Skip to content

Latest commit

 

History

History
171 lines (129 loc) · 11.1 KB

README.md

File metadata and controls

171 lines (129 loc) · 11.1 KB

Burrow

Burrow is a permissioned Ethereum smart-contract blockchain node which provides transaction finality and high transaction throughput on a proof-of-stake Tendermint consensus engine.

Introduction

This chart bootstraps a burrow network on a Kubernetes cluster using the Helm package manager.

Installation

Prerequisites

To deploy a new blockchain network, this chart requires that two objects be present in the same Kubernetes namespace: a configmap should house the genesis file and each node should have a secret to hold any validator keys. The provided script, addresses.sh automatically provisions a number of files using the burrow toolkit, so please first ensure that burrow --version matches the image.tag in the configuration. This sequence also requires that the jq binary is installed. Two files will be generated, the first of note is setup.yaml which contains the two necessary Kubernetes specifications to be added to the cluster:

curl -LO https://raw.githubusercontent.com/helm/charts/master/stable/burrow/initialize.sh
CHAIN_NODES=4 CHAIN_NAME="my-release-burrow" ./initialize.sh
kubectl apply --filename setup.yaml

Please note that the variable $CHAIN_NAME should be the same as the helm release name specified below with the -burrow suffix. Another file, addresses.yaml contains the the equivalent validator addresses to set in the charts.

Deployment

To install the chart with the release name my-release with the set of custom validator addresses:

helm install stable/burrow --name my-release --values addresses.yaml

The configuration section below lists all possible parameters that can be configured during installation. Please also see the runtime configuration section for more information on how to setup your network properly.

Uninstall

To uninstall/delete the my-release deployment:

$ helm delete my-release

This command removes all the Kubernetes components associated with the chart and deletes the release. To remove the configmap and secret created in the prerequisites, follow these steps:

kubectl delete secret ${CHAIN_NAME}-keys
kubectl delete configmap ${CHAIN_NAME}-genesis

Configuration

The following table lists the configurable parameters of the Burrow chart and its default values.

Parameter Description Default
affinity node/pod affinities {}
chain.nodes number of nodes for the blockchain network 1
chain.logLevel log level for the nodes (debug, info, warn) "info"
chain.extraSeeds network seeds to dial in addition to the cluster booted by the chart; each entry in the array should be in the form ip:port (note: because P2P connects over tcp, the port is absolutely required) []
chain.restore.enabled toggle chain restore mechanism false
chain.restore.dumpURL accessible dump file from absolute url ""
chain.testing toggle pre-generated keys & genesis for ci testing false
config the burrow configuration file {}
config.Tendermint.ListenPort peer port 26656
contracts.enabled toggle post-install contract deployment false
contracts.image contract deployer image ""
contracts.tag contract deployer tag ""
contracts.deploy command to run in post-install hook ""
env environment variables to configure burrow {}
extraArgs extra arguments to give to the build in burrow start command {}
image.repository image repository "hyperledger/burrow"
image.tag image tag "0.29.0"
image.pullPolicy image pull policy "IfNotPresent"
livenessProbe.enabled enable liveness checks true
livenessProbe.path http endpoint "/status?block_seen_time_within=3m"
livenessProbe.initialDelaySeconds start after 240
livenessProbe.timeoutSeconds retry after 1
livenessProbe.periodSeconds check every 30
nodeSelector node labels for pod assignment {}
organization name of the organization running these nodes (used in the peer's moniker) ""
persistence.enabled enable pvc for the chain data true
persistence.size size of the chain data pvc "80Gi"
persistence.storageClass storage class for the chain data pvc "standard"
persistence.accessMode access mode for the chain data pvc "ReadWriteOnce"
persistence.persistentVolumeReclaimPolicy does not delete on node restart "Retain"
podAnnotations annotations to add to each pod {}
podLabels labels to add to each pod {}
readinessProbe.enabled enable readiness checks true
readinessProbe.path http endpoint "/status"
readinessProbe.initialDelaySeconds start after 5
resources.limits.cpu - "500m"
resources.limits.memory - "1Gi"
resources.requests.cpu - "100m"
resources.requests.memory - "256Mi"
grpc.service.type service type "ClusterIP"
grpc.service.loadBalance enable load balancing across nodes true
grpc.ingress.enabled expose port false
grpc.ingress.hosts - []
grpc.ingress.annotations extra annotations ``
grpc.ingress.tls - ``
info.service.type service type "ClusterIP"
info.service.loadBalance enable load balancing across nodes true
info.ingress.enabled expose port false
info.ingress.partial exposes the /accounts and /blocks paths externally false
info.ingress.pathLeader - "/"
info.ingress.annotations extra annotations ``
info.ingress.hosts - []
info.ingress.tls - ``
peer.service.type service type "ClusterIP"
peer.ingress.enabled expose port false
peer.ingress.hosts - []
tolerations list of node taints to tolerate []
validatorAddresses list of validators to deploy []

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

helm install stable/burrow --name my-release \
  --set=image.tag=0.23.2,resources.limits.cpu=200m -f addresses.yaml

Alternatively, append additional values to the YAML file generated in the prerequisites. For example,

helm install stable/burrow --name my-release -f addresses.yaml

Runtime

It is unlikely that you will want to deploy this chart with the default runtime configuration. When booting permissioned blockchains in a cloud environment there are three predominant considerations in addition to the normal configuration of any cloud application.

  1. What access rights to place on the ports?
  2. What is the set of initial accounts and validators for the chain?
  3. What keys should the validating nodes have?

Each of these considerations will be dealt with in more detail below.

Port Configuration

Burrow utilizes three different ports by default:

  • Peer: Burrow's peer port is used for P2P communication within the blockchain network as part of the consensus engine (Tendermint) to perform bilateral gossiping communication.
  • Info: Burrow's info port is used for conducting remote procedures.
  • GRPC: Burrow's grpc port can be used by JavaScript libraries to interact with the chain over websockets.

The default configuration for the chart sets up the port access rights in the following manner:

  • Peer: Peer ports are only opened within the cluster. By default, there is no P2P communication exposed to the general internet. Each node within the cluster has its own distinct peer service built by the chart which utilizes a ClusterIP service type.
  • Info: The info port is only opened within the cluster. By default, there is no info communication exposed to the general internet. There is one info service built by the chart which utilizes a ClusterIP service type. The default info service used by the chart is strongly linked to node number 000 and is not load balanced across the nodes by default so as to reduce any challenges with tooling that conduct long-polling after sending transactions. The chart offers an ingress which is connected to the info service, but this is disabled by default.
  • GRPC: The grpc port is only opened within the cluster. By default, there is no grpc communication exposed to the general internet. There is one grpc service built by the chart which utilizes a ClusterIP service type. The default grpc service used by the chart is load balanced across the nodes within the cluster by default because libraries which utilize this port typical do so on websockets and the service is able to utilize a sessionAffinity setting.

In order to expose the peers to the general internet change the peer.service.type to NodePort. It is not advised to run P2P traffic through an ingress or other load balancing service as there is uncertainty with respect to the IP address which the blockchain node advertises and gossips. As such, the best way to expose P2P traffic to the internet is to utilize a NodePort service type. While such service types can be a challenge to work with in many instances, the P2P libraries that these blockchains utilize are very resilient to movement between machine nodes. The biggest gotcha with NodePort service types is to ensure that the machine nodes have proper egress within the cloud or data center provider. As long as the machine nodes do not have egress restrictions disabling the utilization of NodePort service types, the P2P traffic will be exposed fluidly.

To expose the info service to the general internet change the default rpcInfo.ingress.enabled to true and add the appropriate fields to the ingress for your Kubernetes cluster. This will allow developers to connect to the info service from their local machines.

To disable load balancing on the grpc service, change the rpcGRPC.service.loadBalance to false.

Genesis

Burrow initializes any single blockchain via use of a genesis.json which defines what validators and accounts are given access to the permissioned blockchain when it is booted. The chart imports the genesis.json file as a Kubernetes configmap and then mounts it in each node deployment.

Validator Keys

NOTE: The chart has not been security audited and as such one should use the validator keys functionality of the chart at one's own risk.

Burrow blockchain nodes need to have a key available to them which has been properly registered within the genesis.json initial state. The registered key is what enables a blockchain node to participate in the P2P validation of the network. The chart imports the validator key files as Kubernetes secrets, so the security of the blockchain is only as strong as the cluster's integrity.