000:0 failed with TransportError ConnectFailed "setupRemoteEndPoint: Host mismatch. Claimed: 10.1.0.2; Numeric: 10.1.0.3; Resolved: c-b-1.cardano" :: SomeException
Sep 09 01:46:48 a-node xadsbs7wlnm94wv14v9w8c0ba1dpjsyw-unit-script-cardano-node-legacy_-start[22055]: [cardano-sl.diffusion.outboundqueue.c-a-2:Warning:ThreadId 149] [2001-09-09 01:46:48.23 UTC] sending MsgAnnounceBlockHeader OriginSender to NodeId 10.1.0.1:3000:0 failed with TransportError ConnectFailed "setupRemoteEndPoint: Host mismatch. Claimed: 10.1.0.2; Numeric: 10.1.0.1; Resolved: c-a-1.cardano" :: SomeException
Sep 09 01:46:48 a-node xadsbs7wlnm94wv14v9w8c0ba1dpjsyw-unit-script-cardano-node-legacy_-start[22055]: [cardano-sl.diffusion.outboundqueue.c-a-2:Warning:ThreadId 155] [2001-09-09 01:46:48.23 UTC] sending MsgAnnounceBlockHeader OriginSender to NodeId 10.1.0.7:3000:0 failed with TransportError ConnectFailed "setupRemoteEndPoint: Host mismatch. Claimed: 10.1.0.2; Numeric: 10.1.0.7; Resolved: c-d-1.cardano" :: SomeException

[root@a-node:~]# netstat -pltn | grep cardano
tcp        0      0 10.1.0.2:3000           0.0.0.0:*               LISTEN      22055/cardano-node- 
tcp        0      0 10.1.0.5:3000           0.0.0.0:*               LISTEN      22078/cardano-node- 
tcp        0      0 10.1.0.6:3000           0.0.0.0:*               LISTEN      22075/cardano-node- 
tcp        0      0 10.1.0.7:3000           0.0.0.0:*               LISTEN      22068/cardano-node- 
tcp        0      0 10.1.0.3:3000           0.0.0.0:*               LISTEN      22092/cardano-node- 
tcp        0      0 10.1.0.4:3000           0.0.0.0:*               LISTEN      22083/cardano-node- 
tcp        0      0 10.1.0.1:3000           0.0.0.0:*               LISTEN      22053/cardano-node- 

[root@a-node:~]# host 10.1.0.1
1.0.1.10.in-addr.arpa domain name pointer c-a-1.cardano.

[root@a-node:~]# host 10.1.0.2
2.0.1.10.in-addr.arpa domain name pointer c-a-2.cardano.

[root@a-node:~]# host 10.1.0.3
3.0.1.10.in-addr.arpa domain name pointer c-b-1.cardano.

[root@a-node:~]# host 10.1.0.4
4.0.1.10.in-addr.arpa domain name pointer c-b-2.cardano.

[deepfire]

@avieth,

1. dropped the network-transport-tcp change
2. added a CLI option to drive the host peer address consistency checking -- accompanied with sufficiently scary message during startup & comments

[intricate]

LGTM. Let's just await a green light from @avieth.

[deepfire]

bors r+

[deepfire]

bors r-

[iohk-bors]

Canceled

[deepfire]

Waiting on @mhuesch's review of the EBB rollback change.

[mhuesch]

LGTM - the OBFT change seems reasonable & minimal.

[mhuesch]

Yes, this looks completely reasonable. My memory is fuzzy, but I thought we had tested scenarios where the cluster started in OBFT mode, but perhaps I am misremembering - it seems like we would've hit the same snag that Serge encountered here.

[intricate]

@mhuesch: Yeah, we definitely had tested those scenarios before but I think after implementing your rollback solution we eventually ended up accepting a trade-off here such that we'd not be able to start up a chain directly in OBFT.

[deepfire]

bors r+

[iohk-bors]

Build succeeded

• buildkite/cardano-sl
• ci/hydra:Cardano:cardano-sl:required