Alastria-T Network is a GoQuorum public-permissioned network that uses the IBFT 1.0 consensus algorithm, and it's managed by Alastria partners.
GoQuorum it's a fork of Geth (the Official Go implementation of the Ethereum protocol) ownership by Consensys that implements Raft and IBFT consensus algorithm, and is licensed under the GNU Lesser General Public License v3.0
In Alastria-T Network there are 3 types of nodes.
Web3.JS
, EtherJS
and Smart Contracts
, and should be the option for deploy uses cases of Blockchain. There are 2 main steps to set up an Alatria Node:
1. Installation & configuration: Follow the Docker installation steps and your node will be ready to be permissioned.
2. Getting permissioned: In order to use Alastria Network, your node must be previously accepted, after filling the form.
If a member wants to remove a node from the network, please send us a removal request using the same electronic form.
The following process explain the installation for a Regular (also called general) nodes:
Clone or download this repository to the machine where you want to install and operate the Red T node and enter into the cloned directory.
:fire: Edit the .env
file and modify the lines with:
- NODE_TYPE if your not sure what option its need, select general
- NODE_NAME attribute according to the name you want for this node. The name SHOULD follow the convention:
TYPE_COMPANY_T_Y_Z_NN
Where TYPE is the rol for the node in the network (use REG
for regular/general nodes), XX is your company/entity name, Y is the number of processors of the machine, Z is the amount of memory in Gb and NN is a sequential counter for each machine that you may have (starting at 00). For example:
NODE_NAME="REG_IN2_T_2_8_00"
NODE_NAME="REG_DigitelTS_T_2_8_00"
This is the name that will appear in the public listings of nodes of the network. It does not have any other usage.
:fire: Edit the docker-compose.yml
file, and make your own changes.
In the root directory of the repository (where the file docker-compose.yml
exists) run:
$ docker-compose up -d
$ docker-compose logs -f --tail=20
You should see the node initializing and starting to try to contact peers. However, the node is not yet permissioned, so it can not participate in the blockchain network yet.
All nodes in Alastria Networks must be permissioned. To ask for permission you must enter your data in this electronic form, providing these information of your node:
1. ENODE: String ENODE from ENODE_ADDRESS (enode://ENODE@IP:21000?discport=0)
2. Public IP: The external IP of your node.
3. System details: Hosting provider, number of cores (vCPUs), RAM Memory and Hard disk size.
In order to get permissioning, follow these steps to get the information that you will be asked for in the previous form:
$ docker exec -it REG_ExampleOrg_T_2_8_00 geth --exec "admin.nodeInfo.enode" attach /root/alastria/data/geth.ipc
$ curl https://ifconfig.me/
Now it's time to start knowing more about GoQuorum
:
NOTE: Don't follow this instructions if you never started the syncing process (or if you are not sure about it)
If your node is fully synced with the chain, you can skip step 1. To see if your node is still syncing or not, you can use the following RPC call:
$ curl -X POST -H "Content-type: application/json" --data '{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}' http://127.0.0.1:22000
If the response contains a "result":false
, your node is already synced and you can go ahead to step 2.
For GoQuorum versions strictly higher than v21.1.0 the node won't sync with the chain. To get your node syncing you must downgrade your node's version to v21.1.0, or less. Also, you must set the syncing option to fast: --syncmode fast
.
Once your node is fully synced, you can got to step 2.
To upgrade your node's GoQuorum version you must follow this instructions:
If your installation was done with docker-compose everything is set up in the container and there's nothing else to do :tada:
However, if your installation was done prior to June 2022, ensure you have the more up-to-date code running in your machine following these steps:
docker-compose down
docker-compose.yml
and the .env
files to make sure you don't lose any configurationgit pull
docker-compose.yml
and the .env
files if you need a custom configuration in volumes
and ports
sections, and to set the type and the name of your nodedocker-compose up --build -d
Hardware | Minimum | Desired |
---|---|---|
CPU's | 2 | 4 |
Memory | 4Gb (8Gb for Validator nodes) | 8Gb (16Gb for Validator nodes) |
Hard Disk | 300 Gb | 512 Gb |
DLT database grows 1Gb/week: keep in mind for future updates. SSD disc it's also mandatory.
The following ports must be open, at least, to the nodes defined in the /root/alastria/data/static-nodes.json
and /root/alastria/data/permissioned-nodes.json
files. We recommend that these ports be universally open: the whisper protocol
defined in GoQuorum
is robust enough to be published without the need for control through the firewall.
Port | Type | Definition |
---|---|---|
21000 | TCP/UDP | Geth process application port (inbound and outbound for ethereum traffic) |
53 | TCP/UDP | Access to external Internet based resolvers |
6060 | TCP | Scraping Prometheus metrics from Alastria from IP address 18.201.52.140 |
tcp/21000
and udp/21000
port are mandatory, as is the common standard for the Alastria-T Network.
