en_installation:installation_guide
Installation guide for ELA Blockchain node
Installation guide:
- Create an user which will install and run ElA blockchain node. The user must have sudo rights!
- The easiest way if you are currently logged in as a root:
apt install sudo
adduser youruser
adduser youruser sudo
- Re-log as a new user (directly on server console or remote via ssh)
- With default ssh port 22:
ssh youruser@yourIP„ or „ssh youruser@blockchain.yourDomain
- Different port:
ssh youruser@yourIP -pYourPort“ or „ssh youruser@blockchain.yourDomain -pYourPort
- An example:
ssh ela@blockchain.elachain.cz -p10222
- Downloading the installation .deb package (replace
<ACCESS_TOKEN>
with received token):wget --header "PRIVATE-TOKEN: <ACCESS_TOKEN>" "https://eu-de.git.cloud.ibm.com/api/v4/projects/27078/repository/files/elachain-preq.deb/raw" -O ./elachain-preq.deb
- Check package integrity with
sha256sum elachain-preq.deb
command. Hash of the current package version is:d28e2062252860e724d2f511e257feffa2b2b295bd62d35ee8d5d3900bd6ba3e
- Run installation package
sudo apt install ./elachain-preq.deb
(you have to be in the directory where the package was downloaded) - Run
node_config
command after the installation is complete (without sudo - you have to run this command as a newly created user) - A few y/n questions are followed.
- The first question is about downloading docker images, select „y“, then „y“ again
- You will then be asked to supply the
.install-env
file to the/usr/local/NODE_CONTROL
folder- one option is to use an SCP client, for example WinSCP
- or you can use scp command
scp .install-env youruser
@yourIP:/usr/local/NODE_CONTROL
- or open .install-env file and copy its content to a newly created file with the same name on your server, then save it
- Next is a question about creating an Apache configuration. In most cases, it is desirable to choose „y“. Choose the „n“ option if you have enough experience with the Apache server configuration and you need a specific configuration. Learn more about Apache configuration here
- Then you need to fill in an email to generate an SSL certificate via Let's Encrypt. If you want to use your own SSL certificate, you will need to add its path to
/etc/apache2/sites-available/blockchain.yourDomain.conf
after the installation is complete - more here - The last question concerns the installation of the logDNA service, which allows us to access script logs remotely. To confirm this, enter „y“ again
- Installation of the logDNA service is also possible later by calling
setLogDNA
- After completing
node_config
, it is advisable to restart the computer or relogin the user.- Remotely:
sudo reboot
- After the reboot, run the
install-ela-node
command, which will download the necessary items from our git repositories and download the basic docker images. - Creating node cryptography - in this step you will generate the necessary certificates for node operation
- You must first run the required certification authorities using the command
manage-ela-cas start
- The certificate generation is performed by the
manage-ela-cas generate
command, which by default generates certificates for 2 peers. The command can be modified to generate a specific number of peersmanage-ela-cas generate -p NumberOfPeers
, however, we recommend generating certificates for 2 peers and then turning one off - Subsequently, it is necessary to create a directory structure from the generated certificates suitable for further use. You do this with the command
manage-ela-cas createCryptoConfig
- We need part of these certificates to deploy your node to the network (only the root certificates of the certification authorities, so we do not gain any control over your certification authorities). You can easily generate an archive containing only the necessary certificates using the command
manage-ela-cas createOrgMSPArchive
- The generated
blockchain.yourDomainMSP.tar.gz
archive is located in/var/elachain/ca
directory. You must provide us with this archive so that we can deploy your node to the network. - You must turn off certification authorities to continue the installation:
manage-ela-cas down
- After our response that the deployment of the node to the network was successful, it is possible to continue the installation.
- Update certificates for connection to the ordering service - after deploying the node to the network, you can update the available certificates for connecting to the ordering service using the command
update-ela-node gitOnly
- *OPTIONAL* At this point we can choose which peers will connect to the network and use of the Telegraf monitoring service. Use the
bootstrap-ela-network configure
command to bring up a menu where you can select specific peers.- We recommend leaving both active (if one fails, the node will still work), but if you have low-end HW, you can only select peer0. If you decide to run peer1 in the future, you will need to manually connect it to the channels.
- After completing the selection, „y/n“ statement for enabling or disabling the Telegraf will appear. By enabling it, you allow us to monitor system resource usage and track a number of HFC metrics. This data can help us with possible diagnostics and in improving our service. So we appreciate the permission.
- If you skip this whole step, both peers will be connected by default and Telegraf enabled.
- Now, it is already possible to run the script for the first run of the node
bootstrap-ela-network init
- If node is running correctly we can bootstrap applications and gateway by running
manage-ela-app start
command.- When the gateway bootstrap you will be asked for the number of proxy servers due to the correct functionality of the endpoint limiter. If there are no proxy servers in front of the server, choose N. Otherwise, fill in their number + 1 (EBS setup adds one by itself).
- Installation is now finished. When listing docker containers using
docker ps
, the following containers should be visible:
gateway.blockchain.yourDomain couchdb-gateway.blockchain.yourDomain apps-notarius apps-admin apps-admin-mongo ebs-peer0.blockchain.yourDomain-notarius_cc-"version" ebs-peer0.blockchain.yourDomain-admin_cc-"version" ebs-peer1.blockchain.yourDomain-notarius_cc-"version" ebs-peer1.blockchain.yourDomain-admin_cc-"version" cli peer0.blockchain.yourDomain peer1.blockchain.yourDomain gtw-ca.blockchain.yourDomain couchdb0 couchdb1 monitoring-telegraf
- If the apache server is running correctly at the same time, you can open Notarius application running on your node at the address https://blockchain.yourDomain
- The Admin application can then be found under https://blockchain.yourDomain/admin
en_installation/installation_guide.txt · Poslední úprava: 2023/12/02 22:30 autor: kozak