| Obě strany předchozí revizePředchozí verzeNásledující verze | Předchozí verze |
| en_installation:installation_guide [2022/03/07 13:55] – kozak | en_installation:installation_guide [2023/12/02 22:30] (aktuální) – [Installation guide:] kozak |
|---|
| * ''adduser youruser'' | * ''adduser youruser'' |
| * ''adduser youruser sudo'' | * ''adduser youruser sudo'' |
| - **Re-log under the new user (directly on server console or remote via ssh)** | - **Re-log as a new user (directly on server console or remote via ssh)** |
| * With default ssh port 22: | * With default ssh port 22: |
| * "ssh youruser@yourIP" or "ssh youruser@blockchain.yourDomain" | * ''ssh youruser@yourIP" or "ssh youruser@blockchain.yourDomain'' |
| * Different port: | * Different port: |
| * "ssh youruser@yourIP -pYourPort" or "ssh youruser@blockchain.yourDomain -pYourPort" | * ''ssh youruser@yourIP -pYourPort" or "ssh youruser@blockchain.yourDomain -pYourPort'' |
| * An example: | * An example: |
| * ''ssh ela@blockchain.elachain.cz -p10222 '' | * ''ssh ela@blockchain.elachain.cz -p10222 '' |
| - **Download installation .deb package.** | - **Downloading the installation .deb package ****(replace ''<ACCESS_TOKEN>'' with received token):** |
| * Download directly via wget ''wget [[https://eu-de.git.cloud.ibm.com/vodsedalek/ela-preq-package-packaged/raw/master/elachain-preq.deb|https://eu-de.git.cloud.ibm.com/vodsedalek/ela-preq-package-packaged/raw/master/elachain-preq.deb]]'' | * <code>wget --header "PRIVATE-TOKEN: <ACCESS_TOKEN>" "https://eu-de.git.cloud.ibm.com/api/v4/projects/27078/repository/files/elachain-preq.deb/raw" -O ./elachain-preq.deb</code> |
| - **Check package integrity with **''sha256sum elachain-preq.deb'' ** command. Hash of the current package is: **''ae201cff5f0e4ee374e5b3d4cdae615c3a5f0a9d2a3d563026f8984796beddd1'' | - **Check package integrity with **''sha256sum elachain-preq.deb'' ** command. Hash of the current package version is: **''d28e2062252860e724d2f511e257feffa2b2b295bd62d35ee8d5d3900bd6ba3e'' |
| - **Run installation package **''sudo apt install ./elachain-preq.deb'' (you have to be in the directory where the package was downloaded) | - **Run installation package **''sudo apt install ./elachain-preq.deb'' (you have to be in the directory where the package was downloaded) |
| - **Run **''node_config'' ** command after the installation is complete ** (without sudo - you have to run this command under newly created user) | - **Run **''node_config'' ** command after the installation is complete ** (without sudo - you have to run this command as a newly created user) |
| - **During the proccess Docker images will be downloaded and you will be asked for delivery **''.install-env'' **file into the **''/usr/local/NODE_CONTROL'' ** directory** | - **A few y/n questions are followed.** |
| - one option is to use an SCP client, for example WinSCP | * The first question is about downloading docker images, select "y", then "y" again |
| - or you can use scp command ''scp .install-env youruser''''@yourIP:/usr/local/NODE_CONTROL'' | * You will then be asked to supply the ''.install-env'' file to the ''/usr/local/NODE_CONTROL'' folder |
| - or open .install-env file and copy its content to a newly created file with the same name on your server, then save it | * one option is to use an SCP client, for example WinSCP |
| - **A few y/n questions are followed. ** | * or you can use scp command ''scp .install-env youruser''''@yourIP:/usr/local/NODE_CONTROL'' |
| * First to create an apache configuration. In most cases, it is desirable to choose "y". Choose the 'n' option if you have enough experience with apache server configuration and need a specific configuration. | * or open .install-env file and copy its content to a newly created file with the same name on your server, then save it |
| * Then there is a option to generate an ssl certificate for your chosen domain. If you want to generate a free ssl certificate using Let's Encrypt, select 'y'. Follow the Let's Encrypt guide to generate the certificate. If you have or want to use another ssl certificate, copy the certificates according to the configuration script list. If you have certificates in another format, it is up to you to modify the apache server configuration. | * Next is a question about creating an Apache configuration. In most cases, it is desirable to choose "y". Choose the "n" option if you have enough experience with the Apache server configuration and you need a specific configuration. Learn more about Apache configuration [[:en_installation:apache|here]] |
| * If the SSL certificate generation fails, the apache server will not start. You can try to regenerate the certificate using the following commands: | * Then you need to fill in an email to generate an SSL certificate via Let's Encrypt. If you want to use your own SSL certificate, you will need to add its path to ''/etc/apache2/sites-available/blockchain.yourDomain.conf'' after the installation is complete - more [[:en_installation:apache|here]] |
| * ''sudo certbot certonly <nowiki>--</nowiki>standalone -d blockchain.yourDomain'' | * The last question concerns the installation of the logDNA service, which allows us to access script logs remotely. To confirm this, enter "y" again |
| * subsequently, you still need to restart the apache server using ''sudo systemctl restart apache2'' | * Installation of the logDNA service is also possible later by calling ''setLogDNA'' |
| * The following question concerns the installation of the logDNA service, which allows us to access script logs remotely. To confirm this, enter "y" again. | |
| * Installation of the logdna service is also possible later by calling ''setLogDNA'' | |
