Using the VMware Blockchain Orchestrator, you can deploy VMware Blockchain nodes on your os environment.

Prerequisites

Procedure

  1. Power on the VMware Blockchain Orchestrator appliance.
  2. SSH into the VMware Blockchain Orchestrator appliance.
  3. Enter the login credentials for the blockchain user account.
  4. Navigate to the /home/blockchain directory.
  5. List the contents of the /home/blockchain directory.

    ls -l

    Option Description

    /home/blockchain/orchestrator-runtime

    Directory consists of all the docker-compose files and descriptor files.

    You can run the VMware Blockchain Orchestrator script from this directory.

    docker-compose-orchestrator-prereqs.yml

    Runs the Docker configuration service and provisioning service containers.

    The prerequisite service starts when the VM is powered on. The prerequisite service times out if the VM does not have connectivity when powered on and must be manually restarted.

    docker-compose-orchestrator.yml

    Runs the VMware Blockchain Orchestrator script to deploy VMware Blockchain nodes.

    infrastructure-descriptor-v1.schema

    Directory stores the infrastructure definitions of all the available parameters to manually configure to deploy VMware Blockchain nodes.

    deployment-descriptor-v1.schema

    Directory stores the deployment definitions of all the available parameters to manually configure to deploy VMware Blockchain nodes.

    To configure the descriptor files and set the parameter values, you must create directories to store the descriptor files.

  6. Create a directory for the descriptor files.

    See the sample directory structure.

    Option Description

    /home/blockchain/descriptors

    Directory stores the infrastructure and deployment descriptor JSON files.

    VMware Blockchain Orchestrator uses the parameter values set in the infrastructure and deployment descriptor files during provisioning.

    /home/blockchain/output

    Directory stores the deployment details, such as IP address, Replica and Client node names, blockchain ID, and consortium ID.

    INFRA_DESC_FILENAME=infrastructure_descriptor.json

    File provides infrastructure details for deployment that VMware Blockchain Orchestrator uses to prescribe the parameters and connect to AWS.

    DEPLOY_DESC_FILENAME=deployment_descriptor.json

    File provides deployment details for Replica and Client nodes. If you deploy Full Copy Client nodes, the deployment details are included in this file.

    For example, the file also consists of zone names, client group names, and IP addresses.

  7. Verify that the Docker containers are running.
    cd ~blockchain/orchestrator-runtime
    docker ps -a

    The Docker containers that are running appear.

    blockchain@localhost [ ~ ]$ docker ps -a
    CONTAINER ID        IMAGE                                                                                COMMAND                  CREATED             STATUS              PORTS                                            NAMES
    a20b7fbeacff        athena-docker-local.artifactory.eng.vmware.com/persephone-configuration:0.0.0.2323   "java -Dspring.confi…"   2 minutes ago       Up 2 minutes        0.0.0.0:9003->9003/tcp, 0.0.0.0:8000->9023/tcp   orchestrator-runtime_config-service_1
    10cdca6852d8        athena-docker-local.artifactory.eng.vmware.com/persephone-provisioning:0.0.0.2323    "java -Dspring.confi…"   2 minutes ago       Up 2 minutes        8000/tcp, 0.0.0.0:9002->9002/tcp                 orchestrator-runtime_persephone-provisioning_1
  8. If the Docker containers are not running, then restart the Docker containers.
    1. Log into the VMware Blockchain Orchestrator appliance.
    2. Restart the system service, which in turn starts the Docker containers.
      systemctl restart blockchain.service
  9. Create the infrastructure and deployment descriptor files in the descriptor directory.

    VMware Blockchain Orchestrator uses the variables defined in these descriptor files to provision the VMware Blockchain nodes.

    Sample infrastructure_descriptor.json file to deploy to AWS.

    {
        "organization": {
            "damlSdkVersion": "2.4.0",
            "blockchainVersion": "1.8.0.0.53"
          },
        "zones": [
            {
                "name": "zone-A",
                "region": "us-east-1",
                "credentials": 
             {
        "accessKeyId": "<access-key-id>",
        "secretAccessKey": "<secret-access-key>",
        "sessionToken" : "<session-token>"
            },   
                "network": {
                    "subnetId": "subnet-02bd7fc869499e90a",
                    "securityGroupIds": [
                        "sg-00f7cbfdca902d1ff"
                    ]
                },
                "containerRegistry": {
                    "url": "https://vmwaresaas.jfrog.io",
                    "userName": "vmbc-token",
    		"password": "<password>"
    
