Greetings!
I’m interested in setting up a stake pool, but have very limited experience with linux. I was wondering if there is a guide/doc somewhere that discusses optimal configuration for ubuntu and network settings (vpn? port forwarding? static ip? etc.) I’ve tried searching the forum here with limited success.
Any help is greatly appreciated!
Please tell me more about your Linux box. Is this a Virtual Private Server (VPS) on Google Compute Engine (GCE), Amazon Web Services (AWS), Vultr, Digital Ocean, etc. or do you have the physical hardware yourself?
I’d say, the easiest/best option to run a node is with with Docker. You would not have to compile the sources, install system services, cron jobs, monitoring stuff, etc. When you have a container runtime installed on your box (e.g. Docker), you can do …
docker run --detach \
--name=relay \
-p 3001:3001 \
-v shelley-data:/opt/cardano/data \
nessusio/cardano run
docker logs -f relay
This would get you up and running. From there we can explore block producer nodes, monitoring, topologies, etc. Details of how to run cardano on docker are here.
You can also do this on a RaspberryPi - at least to get started and gain some experience.
PS: A warm welcome BTW
Thanks for the welcome!
I have a Windows 10 Pro pc that I was planning on running at least 1 relay and a block producer through Hyper-V virtual machines with Ubuntu 20.04.
In that case, you wouldn’t even need the HyperV stuff. Docker is supported natively on Windows. The docker run instructions from above apply.
When on Windows, I’d start here
The nice thing about this approach is, that everything you learn would equally apply when you should decide to move your setup away from Windows.
On your router (I assume this it at home) you’d want to open port 3001 and redirect this to your windows box.
If you do use Docker, make sure to check out this post.
Welcome & good luck!
Yes, you would never open ports for incoming traffic other than those absolutely necessary for p2p communication. In your case, it would be TCP 3001 the default, or whatever port you choose for your node.
Opening your box for “remote (docker) management” over an insecure channel is indeed a serious security breach. In fact since you probably have a keyboard and screen connected to your box, you don’t even need SSH (port 22).
Access to the docker runtime must be restricted in the same way as you would restrict access to your admin/root account
I’ve finally gotten a chance to sit down and work on this a bit more. In that documentation I’m on the part with custom configurations. What should I use as a reference to create the relay topology file?
It depends on what you want to do. If you just want to run a relay node, the above applies and you don’t have to configure anything.
If you want your relay to talk to a block producer, the relay needs to have a reference to the block producer and the block producer to the relay. Like so …
# Setup the Relay topology
# The Relay connects to the world + Producer
# Valency is a boolean - 0 disables the address
BLOCK_PRODUCER_IP=xxx.xxx.xxx.xxx
mkdir -p ~/cardano/config
cat << EOF > ~/cardano/config/mainnet-relay-topology.json
{
"Producers": [
{
"addr": "relays-new.cardano-mainnet.iohk.io",
"port": 3001,
"valency": 1
},
{
"addr": "$BLOCK_PRODUCER_IP",
"port": 3001,
"valency": 1
}
]
}
EOF
# Setup the Producer topology
# The Producer connects to the Relay (only)
cat << EOF > ~/cardano/config/mainnet-prod-topology.json
{
"Producers": [
{
"addr": "relay01.yourdomain.net",
"port": 3001,
"valency": 1
}
]
}
EOF
These files then need to be referenced in your docker run command. I prefer to put them in dedicated volumes. Like so …
docker volume rm -f cardano-relay-config
docker run --name=tmp -v cardano-relay-config:/var/cardano/config centos
docker cp ~/cardano/config/mainnet-relay-topology.json tmp:/var/cardano/config/mainnet-topology.json
docker rm -f tmp
and then …
docker run --detach \
--name=relay \
--restart=always \
--hostname="relay" \
-p 3001:3001 \
-e CARDANO_UPDATE_TOPOLOGY=true \
-e CARDANO_PUBLIC_IP="relay01.yourdomain.net" \
-e CARDANO_TOPOLOGY="/var/cardano/config/mainnet-topology.json" \
-v cardano-relay-config:/var/cardano/config \
-v /mnt/disks/data00:/opt/cardano/data \
nessusio/cardano run
or similar.
So the next question is due entirely to my inexperience here… but in what terminal am I inputting the commands to create those topology files? Those make sense to me if I was in Linux, but I’m running docker on Windows. So, using that in Windows Terminal would create the cardano/config directory somewhere?
These are ordinary json files that you create in any text editor