在 Azure Stack Hub 上部署 Ethereum 区块链网络Deploy an Ethereum blockchain network on Azure Stack Hub

Ethereum 解决方案模板旨在利用最少的 Azure 和 Ethereum 知识,使多成员联盟 Ethereum 区块链网络的部署和配置变得更加轻松快捷。The Ethereum solution template is designed to make it easier and quicker to deploy and configure a multi-member consortium Ethereum blockchain network with minimal Azure and Ethereum knowledge.

凭借少量的用户输入以及 Azure Stack Hub 租户门户中的一键式部署,每个成员都能预配其内存占用情况。With a handful of user inputs and a single-click deployment through the Azure Stack Hub tenant portal, each member can provision their network footprint. 每个成员的网络足迹由三部分组成:Each member's network footprint consists of three things:

  1. 一组负载均衡的事务节点,应用或用户可与这些节点进行交互以提交事务。A set of load-balanced transaction nodes with which an app or user can interact to submit transactions.
  2. 一组用于记录事务的挖掘节点。A set of mining nodes to record transactions.
  3. 一个网络虚拟设备 (NVA)。A Network Virtual Appliance (NVA).

稍后的连接步骤将连接 NVA 以创建完全配置的多成员区块链网络。A later connection step connects the NVAs to create a fully configured multi-member blockchain network.

若要设置:To set up:

  • 选择部署体系结构。Choose a deployment architecture.
  • 部署独立网络、联盟领导者网络或联盟成员网络。Deploy a standalone, consortium leader, or consortium member network.

必备条件Prerequisites

从市场下载最新项目:Download the latest items from the Marketplace:

  • Ubuntu Server 16.04 LTSUbuntu Server 16.04 LTS
  • Windows Server 2016Windows Server 2016
  • 适用于 Linux 的自定义脚本 2.0Custom Script for Linux 2.0
  • 适用于 Windows 的自定义脚本扩展Custom Script Extension for Windows

有关区块链方案的更多信息,请参阅 Ethereum 权威证明联盟解决方案模板For more info on blockchain scenarios, see Ethereum proof-of-authority consortium solution template.

部署体系结构Deployment architecture

此解决方案模板可以部署单成员或多成员 Ethereum 联盟网络。This solution template can deploy a single or multi-member Ethereum consortium network. 使用网络虚拟设备和连接资源在链拓扑中连接虚拟网络。The virtual network is connected in a chain topology using Network Virtual Appliance and connection resources.

此模板可以通过多种方式为领导者和成员部署 Ethereum 联盟。The template can deploy Ethereum consortium for leader and member in a variety of ways. 下面是我们已测试过的内容:Here are the ones we've tested:

  • 在具有 Azure AD 或 AD FS 的多节点 Azure Stack 集线器上,使用同一订阅或不同订阅部署潜在客户和成员。On a multi-node Azure Stack Hub, with Azure AD or AD FS, deploy lead and member using the same subscription or with different subscriptions.
  • 在具有 Azure AD) 的单节点 Azure Stack 中心 (上,使用同一订阅部署潜在客户和成员。On a single-node Azure Stack Hub (with Azure AD), deploy lead and member using the same subscription.

独立和联盟领导者部署Standalone and consortium leader deployment

联盟领导者模板在网络中配置第一个成员的足迹。The consortium leader template configures the first member's footprint in the network.

  1. 从 GitHub 下载领导者模板Download the leader template from GitHub.

  2. 在 Azure Stack 中心租户门户中,选择 " + 创建资源" > 模板部署 从自定义模板部署。In the Azure Stack Hub tenant portal, select + Create a resource > Template deployment to deploy from a custom template.

  3. 选择 "在编辑器中生成自己的模板 " 以编辑新的自定义模板。Select Build your own template in the editor to edit the new custom template.

  4. 在右侧的编辑窗格中,复制并粘贴前面下载的领导者模板 JSON。In the editing pane on the right, copy and paste the leader template JSON you previously downloaded.

    粘贴了前导模板的编辑模板Edit template with the leader template pasted

  5. 选择“保存”。Select Save.

  6. 在 " 基本 信息" 选项卡上,完成以下设置。On the Basics tab, complete the following settings.

