Installation and usage of the platform
General platform configuration: execution of smart contracts¶
To work with smart contracts, the node uses two connection types, for each of which you can configure TLS:
The connection to the docker host, the remote machine on which the smart contracts run. This machine uses a docker library that accesses the socket using its protocols. You can enable the secure connection option for it. Such a connection is referred to as “docker-TLS” in this documentation. The docker-TLS connection is configured in the
node.docker-engine.docker-tls
section of the node configuration file; this setting is described below in this section;The connection the running smart contract opens towards the node using gRPC protocol. This is an API connection as the connection point of the smart contract to the node is the same as for any other user or application. This API is configured in the
node.api.grpc
section. For instance, you can enable or disable TLS for it. You can find an example of such a configuration in the Examples of node configuration files section.
Note
The TLS protocol is not available in the opensource version of the platform.
If you are going to develop and execute smart contracts in your blockchain, set their execution parameters in the docker-engine
section of the node configuration file:
docker-engine {
enable = yes
use-node-docker-host = yes
# docker-host = "unix:///var/run/docker.sock"
execution-limits {
startup-timeout = 10s
timeout = 10s
memory = 512
memory-swap = 0
}
reuse-containers = yes
remove-container-after = 10m
allow-net-access = yes
remote-registries = [
{
domain = "myregistry.com:5000"
username = "user"
password = "password"
}
]
check-registry-auth-on-startup = no
# default-registry-domain = "registry.wavesenterprise.com"
contract-execution-messages-cache {
expire-after = 60m
max-buffer-size = 10
max-buffer-time = 100ms
utx-cleanup-interval = 1m
contract-error-quorum = 2
}
contract-auth-expires-in = 1m
grpc-server {
# host = "192.168.97.3"
port = 6865
}
remove-container-on-fail = yes
docker-tls {
tls-verify = yes
cert-path = "/node/certificates"
}
contracts-parallelism = 8
}
enable
– enable transaction processing for Docker contracts.use-node-docker-host
– set the parameter toyes
to define the IP address of the gRPC API available to the contracts. This will read the IP address from the/etc/hosts
file inside the node container. Also, in order for the contracts to access the node, their containers will be connected to the same docker network in which the node container was created.docker-host
– Docker daemon address (optional). If this field is commented out, the address of the daemon will be taken from the system environment.startup-timeout
– time taken to create the contract container and register it in the node (in seconds).timeout
– the time taken to execute the contract (in seconds).memory
– memory limit for the contract container (in megabytes).memory-swap
– allocated amount of virtual memory for the contract container (in megabytes).reuse-containers
– using one container for several contracts when using the same Docker image. To enable this option, specifyyes
, to disable -no
.remove-container-after
– the time interval of container inactivity, after which it will be removed.allow-net-access
– permission to access the network.remote-registries
– Docker registry addresses and authorization settings.check-registry-auth-on-startup
– check authorization for Docker registries at node startup. To enable this option, specifyyes
, to disable -no
.default-registry-domain
– default Docker registry address (optional). This parameter is used if no repository is specified in the contract image name.contract-execution-messages-cache
– settings section of the cache with the execution statuses of Docker contracts transactions;expire-after
– time to store the status of the smart contract.max-buffer-size
andmax-buffer-time
– settings for size and time of the status cache.utx-cleanup-interval
– when the specified interval elapses, invalid transactions (with Error status) are removed from the UTX pool of a non-miner node. 1m is used by default.contract-error-quorum
– the minimum number of transaction Error (business error) statuses received from different miner-nodes, after which the smart-contract call transaction is removed from the UTX pool of a non-miner node. 2 is used by default.contract-auth-expires-in
– lifetime of the authorization token used by smart contracts for calls to the node.grpc-server
– gRPC server settings section for Docker contracts with the gRPC API.host
– network address of the node (optional).port
– port of the gRPC server. Specify the listening port for gRPC requests used by the platform.remove-container-on-fail
– removes the container if an error occurred during its startup. To enable this option, specifyyes
, to disable –no
.
tls-verify
– enable or disable TLS; if you specifyyes
, certificates are searched for in the directory specified in thecerts-path
parameter; if you specifyno
, certificates are not searched for.certs-path
– the path to the directory where TLS certificates are stored.{node.directory}/certificates
is used by default.contracts-parallelism
– the parameter determines the number of parallel transactions of all containerized smart contracts. The default value is8
.