Installation and usage of the platform
Precise platform configuration: node gRPC and REST API configuration¶
If you use privacy API methods to manage confidential data, configure the access to confidential data for which the privacy
section of the node configuration file is intended (example using the PostgreSQL database and enabling periodic deletion of files that are not in the blockchain):
privacy {
storage {
vendor = postgres
schema = "public"
migration-dir = "db/migration"
profile = "slick.jdbc.PostgresProfile$"
jdbc-config {
url = "jdbc:postgresql://postgres:5432/node-1"
driver = "org.postgresql.Driver"
user = postgres
password = wenterprise
connectionPool = HikariCP
connectionTimeout = 5000
connectionTestQuery = "SELECT 1"
queueSize = 10000
numThreads = 20
}
cleaner {
enabled: yes
interval: 10m
confirmation-blocks: 100
pending-time: 72h
}
}
Before changing it, decide on the database that you plan to use to store confidential data. The Waves Enterprise blockchain platform supports interaction with PostgreSQL database or Amazon S3.
If using PostgreSQL DBMS, you will need to install the JDBC interface. When using Amazon S3, the information must be stored on the Minio server.
After installing the appropriate DBMS for your project, proceed to configuring the block of the privacy
section. Specify the DBMS you use in the vendor
parameter:
postgres
- for PostgreSQL;s3
- for Amazon S3.
If you do not use privacy API methods, specify none
and comment out or delete the rest of the parameters.
vendor = postgres
¶
When using the PostgreSQL DBMS, the storage
block of the privacy
section looks like this:
storage {
vendor = postgres
schema = "public"
migration-dir = "db/migration"
profile = "slick.jdbc.PostgresProfile$"
jdbc-config {
url = "jdbc:postgresql://postgres:5432/node-1"
driver = "org.postgresql.Driver"
user = postgres
password = wenterprise
connectionPool = HikariCP
connectionTimeout = 5000
connectionTestQuery = "SELECT 1"
queueSize = 10000
numThreads = 20
}
}
schema
- the used scheme of interaction between elements within the database. By default, thepublic
scheme is used, but if your database provides another scheme, specify its name.migration-dir
- directory for data migration.profile
- name of the profile for JDBC access.url
- address of the PostgreSQL database.driver
- name of the JDBC (Java SataBase Connectivity) driver that allows Java applications to communicate with the database.user
- user name to access the database.password
- password to access the database.connectionPool
- name of the connection pool,HikariCP
by default.connectionTimeout
- time of connection inactivity before it is broken (in milliseconds).connectionTestQuery
- a test query to test the connection to the database. For PostgreSQL, it is recommended to sendSELECT 1
.queueSize
- the size of the query queue.numThreads
- number of simultaneous connections to the database.
During the installation of the database running PostgreSQL, create an account to access the database. Then enter the login and password you specified in the user
and password
fields. When installing JDBC, set the profile name, which you then specify in the profile
field.
In the url
field, specify the address of the database you are using in the following format:
jdbc:postgresql://<POSTGRES_ADDRESS>:<POSTGRES_PORT>/<POSTGRES_DB>
POSTGRES_ADDRESS
- PostgreSQL host address.POSTGRES_PORT
- PostgreSQL host port number.POSTGRES_DB
- name of the PostgreSQL database.
You can specify the database address along with the account data using the user and password parameters:
privacy {
storage {
...
url = "jdbc:postgresql://yourpostgres.com:5432/privacy_node_0?user=user_privacy_node_0@company&password=7nZL7Jr41qOWUHz5qKdypA&sslmode=require"
...
}
}
In this example, user_privacy_node_0@company
is the username, 7nZL7Jr41qOWUHz5qKdypA
is its password. You can also use the command sslmode=require
to require a password when authorizing.
vendor = s3
¶
When using Amazon S3 DBMS, the storage
block of the privacy
section looks like this:
storage {
vendor = s3
url = "http://localhost:9000/"
bucket = "privacy"
region = "aws-global"
access-key-id = "minio"
secret-access-key = "minio123"
path-style-access-enabled = true
connection-timeout = 30s
connection-acquisition-timeout = 10s
max-concurrency = 200
read-timeout = 0s
}
url
- address of the Minio server to store data. By default, Minio uses the port 9000.bucket
- name of the S3 database table to store data.region
- name of the S3 region, the parameter value isaws-global
.access-key-id
- identifier of the data access key.secret-access-key
- data access key in the S3 repository.path-style-access-enabled = true
- unchangeable parameter to specify the path to S3 table.connection-timeout
- period of inactivity before the connection is broken (in seconds).connection-acquisition-timeout
- period of inactivity during connection establishment (in seconds).max-concurrency
- number of concurrent accesses to the storage.read-timeout
- period of inactivity when reading data (in seconds).
During installation of the Minio server, you will be prompted for a login and password to access the data. Enter your username in the access-key-id
field and your password in the secret-access-key
field.
cleaner
section¶
The cleaner
section is designed to configure the periodic deletion of confidential data that is stored in the database, but for one reason or another did not get into the blockchain (for example, in case of transaction rollback). This section includes the following parameters:
enabled
- enable/disable periodic deletion of files that did not hit the blockchain.interval
- interval for cleaning the files.confirmation-blocks
- the period of time in blocks during which the hash data transaction exists in the blockchain, and after which it is deleted.pending-time
- the maximum period of time for which a file with data is saved without hitting the blockchain.