...

Text file src/github.com/google/certificate-transparency-go/trillian/README.md

Documentation: github.com/google/certificate-transparency-go/trillian 

     1# Trillian CT Personality
     2
     3This directory holds code and scripts for running a Certificate Transparency
     4(CT) Log based on the [Trillian](https://github.com/google/trillian) general
     5transparency Log.
     6
     7 - [Codebase Structure](#codebase-structure)
     8 - [Deployment](#deployment)
     9 - [Operation](#operation)
    10
    11
    12## Codebase Structure
    13
    14The main code for the CT personality is held in `trillian/ctfe`; this code
    15responds to HTTP requests on the
    16[CT API paths](https://tools.ietf.org/html/rfc6962#section-4) and translates
    17them to the equivalent gRPC API requests to the Trillian Log.
    18
    19This obviously relies on the gRPC API definitions at
    20`github.com/google/trillian`; the code also uses common libraries from the
    21Trillian project for various things including:
    22 - exposing monitoring and statistics via an `interface` and corresponding
    23   Prometheus implementation (`github.com/google/trillian/monitoring/...`)
    24 - dealing with cryptographic keys (`github.com/google/trillian/crypto/...`).
    25
    26The `trillian/integration/` directory holds scripts and tests for running the whole
    27system locally.  In particular:
    28 - `trillian/integration/ct_integration_test.sh` brings up local processes
    29   running a Trillian Log server, signer and a CT personality, and exercises the
    30   complete set of RFC 6962 API entrypoints.
    31 - `trillian/integration/ct_hammer_test.sh` brings up a complete system and runs
    32   a continuous randomized test of the CT entrypoints.
    33
    34These scripts require a local database instance to be configured as described
    35in the [Trillian instructions](https://github.com/google/trillian#mysql-setup).
    36
    37
    38## Deployment
    39
    40Deploying a Trillian-based CT Log involves more than just the code contained
    41in this directory.
    42
    43The [Manual Deployment document](docs/ManualDeployment.md) describes the
    44components and process involved in manually setting up a CT Log instance on
    45individual machines.
    46
    47The [Containerized Deployment document](docs/ContainerDeployment.md) describes
    48the sample container scripts which make CT Log deployment easier and more
    49automatic.  However, if you're planning to operate a trusted CT Log (rather than
    50simply experimenting/playing with the code) then you should expect to understand all
    51of the information in the manual version – even if you use the
    52containerized variant for deployment convenience.
    53
    54
    55## Operation
    56
    57Once all of the components for a Trillian-based CT Log have been deployed,
    58log operators need to monitor and maintain the Log. The
    59[Operation document](docs/Operation.md) describes key considerations and gotchas
    60for this ongoing process.

View as plain text