feat(node): Add node_reward_type field to AddNodePayload and node config

Also update some comments and scripts.

ic-os/components/ic/generate-ic-config/generate-ic-config.sh

@@ -6,7 +6,7 @@
 function usage() {
     cat <<EOF
 Usage:
-  generate-ic-config [-n network.conf] [-c nns.conf] [-b backup.conf] [-m malicious_behavior.conf] [-q query_stats.conf] -i ic.json5.template -o ic.json5
+  generate-ic-config [-n network.conf] [-c nns.conf] [-b backup.conf] [-m malicious_behavior.conf] [-q query_stats.conf] [ -r reward.conf ] -i ic.json5.template -o ic.json5
 
   Generate replica config from template file.
 
@@ -15,6 +15,7 @@ Usage:
   -b backup.conf: Optional, parameters of the artifact backup
   -m malicious_behavior.conf: Optional, malicious behavior parameters
   -q query_stats.conf: Optional, query statistics epoch length configuration
+  -r reward.conf: Optional, node reward type configuration
   -t jaeger_addr.conf: Optional, Jaeger address
   -i infile: input ic.json5.template file
   -o outfile: output ic.json5 file
@@ -139,6 +140,15 @@ function read_query_stats_variables() {
     done <"$1"
 }
 
+# Read node reward type config variables from file. The file contains a single value which is the node reward type.
+function read_node_reward_type_variable() {
+    while IFS="=" read -r key value; do
+        case "$key" in
+            "node_reward_type") node_reward_type="${value}" ;;
+        esac
+    done <"$1"
+}
+
 # Read Jaeger address variable from file. The file contains a single value Jaeger node address used in system tests.
 function read_jaeger_addr_variable() {
     while IFS="=" read -r key value; do
@@ -148,7 +158,7 @@ function read_jaeger_addr_variable() {
     done <"$1"
 }
 
-while getopts "l:m:q:n:c:t:i:o:b:" OPT; do
+while getopts "l:m:q:r:n:c:t:i:o:b:" OPT; do
     case "${OPT}" in
         n)
             NETWORK_CONFIG_FILE="${OPTARG}"
@@ -165,6 +175,9 @@ while getopts "l:m:q:n:c:t:i:o:b:" OPT; do
         q)
             QUERY_STATS_CONFIG_FILE="${OPTARG}"
             ;;
+        r)
+            NODE_REWARD_TYPE="${OPTARG}"
+            ;;
         t)
             JAEGER_ADDR_FILE="${OPTARG}"
             ;;
@@ -206,6 +219,10 @@ if [ "${QUERY_STATS_CONFIG_FILE}" != "" -a -e "${QUERY_STATS_CONFIG_FILE}" ]; th
     read_query_stats_variables "${QUERY_STATS_CONFIG_FILE}"
 fi
 
+if [ "${NODE_REWARD_TYPE}" != "" -a -e "${NODE_REWARD_TYPE}" ]; then
+    read_node_reward_type_variable "${NODE_REWARD_TYPE}"
+fi
+
 if [ "${JAEGER_ADDR_FILE}" != "" -a -e "${JAEGER_ADDR_FILE}" ]; then
     read_jaeger_addr_variable "${JAEGER_ADDR_FILE}"
 fi
@@ -249,6 +266,7 @@ sed -e "s@{{ ipv6_address }}@${IPV6_ADDRESS}@" \
     -e "s@{{ backup_purging_interval_secs }}@${BACKUP_PURGING_INTERVAL_SECS}@" \
     -e "s@{{ malicious_behavior }}@${MALICIOUS_BEHAVIOR}@" \
     -e "s@{{ query_stats_epoch_length }}@${QUERY_STATS_EPOCH_LENGTH}@" \
+    -e "s@{{ node_reward_type }}@${NODE_REWARD_TYPE}@" \
     -e "s@{{ jaeger_addr }}@${JAEGER_ADDR}@" \
     "${IN_FILE}" >"${OUT_FILE}"
 

ic-os/components/ic/generate-ic-config/ic.json5.template

@@ -505,6 +505,7 @@ table ip6 filter {\n\
     },
 
     registration: {
+        node_reward_type: "{{ node_reward_type }}",
         nns_url: "{{ nns_urls }}",
         nns_pub_key_pem: "/var/lib/ic/data/nns_public_key.pem",
         node_operator_pem: "/var/lib/ic/data/node_operator_private_key.pem"

ic-os/docs/Configuration.adoc

@@ -14,7 +14,7 @@ In production, configuration is propagated from a partition on the USB installer
 === SetupOS -> HostOS
 
 SetupOS validates, sanitizes, and copies all of its configuration files to the HostOS config partition:
-  config.ini                      # Data center-specific network settings
+  config.ini                      # Data center and node-specific network settings
   ssh_authorized_keys             # SSH private keys
   node_operator_private_key.pem   # Node Operator private key created in the Node Provider onboarding
   deployment.json                 # Deployment-specific configurations

ic-os/setupos/README.adoc

@@ -63,8 +63,8 @@ The sequence of the scripts is defined in the main installation script, `setupos
 == Node Providers, Node Technicians, and Node Operators
 
