Initial Setup Process:
-
- Sign up for a Sendgrid account
- Sendgrid API Key (optional, required for Mercata Marketplace email notifications) – register and get on at https://sendgrid.com
- Go to sendgrid.com, login or create an account -> Settings (on the left) -> API Keys -> Create API Key:
- API Key Name: <choose_your_key_name>
- API Key Permissions: Restricted Access -> Check the “Mail Send”/”Mail Send” only -> click “Create & View”
- Sign up for a Sendgrid account
- Keep the API key for steps below
- Purchase a domain name (if you do not have one already)
- Example: https://aws.amazon.com/route53/
- Purchase an SSL certificate for domain
- Example: https://www.ssls.com/#certs
- Download SSL files from SSL issuer
- Extract SSL private key and certificate zip files to local machine
- Deploy linux VM (based on VM requirements)
- AWS (Supported today)
- Login to AWS Console
- In Console Home, search for the EC2 service.
- Create new instance with the following configurations:
- Name: stratomercata-node1
- AMI: Amazon Linux 2023 (default)
- type: m6a.xlarge
- Key pair: create new with name blockapps-generated-key (save private key)
- use Default VPC or custom VPC if preferred
- Subnet: No preference
- Auto-assign public IP: “Disable”
- Create Security group: strato-ports, open ports:
- 443/tcp (::/0)
- 443/tcp(0.0.0.0)
- 30303/tcp (0.0.0.0)
- 30303/udp (0.0.0.0)
- keep 22/tcp (0.0.0.0)
- Disks: Keep default 8gb, add gp3 80Gb
- Click “Launch Instance”
- Go to Elastic IPs, allocate new IP, Associate with the new instance.
- ssh to the machine using the command: ssh -i path/to/blockapps-generated-key.pem ec2user@<elastic.ip.address.here>
- Azure (docs coming soon)
- GCP (docs coming soon)
- Oracle Cloud (docs coming soon)
- On-prem (docs coming soon)
- AWS (Supported today)
- Add VM IP address to DNS A record
- Sign up for BlockApps Open ID account
- BlockApps OpenID credentials:
- Go to support.blockapps.net and sign up or login
- Select the “Request Client Credentials” type of support request
- Provide the domain name of your future node and the network that you want to join (Mercata) and click Send
- BlockApps OpenID credentials:
Within 8 business hours please expect the email with your client credentials to use in the node deployment steps.
STRATO Node Install and Deployment Process:
- SSH to VM and install software prerequisites
- SSH to VM and install STRATO software
- Copy SSL certificate and private key information to STRATO node script files
- Update config scripts with Open ID/emailed account data and Send Grid API key
- Execute STRATO scripts
- Confirm issuance of validator cert
STRATO Mercata requirements
System Requirements
- Unix-based x86 system (Linux, Intel-based Mac)
- 4 CPU cores
- 16GB RAM (32 GB is recommended)
- 80+ GB SSD Disk (100 GB is recommended)
- Static IP address
Recommended AWS EC2 Configuration:
- Instance type: “m6a.xlarge” (or equivalent)
- Amazon Linux 2023 (other Linux distributions are supported, but the further steps are provided for that AMI)
- 80+ GB EBS volume (for more advanced setup we recommend using a data volume separate from the OS, but this case is not described in this document)
- Elastic IP attached
Network Requirements
- Domain name attached to the IP address
- TLS certificate issued by an authority for the domain name (.pem + .key) (optional if the DNS/CDN provider covers your domain with the certificate)
- Ports open to the world:
- Inbound: 30303/tcp, 30303/udp (P2P; IPv4), 443/tcp (Web UI; IPv4 (IPv6 optional)
- Outbound: All
Software Requirements
- Docker Engine v23 or newer
- Docker Compose v2
- Git
Installing Software Requirements on Amazon Linux 2023
(to be executed after Creating a VM)
- Create a shell script named install.sh. Copy the block below and paste into the file on the remote machine:
| #!/bin/bash
