The VMware Blockchain Orchestrator deployment descriptor file defines all the available properties to configure for your deployment environment.
Organization Parameters
Parameter |
Description |
---|---|
blockchainType |
Use the default Daml contract engine. This parameter is mandatory. |
Client Node Parameters
Parameters |
Description |
---|---|
zoneName |
Enter the zone name where the Client node must be added after deployment. This parameter is mandatory. |
groupName |
Assign a Client group name. Multiple Client nodes distributed across the zones provide HA and network resiliency. This parameter is optional. |
tlsLedgerData |
Configure mutual TLS (mTLS) to allow the Daml Ledger API server to communicate securely with the Client nodes. As a best practice, secure the communication using mTLS. If these parameters are not implemented, the transmission is unsecured and uses plain text. This parameter is mandatory. However, this parameter is optional when the ENABLE_DAML_OUTGOING_TLS parameter in the infrastructure descriptor is FALSE. Specify the parameter details to secure mTLS communication between the Daml Ledger API and the Client nodes.
|
keyName |
Enter the AWS key pair used to connect to the Amazon EC2 instance. This parameter is mandatory. |
iamRoleArn |
Create an Identity Access Management (IAM) role so that EC2 instances can call AWS services based on your assigned role. A default role is created during deployment if you do not configure a role. If the provided role does not exist on AWS, the deployment fails, and an error message appears. You can apply the iamRoleArn value to specific Client nodes in the deployment. You can also have certain Client nodes configured with the iamRoleArn value and some not, and the default role is assigned when the role is not configured. This parameter is mandatory. Sample iamRoleArn role assigned to Client nodes. { "zoneName": "orchestrator-zone-A", "groupName": "g1", "keyName": "private-key-name", "iamRoleArn": "arn:aws:iam::732497959762:instance-profile/iam-role-test", } |
sideCar Node Group Specification Parameters
Specify the keywords sideCarNodeSpec in the deployment descriptor file.
You must enable the ENABLE_SIDE_CAR_VM_DEPLOYMENT parameter in the infrastructure and deployment descriptor files before deploying the blockchain nodes.
Parameter |
Description |
---|---|
zoneName | Enter the zone name where the sideCar node must be added after deployment of the blockchain nodes.
Sample
zoneNameconfiguration for a sideCar node.
"sideCar": { "zoneName": "zone-A" } This parameter is mandatory. |
cpuCount | Set the sideCar node CPU resource. You can allocated the recommended 16 GB CPU resource. This parameter is mandatory |
memoryGb | Allocate memory for the sideCar node. The recommended size is 32 GB. This parameter is mandatory |
diskSizeGb | Assign a disk size for the sideCar node. The recommended size is 1 TB. This parameter is mandatory |
Replica Node Parameters
Parameter |
Description |
zoneName |
Enter the zone name where the Replica node is to be added after deployment.
Note:
The zone name must match the zone name defined in the infrastructure descriptor file. This parameter is mandatory. |
keyName |
Enter the AWS key pair used to connect to the Amazon EC2 instance. This parameter is mandatory. |
iamRoleArn |
Create an Identity Access Management (IAM) role so that EC2 instances can call AWS services based on your assigned role. A default role is created during deployment if you do not configure a role. If the provided role does not exist on AWS, the deployment fails, and an error message appears. You can apply the iamRoleArn value to specific Replica nodes in the deployment to receive the IAM role. You can also have certain Replica nodes configured with the iamRoleArn value and some not, and the default role is assigned when the role is not configured. This parameter is mandatory. Sample iamRoleArn role assigned to Replica nodes. { "zoneName": "orchestrator-zone-A", "keyName": "private-key-name", "iamRoleArn": "arn:aws:iam::732497959762:instance-profile/iam-role-test" }, |
Full Copy Client Node Parameters
Replica nodes share transaction data with the Full Copy Client nodes. The Full Copy Client node does not participate in the BFT consensus process. The Full Copy Client node is optional.
The Full Copy Client node stores VMware Blockchain data on a key-value ObjectStore that uses S3 APIs. The data can be used, for example, for offline data analysis or storing data for an extended period. You can host the ObjectStore on-premises or on Amazon servers.
Parameter |
Description |
accessKey |
Add the AWS access key information to gain access to the stored data.
Note:
Keep the access key information private to safeguard the stored data. This parameter is mandatory. |
bucketName |
Specify the unique Amazon S3 bucket name. Each Full Copy Client node must be configured to communicate with a separate Amazon S3 bucket.
Note:
The S3 bucket must be empty for the Full Copy Client node to write data to the bucket. The S3 bucket must be up and running before the Full Copy Client node is deployed. The Full Copy Client node starts writing data to the S3 bucket. This parameter is mandatory. |
protocol |
Add the Amazon S3 protocol information. The protocol must use a standard protocol, such as HTTP or HTTPS. This parameter is mandatory. |
secretKey |
Add the AWS secret access key or password.