 * *Node Provider*: An entity that purchases and owns the node hardware. Node Providers are rewarded for their node's useful work.
-* *Node Technician*: These are the 'hired hands' or 'remote hands' employed by the Node Providers to maintain and manage the node. They do not necessarily own the hardware, but are responsible for its operation. Note that a single node will often have more than one Node Technician—the Node Technician can be thought of as the individual currently operating the node, so this role can cycle among several parties.
-** Note: While it is possible, it is uncommon for a Node Provider to also act as their own Node Technician.
+* *Node Technician*: Node Technicians are responsible for the physical installation, maintenance, and repair of the node. These are typically 'hired hands' or 'remote hands' employed by the Node Providers to maintain and manage the node. A single node may have more than one Node Technician — the Node Technician can be thought of as the individual currently operating the node, so this role can cycle among several parties. The information about the Node Technician is currently not stored in the NNS.
+** Note: It is possible that a Node Provider and Node Technician are the same entity.
 * *Node Operator*:
 ** The term "Node Operator" refers not to a specific individual or group, but to:
 *** A specific record within the NNS registry—the *Node Operator record*, and to:

ic-os/setupos/config/config.ini

@@ -5,12 +5,23 @@
 # ------------------------------
 # Node Reward Settings (required)
 # ------------------------------
-# Update node_reward_type as per your node configuration.
-# Node rewards setting should be of the form:
+# Specifies the type of node rewards that the node operator expects to receive.
+# The value must match a community-approved value in the NNS.
+#
+# Example command to get node operator details:
+# ic-admin --nns-url https://ic0.app get-node-operator ut325-qbq5v-fli2f-e2a5h-qapdd-fsuyv-xej2j-ogvux-i3fc2-5nj3a-2ae
+# Example output:
+# NodeOperator { node_operator_principal_id: ut325-qbq5v-fli2f-e2a5h-qapdd-fsuyv-xej2j-ogvux-i3fc2-5nj3a-2ae, node_allowance: 0, node_provider_principal_id: lq5ra-f4ibl-t7wpy-hennc-m4eb7-tnfxe-eorgd-onpsl-wervo-7chjj-6qe, dc_id: "bo1", rewardable_nodes: {"type1": 28}, ipv6: None }
+# ==> The community-approved value of node_reward_type is "type1"
+#
+# If not provided, the NNS will attempt to assign a value based on the operator's reward configuration.
+# However, if the reward configuration in the NNS is ambiguous, the NNS will return an error.
+# For instance, if the operator has both "type3" and "type3.1" rewards, the NNS will return an error if
+# the node_reward_type is not provided.
+# Expected value format:
 # node_reward_type=typeX or node_reward_type=typeX.Y
-# Example:
+# Examples include "type3.1", "type1", etc.:
 # node_reward_type=type3.1
-node_reward_type=
 
 # ------------------------------
 # IPv6 Settings (required)

rs/config/src/registration.rs

@@ -30,6 +30,13 @@ pub struct Config {
 
     /// If this Sec256k1 PEM is available, use it instead of the HSM.
     pub node_operator_pem: Option<PathBuf>,
+
+    /// Specifies the type of node rewards that the node operator expects to receive.
+    /// Examples include "type3.1" or "type1", corresponding to entries in the node reward table in the NNS.
+    /// The value must match a community-approved value in the NNS.
+    /// If not provided, the NNS will attempt to assign a value based on the operator's reward configuration.
+    /// If the reward configuration in the NNS is ambiguous, the NNS will return an error.
+    pub node_reward_type: Option<String>,
 }
 
 // We allow for the operator to only specify some of the fields while the others
@@ -57,6 +64,7 @@ impl Default for Config {
             nns_url: None,
             nns_pub_key_pem: None,
             node_operator_pem: None,
+            node_reward_type: None,
         }
     }
 }

rs/ic_os/dev_test_tools/launch-single-vm/src/main.rs

@@ -150,6 +150,7 @@ fn main() {
             node_operator_principal_id: None,
             secret_key_store: None,
             domain: None,
+            node_reward_type: None,
         },
     )]);
 

rs/orchestrator/src/registration.rs

@@ -66,6 +66,7 @@ pub(crate) struct NodeRegistration {
     key_handler: Arc<dyn NodeRegistrationCrypto>,
     local_store: Arc<dyn LocalStore>,
     signer: Box<dyn Signer>,
+    node_reward_type: Option<String>,
 }
 
 impl NodeRegistration {
@@ -91,6 +92,7 @@ impl NodeRegistration {
             Some(signer) => Box::new(signer),
             None => Box::new(Hsm),
         };
+        let node_reward_type = node_config.registration.node_reward_type.clone();
         Self {
             log,
             node_config,
@@ -100,6 +102,7 @@ impl NodeRegistration {
             key_handler,
             local_store,
             signer,
+            node_reward_type,
         }
     }
 
