Setup an EOS Test Node (Block Producer) with SSL + Testnet

in #eos7 years ago (edited)

Intro

As we are preparing our Block Producer candidacy submission, we have been testing various aspects of the EOS Dawn Alpha's and an obvious place to start is to spin up a test node so that you can sync with the network and join a testnet to start to produce blocks.

We've always found that the best way to get to know a new technology is to just dive in with a practical test to see how it works. This guide will take you through setting up a simple single node cloud setup, hooking in SSL and joining an active testnet. This is not a guide on how to prepare a production grade system, but it will get you up and running with a functional node in under an hour. The more people that can get involved with the EOS project the better, we hope this guide helps get you started!

Step 1: Create a fresh Ubuntu 16.04 instance

For this tutorial, we are going to use Digital Ocean, but you can use any cloud provider or any spare machine you have lying around.

To run a node, we need at least 4GB of physical memory, so we need to setup a suitable instance. In the Create Droplet settings use the following settings:

  • Ubuntu 16.04
  • Any droplet with at least 8GB RAM
  • Pick a region you like, think of it like a virtual holiday
  • Add your SSH key
  • Give it a fancy name
  • Hit "Create"

Once its built you should see the server details:

Screen Shot 2018-05-01 at 09.15.11.png

Step 2: Installing the EOS project

Now we have our server, we need to install the EOS project. Thankfully, in the newest Alpha this is much easier than before. SSH onto your freshly baked server, and follow these steps:

  • We are going to use screen here to protect against losing a connection to the server, nothing more upsetting than breaking a long install half way through due to a dodgy wifi connection!

screen -S install

  • Pull in the EOS project and all sub modules

git clone https://github.com/eosio/eos --recursive /opt/eos

  • Move into the cloned directory

cd /opt/eos

  • Fetch the latest version

git checkout DAWN-2018-04-27-ALPHA

  • Fetch the latest submodules

git submodule update --init --recursive

  • Run the installer, thankfully this will take care of installing all dependancies for us

/bin/bash eosio_build.sh

  • It will ask you a few questions:
Do you wish to install these packages?
1) Yes
2) No
#?

Answer with: 1

  • The install takes some time, anyone thats compiled large C++ projects before will know the pain - so go grab a drink and put your feet up whilst all the hard work is done for you. It can take up to an hour for this install to finish depending on the environment, but when its done you should see the following message:
         _______  _______  _______ _________ _______
        (  ____ \(  ___  )(  ____ \\__   __/(  ___  )
        | (    \/| (   ) || (    \/   ) (   | (   ) |
        | (__    | |   | || (_____    | |   | |   | |
        |  __)   | |   | |(_____  )   | |   | |   | |
        | (      | |   | |      ) |   | |   | |   | |
        | (____/\| (___) |/\____) |___) (___| (___) |
        (_______/(_______)\_______)\_______/(_______)

        EOS.IO has been successfully built. 0:48:34

        To verify your installation run the following commands:

        /root/opt/mongodb/bin/mongod -f /root/opt/mongodb/mongod.conf &
        export PATH=${HOME}/opt/mongodb/bin:$PATH
        cd /root/eos/build; make test

        For more information:
        EOS.IO website: https://eos.io
        EOS.IO Telegram channel @ https://t.me/EOSProject
        EOS.IO resources: https://eos.io/resources/
        EOS.IO wiki: https://github.com/EOSIO/eos/wiki

Step 3: SSL

First thing we need for this is a domain name under our control. It can be an existing domain name that you already have, for this example we're going to use a subdomain of our company URL blockmatrix.network.

We have our DNS pointed at Digital Ocean, which makes things nice and easy for us, but this is not essential.

  • Choose a subdomain that you want to use for pointing at the EOS node. We know far too well, naming things is hard... after a lot of deliberation, we've chosen node for this example, original eh?

  • Point your subdomain to the server IP, this can be done in Digital Ocean through the networking section. We want to create an A record:

Screen Shot 2018-05-01 at 09.43.43.png

  • Ok, now head back to the SSH session, we are going to install and use a handy CLI took from the Let's Encrypt team to get a working SSL cert for this subdomain:
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install certbot -y
  • Now we can fetch a cert for our chosen domain name, remember to swap out node.blockmatrix.network for your own subdomain:
sudo certbot certonly --standalone --preferred-challenges http -d node.blockmatrix.network
  • Note: You might see an error like this:
 - The following errors were reported by the server:

   Domain: node.blockmatrix.network
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for
   node.blockmatrix.network

  • This means that the DNS hasn't propagated fully for the new subdomain that you've setup. It might be time for another drink, give it a try in 5-10 minutes. If this persists, check your configuration is correct within the networking tab of Digital Ocean.

