Skip to main content
General

Running a STRATO Mercata Node

Initial Setup Process:

    1. Sign up for a Sendgrid account
      1. Sendgrid API Key (optional, required for Mercata Marketplace email notifications)  – register and get on at https://sendgrid.com
      2. Go to sendgrid.com, login or create an account -> Settings (on the left) -> API Keys -> Create API Key:
        1. API Key Name: <choose_your_key_name> 
        2. API Key Permissions: Restricted Access -> Check the “Mail Send”/”Mail Send” only -> click “Create & View”
  • Keep the API key for steps below
  1. Purchase a domain name (if you do not have one already) 
    1. Example: https://aws.amazon.com/route53/
  2. Purchase an SSL certificate for domain
    1. Example: https://www.ssls.com/#certs
  3. Download SSL files from SSL issuer
  4. Extract SSL private key and certificate zip files to local machine
  5. Deploy linux VM (based on VM requirements)
    1. AWS (Supported today)
      1. Login to AWS Console
      2. In Console Home, search for the EC2 service.
      3. Create new instance with the following configurations:
        1. Name: stratomercata-node1
        2. AMI: Amazon Linux 2023 (default)
        3. type: m6a.xlarge
        4. Key pair: create new with name blockapps-generated-key (save private key)
        5. use Default VPC or custom VPC if preferred
        6. Subnet: No preference
        7. Auto-assign public IP: “Disable”
        8. Create Security group: strato-ports, open ports: 
          1. 443/tcp (::/0)
          2. 443/tcp(0.0.0.0)
          3. 30303/tcp (0.0.0.0)
          4. 30303/udp (0.0.0.0)
          5. keep 22/tcp (0.0.0.0)
        9. Disks: Keep default 8gb, add gp3 80Gb
      4. Click “Launch Instance”
      5. Go to Elastic IPs, allocate new IP, Associate with the new instance.
      6. ssh to the machine using the command: ssh -i path/to/blockapps-generated-key.pem ec2user@<elastic.ip.address.here>
    2. Azure (docs coming soon)
    3. GCP  (docs coming soon)
    4. Oracle Cloud  (docs coming soon)
    5. On-prem  (docs coming soon)
  6. Add VM IP address to DNS A record
  7. Sign up for BlockApps Open ID account
    1. BlockApps OpenID credentials:
      1. Go to support.blockapps.net and sign up or login
      2. Select the “Request Client Credentials” type of support request
      3. Provide the domain name of your future node and the network that you want to join (Mercata) and click Send

Within 8 business hours please expect the email with your client credentials to use in the node deployment steps.

 

STRATO Node Install and Deployment  Process:

  1. SSH to VM and install software prerequisites
  2. SSH to VM and install STRATO software
  3. Copy SSL certificate and private key information to STRATO node script files
  4. Update config scripts with Open ID/emailed account data and Send Grid API key
  5. Execute STRATO scripts
  6. Confirm issuance of validator cert 

 

STRATO Mercata requirements

System Requirements

  • Unix-based x86 system (Linux, Intel-based Mac)
  • 4 CPU cores
  • 16GB RAM (32 GB is recommended)
  • 80+ GB SSD Disk (100 GB is recommended)
  • Static IP address

Recommended AWS EC2 Configuration:

  • Instance type: “m6a.xlarge” (or equivalent)
  • Amazon Linux 2023 (other Linux distributions are supported, but the further steps are provided for that AMI)
  • 80+ GB EBS volume (for more advanced setup we recommend using a data volume separate from the OS, but this case is not described in this document)
  • Elastic IP attached

Network Requirements

  1. Domain name attached to the IP address
  2. TLS certificate issued by an authority for the domain name (.pem + .key) (optional if the DNS/CDN provider covers your domain with the certificate)
  3. Ports open to the world: 
    1. Inbound: 30303/tcp, 30303/udp (P2P; IPv4), 443/tcp (Web UI; IPv4 (IPv6 optional)
    2. Outbound: All

 

Software Requirements

  • Docker Engine v23 or newer
  • Docker Compose v2
  • Git

Installing Software Requirements on Amazon Linux 2023 

(to be executed after Creating a VM)

  1. Create a shell script named install.sh. Copy the block below and paste into the file on the remote machine:

 

