frostfs-node/cmd/neofs-adm/docs/deploy.md
Elizaveta Chichindaeva cc7a723d77 [] English Check
Signed-off-by: Elizaveta Chichindaeva <elizaveta@nspcc.ru>
2022-05-11 10:40:02 +03:00

7.1 KiB

Step-by-step private NeoFS deployment

This is a short guide on how to deploy a private NeoFS storage network on bare metal without docker images. This guide does not cover details on how to start consensus, Alphabet, or Storage nodes. This guide covers only neofs-adm related configuration details.

Prerequisites

To follow this guide you need:

  • latest released version of neo-go (v0.97.2 at the moment),
  • latest released version of neofs-adm utility (v0.25.1 at the moment),
  • latest released version of compiled neofs-contract (v0.11.0 at the moment).

Step 1: Prepare network configuration

To start a network, you need a set of consensus nodes, the same number of Alphabet nodes and any number of Storage nodes. While the number of Storage nodes can be scaled almost infinitely, the number of consensus and Alphabet nodes can't be changed so easily right now. Consider this before going any further.

It is easier to useneofs-adm with a predefined configuration. First, create a network configuration file. In this example, there is going to be only one consensus / Alphabet node in the network.

$ neofs-adm config init --path foo.network.yml
Initial config file saved to foo.network.yml

$ cat foo.network.yml 
rpc-endpoint: https://neo.rpc.node:30333
alphabet-wallets: /home/user/deploy/alphabet-wallets
network:
  max_object_size: 67108864
  epoch_duration: 240
  basic_income_rate: 0
  fee:
    audit: 0
    candidate: 0
    container: 0
    withdraw: 0
credentials:
  az: hunter2

For private installation, it is recommended to set all fees and basic income rate to 0.

As for epoch duration, consider consensus node block generation frequency. With default 15 seconds per block, 240 blocks are going to be a 1-hour epoch.

For max object size, 67108864 (64 MiB) or 134217728 (128 MiB) should provide good chunk distribution in most cases.

With this config, generate wallets (private keys) of consensus nodes. The same wallets will be used for Alphabet nodes. Make sure, that dir for alphabet wallets already exists.

$ neofs-adm -c foo.network.yml morph generate-alphabet --size 1
size: 1
alphabet-wallets: /home/user/deploy/alphabet-wallets
wallet[0]: hunter2

Do not lose wallet files and network config. Store it in an encrypted backed up storage.

Step 2: Launch consensus nodes

Configure blockchain nodes with the generated wallets from the previous step. Config examples can be found in neo-go repository.

Gather public keys from all generated wallets. We are interested in the first simple signature contract public key.

$ neo-go wallet dump-keys -w alphabet-wallets/az.json 
NitdS4k4f1Hh5mbLJhAswBK3WC2gQgPN1o (simple signature contract):
02c1cc85f9c856dbe2d02017349bcb7b4e5defa78b8056a09b3240ba2a8c078869

NiMKabp3ddi3xShmLAXhTfbnuWb4cSJT6E (1 out of 1 multisig contract):
02c1cc85f9c856dbe2d02017349bcb7b4e5defa78b8056a09b3240ba2a8c078869

NiMKabp3ddi3xShmLAXhTfbnuWb4cSJT6E (1 out of 1 multisig contract):
02c1cc85f9c856dbe2d02017349bcb7b4e5defa78b8056a09b3240ba2a8c078869

Put the list of public keys into ProtocolConfiguration.StandbyCommittee section. Specify the wallet path and the password in ApplicationConfiguration.P2PNotary and ApplicationConfiguration.UnlockWallet sections. If config includes ProtocolConfiguration.NativeActivations section, add notary contract Notary: [0].

