Based on the work of:
- Jesús Ruiz, https://github.com/hesusruiz.
- Marcos Serradilla, https://github.com/marcosio.
- Alfonso de la Rocha, https://github.com/adlrocha.
- ... and many other contributors to the Alastria ecosystem, 🙌 🙌 🙌
Alastria-T Network is a GoQuorum public-permissioned network that uses the IBFT consensus algorithm, and it's managed by Alastria partners.
GoQuorum it's a fork of Geth (the Official Go implementation of the Ethereum protocol) ownership by Consensys that implements Raft and IBFT consensus algorithm, and is licensed under the GNU Lesser General Public License v3.0
Configuration & Installation: Quick Guide for docker-compose
In Alastria-T Network there are 3 types of nodes.
- Validators: Nodes that are in charge of guaranteeing the consensus of the network and the generation of blocks. To do this, they run the consensus algorithm (IBFT).
- Bootnodes: Authorization or enabling of the Permitting Nodes to the Regular Nodes so that, using the gas limit granted, they propose (initiate), carry out (write), or consult (read) transactions. They acts like proxy between Regular and Validator nodes.
- Regular: They participate by replicating the blockchain, accepting the blocks generated by the validators and executing the transactions included in them. They are also allowed to inject transactions into the Network from sources external to the blockchain. These kind of nodes are use for the interaction from
Web3.JS
,EtherJS
andSmart Contracts
, and should be the option for deploy uses cases of Blockchain.
The following process explain the installation for a Regular (also called general) nodes:
-
Clone or download this repository to the machine where you want to install and operate the Red T node and enter into the cloned directory.
-
🔥 Edit the
.env
file and modify the lines with:
- NODE_TYPE if your not sure what option its need, select general
- NODE_NAME attribute according to the name you want for this node. The name SHOULD follow the convention:
TYPE_COMPANY_T_Y_Z_NN
Where TYPE is the rol for the node in the network (use REG
for regular/general nodes), XX is your company/entity name, Y is the number of processors of the machine, Z is the amount of memory in Gb and NN is a sequential counter for each machine that you may have (starting at 00). For example:
NODE_NAME="REG_IN2_T_2_8_00"
NODE_NAME="REG_DigitelTS_T_2_8_00"
This is the name that will appear in the public listings of nodes of the network. It does not have any other usage.
-
🔥 Edit the
docker-compose.yml
file, and make your own changes. -
In the root directory of the repository (where the file
docker-compose.yml
exists) run:
$ docker-compose up -d
- The command runs the service in the background, and you can check it's activity by running:
$ docker-compose logs -f --tail=20
- You're done! 😎 💃 ✌️ 🍻
You should see the node initializing and starting to try to contact peers. However, the node is not yet permissioned, so it can not participate in the blockchain network yet.
All nodes that will be installed in the Alastria Networks must be permissioned. To ask for permission you must enter your data in this electronic form and make a PR for the files that are modified in the installation process. If an associated will want to remove a node from the network, it is kindly appreciated that a a request must be notified through a PR. Other guides related with operation of Alastria Node are available in following documents:
-
Alastria-T Network Operation and Government Policies (en_GB)
-
Alastria-T Network Operation and Government Policies (es_ES)
-
Conditions of operation of the Alastria-T Network Regular Nodes (en_GB)
-
Conditions of operation of the Alastria-T Network Regular Nodes (es_ES)
-
Conditions of operation of the Alastria-T Network Critical (boot && validator) Nodes (en_GB)
-
Conditions of operation of the Alastria-T Network Critical (boot && validator) Nodes (es_ES)
In order to perform permissioning, follow these steps:
- Display the contents of the ENODE_ADDRESS file (the actual contents of your file will be different than in the example):
$ docker exec -it REG_ExampleOrg_T_2_8_00 geth --exec "admin.nodeInfo.enode" attach /root/alastria/data/geth.ipc
- Get the IP address of your node, as seen from the external world.
$ curl https://ifconfig.me/
- Create the full enode address like:
enode://YOUR_ENODE@YOUR_IP:21000?discport=0
where
- YOUR_ENODE is the value of the ENODE_ADDRESS file
- YOUR_IP is the external IP of your node
- With that value, create a pull request to request permission, adding the line to the node list. You can access to this Alastria form, https://portal.r2docuo.com/alastria/forms/noderequest, to perform administrative permission.
The corresponding repository is alastria-node and the branch will be testnet2.
The files to be modified will be:
DIRECTORY_REGULAR.md
: you should include yournode name
, and theenode
andIP
direction.data/regular-nodes.json
: you should include theenode
and IPdirection
andport
for p2p communications (21000).
- When the pull request is accepted, you will see that your node starts connecting to its peers and starts synchronizing the blockchain. The process of synchronization can take hours or even one or two days depending on the speed of your network and machine.