    参数名称Parameter name 说明Description 示例值Sample value
    订阅Subscription 要将联盟网络部署到的订阅。The subscription to which to deploy the consortium network. 消耗订阅Consumption Subscription
    资源组Resource group 部署联盟网络的资源组。The resource group to which to deploy the consortium network. EthereumResourcesEthereumResources
    区域Region 用于资源的 Azure 区域。The Azure region for resources. locallocal
    名称前缀Name prefix 用作已部署资源的命名基础的字符串。String used as a base for naming the deployed resources. 最多使用六个字母数字字符。Use a maximum of six alphanumeric characters. etheth
    身份验证类型Auth type 向 VM 进行身份验证的方法。The method to authenticate to the VM. 允许的值为密码或 SSH 公钥。Allowed values are password or SSH public key. 密码Password
    管理员用户名Admin username 部署的每个 VM 的管理员用户名。Admin username of each deployed VM. 使用1到64个字符。Use from one to 64 characters. gethadmingethadmin
    管理员密码 (身份验证类型 = 密码) Admin password (Authentication type = Password) 部署的每个 VM 的管理员帐户密码。The password for the admin account for each of the VMs deployed. 密码必须包含下列要求中的 3 项: 1 个大写字符,1 个小写字符,1 个数字和 1 个特殊字符。The password must contain 3 of the following requirements: 1 upper case character, 1 lower case character, 1 number, and 1 special character.
    虽然所有 VM 最初都有相同的密码,但可以在预配后更改密码。While all VMs initially have the same password, you can change the password after provisioning. 使用12到72个字符。Use from 12 to 72 characters.
    管理员 SSH 密钥 (Authentication type = sshPublicKey) Admin SSH key (Authentication type = sshPublicKey) 安全外壳 RSA 用于远程登录的公钥字符串。The secure shell RSA public key string used for remote login.
    Genesis 块Genesis block 表示自定义起源块的 JSON 字符串。JSON string representing custom genesis block. 此参数的值是可选的。Specifying a value for this parameter is optional.
    以太坊帐户密码Ethereum account password 用于保护 Ethereum 帐户的管理员密码。The admin password used to secure the Ethereum account.
    以太坊帐户密码Ethereum account passphrase 用于生成与 Ethereum 帐户相关联的私钥的通行短语。The passphrase used to generate private key associated with the Ethereum account. 请考虑具有足够随机性的密码,以确保强私钥。Consider a password with sufficient randomness to ensure a strong private key.
    以太坊网络 IDEthereum network ID 联盟的网络 ID。The network ID of the consortium. 使用介于 5 和 999,999,999 之间的任何值。Use any value between 5 and 999,999,999. 7272
    联合会成员 IDConsortium member ID 与每个联盟网络成员关联的 ID。The ID associated with each member of the consortium network. 此 ID 应在网络中唯一。This ID should be unique in the network. 00
    挖掘节点数量Number mining nodes 每个联合会成员的挖掘节点数。Number of mining nodes for each consortium member. 使用2到15之间的值。Use a value between 2 and 15. 22
    挖掘节点 VM 大小Mining node VM size 挖掘节点的 VM 大小。VM size of the mining nodes. Standard_A1Standard_A1
    挖掘存储帐户类型Mining storage account type 挖掘节点的存储性能。Storage performance of the mining nodes. Standard_LRSStandard_LRS
    数字 TX 节点Number TX nodes 负载均衡的事务节点数。Number of load balanced transaction nodes. 使用介于1和5之间的值。Use a value between 1 and 5. 11
    TX 节点 VM 大小TX node VM size 事务节点的 VM 大小。VM size of the transaction nodes. Standard_A1Standard_A1
    TX 存储帐户类型TX storage account type 事务节点的存储性能。Storage performance of the transaction nodes. Standard_LRSStandard_LRS
    基 URLBase URL 用于获取部署模板的基 URL。Base URL where to get the deployment templates. 除非想要自定义部署模板,否则请使用默认值。Use the default value unless you want to customize the deployment templates.
  7. 选择“查看 + 创建”。Select Review + create. 验证成功后,选择 " 创建 "。After successful validation, select Create.

部署可能需要 20 分钟或更长时间才能完成。Deployment can take 20 minutes or longer to complete.

部署完成后,请在资源组的部署部分中查看 Microsoft.Template 的部署摘要。After deployment completes, review the deployment summary for Microsoft.Template in the deployment section of the resource group. 摘要中包含用于加入联盟成员的输出值。The summary contains output values used to join consortium members.

若要验证领导者的部署,请转到领导者的管理站点。To verify leader's deployment, go to the leader's admin site. 可在 Microsoft.Template 部署的输出部分找到管理站点地址。The admin site address is found in the output section of the Microsoft.Template deployment.

领导者部署摘要

加入联盟成员部署Joining consortium member deployment

  1. 从 GitHub 下载联盟成员模板Download the consortium member template from GitHub.

  2. 在 Azure Stack 中心租户门户中,选择 " + 创建资源" > 模板部署 从自定义模板部署。In the Azure Stack Hub tenant portal, select + Create a resource > Template deployment to deploy from a custom template.

  3. 选择 "在编辑器中生成自己的模板 " 以编辑新的自定义模板。Select Build your own template in the editor to edit the new custom template.

