Running Multiple Nodes on the Same Server
It's possible to run multiple Secret Nodes on the same Secret-compatible server, and it is fairly easy to do so.
There are 2 important things that must be done for each node:
- 1.A unique system file is necessary for each node
- 2.A unique
sgx_secretspath is necessary for each node
- 3.All Secret Nodes should have their own user to simplify
- 4.It's easiest to do this with
auto-register, but it's possible manual as well
- 5.Each node must be registered
This process assumes you already have a full node running. If you do not, proceed by Setting Up a Full Node, then returning.
This isn't necessary, but will help with keeping nodes organized. From here on, the assumption is the username is
secret, but it can be anything of your choosing.
usermod secret -aG sudo
This will make it so you don't need to install
secretdmultiple times, and therefore, can upgrade all nodes at the same time.
On the new user, execute steps 1 and 2 of Setting Up a Full Node. You should now have a
.secretddirectory on the new user, and the correct genesis file.
SCRT_SGX_STORAGEare going to need to be custom for each user/node. These variables are NOT the same as the ones in step 3 of setting up a full node.
In order for these nodes to work in tandem, they cannot use the same ports. I recommend this tool to help automate changing them.
Which will then create a command that looks like this:
sed -i.bak -e "s%^proxy_app = \"tcp://127.0.0.1:26658\"%proxy_app = \"tcp://127.0.0.1:10658\"%; s%^laddr = \"tcp://127.0.0.1:26657\"%laddr = \"tcp://127.0.0.1:10657\"%; s%^pprof_laddr = \"localhost:6060\"%pprof_laddr = \"localhost:10060\"%; s%^laddr = \"tcp://0.0.0.0:26656\"%laddr = \"tcp://0.0.0.0:10656\"%; s%^prometheus_listen_addr = \":26660\"%prometheus_listen_addr = \":10660\"%" $HOME/.secretd/config/config.toml && \
sed -i.bak -e "s%^address = \"tcp://0.0.0.0:1317\"%address = \"tcp://0.0.0.0:10317\"%; s%^address = \":8080\"%address = \":10080\"%; s%^address = \"0.0.0.0:9090\"%address = \"0.0.0.0:10090\"%; s%^address = \"0.0.0.0:9091\"%address = \"0.0.0.0:10091\"%" $HOME/.secretd/config/app.toml
Note that this service file has two environment variables that are set, as well as a
--homedirectory. These will be unique to your user.
sudo tee /etc/systemd/system/secretd.service > /dev/null <<EOF
Description=Secret Node service
ExecStart=/usr/local/bin/secretd start --home /home/secret/.secretd
At this point, all unique behavior for additional nodes is complete!
From here, you can return to step 9 of setting up a full node. Note that the service file name is different. The following is what the system file commands would look like.
sudo systemctl daemon-reload && sudo systemctl enable secretd && \
sudo systemctl restart secretd && sudo journalctl -u secretd -f -o cat