  • If all goes well, you should see something like:

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/node.blockmatrix.network/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/node.blockmatrix.network/privkey.pem
   Your cert will expire on 2018-07-30. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
  • Lets copy to a safe config directory, then we are ready for the next stage (again swap out our domain for yours):
mkdir -p /etc/eos
cp /etc/letsencrypt/live/node.blockmatrix.network/fullchain.pem /etc/eos/
cp /etc/letsencrypt/live/node.blockmatrix.network/privkey.pem /etc/eos/

Stage 4: Setting up the testnet

Ok, great effort for getting this far! We are onto the final boss stage. Once we get through this section we will have a shiny SSL testnode that is syncing with the network and producing blocks.

For this example, we are going to reference the awesome Jungle testnet by CryptoLions. They've done a really great job with the setup and are super responsive on their Telegram channel - a perfect example of a great community team.

Github: https://github.com/CryptoLions/EOS-Jungle-Testnet

You can follow the instructions on their readme, but to keep this tutorial 100% complete, we will paraphrase here.

  • Clone the repo:
git clone https://github.com/CryptoLions/EOS-Jungle-Testnet.git /opt/JungleTestnet
  • Set permissions, update the install directory and create a public/private key pair:
cd /opt/JungleTestnet/ && chmod -R +x *.sh Wallet/*.sh
sed -i "s/\/home\/eos-dawn-v3.0.0/\/opt/" *.sh Wallet/*.sh
/bin/bash cleos.sh create key

  • Now we need to pick another name! This time, a jungle animal - we'll go for spidermonkey, register yours at http://jungle.cryptolions.io:9898/monitor/#account referencing the Public key you just created

  • Now we can setup the config file to configure our node, hook into the testnet and to setup SSL access (nano ftw):

nano config.ini

  • Now replace the following lines (this is taken direct from the CryptoLions github):
server address: p2p-server-address = YOUR_NODE_IP_ADDRESS:9876
your producer name: producer-name = YOUR_BP_NAME
created producer keypair: private-key = ["YOUR_PUBKEY","YOUR_PRIVKEY"]
  • Now lets update the SSL config:
http-server-address = 0.0.0.0:8888
https-server-address = 0.0.0.0:443
https-certificate-chain-file = /etc/eos/fullchain.pem
https-private-key-file = /etc/eos/privkey.pem
  • Here is an example of a completed base config.ini file (we changed our private key for this example):
# Limits the maximum time (in milliseconds) processing a single get_transactions call. (eosio::account_history_plugin)
get-transactions-time-limit = 3

genesis-json = "/opt/JungleTestnet/genesis.json"

block-log-dir = "blocks"

# Pairs of [BLOCK_NUM,BLOCK_ID] that should be enforced as checkpoints. (eosio::chain_plugin)
# checkpoint =

#max-reversible-block-time = -1
#max-pending-transaction-time = -1

http-server-address = 0.0.0.0:8888
p2p-listen-endpoint = 0.0.0.0:9876
p2p-server-address = node.blockmatrix.network:9876
access-control-allow-origin = *

p2p-peer-address = jungle.cryptolions.io:9876
p2p-peer-address = dev.cryptolions.io:9876
p2p-peer-address = 193.93.219.219:9876
p2p-peer-address = mowgli.jungle3.eos.roelandp.nl:9876
p2p-peer-address = mosquito.prometeos.io:9877
p2p-peer-address = eosrio.entropia.in:9876
p2p-peer-address = Jungle.eosuk.io:9927
p2p-peer-address = eosgreen.uk.to:9543
p2p-peer-address = bpseoul.eosnodeone.io:9876
p2p-peer-address = whale.eoscalgary.com:9876
p2p-peer-address = bp4-d3.eos42.io:9876
p2p-peer-address = 95.216.20.181:7015
p2p-peer-address = testnet01.eoseoul.io:9901
p2p-peer-address = 46.101.95.5:9876
p2p-peer-address = alessia.hkeos.com:9876
p2p-peer-address = cheetah.jungle3.bptn.eosamsterdam.net:9876
p2p-peer-address = robotikalis.ddns.net:9876
p2p-peer-address = 138.68.238.129:9876
p2p-peer-address = 54.200.153.106:9876
p2p-peer-address = 39.108.231.157:9876
p2p-peer-address = 139.198.3.99:9876
p2p-peer-address = testchain.jscut.org:9876
p2p-peer-address = testnet.eosdublin.io:9878
p2p-peer-address = eosslc.com:9877
p2p-peer-address = jungle.worbli.io:9876
p2p-peer-address = 47.52.18.70:3389
p2p-peer-address = 128.1.133.206:9876
p2p-peer-address = jungle.bpnode.com:6879
p2p-peer-address = 52.58.245.131:9876
p2p-peer-address = 198.58.114.211:9876
p2p-peer-address = 217.115.85.26:9876
p2p-peer-address = 188.117.144.164:9877
p2p-peer-address = quokka.eosreal.io:9886
p2p-peer-address = 5280.duckdns.org:9876
p2p-peer-address = eos-bp.bitfinex.com:9876
p2p-peer-address = 34.251.121.82:9876
p2p-peer-address = 173.212.227.190:9876
p2p-peer-address = avocado-toast.sandwich.farm:9876
p2p-peer-address = 18.219.28.205:9876
p2p-peer-address = test.eosys.io:9874
p2p-peer-address = n2.eosargentina.io:9876
p2p-peer-address = jungle.eossv.org:9876
p2p-peer-address = 13.209.32.21:9876
p2p-peer-address = eos.blockmatrix.network:9876
p2p-peer-address = 159.89.124.54:9876
p2p-peer-address = 174.87.244.128:9876
p2p-peer-address = jungle.eosnation.io:9876
p2p-peer-address = 211.222.107.234:9876