Note:
Keep the secret access key information private to safeguard the stored data. This parameter is mandatory. |
url |
Add the Amazon S3 URL where the data is stored. The URL must be an FQDN or IP address with an optional port number. This parameter is mandatory. |
zoneName |
Enter the zone name where the Replica node is to be added after deployment.
Note:
The zone name must match the zone name defined in the infrastructure descriptor file. This parameter is mandatory. |
providedIp |
Enter the IP address to be assigned to the Replica node after deployment. This parameter is optional. |
iamRoleArn |
Create an Identity Access Management (IAM) role so that EC2 instances can call AWS services based on your assigned role. A default role is created during deployment if you do not configure a role. If the provided role does not exist on AWS, the deployment fails, and an error message appears. You can apply the iamRoleArn value to specific Full Copy Client nodes in the deployment to receive the IAM role. You can also have certain Full Copy Client nodes configured with the iamRoleArn value and some not, and the default role is assigned when the role is not configured. This parameter is mandatory. Sample iamRoleArn role assigned to Full Copy Client nodes. { "zoneName": "orchestrator-zone-A", "keyName": "private-key-name", "iamRoleArn": "arn:aws:iam::732497959762:instance-profile/iam-role-test" }, |
Operator Specification Parameters
Operator specification is required for deployment. Operation specification is used for stopping the VMware Blockchain deployments gracefully.
Parameter |
Description |
operatorSpecifications |
Add the operator Client container specifications required for the new Concord operator container. This parameter is optional. |
operatorPublicKey |
Copy and paste the operator public key details in a single line. The public keys must be generated using the ECDSA algorithm. During deployment, the operator public key details are added to all the Replica nodes. Sample operatorPublicKey configuration. "operatorSpecifications": { "operatorPublicKey": "-----BEGIN PUBLIC KEY----- \nMFkwEwYHKoZ\n -----END PUBLIC KEY-----\n" This parameter is mandatory. |
Client Node Group Specification Parameters
The order of precedence from the highest to the lowest CPU, memory, and storage configuration are the clientGroupNodeSpec, clientNodeSpec, and the SMALL form factor values.
Parameter |
Description |
---|---|
clientGroupNodeSpec |
Configure the Client node size for high-transaction-throughput applications to connect to a Client node group with large CPU, memory, and storage resources in the Client node VMs. Conversely, the low-transaction-throughput applications on the same blockchain can connect to a Client node group with low CPU, memory, and storage resources in the Client node VMs. The predefined sizes are small, medium, and large. The following are the default form factor values:
Sample clientGroupNodeSpec with two large Client node groups and one medium Client node group sizing. In this sample, any Client nodes in groups clientgroup-A and clientgroup-D are provisioned with the LARGE form factor values. Client nodes in group clientgroup-B are provisioned with the MEDIUM form factor values. In this example, the clientNodeSpec object is provided, and Client nodes that do not belong to any group are provisioned with values specified in that object. If the clientNodeSpec is not specified, Client nodes that do not belong to any group are provisioned with the SMALL form factor values. { "clientGroupNodeSpec": [ { "formFactor": "LARGE", "groups": [ "clientgroup-A", "Clientgroup-D" ] }, { "formFactor": "MEDIUM", "groups": [ "clientgroup-B" ] } ], |
Replica and Client Node VM Node Size Parameters
Specify the keywords replicaNodeSpec and clientNodeSpec in the deployment descriptor file.
Parameter |
Description |
cpuCount |
Set the node CPU resource. This parameter is mandatory for Replica nodes and optional for Client nodes. |
memoryGb |
Allocate some memory for the node. This parameter is optional. |
diskSizeGb |
Assign a disk size for the node. This parameter is optional. |
instanceType |
Enter the Amazon EC2 instance type. For example, m4.2xlarge. This parameter is mandatory. |
volumeType |
Set the volume type to gp3, gp2, io1, or io2. The default gp3 is used if nothing is specified for the volume type. If the designated volume type is io1 or io2, throughput cannot be specified, and the minimum IOPS value must be set to 100. This parameter is optional. |
iops |
Designate the IOPS value for the volume. The gp3 default IOPS value is 3000. This parameter is optional. |
throughput |
Allocate the throughput value per volume. The gp3 default throughput value per volume is 125 MiB/s. This parameter is optional. |
Other Parameters
Specify the keyword tag in the deployment descriptor file.
Parameter |
Description |
---|---|
AWS |
Sets the name tag for AWS deployments. The parameter filters EC2 instances by the tag, Name. For example, Name": "AWS-ver1-deployment-1". This parameter is optional. |