Most noderunners have the common problem that stale nodes, meaning nodes that are stuck at a certain block height and will not continue keeping up the chain tip, provide horrible UX to users. To mitigate this, we can add some extra monitoring tools to dynamically add or remove nodes from the cluster.
The provided software gives you an entry level solution for this. As everything is written in Python, you can adjust this to your API setup.
To install, please do the following:
Ensure you have Python installed. If not, download and install Python from python.org. You'll also need pip, Python's package manager, to install required libraries. If you're using a Linux-based system, ensure you have NGINX installed and properly configured.
Since we edit the nginx config directly, we need to give pyhton3 sudo rights.
Be aware when you follow this tutorial.
To clone the AutoHealBot repository, use the following steps:
Install Git: Ensure Git is installed on your system. If not, install it from git-scm.com.
Clone the Repository: Open a terminal and run:
Navigate to the Directory: After cloning, change to the repository directory:
This clones the entire repository to your local machine, allowing you to access all files and resources. To proceed with the tutorial, follow additional setup instructions provided in the repository's README or other documentation.
When installing, make sure to install this under root with sudo, otherwise the script will later not find the libraries later on.
To configure your environment variables, copy over the .env.example in the repository.
Replace the placeholders with actual values:
NGINX_CONFIG_PATH: The path to your NGINX configuration file.
BASE_RATE and NODE_MULTIPLIER: Adjust as needed.
RPC_PORT, GRPC_PORT, LCD_PORT: Set to your specific ports.
FILE_PATH: Path to the text file with node URLs.
TIME_BEFORE_FALLEN_BEHIND: Maximum allowed time before a node is considered unhealthy.
UPDATE_TIME: Time between health checks.
Create a text file with the node URLs. For example, create nodes.txt with one URL per line, make sure to include the RPC port to each node here as well:
In the AutoHealBot script, "upstream blocks" refer to sections in the NGINX configuration that specify which backend servers handle different types of traffic. This setup divides the backend nodes into separate streams: RPC, gRPC, and LCD. The script checks the health of these nodes and updates the corresponding upstream blocks to reflect the healthy nodes for each stream. It ensures that traffic is routed to servers that are online and functional.
As a reference, the upstream blocks are defined as:
Run the script to start the asynchronous health checks and NGINX updates:
Troubleshooting
Environment Variables Not Loaded: Ensure your .env file is in the same directory as the script or specify its path explicitly with dotenv_path.
NGINX Not Reloading: Check if you have the necessary permissions to reload NGINX and ensure systemctl or other command-line utilities are in your PATH.
With this setup, the script will run asynchronously, periodically checking node health, updating the NGINX configuration, and reloading the NGINX service as needed.
Here is an example nginx.conf for Loadbalancing on Nginx:
It's possible to run multiple Secret Nodes on the same Secret-compatible server, and it is fairly easy to do so.
There are 2 important things that must be done for each node:
A unique system file is necessary for each node
A unique sgx_secrets path is necessary for each node
All Secret Nodes should have their own user to simplify
It's easiest to do this with auto-register, but it's possible manual as well
Each node must be registered
This process assumes you already have a full node running. If you do not, proceed by Setting Up a Full Node, then returning.
This isn't necessary, but will help with keeping nodes organized. From here on, the assumption is the username is secret, but it can be anything of your choosing.
This will make it so you don't need to install secretd multiple times, and therefore, can upgrade all nodes at the same time.
On the new user, execute steps 1 and 2 of Setting Up a Full Node. You should now have a .secretd directory on the new user, and the correct genesis file.
The variables SCRT_ENCLAVE_DIR and SCRT_SGX_STORAGE are going to need to be custom for each user/node. These variables are NOT the same as the ones in step 3 of setting up a full node.
In order for these nodes to work in tandem, they cannot use the same ports. I recommend this tool to help automate changing them.
Which will then create a command that looks like this:
Note that this service file has two environment variables that are set, as well as a --home directory. These will be unique to your user.
From here, you can return to step 9 of setting up a full node. Note that the service file name is different. The following is what the system file commands would look like.
To provide endpoints to users, you can use Nginx. It is a powerful tool for providing a loadbalanced endpoint that distributes the load across multiple nodes.
SSH into Your Machine: Use an SSH client to log into your server.
Frist, ensure that all packages are up to date. This can prevent security vulnerabilities.
Install Glances: An advanced system monitor for Linux.
Install Nginx: A high-performance web server and a reverse proxy, often used for load balancing.
Configure UFW Firewall for Nginx: Make sure Nginx can receive HTTP and HTTPS traffic.
Remove Existing Nginx Configuration:
Edit New Configuration: Use a text editor like nano to create a new configuration file.
Modify RPC/LCD/gRPC server entries and domain names as required.
Save and exit the editor (CTRL + X, then Y to confirm, and Enter to save).
Test Nginx Configuration: Ensures your syntax is correct.
Enable and Start Nginx: This will make sure Nginx starts on boot and starts running immediately.
Install Certbot: This tool automates obtaining free SSL/TLS certificates from Let's Encrypt.
Obtain the SSL Certificate for your domain:
Finally, you can add a cronjob to crontab to enable auto-newing of the certificates:
This section should give you a rough overview of how to run multiple nodes in a cluster than you can provide for your own dApp to use.
You can find help in Telegram
Visit the Secret Network Discord and ask in #node-discussion or #node-support for help
At this point, all unique behavior for additional nodes is complete!
Replace the contents with your load balancer configuration. You can use the as a starting point.