Now it's time to start knowing more about GoQuorum
:
- https://geth.ethereum.org/docs/interface/command-line-options
- https://docs.goquorum.consensys.net/en/stable/
- https://github.com/ConsenSys/quorum
You can use the standard docker-compose commands to manage your node. For example:
# Stop node:
$ docker-compose down
# To restart the node:
$ docker-compose restart
# Delete current container
$ docker rm REG_ExampleOrg_T_2_8_00
Node management is done through the geth console. It can be accessed through the following commands:
$ geth attach http://localhost:22000 (in case geth were started with --rpc options)
# or
$ geth attach /root/alastria/data/geth.ipc
The commands can be invoked from the Docker client, or by accessing the container:
$ docker ps -a
# or
$ docker exec -it <container_name> /bin/bash
Some useful commands:
root@62369c8b018e:/usr/local/bin# geth attach /root/alastria/data/geth.ipc
Welcome to the Geth JavaScript console!
instance: Geth/REG_DigitelTS-pre_T_2_4_00/v1.8.18-stable(quorum-v2.2.3-0.Alastria_EthNetstats_IBFT)/linux-amd64/go1.9.5
coinbase: 0x1e02232b297055717e3381ad458f8b23cb9ada03
at block: 60568501 (Mon, 25 Jan 2021 21:37:51 UTC)
datadir: /root/alastria/data
modules: admin:1.0 debug:1.0 eth:1.0 istanbul:1.0 miner:1.0 net:1.0 personal:1.0 rpc:1.0 txpool:1.0 web3:1.0
> personal.newAccount()
Passphrase:
Repeat passphrase:
"0x1234..."
> admin.peers
> admin.nodeInfo
> eth.blockNumber
> eth.syncing
> eth.mining
> eth.coinbase
An easy way to test that your node is operating normally is to generate a fund transfer transaction from the node's account, itself from 0 weis.
> personal.unlockAccount(eth.accounts[0],"_your_eth0_password_",2000)
> Unlock account 0x1234...
Passphrase:
true
> eth.sendTransaction({from: eth.accounts[0], to: eth.accounts[0], value:0 })
"0x1234..."
If the transaction appears in Alastria-T Network explorer, the node it's working correctly.
The following items should be backed up:
/root/alastria/data/geth/nodekey
: This file contains the cryptographic information for joying the network. This file can be restored to start over a new installation without restarting the permissioning process./root/alastria/data/keystore/
: This directory contains local accounts created from the node.
$ cp /root/alastria/data/geth/nodekey <enode-backup>
$ geth removedb_DONOTDELETEACCIDENTALY --datadir /root/alastria/data
$ geth --datadir /root/alastria/data init /root/genesis.json
$ cp <enode-backup> /root/alastria/data/geth/nodekey
$ (restart-container)
Hardware | minimum | desired |
---|---|---|
CPU's | 2 | 4 |
Memory | 4Gb | 8Gb |
Hard Disk | 128 Gb | 256 Gb |
DLT database grows 1Gb/week: keep in mind for future updates. SSD disc it's also mandatory.
The following ports must be open, at least, to the nodes defined in the /root/alastria/data/static-nodes.json
and /root/alastria/data/permissioned-nodes.json
files. We recommend that these ports be universally open: the whisper protocol
defined in GoQuorum
is robust enough to be published without the need for control through the firewall.
Port | Type | Definition |
---|---|---|
21000 | TCP/UDP | Geth process application port (inbound and outbound for ethereum traffic) |
53 | TCP/UDP | Access to external Internet based resolvers |
tcp/21000
and udp/21000
port are mandatory, as is the common standard for the Alastria-T Network.
Other ports are optional, and can be used from applications like Metamask
, Truffle
or Remix
Port | Type | Definition |
---|---|---|
22000 | TCP | Optional port for JSON-RPC connections |
22001 | TCP | Optional port for WebSockets connections |
We strongly advise not to filter outgoing ports. If necessary, these are the destinations
Port | Type | Definition |
---|---|---|
80 | TCP | Outbound for WebSockets feed to Netstats Server |
8086 | TCP | Outbound for InfluxDB statistics collection |
Some parameters are high hardcored in this installer, but can be change:
- Working directory: The install procedure expect use of
/root/alastria/data
as the main directory. GoQuorum
andGo
versions: Changing thealastria-node/Dockerfile
it's easy to change the build version.
NOTE: Using 20.10/21.01 version of
GoQuorum
it's still experimental, as described in UPGRADE_TO_LAST_VERSION but should be available soon.
- Data directory: Because of the size that the DLT database can reach, a Docker volume has been deployed to set the storage on some independent path from the one set by the Docker installation. This parameter is set in
docker-compose.yml
, in volumes tag. - Geth parameters: Other geth options can be personalized in
geth.node.bootnode.sh
,geth.node.general.sh
orgeth.node.validator.sh
.