Other ports are optional, and can be used from applications like Metamask
, Truffle
or Remix
Port | Type | Definition |
---|---|---|
22000 | TCP | Optional port for JSON-RPC connections |
22001 | TCP | Optional port for WebSockets connections |
Some parameters are high hardcoded in this installer, but can be change:
/root/alastria/data
as the main directory.GoQuorum
and Go
versions: Changing the alastria-node/Dockerfile
it's easy to change the build version.docker-compose.yml
, in volumes tag.geth.node.bootnode.sh
, geth.node.general.sh
or geth.node.validator.sh
.These variables should be use for any script in:
NODE_TYPE=[general|boot|validator]
: Rol for your node in the network.NODE_NAME=REG_ExampleOrg_T_2_8_00
: Name for your node.NODE_BRANCH=main
: Used for future improvements.The default Alastria configuration exposes GoQuorum metrics on the tcp/6060
port and provides the http://node_ip:6060/debug/metrics/prometheus endpoint for integration into your local monitoring infrastructure. For more information on this topic, refer to the "Metrics collection" section in https://blog.ethereum.org/2019/07/10/geth-v1-9-0 and https://grafana.com/grafana/dashboards/14360-goquorum-overview/. Please, keep this access restricted to authorized hosts, as described in the documentation.
NOTE: Keep this access restricted to authorized hosts, as
You can use the standard docker-compose commands to manage your node. For example:
# Stop node:
$ docker-compose down
# To restart the node:
$ docker-compose restart
# Delete current container
$ docker rm REG_ExampleOrg_T_2_8_00
Node management is done through the geth console. It can be accessed through the following commands:
$ geth attach http://localhost:22000 (in case geth were started with --rpc options)
# or
$ geth attach /root/alastria/data/geth.ipc
$ curl -X POST --header 'Content-Type: application/json' --data '{"jsonrpc":"2.0","method":"admin_nodeInfo","params":[], "id":1}' http://127.0.0.1:22
000
The commands can be invoked from the Docker client, or by accessing the container:
$ docker ps -a
# or
$ docker exec -it <container_name> /bin/bash
Some useful commands:
root@62369c8b018e:/usr/local/bin# geth attach /root/alastria/data/geth.ipc
Welcome to the Geth JavaScript console!
instance: Geth/REG_DigitelTS-pre_T_2_4_00/v1.8.18-stable(quorum-v2.2.3-0.Alastria_EthNetstats_IBFT)/linux-amd64/go1.9.5
coinbase: 0x1e02232b297055717e3381ad458f8b23cb9ada03
at block: 60568501 (Mon, 25 Jan 2021 21:37:51 UTC)
datadir: /root/alastria/data
modules: admin:1.0 debug:1.0 eth:1.0 istanbul:1.0 miner:1.0 net:1.0 personal:1.0 rpc:1.0 txpool:1.0 web3:1.0
> personal.newAccount()
Passphrase:
Repeat passphrase:
"0x1234..."
> admin.peers
> admin.nodeInfo
> eth.blockNumber
> eth.syncing
> eth.mining
> eth.coinbase
> web3.version.network
> net.peerCount
> admin.datadir
> txpool.status
Full documentacion can be found in https://geth.ethereum.org/docs/interface/javascript-console
An easy way to test that your node is operating normally is to generate a fund transfer transaction from the node's account, itself from 0 weis.
> personal.unlockAccount(eth.accounts[0],"_your_eth0_password_",2000)
> Unlock account 0x1234...
Passphrase:
true
> eth.sendTransaction({from: eth.accounts[0], to: eth.accounts[0], value:0 })
"0x1234..."
If the transaction appears in Alastria-T Network explorer, the node it's working correctly.
The following items should be backed up:
/root/alastria/data/geth/nodekey
: This file contains the cryptographic information for joying the network. This file can be restored to start over a new installation without restarting the permissioning process./root/alastria/data/keystore/
: This directory contains local accounts created from the node.
LevelDB is the storaga format used by geth
(and GoQuorum
):
$ ./geth export /mnt/dump.gz --datadir /root/alastria/geth_root_directory --syncmode full
$ cp /root/alastria/data/geth/nodekey <enode-backup>
$ geth removedb_DONOTDELETEACCIDENTALY --datadir /root/alastria/data
$ geth --datadir /root/alastria/data init /root/genesis.json
$ cp <enode-backup> /root/alastria/data/geth/nodekey
$ (restart-container)
As the T-network uses the Istanbul BFT consensus protocol, the way to generate new blocks in the test-net is to have validator nodes available in the network and integrate them into the set of nodes that are part of the validation round.
Each round is initiated by a different node that "proposes" a set of transactions in a block and distributes them to the rest of the nodes.
The validator nodes must focus on operating the consensus protocol, integrating the transactions in the blockchain and distributing them to the rest of the nodes.
NODE_ARGS=' --rpc --rpcaddr 0.0.0.0 --rpcport 22000 --rpccorsdomain "*" --rpcvhosts "*" --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul'
Also WebSockets connection is allowed:
NODE_ARGS=${NODE_ARGS}' --ws --wsaddr 0.0.0.0 --wsport 22001 --wsorigins "*" --wsapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul'
NOTE: use of GraphQL will be available soon.