| * The last question concerns the authorization of the collectD service. By enabling it, you allow us to monitor system resource usage and track a number of HFC metrics. This data can help us with possible diagnostics and in improving our service. So we appreciate her permission. | |
| - **After completing **''node_config'' **, it is advisable to restart the computer or relogin the user.** | - **After completing **''node_config'' **, it is advisable to restart the computer or relogin the user.** |
| * Remotely: ''sudo reboot'' | * Remotely: ''sudo reboot'' |
| - **After the reboot, run the **''install-ela-node'' ** command, **which will download the necessary items from our git repositories and download the basic docker images. | - **After the reboot, run the **''install-ela-node'' ** command, **which will download the necessary items from our git repositories and download the basic docker images. |
| - **Node cryptography generation **- in this step you will generate the necessary certificates for node operation | - **Creating node cryptography **- in this step you will generate the necessary certificates for node operation |
| * You must first run the required certification authorities using the command ''manage-ela-cas start'' | * You must first run the required certification authorities using the command ''manage-ela-cas start'' |
| * The certificate generation is performed by the ''manage-ela-cas generate'' command, which by default generates certificates for 2 peers. The command can be modified to generate a specific number of peers ''manage-ela-cas generate -p NumberOfPeers'', however, we recommend generating certificates for 2 peers and then turning one off | * The certificate generation is performed by the ''manage-ela-cas generate'' command, which by default generates certificates for 2 peers. The command can be modified to generate a specific number of peers ''manage-ela-cas generate -p NumberOfPeers'', however, we recommend generating certificates for 2 peers and then turning one off |
| * **After our response that the deployment of the node to the network was successful, it is possible to continue the installation.** | * **After our response that the deployment of the node to the network was successful, it is possible to continue the installation.** |
| - **Update certificates for connection to the ordering service** - after deploying the node to the network, you can update the available certificates for connecting to the ordering service using the command ''update-ela-node gitOnly'' | - **Update certificates for connection to the ordering service** - after deploying the node to the network, you can update the available certificates for connecting to the ordering service using the command ''update-ela-node gitOnly'' |
| - ***OPTIONAL* At this point we can choose which peers will connect to the network.** Use the ''bootstrap-ela-network configure'' command to bring up a menu where you can select specific peers. We recommend leaving both active (if one fails, the node will still work), but if you have low-end HW, you can only select peer0. If you decide to run peer1 in the future, you will need to manually connect it to the channels. If you skip this whole step, both peers will be connected by default. | - ***OPTIONAL* At this point we can choose which peers will connect to the network and use of the Telegraf monitoring service. **Use the ''bootstrap-ela-network configure'' command to bring up a menu where you can select specific peers. |
| | * We recommend leaving both active (if one fails, the node will still work), but if you have low-end HW, you can only select peer0. If you decide to run peer1 in the future, you will need to manually connect it to the channels. |
| | * After completing the selection, "y/n" statement for enabling or disabling the Telegraf will appear. By enabling it, you allow us to monitor system resource usage and track a number of HFC metrics. This data can help us with possible diagnostics and in improving our service. So we appreciate the permission. |
| | * If you skip this whole step, both peers will be connected by default and Telegraf enabled. |
| - **Now, it is already possible to run the script for the first run of the node **''bootstrap-ela-network init'' | - **Now, it is already possible to run the script for the first run of the node **''bootstrap-ela-network init'' |
| - **If node is running correctly we can bootstrap applications and gateway by running **''manage-ela-app start'' **command.** | - **If node is running correctly we can bootstrap applications and gateway by running **''manage-ela-app start'' **command.** |
| | * When the gateway bootstrap you will be asked for the number of proxy servers due to the correct functionality of the endpoint limiter. If there are no proxy servers in front of the server, choose N. Otherwise, fill in their number + 1 (EBS setup adds one by itself). |
| - **Installation is now finished. When listing docker containers using **''docker ps'' **, the following containers should be visible:** | - **Installation is now finished. When listing docker containers using **''docker ps'' **, the following containers should be visible:** |
| <code> | <code> |
| couchdb0 | couchdb0 |
| couchdb1 | couchdb1 |
| | monitoring-telegraf |
| | |
| |
| </code> | </code> |
| * If the apache server is running correctly at the same time, you can open Notarius application running on your node at the address https://blockchain.yourDomain | * If the apache server is running correctly at the same time, you can open Notarius application running on your node at the address [[https://blockchain.yourDomain|https://blockchain.yourDomain]] |
| * The Admin application can then be found under https://blockchain.yourDomain/admin | * The Admin application can then be found under [[https://blockchain.yourDomain/admin|https://blockchain.yourDomain/admin]] |
| |
| |
