Starting the network

Creating infrastructure

Make sure that you have gcloud installed, terraform installed and configured.

Git clone

Initialise git-crypt inside the repo. This will be used to encrypt .pem files for SSL while transferring them to validator node.

1 git-crypt init

Export git-crypt key. Keep it safe!

1 git-crypt export-key ~/rshard-git-crypt-secret.key

Generate network files

1 ./scripts/generate-network-files network-files mainnet 9

This script will create necessary files for all nodes without private and public keys filled in.

Add and commit changes

1 2 git add -A git commit -m "Nodes added"

Set paths to wallets an bonds files inside ./

Add and commit changes

1 2 git add -A git commit -m "Wallets and bonds files added"

Now deploy the network infrastructure using Google Cloud

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 cd terraform terraform init terraform apply # For var.rshard-git-deploy-key input path to ssh deploy key that # has read access to repository # to check if key works GIT_SSH_COMMAND='ssh -i <path_to_key>' # git clone # For var.rshard-secret-key input path to the git-crypt key exported previously # This will be uploaded to /root/rshard-git-crypt-secret.key of the nodes servers # to decrypt validator keys on the server ......... Plan: 33 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes

Wait till network infrastructure is installed.

1 Apply complete! Resources: 36 added, 0 changed, 0 destroyed.

Starting the nodes

Prepare 9 key pairs for validators. Adjust the following config files.

1 2 network-files/node{0-8}/rnode.conf.d/90-node-private.conf - put here private keys (9) network-files/node{0-8}/rnode.conf.d/80-node.conf - put here public keys (9)

Replace existing config files on servers containing dummy keys with the real ones.

1 for num in {0..8}; do scp -r ./network-files/node$num/rnode.conf.d/* root@node$; done

Start the nodes

1 for num in {0..8}; do ssh -o StrictHostKeyChecking=no root@node$ "chmod +x /opt/rshard/;/opt/rshard/"; done

Pull configuration files used to run the nodes to your local machine. These files are required to restart RNode and should be kept secret as they contain private keys.

1 for num in {0..8}; do scp root@node$ ./node$num.rnode.conf; done

Delete config files containing private keys from the remote servers.

1 for num in {0..8}; do ssh root@node$ rm /var/lib/rnode/rnode.conf; done

Pull .pem keys and certificates from servers. Leave them on servers.

1 2 for num in {0..8}; do scp root@node$ ./node$num.node.key.pem; done for num in {0..8}; do scp root@node$ ./node$num.node.certificate.pem; done


Ceremony master

Peers node{1-8}

To restart the node operator should place config file that corresponds this particular node back and use the following command. Substitute rchain/rnode:v0.9.22 with required release version. After node is started - remove config file again.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 docker stop rnode && docker rm rnode # Copy config file # e.g. scp ~/node.conf docker run -d --name=rnode --network=host -v /var/lib/rnode:/var/lib/rnode \ -v /var/lib/rnode-diag/current:/var/lib/rnode-diag/current \ -v /var/lib/rnode-static:/var/lib/rnode-static:ro rchain/rnode:v0.9.22 \ -XX:+HeapDumpOnOutOfMemoryError \ -XX:HeapDumpPath=/var/lib/rnode-diag/current/heapdump_OOM.hprof \ -XX:+ExitOnOutOfMemoryError -XX:ErrorFile=/var/lib/rnode-diag/current/hs_err.log \ -XX:MaxJavaStackTraceDepth=100000 -Dlogback.configurationFile=/var/lib/rnode-static/logback.xml \ -c /var/lib/rnode/rnode.conf '-J-Xms26g' '-J-Xmx26g' \ run --network mainnet --bootstrap 'rnode://' # Delete config file # ssh -c "rm /var/lib/rnode/rnode.conf"