You can scale your current VMware Blockchain deployed nodes. The scale-up operation requires additional storage space.
For example, you can scale a configuration to add two Client nodes.
Prerequisites
Determine whether you need to scale up your node configuration. See VMware Blockchain Node Scaling Operations on AWS.
Verify that you have at least four nodes deployed. See Deploy VMware Blockchain Nodes Using VMware Blockchain Orchestrator on AWS.
Identify the following details from the VMware Blockchain Orchestrator output directory, /home/blockchain/output.
blockchain ID and Blockchain type
Replica node zone name, Replica node IP address, and Replica node ID
Client node zone name, Client node IP address, Client node ID, Client node Daml database password, and Client node group name and group ID name
Verify that you have public IP addresses for the AWS deployments.
Verify that all the deployed nodes are functioning properly. Failed nodes cannot be scaled up.
Procedure
- SSH into the VMware Blockchain Orchestrator appliance.
- Enter the login credentials for the blockchain user account.
- Navigate to the /home/blockchain directory.
- Create a scaleup infrastructure descriptor JSON file and set the parameter values in the descriptor directory.
Sample scaleup_infrastructure_descriptor.json file to deploy new nodes.
{
"organization": {
"enableBftClient": true,
"generatePassword": false,
"damlSdkVersion": "2.4.0",
"blockchainVersion": "1.8.0.0.53",
"monitoring": {
"cloudwatchMetrics":
{
"zoneId": "zone-A"
}
}
},
"zones": [
{
"name": "zone-A",
"region": "us-east-1",
"credentials": {
"accessKeyId": "ASIA2VDCH3NJBGZ5FWN5",
"secretAccessKey":"gkkRgjyjLzUSvNcCPrrzzIk8mK5+tYETLPxV5uXu",
"sessionToken": "IQoJb3JpZ2luX2VjEGoaCXVzLWVhc3QtMSJGMEQCIE6ZX3z35g+HN9NTk72Aa7ctVubXhgewG9dMmB3u/SnoAiBCGu+HUw8LW4VcIZDGC4H5s8JvGf1cfi3uYxAu9LPfpCqnAgij//////////8BEAEaDDczMjQ5Nzk1OTc2MiIM8HTYOV//QjcN6cAHKvsBEXVOfmYcy51B7IprIcEkBwKMFeLq4f22hRcLb7143r6cjjKSs5+q4Qfu7OcRvJF2ZZuNgTLjSUlv5JNb4WbCjeX4QiBDHfxQtfuwatnv8cF+cyaY5xQpxfaBLybW1llz1xqlSqWUbQoX/TV+atLNiS0gaV3ULEnMVHQ=="
},
"network": {
"subnetId": "subnet-4d202900",
"securityGroupIds": [
"sg-97024493"
]
},
"containerRegistry": {
"url": "https://vmwaresaas.jfrog.io",
"userName": "vmbc-external-token",
"password": "<password>"
},
"logManagement": [
{
"type": "LOG_INSIGHT",
"address": "10.202.69.231",
"port": "9543",
"userName": "admin",
"password": "<password>",
"logInsightAgentId": "0"
}
],
"wavefront": {
"url": "https://vmware.wavefront.com/api/",
"token": "90e3b3ddd-41ce-9f4f-d08a9d72d68b"
}
}
]
}
- Create a scale up deployment descriptor JSON file and set the parameter values in the descriptor directory.
The scale up descriptor file contains the Replica and Client node details to add to the original deployment.
Sample scaleup_deployment_descriptor.json file to deploy three Replica nodes and one Client node.
{
"operatorSpecifications": {
"operatorPublicKey": "-----BEGIN PUBLIC KEY-----
\nMFkwEwYHKoZ\n
-----END PUBLIC KEY-----\n"
},
"replicas": [
{
"zoneName": "zone-A",
"keyName": "dev-useast"
},
{
"zoneName": "zone-A",
"keyName": "dev-useast"
},
{
"zoneName": "zone-A",
"keyName": "dev-useast"
}
],
"replicaNodeSpec": {
"instanceType": "m4.2xlarge",
"diskSizeGib": 64
},
"clients": [
{
"tlsLedgerData": {
"crt": "...",
"pem": "...",
"cacrt": "...",
"clientAuth": "REQUIRE"
},
"zoneName": "zone-A",
"groupName": "Group1",
"damlDbPassword": "mypass",
"keyName": "dev-useast"
}
],
"tags": {
"Name": "vmbc_3_scale"
},
"clientNodeSpec": {
"instanceType": "m4.2xlarge",
"diskSizeGib": 64
},
"blockchain": {
"consortiumName": "consortium-1",
"blockchainType": "DAML",
"blockchainId": "fcd7cd25-b542-4cb2-8568-b59c45ee39f8" }
}
Note:
The blockchain ID refers to the initial deployment blockchain ID. The blockchainId value must match the blockchain ID to which you want to add the nodes.
