如何使用Docker管理公信节点

背景

公信节点的选举终于告一段落了，如何运维好节点成了每一个当选的公信节点的头等大事。作为节点的技术负责人，我需要在做好基础运维的基础上探讨一些新的更加便捷稳定的运维方案。今天第一次尝试的是使用Docker技术来完成公信节点的部署工作，抛砖引玉看是否能提升节点的运维效率。

Docker简介

Docker是一个开源软件项目，让应用程序布署的工作可以自动化进行，借此在Linux操作系统上，提供一个额外的软件抽象层，以及操作系统层虚拟化的自动管理机制。Docker目前已经广泛应用于软件开发、自动化运维等领域。

如何在Docker中运行公信节点

我们通过Dockerfile来将公信节点的程序打包到一个Docker image中。我们使用测试网络来进行测试，Dockerfile如下：

FROM ubuntu:16.04

#基础包安装
RUN apt update && apt install ntp curl wget -y

#添加公信宝执行路径
ENV PATH $PATH:/root/programs/witness_node

#公信宝的程序安装
RUN cd /root && curl 'https://raw.githubusercontent.com/gxchain/gxb-core/dev_master/script/gxchain_testnet_install.sh' | bash \
        && rm *.tar.gz && wget http://gxb-package.oss-cn-hangzhou.aliyuncs.com/gxb-core/genesis/testnet-genesis.json -O genesis.json

VOLUME /root/testnet_node

WORKDIR /root

ENTRYPOINT witness_node --data-dir=testnet_node --genesis-json genesis.json

创建一个目录 gxnode_docker_test 将Dockerfile放在目录中：

$ pwd
/home/ubuntu/gxnode_docker_test
$ ls
Dockerfile

编译Dockerfile为镜像：

$ sudo docker build . -t gxnode_test:1.0.20181226

执行完成后可以使用以下命令查看镜像：

$ sudo docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
gxnode_test         1.0.20181226        dabd044c5e79        57 minutes ago      307 MB

创建testnet_node目录并且将如下config.ini文件放到tesnet_node目录中：

# Endpoint for P2P node to listen on
p2p-endpoint = 0.0.0.0:9999

# P2P nodes to connect to on startup (may specify multiple times)
# seed-node =

# JSON array of P2P nodes to connect to on startup
seed-nodes = ["testnet.gxchain.org:6789"]

# Pairs of [BLOCK_NUM,BLOCK_ID] that should be enforced as checkpoints.
# checkpoint =

# Endpoint for websocket RPC to listen on
rpc-endpoint = 0.0.0.0:28090

# Endpoint for TLS websocket RPC to listen on
# rpc-tls-endpoint =

# The TLS certificate file for this server
# server-pem =

# Password for this certificate
# server-pem-password =

# File to read Genesis State from
# genesis-json = /root/genesis.json

# Block signing key to use for init witnesses, overrides genesis file
# dbg-init-key =

# JSON file specifying API permissions
# api-access =

# Space-separated list of plugins to activate
# plugins =

# Enable block production, even if the chain is stale.
enable-stale-production = false

# Percent of witnesses (0-99) that must be participating in order to produce blocks
required-participation = false

# ID of witness controlled by this node (e.g. "1.6.5", quotes are required, may specify multiple times)
witness-id = "1.6.xx"

max-transaction-time = 10000

# Tuple of [PublicKey, WIF private key] (may specify multiple times)
private-key = ["GXCxxxxxxx", "xxxxxxxxx"]

# Tuple of [PublicKey, WIF private key] (may specify multiple times)
debug-private-key = ["GXC6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV","5KQwrPbwdL6PhXujxW37FSSQZ1JiwsST4cqQzDeyXtP79zkvFD3"]

# Account ID to track history for (may specify multiple times)
# track-account =

# Keep only those operations in memory that are related to account history tracking
# partial-operations =

# Maximum number of operations per account will be kept in memory
# max-ops-per-account =

# RPC endpoint of a trusted validating node (required)
# trusted-node =

# num of data_transaction kept in memory
# data-transaction-lifetime =

# Block number after which to do a snapshot
# snapshot-at-block =

# Block time (ISO format) after which to do a snapshot
# snapshot-at-time =

# Pathname of JSON file where to store the snapshot
# snapshot-to =

# declare an appender named "stderr" that writes messages to the console
[log.console_appender.stderr]
stream=std_error

# declare a file appender
[log.file_appender.FILE]
filename=logs/witness.log

# declare an appender named "p2p" that writes messages to p2p.log
[log.file_appender.p2p]
filename=logs/p2p/p2p.log
# filename can be absolute or relative to this config file

# route any messages logged to the default logger to the "stderr" logger we
# declared above, if they are info level are higher
[logger.default]
level=info
appenders=FILE

# route messages sent to the "p2p" logger to the p2p appender declared above
[logger.p2p]
level=error
appenders=p2p

注意修改witness-id以及private-key参数为你自己节点的参数。
运行镜像：

sudo docker run  -v ~/testnet_node:/root/testnet_node -p 9999:9999 -p 28090:28090 --name testnet_node gxnode_test:1.0.20181226

节点即可运行起来了。

-v ~/testnet_node:/root/testnet_node #将本地的testnet_node文件夹映射到Docker内
-p 9999:9999 -p 28090:28090 #映射主机端口都Docker

---

我们是区块链研习社公信节点，致力于做GXChain共识与生态推动者。欢迎大家投票支持，节点名称：chainclub-bp

---

这篇文章的 PRESS.one 签名:
https://press.one/file/v?s=3b6764902f6cfb9c807f84a4ca8b08197b18e921320738d449de342c6167c777b9bde2d1591e946dd1acb25ea6b0364d2b2cf33b758770718cdcf40a9d06577c0&h=1bdf6ac9e9c5aec40abc5a7e9030d8e4b4bca001bf7557319261c06fb71df13f&a=28b6cefc3c00c7e355b435d4b5e7f58880564fa6&f=P1&v=2