charts/prysm/README.md.gotmpl


{{ template "chart.header" . }}
{{ template "chart.deprecationWarning" . }}

{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}

{{ template "chart.description" . }}

{{ template "chart.homepageLine" . }}

{{ template "chart.sourcesSection" . }}

{{ template "chart.requirementsSection" . }}

{{ template "chart.valuesSection" . }}

# Examples

## Beacon node on the Holesky testnet connected to Holesky via Infura

```yaml
mode: "beacon"

extraArgs:
  - --holesky
  - --execution-endpoint=<EXECUTION-ENDPOINT>
```

## Exposing the P2P service via NodePort

This will make your node accessible via the Internet using a service of type [NodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport).
When using `p2pNodePort.enabled` the exposed IP address on your ENR record will be the "External IP" of the node where the pod is running.

**Limitations:** You can only run a single replica per chart deployment when using `p2pNodePort.enabled=true`.If you need N nodes, simply deploy the chart N times.

```yaml
replicas: 1

p2pNodePort:
  enabled: true
  port: 31000
```

## Validator node targeting a beacon node service

This example runs a validator on the holesky network that targets a pre-existing `prysm-beacon`
service by injecting the all-accounts.keystore.json` file via a secret ENV var. You could use a similar
approach to fetch your secrets from some external secret management system (Hashicorp Vault, Azure key vault, etc.):

```yaml
replicas: 1

mode: validator

image:
  repository: gcr.io/prysmaticlabs/prysm/validator

initContainers:
  - name: init-keystore
    image: bash:latest
    imagePullPolicy: IfNotPresent
    command:
    - bash
    - -c
    - >
      export INDEX=$(echo $(hostname)| rev | cut -d'-' -f 1 | rev);
      mkdir -p /data/wallet/direct/accounts/;
      keystore="KEYSTORE_$INDEX";
      echo ${!keystore} > /data/wallet/direct/accounts/all-accounts.keystore.json;
      password="PASSWORD_$INDEX";
      echo ${!password} > /data/wallet-password.txt;
    volumeMounts:
      - name: storage
        mountPath: "/data"
        readOnly:
    env:
      - name: PASSWORD_0
        valueFrom:
          secretKeyRef:
            # Name of the secret that will be generated for you. This is normally `${RELEASE-name}-env`
            # You might need to change this
            name: prysm-env
            key: PASSWORD_0
      - name: KEYSTORE_0
        valueFrom:
          secretKeyRef:
            # See comment on the previous secretKeyRef
            name: prysm-env
            key: KEYSTORE_0

extraArgs:
  - --wallet-dir=/data/wallet
  - --wallet-password-file=/data/wallet-password.txt
  - --beacon-rpc-provider=prysm-beacon:4000

livenessProbe:
  tcpSocket: null
  exec:
    command:
      - /app/cmd/validator/validator
      - accounts
      - list
      - --accept-terms-of-use=true
      - --wallet-dir=/data/wallet
      - --wallet-password-file=/data/wallet-password.txt
  initialDelaySeconds: 60
  periodSeconds: 120

readinessProbe:
  tcpSocket: null
  exec:
    command:
      - /app/cmd/validator/validator
      - accounts
      - list
      - --accept-terms-of-use=true
      - --wallet-dir=/data/wallet
      - --wallet-password-file=/data/wallet-password.txt
  initialDelaySeconds: 10
  periodSeconds: 10

secretEnv:
  # Note: Never publish any of your production secrets online. These are just used for testing purposes.
  PASSWORD_0: NotSoSuperSecret1234!
  KEYSTORE_0: >
    {
            "crypto": {
                    "checksum": {
                            "function": "sha256",
                            "message": "303fd570c747d33a4ceb8b1484fd792ca023c6f0563c492215808e4b1ea138fe",
                            "params": {}
                    },
                    "cipher": {
                            "function": "aes-128-ctr",
                            "message": "1f6589828cc7d325429753ea84bfe23ad72d64d12622c07c5121595d3f599c820ed63834b7a659650819e9aaa5a485d6736195b6aeb698861b91a3cb9d63a4864f844308e990d675fee8dc1d16f41a759372b642954e2d20de535961444f509964362ccda21f5e47a07e73c889f6288a93fe6ff315207e8aaba5f12de5e1e89351a0fa7e1c8d08252de8eef8304be5eb2eb649600f235c9e4e7cb4635d7217a7caf6af8cdedc7da4ff2c6fdf95cefeb119a1ae6376f1cf603b68028677df5e3114640b584f20f9173b348491fad52c3b7af92cd0f96fcf032f80d45b3855d0cfb90ecb3e85a3515cf5e4a9fcf849a982909ae69c249fbad1c28c0b91797ff2e555f3a3e4cc0f8e14a7c18ef8ac90bf9c6ed4b094b61bf07b7cfb7bb2a9531f24a2beeb930fd7383eb515f1f99512c1bd7fccfacce1f9b447234a36df9c89d2536281915408b18b04b1dae85565bc0a794ef4a40279afb072fa1bc012c4b668489bec8d5d4c2b29372a1bb97f299992b8eaab80648061f1094e6f790a1a007abda7c675737ac888bf360506e8378b252578bbb811c7d8dc76d76b9f845d38a3d00ee62da62113766406b78a29f9797bb24b36d5bda13063d2407b7ef3b0eb71f9a942484254611af1c2ac43622046a9aaeb04ba7d0b6a2ef2932eb7a316afb1f459d153c16dc6a7328cc362ea7312c646f1a8b86150d90da9adaf0a0eb9bdb7bb05a7ef033af81af9c015d7932603e2c57f015914454d4f1e18cc7c1185690384f8a958fe4727e01314d82588fcca268fdeefcdcc6a2c21c2fdad9db56601e02ce87a1059e980e7f266539810705a07ad4a84df8366ea04f8b5763d28cfc9c4b8ce5a9c101c75e359ef5736e843bbe0ba344c161fa9da48701a8d96b5c45edf15da99da72ab",
                            "params": {
                                    "iv": "964bc953dbdda657f2876c3e89cc2c90"
                            }
                    },
                    "kdf": {
                            "function": "pbkdf2",
                            "message": "",
                            "params": {
                                    "c": 262144,
                                    "dklen": 32,
                                    "prf": "hmac-sha256",
                                    "salt": "4c8970475c27f4aff9eb4d9c7145b39d0110c964c1979fc334def2f322fda7fd"
                            }
                    }
            },
            "uuid": "727cf6d4-41e7-46ea-98a4-da6a3b2d6a91",
            "version": 4,
            "name": "keystore"
    }

```