- If reconfiguring from an existing non-TLS blockchain to a TLS-enabled blockchain, remove certain components to avoid uneven distribution of keys.
sudo rm -rf /config/concord
- Encrypt and redirect the infrastructure and the deployment descriptor files for added security.
- Encrypt the infrastructure_descriptor.json file.
$HOME/descriptors > ansible-vault encrypt infrastructure_descriptor.json
New Vault password:
Confirm New Vault password:
Encryption successful
- Encrypt the deployment_descriptor.json file.
$HOME/descriptors > ansible-vault encrypt deployment_descriptor.json
New Vault password:
Confirm New Vault password:
Encryption successful
- Configure the two environment variable values.
- Run the secure-orchestrator.sh script from the orchestrator_runtime directory.
ORCHESTRATOR_OUTPUT_DIR=$HOME/output ORCHESTRATOR_DEPLOYMENT_TYPE=SCALE
./secure-orchestrator.sh
The script creates temporary files.
- Redirect the decrypted infrastructure_descriptor.json to the infrastructure_descriptor file location.
Use the vault password used to encrypt the infrastructure_descriptor.json file.
ansible-vault view $HOME/descriptors/infrastructure_descriptor.json > /dev/shm/orchestrator-awsIGoa0JA/infra_descriptor
- Redirect the decrypted deployment_descriptor.json to the deployment_descriptor file location.
Use the vault password used to encrypt the deployment_descriptor.json file.
ansible-vault view $HOME/descriptors/deployment_descriptor.json > /dev/shm/orchestrator-awsIGoa0JA/deployment_descriptor
After the script completes running, the temporary files are deleted.
- (Optional) If the script fails or the secure_orchestrator.sh script is terminated, delete the temporary folder under the /dev/shm/orchestrator-* directory.
- Identify the VMware Blockchain Orchestrator you are planning to use for scaling.
If the VMware Blockchain Orchestrator is the same one used for provisioning, run the VMware Blockchain Orchestrator scaling script.
ORCHESTRATOR_DESCRIPTORS_DIR=/home/blockchain/descriptors
ORCHESTRATOR_OUTPUT_DIR=/home/blockchain/output
INFRA_DESC_FILENAME=infrastructure_descriptor.json
DEPLOY_DESC_FILENAME=scaleup_deployment_descriptor.json
ORCHESTRATOR_DEPLOYMENT_TYPE=SCALE
CONFIG_SERVICE_IP=10.08.112.128
docker-compose -f docker-compose-orchestrator.yml up
If the VMware Blockchain Orchestrator is the different from the one used for provisioning, complete the following commands.
Add the new configuration into the original blockchain nodes.
Add the new VMware Blockchain Orchestrator IP address for the configService in the /config/agent/config.json file for all the original Replica and Client nodes.
......
"configService": {
"address": "http://<new-orchestrator-ip>:8000"
}
.....Restart the agent on all the blockchain nodes.
docker restart agent
Run the VMware Blockchain Orchestrator scaling script.
ORCHESTRATOR_DESCRIPTORS_DIR=/home/blockchain/descriptors
ORCHESTRATOR_OUTPUT_DIR=/home/blockchain/output
INFRA_DESC_FILENAME=infrastructure_descriptor.json
DEPLOY_DESC_FILENAME=scaleup_deployment_descriptor.json
ORCHESTRATOR_DEPLOYMENT_TYPE=SCALE
CONFIG_SERVICE_IP=10.08.112.128
docker-compose -f docker-compose-orchestrator.yml up
Results
The new VMware Blockchain nodes are deployed.
What to do next
Bind the newly deployed VMware Blockchain nodes. See Bind the Newly Deployed VMware Blockchain Nodes on AWS.