ProtocolConfiguration:
  StandbyCommittee:
    - 02c1cc85f9c856dbe2d02017349bcb7b4e5defa78b8056a09b3240ba2a8c078869
  NativeActivations:
    Notary: [0]
ApplicationConfiguration:
  P2PNotary:
    Enabled: true
    UnlockWallet:
      Path: "/home/user/deploy/alphabet-wallets/az.json"
      Password: "hunter2"
  UnlockWallet:
    Path: "/home/user/deploy/alphabet-wallets/az.json"
    Password: "hunter2"

Then, launch consensus nodes. They should connect to each other and start producing blocks in consensus. You might want to deploy additional RPC nodes at this stage because Storage nodes should be connected to the chain too. It is not recommended to use a consensus node as an RPC node due to security policies and possible overload issues.

Step 3: Initialize sidechain

Use archive with compiled NeoFS contracts to initialize the sidechain.

$ tar -xzvf neofs-contract-v0.11.0.tar.gz 

$ ./neofs-adm -c foo.network.yml morph init --contracts ./neofs-contract-v0.11.0
Stage 1: transfer GAS to alphabet nodes.
Waiting for transactions to persist...
Stage 2: set notary and alphabet nodes in designate contract.
Waiting for transactions to persist...
Stage 3: deploy NNS contract.
Waiting for transactions to persist...
Stage 4: deploy NeoFS contracts.
Waiting for transactions to persist...
Stage 4.1: Transfer GAS to proxy contract.
Waiting for transactions to persist...
Stage 5: register candidates.
Waiting for transactions to persist...
Stage 6: transfer NEO to alphabet contracts.
Waiting for transactions to persist...
Stage 7: set addresses in NNS.
Waiting for transactions to persist...
NNS: Set alphabet0.neofs -> f692dfb4d43a15b464eb51a7041160fb29c44b6a
NNS: Set audit.neofs -> 7df847b993affb3852074345a7c2bd622171ee0d
NNS: Set balance.neofs -> 103519b3067a66307080a66570c0491ee8f68879
NNS: Set container.neofs -> cae60bdd689d185901e495352d0247752ce50846
NNS: Set neofsid.neofs -> c421fb60a3895865a8f24d197d6a80ef686041d2
NNS: Set netmap.neofs -> 894eb854632f50fb124412ce7951ebc00763525e
NNS: Set proxy.neofs -> ac6e6fe4b373d0ca0ca4969d1e58fa0988724e7d
NNS: Set reputation.neofs -> 6eda57c9d93d990573646762d1fea327ce41191f
Waiting for transactions to persist...

Step 4: Launch Alphabet nodes

Configure Alphabet nodes with the wallets generated in step 1. For morph.validators use a list of public keys from ProtocolConfiguration.StandbyCommittee.

wallet:
  path: "/home/user/deploy/alphabet-wallets/az.json"
  password: "hunter2"
  account: "NitdS4k4f1Hh5mbLJhAswBK3WC2gQgPN1o"

morph:
  validators:
    - 02c1cc85f9c856dbe2d02017349bcb7b4e5defa78b8056a09b3240ba2a8c078869

contracts:
  alphabet:
    amount: 1

Step 4: Launch Storage node

Generate a new wallet for a Storage node.

$ neofs-adm -c foo.network.yml morph generate-storage-wallet --storage-wallet ./sn01.json --initial-gas 10.0
New password > 
Waiting for transactions to persist...

$ neo-go wallet dump-keys -w sn01.json 
Ngr7p8Z9S22XDH6VkUG9oXobv8zZRAWwwv (simple signature contract):
0355eccb72cd46f09a3e5237eaa0f4949cceb5ecfa5a225bd3bb9fd021c4d75b85

Configure the Storage node to use this wallet.

node:
  wallet:
    path: "/home/user/deploy/sn01.json"
    address: "Ngr7p8Z9S22XDH6VkUG9oXobv8zZRAWwwv"
    password: "foobar"

The storage node will be included in the network map in the next NeoFS epoch. To speed up this process, you can increment epoch counter immediately.

$ neofs-adm -c foo.network.yml morph force-new-epoch
Current epoch: 8, increase to 9.
Waiting for transactions to persist...

After that, NeoFS Storage is ready to work. You can access it directly or with protocol gates.