Skip to content

Latest commit

 

History

History
73 lines (51 loc) · 3.43 KB

File metadata and controls

73 lines (51 loc) · 3.43 KB

Polygon Edge

Polygon Edge AWS Terraform

Polygon Edge is a modular and extensible framework for building Ethereum-compatible blockchain networks.

To find out more about Polygon, visit the official website.

Documentation 📝

If you'd like to learn more about the Polygon Edge, how it works and how you can use it for your project, please check out the Polygon Edge Documentation.

Terraform deployment

This is a fully automated Polygon Edge blockchain infrastructure deployment for AWS cloud provider.

High level overview of the resources that will be deployed:

  • Dedicated VPC
  • 4 validator nodes (which are also boot nodes)
  • 4 NAT gateways to allow nodes outbound internet traffic
  • Lambda function used for generating the first (genesis) block and starting the chain
  • Dedicated security groups and IAM roles
  • S3 bucket used for storing genesis.json file
  • Application Load Balancer used for exposing the JSON-RPC endpoint

Prerequisites

Three variables that must be provided, before running the deployment:

  • account_id - the AWS account ID that the Polygon Edge blockchain cluster will be deployed on.
  • alb_ssl_certificate - the ARN of the certificate from AWS Certificate Manager to be used by ALB for https protocol.
    The certificate must be generated before starting the deployment, and it must have Issued status.
  • premine - the account/s that will receive pre mined native currency. Value must follow the official CLI flag specification.

Fault tolerance

Only regions that have 4 availability zones are required for this deployment. Each node is deployed in a single AZ.

By placing each node in a single AZ, the whole blockchain cluster is fault-tolerant to a single node (AZ) failure, as Polygon Edge implements IBFT consensus which allows a single node to fail in a 4 validator node cluster.

Command line access

Validator nodes are not exposed in any way to the public internet (JSON-PRC is accessed only via ALB) and they don't even have public IP addresses attached to them.
Nodes command line access is possible only via AWS Systems Manager - Session Manager.

Base AMI upgrade

This deployment uses ubuntu-focal-20.04-amd64-server AWS AMI. It will not trigger EC2 redeployment if the AWS AMI gets updated.

If, for some reason, base AMI is required to get updated, it can be achieved by running terraform taint command for each instance, before terraform apply.
Instances can be tainted by running the terraform taint module.instances[<instance_number>].aws_instance.polygon_edge_instance command.

Example:

terraform taint module.instances[0].aws_instance.polygon_edge_instance
terraform taint module.instances[1].aws_instance.polygon_edge_instance
terraform taint module.instances[2].aws_instance.polygon_edge_instance
terraform taint module.instances[3].aws_instance.polygon_edge_instance
terraform apply

Resources cleanup

When cleaning up all resources by running terraform destory, the only thing that needs to be manually deleted are validator keys from AWS SSM Parameter Store as they are not stored via Terraform, but with polygon-edge process itself.