  4. 在右侧的编辑窗格中,复制并粘贴之前下载的 "联盟" 成员模板 JSON。In the editing pane on the right, copy and paste the consortium member template JSON you previously downloaded.

  5. 选择“保存”。Select Save.

  6. 在 " 基本 信息" 选项卡上,完成以下设置。On the Basics tab, complete the following settings.

    参数名称Parameter name 说明Description 示例值Sample value
    订阅Subscription 要将联盟网络部署到的订阅。The subscription to which to deploy the consortium network. 消耗订阅Consumption Subscription
    资源组Resource group 部署联盟网络的资源组。The resource group to which to deploy the consortium network. EthereumResourcesEthereumResources
    区域Region 用于资源的 Azure 区域。The Azure region for resources. locallocal
    名称前缀Name prefix 用作已部署资源的命名基础的字符串。String used as a base for naming the deployed resources. 最多使用六个字母数字字符。Use a maximum of six alphanumeric characters. etheth
    身份验证类型Auth type 向 VM 进行身份验证的方法。The method to authenticate to the VM. 允许的值为密码或 SSH 公钥。Allowed values are Password or SSH public key. 密码Password
    管理员用户名Admin username 部署的每个 VM 的管理员用户名。Admin username of each deployed VM. 使用1到64个字符。Use from one to 64 characters. gethadmingethadmin
    管理员密码 (身份验证类型 = 密码) Admin password (Authentication type = Password) 部署的每个 VM 的管理员帐户密码。The password for the admin account for each of the VMs deployed. 密码必须包含下列要求中的 3 项: 1 个大写字符,1 个小写字符,1 个数字和 1 个特殊字符。The password must contain 3 of the following requirements: 1 upper case character, 1 lower case character, 1 number, and 1 special character.
    虽然所有 VM 最初都有相同的密码,但可以在预配后更改密码。While all VMs initially have the same password, you can change the password after provisioning. 使用12到72个字符。Use from 12 to 72 characters.
    管理员 SSH 密钥 (Authentication type = sshPublicKey) Admin SSH key (Authentication type = sshPublicKey) 安全外壳 RSA 用于远程登录的公钥字符串。The secure shell RSA public key string used for remote login.
    Genesis 块Genesis block 表示自定义起源块的 JSON 字符串。JSON string representing custom genesis block. 此参数的值是可选的。Specifying a value for this parameter is optional.
    以太坊帐户密码Ethereum account password 用于保护 Ethereum 帐户的管理员密码。The admin password used to secure the Ethereum account.
    以太坊帐户密码Ethereum account passphrase 用于生成与 Ethereum 帐户相关联的私钥的通行短语。The passphrase used to generate private key associated with the Ethereum account. 请考虑具有足够随机性的密码,以确保强私钥。Consider a password with sufficient randomness to ensure a strong private key.
    联合会成员 IDConsortium member ID 与每个联盟网络成员关联的 ID。The ID associated with each member of the consortium network. 此 ID 应在网络中唯一。This ID should be unique in the network. 00
    挖掘节点数量Number mining nodes 每个联合会成员的挖掘节点数。Number of mining nodes for each consortium member. 使用2到15之间的值。Use a value between 2 and 15. 22
    挖掘节点 VM 大小Mining node VM size 挖掘节点的 VM 大小。VM size of the mining nodes. Standard_A1Standard_A1
    挖掘存储帐户类型Mining storage account type 挖掘节点的存储性能。Storage performance of the mining nodes. Standard_LRSStandard_LRS
    数字 TX 节点Number TX nodes 负载均衡的事务节点数。Number of load balanced transaction nodes. 使用介于1和5之间的值。Use a value between 1 and 5. 11
    TX 节点 VM 大小TX node VM size 事务节点的 VM 大小。VM size of the transaction nodes. Standard_A1Standard_A1
    TX 存储帐户类型TX storage account type 事务节点的存储性能。Storage performance of the transaction nodes. Standard_LRSStandard_LRS
    联盟数据Consortium data 指向由其他成员的部署提供的相关联盟配置数据的 URL。The URL pointing to the relevant consortium configuration data provided by another member's deployment. 可在领导者的部署输出中找到此值。This value can be found on leader's deployment output.
    远程成员 VNET 地址空间Remote member VNET address space 领导者的 VNET 地址空间。The VNET address space of the leader. 可在领导者的部署输出中找到此值。This value can be found on leader's deployment output.
    远程成员 NVA 公共 IPRemote member NVA public IP 领导者的 NVA IP 地址。The NVA IP address of the leader. 可在领导者的部署输出中找到此值。This value can be found on leader's deployment output.
    连接共享密钥Connection shared key 在建立网关连接的联合会网络成员之间预建立的机密。A pre-established secret between the members of the consortium network that are establishing a gateway connection.
    基 URLBase URL 用于获取部署模板的基 URL。Base URL where to get the deployment templates. 除非想要自定义部署模板,否则请使用默认值。Use the default value unless you want to customize the deployment templates.
  7. 选择“查看 + 创建”。Select Review + create. 验证成功后,选择 " 创建 "。After successful validation, select Create.