To use your node through web3 applications, some connection method must be enabled. In this case, the following connection methods are offered:
Web3.JS
or EtherJS
connections; docker-compose.yml
allow new connection from tcp/22000
, or the one defined in alastria-node-data/env/geth.common.sh
related to JSON-RPC
connections.
NOTE: exposing this port should be controlled by any kind of firewall, or using any proxy filtering, as proposed in alastria-access-point project.
Boot nodes are responsible for permitting the nodes in the network. They are visible to all types of nodes. The boot node should not be used in any case to operate directly with it to interact with the network, so only IPC
ports are allowed.
NODE_ARGS="--maxpeers 256"
The validator nodes should not be used in any case to operate directly with it to interact with the network, so nor JSON-RPC
nor WebSockets
ports are not allowed.
istanbul.getValidators()
retrieves the list of validators that make up the validation round.
istanbul.propose ("0x ...", true)
votes for the validator represented by the coinbase to be integrated into the validation round. It must be accepted by at least half of the nodes.
istanbul.propose ("0x ...", false)
votes for the validator represented by the coinbase to be excluded from the validation round. It must be rejected by at least half of the nodes.
istanbul.getSnapshot()
get current status for changes in validator nodes.
$ geth attach alastria/data/geth.ipc
> istanbul.getValidators()
[...]
> istanbul.getSnapshot()
[...]
> istanbul.getSignersFromBlock()
[...]
> istanbul.propose("_coinbase_of_node_validator_", true) #add validator node
> istanbul.propose("_coinbase_of_node_validator_", false) #remove validator node
>
NODE_ARGS=" --maxpeers 32 --mine --miner.gastarget 8000000 --miner.gaslimit 10000000 --minerthreads $(grep -c "processor" /proc/cpuinfo) --miner.extradata $NODE_NAME"
Red T CBX Network Explorer - Hosted by CouncilBox
Red T Network Monitor (login alastria/alastria) - Hosted by Alastria :raised_hands:
The following developments are in place or in backlog. Any help/volunteers are welcomed:
Ansible
, Swarm
, Makefile
, Chef
,... recipes in order to performing node
installs.WIP
:fire::fire::fire:Please, use Github to contribute and collaborate on open issues that are in development on Alastria Github platform. Do not hesitate to contact Alastria Support Team to solve any doubt in support@alastria.io.
The following lines are changes from testnet2 branch:
nginx
as proxy it's no longer supported. However, the repository https://github.com/alastria/alastria-access-point it's still available.monitor
is deprecated, and no longer used.quorum
, https://github.com/alastria/quorum it's not used anymore.GoQuorum
use HDWallet for accesing the node. This is an example:const fs = require("fs");
const HDWalletProvider = require("@truffle/hdwallet-provider");
const keythereum = require('keythereum');
/**
* Use https://iancoleman.io/bip39/ for generate a .secret file
*/
const mnemonic = fs.readFileSync(".secret").toString().trim();
const localNode = "http://your-node:22000"
module.exports = {
networks: {
'alastriaT': {
gasPrice: 0x0,
provider: () => {
return new HDWalletProvider(mnemonic, localNode);
},
network_id: "83584648538",
},
},
compilers: {
solc: {
version: "0.5.17",
settings: {
optimizer: {
enabled: true,
runs: 100
},
evmVersion: "byzantium"
}
}
}
}
# Stop the contanier
# Be sure about the directory you are working on
# Make a copy of the private key (the nodekey file)
# Delete the old database
# Decompress de the new one
# Restore the private key
# Start the container
# Example
$ docker stop <contaner_name>
$ pwd
/home/ubuntu/alastria-t-boot/data
$ ls -ltr
total 84
drwx------ 2 root root 4096 Apr 19 2023 keystore
-rw-r--r-- 1 root root 12 Apr 25 2023 INITIALIZED
-rwxr-xr-x 1 root root 36040 Mar 14 17:17 static-nodes.json
-rwxr-xr-x 1 root root 36040 Mar 14 17:17 permissioned-nodes.json
drwxr-xr-x 5 root root 4096 Mar 14 17:17 geth
srw------- 1 root root 0 Mar 14 17:17 geth.ipc
$ cp geth/nodekey /root/nodekey.root
$ rm -rf geth_DONOTCOPYANDPASTE
$ tar zxvf geth.20240302.179598083.tar.gz -C .
$ cp /root/nodekey.root geth/nodekey
$ docker start <contaner_name>
Other guides related with operation of Alastria Node are available in following documents:
Alastria-T Network Operation and Government Policies (en_GB)
Alastria-T Network Operation and Government Policies (es_ES)
Conditions of operation of the Alastria-T Network Regular Nodes (en_GB)
Conditions of operation of the Alastria-T Network Regular Nodes (es_ES)
Conditions of operation of the Alastria-T Network Critical (boot && validator) Nodes (en_GB)
Conditions of operation of the Alastria-T Network Critical (boot && validator) Nodes (es_ES)
Based on the work of: