PoA Launch: Authority starting node guide

# PoA Launch: Authority starting node guide ## Prerequisites ### Host * Ansible => 2.7 * _(optional)_ SSHPass: required if your server has been configured to login/password SSH access instead of private/public keys * OS: Windows 64-bit / macOS / Linux 64-bit ### Server * Minimum system hardware requirements : 2vCPUs, 4GB RAM, 100GB SSD storage * OS: Ubuntu 20.04 or later, Amazon Linux 2 or later ## Preparing host example ### macOS ``` brew install ansible # Optional: brew install esolitos/ipa/sshpass ``` ### Ununtu Linux ``` sudo add-apt-repository --yes --update ppa:ansible/ansible sudo apt install ansible # Optional: sudo apt install sshpass ``` ## Create stash and controller accounts Initial validator's account keys should be added to the blockchain spec file. One should create two accounts and pass their public keys to us. One can use Vara's `gear` binary to create these accounts. Download it from the nighly builds repo and unpack (choose the binary according to your **host** operating system): https://get.gear.rs For example, when using macOS on M1/M2: ``` wget https://get.gear.rs/vara-nightly-macos-m.tar.gz tar -xf vara-nightly-macos-m.tar.gz rm vara-nightly-macos-m.tar.gz ``` If there is no errors you are able to run the node binary (the output may differ depending on the version): ``` ./gear --version # gear 0.1.0-4ff7e31aa4c ``` ### Create stash account We assume creating this account from scratch. We need to get a public key for Babe consensus algorithm (using `sr25519` scheme) and another public key for Grandpa finalization algorithm (using `ed25519` scheme) from the same private key. Generate new seed phrase: ``` ./gear key generate | grep phrase ``` You'll see the seed phrase that should be carefully saved in secure place. If you want to use your own seed phrase, you can skip the previous step. Output example: ``` Secret phrase: field expand atom invest timber bind come accuse van flame host slush ``` Use this phrase to generate Babe public key: ``` ./gear key inspect --scheme sr25519 "field expand atom invest timber bind come accuse van flame host slush" | grep Public ``` Output: ``` Public key (hex): 0x4e14250a5e673aad671700d85f30471b0ccb4f37feed0b4e237c2b4839089916 Public key (SS58): 5Dq5aPEHA3PQbJ7pUXLmmtiCxoBzXP9urFNQMLjzCSQfqu42 ``` Copy the hex key and mark it as `Babe`. Generate Grandpa public key: ``` ./gear key inspect --scheme ed25519 "field expand atom invest timber bind come accuse van flame host slush" | grep Public ``` Output: ``` Public key (hex): 0x773d811d24699229484d0b14deb621a602c61ae94d1f8331b0bf458292dadef8 Public key (SS58): 5Em3ps5gm7pXzZmc9Vme87sbeR9SUiWeD6NpiYfDGhztZa8Z ``` Copy the hex key and mark it as `Grandpa`. ### Create controller account You may generate a completely new seed phrase for the controller but in this example we will derive it from the original seed phrase by adding a `//controller` suffix. ``` ./gear key inspect --scheme sr25519 "field expand atom invest timber bind come accuse van flame host slush//controller" | grep Public ``` Output: ``` Public key (hex): 0xc21976544f46b95d958e9fd6d3a515e3dd244463844a67f429347f70b9854151 Public key (SS58): 5GTCiAtgiSknkwnvQf4BACAqT1wEDZHbkELeSmJV9oktyn8q ``` Copy the hex key and mark it as `Controller`. As a result we have three keys that are to be added to the spec file. ``` Babe: 0x4e14250a5e673aad671700d85f30471b0ccb4f37feed0b4e237c2b4839089916 Grandpa: 0x773d811d24699229484d0b14deb621a602c61ae94d1f8331b0bf458292dadef8 Controller: 0xc21976544f46b95d958e9fd6d3a515e3dd244463844a67f429347f70b9854151 ``` Copy them all and send to the Gear team. ## Install as a service 1. Download this Ansible playbook: https://get.gear.rs/ansible/vara/install-validator.yml ``` wget https://get.gear.rs/ansible/vara/install-validator.yml ``` 2. There are at least two ways to access your server via SSH: (1) based on private/public key, (2) based on login and password. If you have configured the server to access with SSH-key, use `--key-file` argument to point the file with your private SSH-key. **Note:** There is no need to point the key file if it is located in the default `~/.ssh` directory. ``` ansible-playbook install-validator.yml -i <my-host>, -u <user> --key-file <path-to-key-file> ``` If your server has been configured to login/password SSH-access, use `-k` argument to provide the password interactively (using `sshpass` under the hood): ``` ansible-playbook install-validator.yml -i <my-host>, -u <user> -k ``` 3. Enter the node name and the seed phrase generated above when prompted (this node name will be visible on the telemetry site, see below): ``` Node name: MyVaraNode Seed phrase: field expand atom invest timber bind come accuse van flame host slush ``` 4. Wait until the playbook completes and check in Ansible log that vara-node.service has `running` state: ``` TASK [Write vara-node status] ************************ ok: [<my-host>] => { "ansible_facts.services[\"vara-node.service\"]": { "name": "vara-node.service", "source": "systemd", "state": "running", "status": "enabled" } } ``` 5. You can also see your node with the name you set when running the playbook in telemetry: https://telemetry.rs ## Update the node binary Download and run this Ansible playbook: https://get.gear.rs/ansible/vara/update.yml ``` wget https://get.gear.rs/ansible/vara/update.yml ansible-playbook update.yml -i <my-host>, -u <user> --key-file <path-to-key-file> # or: ansible-playbook update.yml -i <my-host>, -u <user> -k ``` Wait until the playbook completes and check in Ansible log that vara-node.service has `running` state (as earlier). ## Purge the blockchain DB Download and run this Ansible playbook: https://get.gear.rs/ansible/vara/purge-db.yml ``` wget https://get.gear.rs/ansible/vara/purge-db.yml ansible-playbook purge-db.yml -i <my-host>, -u <user> --key-file <path-to-key-file> # or: ansible-playbook purge-db.yml -i <my-host>, -u <user> -k ``` Wait until the playbook completes and check in Ansible log that vara-node.service has `running` state (as earlier).