部署可能需要 20 分钟或更长时间才能完成。Deployment can take 20 minutes or longer to complete.

部署完成后,请在资源组的部署部分中查看 Microsoft.Template 的部署摘要。After deployment completes, review the deployment summary for Microsoft.Template in the deployment section of the resource group. 摘要中包含用于连接联盟成员的输出值。The summary contains output values used to connect consortium members.

若要验证成员的部署,请浏览成员的管理站点。To verify member's deployment, browse member's admin site. 可在 Microsoft.Template 部署的输出部分找到管理站点地址。You can find the admin site address in the output section of the Microsoft.Template deployment.

成员部署摘要

如图所示,成员的节点状态为“未运行”。As shown in the picture, member's nodes status is Not running. 之所以出现此状态是因为成员与领导者之间未建立连接。This status is because the connection between member and leader isn't established. 成员与领导者之间的连接是双向连接。The connection between member and leader is a two-way connection. 部署成员时,模板会自动创建从成员到领导者的连接。When you deploy member, template automatically creates the connection from member to the leader. 若要创建从领导者到成员的连接,请转到下一步骤。To create the connection from leader to member, go to the next step.

连接成员和领导者Connect member and leader

此模板创建从领导者到远程成员的连接。This template creates a connection from the leader to a remote member.

  1. 从 GitHub 下载连接成员和领导者的模板Download the connect member and leader template from GitHub.

  2. 在 Azure Stack 中心租户门户中,选择 " + 创建资源" > 模板部署 从自定义模板部署。In the Azure Stack Hub tenant portal, select + Create a resource > Template deployment to deploy from a custom template.

  3. 选择 "在编辑器中生成自己的模板 " 以编辑新的自定义模板。Select Build your own template in the editor to edit the new custom template.

  4. 在右侧的编辑窗格中,复制并粘贴之前下载的 "联盟" 成员模板 JSON。In the editing pane on the right, copy and paste the consortium member template JSON you previously downloaded.

  5. 选择“保存”。Select Save.

  6. 完成以下设置。Complete the following settings.

    参数名称Parameter name 说明Description 示例值Sample value
    订阅Subscription 要将联盟网络部署到的订阅。The subscription to which to deploy the consortium network. 消耗订阅Consumption Subscription
    资源组Resource group 部署联盟网络的资源组。The resource group to which to deploy the consortium network. EthereumResourcesEthereumResources
    区域Region 用于资源的 Azure 区域。The Azure region for resources. locallocal
    成员名称前缀Member name prefix 用作已部署资源的命名基础的字符串。String used as a base for naming the deployed resources. 最多使用六个字母数字字符。Use a maximum of six alphanumeric characters. etheth
    成员路由表名称Member route table name 领导者路由表的名称。Name of the leader's route table. 可在领导者的部署输出中找到此值。This value can be found on leader's deployment output.
    远程成员 VNET 地址空间Remote member VNET address space 成员的地址空间。Address space of the member. 可在成员的部署输出中找到此值。This value can be found on member's deployment output.
    远程成员 NVA 公共 IPRemote member NVA public IP 要连接到的 NVA IP 地址。The NVA IP address to connect to. 可在成员的部署输出中找到此值。This value can be found on member's deployment output.
    连接共享密钥Connection shared key 联盟网络中正在建立连接的成员之间预先建立的机密。A pre-established secret between the members of the consortium network that are establishing a connection.
    成员 NVA 专用 IPMember NVA private IP 成员的 NVA IP 地址。The NVA IP address of the member. 可在成员的部署输出中找到此值。This value can be found on member's deployment output.
    基 URLBase URL 用于获取部署模板的基 URL。Base URL where to get the deployment templates. 除非想要自定义部署模板,否则请使用默认值。Use the default value unless you want to customize the deployment templates.
  7. 选择“查看 + 创建”。Select Review + create. 验证成功后,选择 " 创建 "。After successful validation, select Create.

部署完成后,需要经过几分钟,领导者和成员才会开始通信。After deployment is complete, it takes few minutes for leader and member to start communication. 若要验证部署,请刷新成员的管理站点。To verify the deployment, refresh member's admin site. 成员节点的状态应为“正在运行”。Status of the member's nodes should be running.

验证部署

后续步骤Next steps

若要详细了解 Ethereum 和 Azure,请参阅区块链技术与应用程序To learn more about Ethereum and Azure, see Blockchain Technology and Applications.