These variables should be use for any script in:
NODE_TYPE=[general|boot|validator]
: Rol for your node in the network.NODE_NAME=REG_ExampleOrg_T_2_8_00
: Name for your node.NODE_BRANCH=main
: Used for future improvements.
As the T-network uses the Istanbul BFT consensus protocol, the way to generate new blocks in the test-net is to have validator nodes available in the network and integrate them into the set of nodes that are part of the validation round.
Each round is initiated by a different node that "proposes" a set of transactions in a block and distributes them to the rest of the nodes.
The validator nodes must focus on operating the consensus protocol, integrating the transactions in the blockchain and distributing them to the rest of the nodes.
NODE_ARGS=" --rpc --rpcaddr 127.0.0.0 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul --rpcport 22000"
Also WebSockets connection is allowed:
NODE_ARGS=" --ws --wsaddr 127.0.0.0 --wsport 22001 --wsorigins source.com"
NOTE: use of GraphQL will be available soon.
To use your node through web3 applications, some connection method must be enabled. In this case, the following connection methods are offered:
- JSON-RPC connection: you should upgrade the following files, in order to allow
Web3.JS
orEtherJS
connections;docker-compose.yml
allow new connection fromtcp/22000
, or the one defined inalastria-node-data/env/geth.common.sh
related toJSON-RPC
connections.
NOTE: exposing this port should be controlled by any kind of firewall, or using any proxy filtering, as proposed in alastria-access-point project.
- WebSockets connection: please, follow this article Connecting to an Alastria-T Network node using WebSockets created by Ronny Demera, from Tribalyte.
Boot nodes are responsible for permitting the nodes in the network. They are visible to all types of nodes. The boot node should not be used in any case to operate directly with it to interact with the network, so only IPC
ports are allowed.
NODE_ARGS="--maxpeers 200"
The validator nodes should not be used in any case to operate directly with it to interact with the network, so nor JSON-RPC
nor WebSockets
ports are not allowed.
-
istanbul.getValidators
() retrieves the list of validators that make up the validation round. -
istanbul.propose ("0x ...", true)
votes for the validator represented by the coinbase to be integrated into the validation round. It must be accepted by at least half of the nodes. -
istanbul.propose ("0x ...", false)
votes for the validator represented by the coinbase to be excluded from the validation round. It must be rejected by at least half of the nodes. -
istanbul.getSnapshot()
get current status for changes in validator nodes.
$ geth attach alastria/data/geth.ipc
> istanbul.getValidators()
[...]
> istanbul.propose("_coinbase_of_node_validator_", true) #add validator node
> istanbul.propose("_coinbase_of_node_validator_", false) #remove validator node
NODE_ARGS=" --maxpeers 100 --mine --minerthreads $(grep -c "processor" /proc/cpuinfo)"
URL | Managed by | Notes |
---|---|---|
http://netstats.telsius.alastria.io | Planisys | |
https://alastria-netstats2.planisys.net/snapshot/index.html | Planisys | This is generated through Netstats API |
https://blkexplorer1.telsius.alastria.io | CouncilBox | |
https://geth-metrics.planisys.net/ | Planisys | Influxdb generated by geth |
https://alastria-caliper.planisys.net/ | Planisys | Prometheus generated by geth 1.9.7 - quorum 2.6.0 |
The following developments are in place or in backlog. Any help/volunteers are welcomed:
- Create
Ansible
,Swarm
,Makefile
,Chef
,... recipes in order to performingnode
installs. - Upgrade to the new EVM and the new GoQuorum version.
WIP
🔥🔥🔥 - Netstats improvements, to allow this tool to handle a very big number of nodes.
- Validator nodes automatic round, to allow the network to make automatic change of the validator nodes without intervention of the humans administrators, in case of any fault/malfunctioning of the nodes.
- HardFork to upgrade Geth binary to prepare for Gas implementation Faucet or Gas Distributor.
- Upcoming releases of Alastria-T Network will use Orion or EtherSigner as layer for private transactions.
- Promote the use of local explorers.
- Improve monitoring system for nodes in network.
Please, use Github to contribute and collaborate on open issues that are in development on Alastria Github platform. Do not hesitate to contact Alastria Support Team to solve any doubt in support@alastria.io.
The following lines are changes from testnet2 branch:
- Use of Constellation it's no longer supported. Previous documentation can be found in Constellation Using Pivate Transactions in Alastria T.
- Use of
nginx
as proxy it's no longer supported. However, the repository https://github.com/alastria/alastria-access-point it's still available. - Tool
monitor
is deprecated, and no longer used. - The Alastria fork of
quorum
, https://github.com/alastria/quorum it's not used anymore.