set -e set -x if [[ $EUID -ne 0 ]]; then echo >&2 “Must be run as root” exit 1 fi sudo yum update -y sudo yum install -y docker git htop jq # Autostart on reboot sudo systemctl enable docker sudo systemctl start docker # Docker-compose DOCKER_CONFIG=/usr/local/lib/docker sudo mkdir -p $DOCKER_CONFIG/cli-plugins sudo curl -SL https://github.com/docker/compose/releases/download/v2.24.5/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose # ncdu (Amazon Linux 2023 steps) wget http://packages.eu-central-1.amazonaws.com/2018.03/main/c31535f74c6e/x86_64/Packages/ncdu-1.10-1.3.amzn1.x86_64.rpm sudo yum install -y ncdu-1.10-1.3.amzn1.x86_64.rpm |
- Execute the script with sudo bash install.sh
- Create mount.sh with the following code block:
#!/bin/bash
set -ex
# Mount volume to /datadrive dir with auto-mount (following the Cloud Provider’s steps):
lsblk
sudo file -s /dev/nvme1n1 # must return `/dev/nvme1n1: data` to confirm that no filesystem exists on a volume
sudo mkfs -t xfs /dev/nvme1n1
sudo mkdir /datadrive
sudo chmod 777 /datadrive/
sudo mount /dev/nvme1n1 /datadrive/
sudo cp /etc/fstab /etc/fstab.orig
sudo bash -c “echo ‘UUID=$(sudo blkid | grep nvme1n1 | cut -d\” -f2) /datadrive xfs defaults,nofail 0 2′>> /etc/fstab”
sudo umount /datadrive && sudo mount -a # this is to make sure auto-mount works
sudo chown ec2-user /datadrive/
df -h # confirm the /datadrive is attached to volume
# Move Docker to the data volume
sudo service docker stop
sudo bash -c “echo ‘{\”data-root\”: \”/datadrive/docker\”}’ > /etc/docker/daemon.json”
sudo rsync -aP /var/lib/docker/ /datadrive/docker
sudo rm -rf /var/lib/docker
sudo service docker start
- Run the mount.sh script with sudo bash mount.sh
Setting Up STRATO
- Execute touch ~/_NOTE_all-data-is-in-root-datadrive-folder to create a reference file
- Run the command cd /datadrive
- Clone the strato-getting-started from GitHub:
| git clone https://github.com/blockapps/strato-getting-started cd strato-getting-started |
- Use sudo ./strato –compose to download docker-compose.yml of latest release version
- Execute sudo ./strato –pull
- Edit the `strato-run.sh` file in strato-getting-started directory containing all required parameters for running STRATO:
| sudo nano strato-run.sh |
#!/bin/bash
NODE_HOST=”<DOMAIN_NAME>” \
BOOT_NODE_IP='[“44.209.149.47″,”54.84.33.40″,”52.1.78.10″,”44.198.14.117”]’ \
networkID=”6909499098523985262″ \
certInfo='{“orgName”:”service-account-<CLIENT_ID_HERE>”,”orgUnit”:””,”commonName”:”service-account-<CLIENT_ID_HERE>”}’ \
OAUTH_CLIENT_ID=”<CLIENT_ID_HERE>” \
OAUTH_CLIENT_SECRET=”<CLIENT_SECRET_HERE>” \
SENDGRID_API_KEY='<SENDGRID_API_KEY_HERE>’ \
ssl=true \
BASE_CODE_COLLECTION=”f6bd7e19afc20325c6c5170e965fda8fe9a7104a” \
./strato
Replace the placeholders:
- <DOMAIN_NAME> – domain name of your VM
- <COMMON_NAME> – a unique machine name for certificate
- <CLIENT_ID> – the client id issued to you by BlockApps (from Access Prerequisites)
- <CLIENT_SECRET> – the client secret issued to you by BlockApps (from Access Prerequisites)
- <SENDGRID_API_KEY> – the Sendgrid API key to enable the Marketplace email notifications (from Access Prerequisites)
Save and exit nano (Ctrl+X -> “y” -> Enter)
Note: For additional information about the parameters check the help topic: sudo ./strato –help
- Copy your TLS certificate and private key into ssl/ directory:
Note: strato-getting-started contains the dummy certificate by default that allows you to run the node without your own TLS certificate. This may be good for testing or for the cases if you have the TLS protection covered by your DNS provider (e.g. Cloudflare or AWS Route53 etc.)
Replace placeholders and execute:
| cp <path_to_your_pem_file> ssl/private/server.key
cp <path_to_your_pem_file> ssl/cert/server.pem |
- Execute `strato-run.sh`
| sudo ./strato-run.sh |
Issuing a Cert to the Validator
Next, BlockApps must issue a cert to the validator, using the identity information they’ve requested. In this example, that information would be service-account-<CLIENT_ID_HERE> as the organization and the common name (should match with the value in placeholder provided in strato-run.sh script).
