Installation and usage of the platform

General platform configuration: execution of smart contracts

To work with smart contracts, the node uses two connection types, for each of which you can configure TLS:

  1. The connection to the docker host, the remote machine on which the smart contracts run. This machine uses a docker library that accesses the socket using its protocols. You can enable the secure connection option for it. Such a connection is referred to as “docker-TLS” in this documentation. The docker-TLS connection is configured in the node.docker-engine.docker-tls section of the node configuration file; this setting is described below in this section;

  2. The connection the running smart contract opens towards the node using gRPC protocol. This is an API connection as the connection point of the smart contract to the node is the same as for any other user or application. This API is configured in the node.api.grpc section. For instance, you can enable or disable TLS for it. You can find an example of such a configuration in the Examples of node configuration files section.

Note

The TLS protocol is not available in the opensource version of the platform.

If you are going to develop and execute smart contracts in your blockchain, set their execution parameters in the docker-engine section of the node configuration file:

docker-engine {
  enable = yes
  use-node-docker-host = yes
  # docker-host = "unix:///var/run/docker.sock"
  execution-limits {
    startup-timeout = 10s
    timeout = 10s
    memory = 512
    memory-swap = 0
    }
  reuse-containers = yes
  remove-container-after = 10m
  allow-net-access = yes
  remote-registries = [
    {
     domain = "myregistry.com:5000"
     username = "user"
     password = "password"
    }
  ]
  check-registry-auth-on-startup = no
  # default-registry-domain = "registry.wavesenterprise.com"
  contract-execution-messages-cache {
    expire-after = 60m
    max-buffer-size = 10
    max-buffer-time = 100ms
    utx-cleanup-interval = 1m
    contract-error-quorum = 2
  }
  contract-auth-expires-in = 1m
  grpc-server {
    # host = "192.168.97.3"
    port = 6865
    }
  remove-container-on-fail = yes
  docker-tls {
    tls-verify = yes
    cert-path = "/node/certificates"
    }
  contracts-parallelism = 8
}
  • enable – enable transaction processing for Docker contracts.

  • use-node-docker-host – set the parameter to yes to define the IP address of the gRPC API available to the contracts. This will read the IP address from the /etc/hosts file inside the node container. Also, in order for the contracts to access the node, their containers will be connected to the same docker network in which the node container was created.

  • docker-host – Docker daemon address (optional). If this field is commented out, the address of the daemon will be taken from the system environment.

  • startup-timeout – time taken to create the contract container and register it in the node (in seconds).

  • timeout – the time taken to execute the contract (in seconds).

  • memory – memory limit for the contract container (in megabytes).

  • memory-swap – allocated amount of virtual memory for the contract container (in megabytes).

  • reuse-containers – using one container for several contracts when using the same Docker image. To enable this option, specify yes, to disable - no.

  • remove-container-after – the time interval of container inactivity, after which it will be removed.

  • allow-net-access – permission to access the network.

  • remote-registries – Docker registry addresses and authorization settings.

  • check-registry-auth-on-startup – check authorization for Docker registries at node startup. To enable this option, specify yes, to disable - no.

  • default-registry-domain – default Docker registry address (optional). This parameter is used if no repository is specified in the contract image name.

  • contract-execution-messages-cache – settings section of the cache with the execution statuses of Docker contracts transactions;

  • expire-after – time to store the status of the smart contract.

  • max-buffer-size and max-buffer-time – settings for size and time of the status cache.

  • utx-cleanup-interval – when the specified interval elapses, invalid transactions (with Error status) are removed from the UTX pool of a non-miner node. 1m is used by default.

  • contract-error-quorum – the minimum number of transaction Error (business error) statuses received from different miner-nodes, after which the smart-contract call transaction is removed from the UTX pool of a non-miner node. 2 is used by default.

  • contract-auth-expires-in – lifetime of the authorization token used by smart contracts for calls to the node.

  • grpc-server – gRPC server settings section for Docker contracts with the gRPC API.

  • host – network address of the node (optional).

  • port – port of the gRPC server. Specify the listening port for gRPC requests used by the platform.

  • remove-container-on-fail – removes the container if an error occurred during its startup. To enable this option, specify yes, to disable – no.

  • tls-verify – enable or disable TLS; if you specify yes, certificates are searched for in the directory specified in the certs-path parameter; if you specify no, certificates are not searched for.

  • certs-path – the path to the directory where TLS certificates are stored. {node.directory}/certificates is used by default.

  • contracts-parallelism – the parameter determines the number of parallel transactions of all containerized smart contracts. The default value is 8.

See also