                },
                "wavefront": {
                    "url": "https://vmware.wavefront.com/api/",
                    "token": "90e3b381-6779-41ce-9f4f-d08a9d72d68b"
                },
                   "logManagement": [
                    {
                        "type": "AWS_CLOUDWATCH",
                        "cloudwatchLogConfig": {
                            "region": "us-east-1",
                            "logGroupName": "castor-group",
                            "logStreamName": "castor-stream"
                        }
                    }
                ]
            }
        ]
    }
    
  10. Validate your infrastructure descriptor file semantics against the infrastructure-descriptor-v1.schema.
  11. Validate your deployment descriptor file semantics against the deployment-descriptor-v1.schema.
  12. Validate that the credentials, network name, and folder name are correctly populated to avoid errors.
    ORCHESTRATOR_DESCRIPTORS_DIR=/home/blockchain/descriptors  
    INFRA_DESC_FILENAME=infrastructure_descriptor.json 
    DEPLOY_DESC_FILENAME=deployment_descriptor.json 
    ORCHESTRATOR_OUTPUT_DIR=/home/blockchain/output 
    ORCHESTRATOR_DEPLOYMENT_TYPE=VALIDATE 
    docker-compose -f docker-compose-orchestrator.yml up
  13. Encrypt and redirect the infrastructure and the deployment descriptor files for added security.
    1. Encrypt the infrastructure_descriptor.json file.
      $HOME/descriptors > ansible-vault encrypt infrastructure_descriptor.json
      New Vault password:
      Confirm New Vault password:
      Encryption successful
    2. Encrypt the deployment_descriptor.json file.
      $HOME/descriptors > ansible-vault encrypt deployment_descriptor.json
      New Vault password:
      Confirm New Vault password:
      Encryption successful
    3. Configure the two environment variable values.
      • ORCHESTRATOR_OUTPUT_DIR - The output directory where the output file is written.

      • ORCHESTRATOR_DEPLOYMENT_TYPE - Set deployment type to PROVISION.

    4. Run the secure-orchestrator.sh script from the orchestrator_runtime directory.
      ORCHESTRATOR_OUTPUT_DIR=$HOME/output 
      ORCHESTRATOR_DEPLOYMENT_TYPE=PROVISION 
      ./secure-orchestrator.sh

      The script creates temporary files.

      • /dev/shm/orchestrator-awsIGoa0JA/infra_descriptor

      • /dev/shm/orchestrator-awsIGoa0JA/deployment_descriptor

    5. Redirect the decrypted infrastructure_descriptor.json to the infrastructure_descriptor file location.

      Use the vault password used to encrypt the infrastructure_descriptor.json file.

      ansible-vault view $HOME/descriptors/infrastructure_descriptor.json > /dev/shm/orchestrator-awsIGoa0JA/infra_descriptor
    6. Redirect the decrypted deployment_descriptor.json to the deployment_descriptor file location.

      Use the vault password used to encrypt the deployment_descriptor.json file.

      ansible-vault view $HOME/descriptors/deployment_descriptor.json > /dev/shm/orchestrator-awsIGoa0JA/deployment_descriptor

      After the script completes running, the temporary files are deleted.

    7. (Optional) If the script fails or the secure_orchestrator.sh script is terminated, delete the temporary folder under the /dev/shm/orchestrator-* directory.
  14. Run the VMware Blockchain Orchestrator deployment script.
    ORCHESTRATOR_DESCRIPTORS_DIR=/home/blockchain/descriptors 
    INFRA_DESC_FILENAME=infrastructure_descriptor.json 
    DEPLOY_DESC_FILENAME=deployment_descriptor.json 
    ORCHESTRATOR_OUTPUT_DIR=/home/blockchain/output 
    docker-compose -f docker-compose-orchestrator.yml up
  15. (Optional) If you have enabled the pullMetricsEndpoint parameter, you can run the command and retrieve the monitoring metrics data.
    # If using username/password use http
    curl -i -u '<username>:<password>' http://<VM-IP>:9273/metrics
    # If using TLS use https
    curl -i -l -u '<username>:<password>' https://<VM-IP>:9273/metrics -k

Results

After a successful deployment, the VMware Blockchain Orchestrator creates and saves the deployment results in the /home/blockchain/output directory.

Note:

If your deployment fails, identify the error and fix it before redeploying the VMware Blockchain nodes.

What to do next

Verify that the Replica node includes all the parameter values set in the deployment descriptor. See Validate a Replica Node in VMware Blockchain Orchestrator on AWS.