Installation and usage of the platform

Precise platform configuration: node gRPC and REST API configuration

If you use privacy API methods to manage confidential data, configure the access to confidential data for which the privacy section of the node configuration file is intended (example using the PostgreSQL database and enabling periodic deletion of files that are not in the blockchain):

privacy {

storage {
  vendor = postgres
  schema = "public"
  migration-dir = "db/migration"
  profile = "slick.jdbc.PostgresProfile$"
  jdbc-config {
    url = "jdbc:postgresql://postgres:5432/node-1"
    driver = "org.postgresql.Driver"
    user = postgres
    password = wenterprise
    connectionPool = HikariCP
    connectionTimeout = 5000
    connectionTestQuery = "SELECT 1"
    queueSize = 10000
  numThreads = 20
}

cleaner {
  enabled: yes
  interval: 10m
  confirmation-blocks: 100
  pending-time: 72h
}
}

Before changing it, decide on the database that you plan to use to store confidential data. The Waves Enterprise blockchain platform supports interaction with PostgreSQL database or Amazon S3.

If using PostgreSQL DBMS, you will need to install the JDBC interface. When using Amazon S3, the information must be stored on the Minio server.

After installing the appropriate DBMS for your project, proceed to configuring the block of the privacy section. Specify the DBMS you use in the vendor parameter:

  • postgres - for PostgreSQL;

  • s3 - for Amazon S3.

If you do not use privacy API methods, specify none and comment out or delete the rest of the parameters.

vendor = postgres

When using the PostgreSQL DBMS, the storage block of the privacy section looks like this:

storage {
vendor = postgres
schema = "public"
migration-dir = "db/migration"
profile = "slick.jdbc.PostgresProfile$"
jdbc-config {
   url = "jdbc:postgresql://postgres:5432/node-1"
   driver = "org.postgresql.Driver"
   user = postgres
   password = wenterprise
   connectionPool = HikariCP
   connectionTimeout = 5000
   connectionTestQuery = "SELECT 1"
   queueSize = 10000
   numThreads = 20
   }
}
  • schema - the used scheme of interaction between elements within the database. By default, the public scheme is used, but if your database provides another scheme, specify its name.

  • migration-dir - directory for data migration.

  • profile - name of the profile for JDBC access.

  • url - address of the PostgreSQL database.

  • driver - name of the JDBC (Java SataBase Connectivity) driver that allows Java applications to communicate with the database.

  • user - user name to access the database.

  • password - password to access the database.

  • connectionPool - name of the connection pool, HikariCP by default.

  • connectionTimeout - time of connection inactivity before it is broken (in milliseconds).

  • connectionTestQuery - a test query to test the connection to the database. For PostgreSQL, it is recommended to send SELECT 1.

  • queueSize - the size of the query queue.

  • numThreads - number of simultaneous connections to the database.

During the installation of the database running PostgreSQL, create an account to access the database. Then enter the login and password you specified in the user and password fields. When installing JDBC, set the profile name, which you then specify in the profile field.

In the url field, specify the address of the database you are using in the following format:

jdbc:postgresql://<POSTGRES_ADDRESS>:<POSTGRES_PORT>/<POSTGRES_DB>
  • POSTGRES_ADDRESS - PostgreSQL host address.

  • POSTGRES_PORT - PostgreSQL host port number.

  • POSTGRES_DB - name of the PostgreSQL database.

You can specify the database address along with the account data using the user and password parameters:

privacy {
  storage {
    ...
    url = "jdbc:postgresql://yourpostgres.com:5432/privacy_node_0?user=user_privacy_node_0@company&password=7nZL7Jr41qOWUHz5qKdypA&sslmode=require"
    ...
    }
}

In this example, user_privacy_node_0@company is the username, 7nZL7Jr41qOWUHz5qKdypA is its password. You can also use the command sslmode=require to require a password when authorizing.

vendor = s3

When using Amazon S3 DBMS, the storage block of the privacy section looks like this:

storage {
vendor = s3
url = "http://localhost:9000/"
bucket = "privacy"
region = "aws-global"
access-key-id = "minio"
secret-access-key = "minio123"
path-style-access-enabled = true
connection-timeout = 30s
connection-acquisition-timeout = 10s
max-concurrency = 200
read-timeout = 0s
}
  • url - address of the Minio server to store data. By default, Minio uses the port 9000.

  • bucket - name of the S3 database table to store data.

  • region - name of the S3 region, the parameter value is aws-global.

  • access-key-id - identifier of the data access key.

  • secret-access-key - data access key in the S3 repository.

  • path-style-access-enabled = true - unchangeable parameter to specify the path to S3 table.

  • connection-timeout - period of inactivity before the connection is broken (in seconds).

  • connection-acquisition-timeout - period of inactivity during connection establishment (in seconds).

  • max-concurrency - number of concurrent accesses to the storage.

  • read-timeout - period of inactivity when reading data (in seconds).

During installation of the Minio server, you will be prompted for a login and password to access the data. Enter your username in the access-key-id field and your password in the secret-access-key field.

cleaner section

The cleaner section is designed to configure the periodic deletion of confidential data that is stored in the database, but for one reason or another did not get into the blockchain (for example, in case of transaction rollback). This section includes the following parameters:

  • enabled - enable/disable periodic deletion of files that did not hit the blockchain.

  • interval - interval for cleaning the files.

  • confirmation-blocks - the period of time in blocks during which the hash data transaction exists in the blockchain, and after which it is deleted.

  • pending-time - the maximum period of time for which a file with data is saved without hitting the blockchain.

See also