#p2p-peer-address =
#p2p-peer-address =


# SSL
# Filename with https private key in PEM format. Required for https (eosio::http_plugin)
https-server-address = 0.0.0.0:443
# Filename with the certificate chain to present on https connections. PEM format. Required for https. (eosio::http_plugin)
https-certificate-chain-file = /etc/eos/fullchain.pem
# Filename with https private key in PEM format. Required for https (eosio::http_plugin)
https-private-key-file = /etc/eos/privkey.pem


# access-control-allow-headers =
#access-control-allow-credentials = false
mongodb-queue-size = 256

# mongodb-uri =

agent-name = "AgentName"
allowed-connection = any
# peer-key =
# peer-private-key =

log-level-net-plugin = info
max-clients = 120
connection-cleanup-period = 30
network-version-match = 0
sync-fetch-span = 1000
enable-stale-production = false
required-participation = 33

private-key = ["EOS64xfe6AbKUtawiVNiimQ5nqiqTjxx9ttbKjx6aa9NNLvrEcm2t","5P32wKPDwACZxmgAiHk9wE9Y9xMJCfnzGSDXEAU2oSCLoRS4vkB"]
producer-name = spidermonkey

plugin = eosio::producer_plugin
plugin = eosio::chain_api_plugin
plugin = eosio::account_history_plugin
plugin = eosio::account_history_api_plugin
  • Ok, save the file and we are ready to go! Lets fire up the node!

/bin/bash start.sh

  • We should now be able to access the server over SSL at your domain, here is ours: https://node.blockmatrix.network/v1/chain/get_info

  • It will take some time for the node to fully sync with the network, pay close attention to the head_block_time in the JSON output. Once synced, head over to CryptoLions telegram https://t.me/jungletestnet and send them the following info (replace with your own credentials!):

1. Server geographic location: UK, London
2. Organisation/Website: Block Matrix
3. node ip/domain: node.blockmatrix.network
4. http port: 443
5. p2p port: 9876
6. producer name: spidermonkey
7. public key: EOS64xfe6AbKUtawiVNiimQ5nqiqTjxx9ttbKjx6aa9NNLvrEcm2t
  • We can now set up a wallet:
cd Wallet
/bin/bash start_wallet.sh
cd ..
/bin/bash cleos.sh wallet create
/bin/bash cleos.sh wallet import YOUR_PRIVKEY
  • You can check that your wallet keys are successfully registered with:

/bin/bash cleos.sh wallet keys

Stage 5: Congratulations

Once hooked in, you are now a proud Block Producer for an EOS testnet, hopefully this is just the start of your journey into the awesome project of EOS!

Any questions or feedback, just let us know.

#testnet #block #producer #ubuntu
7 years ago in #eos by
$0.54
  • Past Payouts $0.54
  • - Author $0.48
  • - Curators $0.06
8 votes
Reply 2
Sort:  
  • Trending
    • [-]
     7 years ago  

    @blockmatrix, congratulations on making your first post! I gave you a $.05 vote!
    Will you give me a follow? I'll follow you back in return!

    $0.00
      Reply
      [-]
       7 years ago  

      hi
      to run a block producer, connect it to the mainnet, is it a requirement to do it over ssl? (so to have ssl configured on the BP and domain. etc)

      $0.00
        Reply