#!/bin/bash

set -e

set -x

if [[ $EUID -ne 0 ]]; then

  echo >&2 “Must be run as root”

  exit 1

fi

sudo yum update -y

sudo yum install -y docker git htop jq

# Autostart on reboot

sudo systemctl enable docker

sudo systemctl start docker

# Docker-compose

DOCKER_CONFIG=/usr/local/lib/docker

sudo mkdir -p $DOCKER_CONFIG/cli-plugins

sudo curl -SL https://github.com/docker/compose/releases/download/v2.24.5/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose

sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

# ncdu (Amazon Linux 2023 steps)

wget http://packages.eu-central-1.amazonaws.com/2018.03/main/c31535f74c6e/x86_64/Packages/ncdu-1.10-1.3.amzn1.x86_64.rpm

sudo yum install -y ncdu-1.10-1.3.amzn1.x86_64.rpm

  1. Execute the script with sudo bash install.sh

 

  1. Create mount.sh with the following code block:

 

#!/bin/bash

set -ex

 

# Mount volume to /datadrive dir with auto-mount (following the Cloud Provider’s steps):

lsblk

sudo file -s /dev/nvme1n1        # must return `/dev/nvme1n1: data` to confirm that no filesystem exists on a volume

sudo mkfs -t xfs /dev/nvme1n1

sudo mkdir /datadrive

sudo chmod 777 /datadrive/

sudo mount /dev/nvme1n1 /datadrive/

sudo cp /etc/fstab /etc/fstab.orig

sudo bash -c “echo ‘UUID=$(sudo blkid | grep nvme1n1 | cut -d\” -f2)  /datadrive  xfs  defaults,nofail  0  2′>> /etc/fstab”

sudo umount /datadrive && sudo mount -a   # this is to make sure auto-mount works

sudo chown ec2-user /datadrive/

df -h            # confirm the /datadrive is attached to volume

 

# Move Docker to the data volume

sudo service docker stop

sudo bash -c “echo ‘{\”data-root\”: \”/datadrive/docker\”}’ > /etc/docker/daemon.json”

sudo rsync -aP /var/lib/docker/ /datadrive/docker

sudo rm -rf /var/lib/docker

sudo service docker start

  1. Run the mount.sh script with sudo bash mount.sh

Setting Up STRATO

  1. Execute touch ~/_NOTE_all-data-is-in-root-datadrive-folder to create a reference file
  2. Run the command cd /datadrive
  3. Clone the strato-getting-started from GitHub:
git clone https://github.com/blockapps/strato-getting-started
cd strato-getting-started

 

  1. Use sudo ./strato –compose to download docker-compose.yml of latest release version
  2. Execute sudo ./strato –pull

  3. Edit the `strato-run.sh` file in strato-getting-started directory containing all required parameters for running STRATO:

sudo nano strato-run.sh

 

#!/bin/bash

 

NODE_HOST=”<DOMAIN_NAME>” \

  BOOT_NODE_IP='[“44.209.149.47″,”54.84.33.40″,”52.1.78.10″,”44.198.14.117”]’ \

  networkID=”6909499098523985262″ \

  certInfo='{“orgName”:”service-account-<CLIENT_ID_HERE>”,”orgUnit”:””,”commonName”:”service-account-<CLIENT_ID_HERE>”}’ \

  OAUTH_CLIENT_ID=”<CLIENT_ID_HERE>” \

  OAUTH_CLIENT_SECRET=”<CLIENT_SECRET_HERE>” \

  SENDGRID_API_KEY='<SENDGRID_API_KEY_HERE>’ \

  ssl=true \

  BASE_CODE_COLLECTION=”f6bd7e19afc20325c6c5170e965fda8fe9a7104a” \

  ./strato

 

Replace the placeholders:

  • <DOMAIN_NAME> – domain name of your VM
  • <COMMON_NAME> – a unique machine name for certificate
  • <CLIENT_ID> –  the client id issued to you by BlockApps (from Access Prerequisites)
  • <CLIENT_SECRET> – the client secret issued to you by BlockApps (from Access Prerequisites)
  • <SENDGRID_API_KEY> – the Sendgrid API key to enable the Marketplace email notifications (from Access Prerequisites)

Save and exit nano (Ctrl+X -> “y” -> Enter)


Note: For additional  information about the parameters check the help topic: sudo ./strato –help

  1. Copy your TLS certificate and private key into ssl/ directory:

    Note: strato-getting-started contains the dummy certificate by default that allows you to run the node without your own TLS certificate. This may be good for testing or for the cases if you have the TLS protection covered by your DNS provider (e.g. Cloudflare or AWS Route53 etc.)

    Replace placeholders and execute: 
cp <path_to_your_pem_file> ssl/private/server.key

cp <path_to_your_pem_file> ssl/cert/server.pem

 

  1. Execute `strato-run.sh`

sudo ./strato-run.sh

 

Issuing a Cert to the Validator

Next, BlockApps must issue a cert to the validator, using the identity information they’ve requested. In this example, that information would be service-account-<CLIENT_ID_HERE> as the organization and the common name (should match with the value in placeholder provided in strato-run.sh script).