@@ -219,10 +222,9 @@ impl NodeRegistration {
             .expect("Invalid IPv4 configuration"),
             domain: process_domain_name(&self.log, &self.node_config.domain)
                 .expect("Domain name is invalid"),
-            // Unused section follows
-            p2p_flow_endpoints: Default::default(),
-            prometheus_metrics_endpoint: Default::default(),
-            node_reward_type: None,
+            node_reward_type: self.node_config.registration.node_reward_type.clone(),
+            p2p_flow_endpoints: Default::default(), // unused section
+            prometheus_metrics_endpoint: Default::default(), // unused section
         }
     }
 

rs/prep/src/bin/prep.rs

@@ -509,6 +509,7 @@ mod test_flag_node_parser {
                 node_operator_principal_id: None,
                 secret_key_store: None,
                 domain: None,
+                node_reward_type: None,
             },
         };
 

rs/prep/src/node.rs

@@ -21,7 +21,9 @@ use ic_crypto_node_key_validation::ValidNodePublicKeys;
 use ic_interfaces_state_manager::{CertificationScope, StateHashError, StateManager};
 use ic_protobuf::registry::{
     crypto::v1::{PublicKey, X509PublicKeyCert},
-    node::v1::{ConnectionEndpoint as pbConnectionEndpoint, NodeRecord as pbNodeRecord},
+    node::v1::{
+        ConnectionEndpoint as pbConnectionEndpoint, NodeRecord as pbNodeRecord, NodeRewardType,
+    },
 };
 use ic_registry_keys::{make_crypto_node_key, make_crypto_tls_cert_key, make_node_record_key};
 use ic_registry_proto_data_provider::ProtoRegistryDataProvider;
@@ -306,6 +308,10 @@ pub struct NodeConfiguration {
     /// The domain name of the node
     #[serde(skip_serializing, skip_deserializing)]
     pub domain: Option<String>,
+
+    /// The type of rewards that the node operator wants to receive for the node.
+    /// E.g. "type3.1" or "type1" or similar from the node reward table in the NNS.
+    pub node_reward_type: Option<String>,
 }
 
 impl From<NodeConfiguration> for pbNodeRecord {
@@ -324,6 +330,10 @@ impl From<NodeConfiguration> for pbNodeRecord {
                 .map(|id| id.to_vec())
                 .unwrap_or_default(),
             domain: node_configuration.domain,
+            node_reward_type: node_configuration
+                .node_reward_type
+                .map(NodeRewardType::from)
+                .map(|t| t as i32),
             ..Default::default()
         }
     }
@@ -440,6 +450,7 @@ mod node_configuration {
             node_operator_principal_id: None,
             secret_key_store: None,
             domain: None,
+            node_reward_type: None,
         };
 
         let got = pbNodeRecord::from(node_configuration);

rs/prep/src/prep_state_directory.rs

@@ -129,6 +129,7 @@ mod tests {
                 node_operator_principal_id: None,
                 secret_key_store: None,
                 domain: None,
+                node_reward_type: None,
             },
         );
 

rs/protobuf/src/registry/node.rs

@@ -12,10 +12,24 @@ impl From<NodeRewardType> for String {
             }
             NodeRewardType::Type0 => "type0".to_string(),
             NodeRewardType::Type1 => "type1".to_string(),
+            NodeRewardType::Type1dot1 => "type1.1".to_string(),
             NodeRewardType::Type2 => "type2".to_string(),
             NodeRewardType::Type3 => "type3".to_string(),
             NodeRewardType::Type3dot1 => "type3.1".to_string(),
-            NodeRewardType::Type1dot1 => "type1.1".to_string(),
+        }
+    }
+}
+
+impl From<String> for NodeRewardType {
+    fn from(value: String) -> Self {
+        match value.as_str() {
+            "type0" => NodeRewardType::Type0,
+            "type1" => NodeRewardType::Type1,
+            "type1.1" => NodeRewardType::Type1dot1,
+            "type2" => NodeRewardType::Type2,
+            "type3" => NodeRewardType::Type3,
+            "type3.1" => NodeRewardType::Type3dot1,
+            _ => NodeRewardType::Unspecified,
         }
     }
 }

rs/replica_tests/src/lib.rs

@@ -218,6 +218,7 @@ pub fn get_ic_config() -> IcConfig {
             node_operator_principal_id: None,
             secret_key_store: Some(node_sks),
             domain: None,
+            node_reward_type: None,
         },
     );
 

rs/starter/src/main.rs

@@ -101,6 +101,7 @@ fn main() -> Result<()> {
                 node_operator_principal_id: None,
                 secret_key_store: None,
                 domain: None,
+                node_reward_type: None,
             },
         );
 

rs/tests/driver/src/driver/bootstrap.rs

@@ -582,6 +582,7 @@ fn node_to_config(node: &Node) -> NodeConfiguration {
         node_operator_principal_id: None,
         secret_key_store: node.secret_key_store.clone(),
         domain: node.domain.clone(),
+        node_reward_type: None,
     }
 }