mirror of
https://github.com/corda/corda.git
synced 2025-01-18 02:39:51 +00:00
Docs: some work on the network map docs.
This commit is contained in:
parent
a223fdb8d3
commit
7548c6c901
@ -1,12 +1,23 @@
|
|||||||
Network Map
|
Network Map
|
||||||
===========
|
===========
|
||||||
|
|
||||||
The network map is a collection of signed ``NodeInfo`` objects (signed by the node it represents and thus tamper-proof)
|
The network map is a collection of signed ``NodeInfo`` objects. Each NodeInfo is signed by the node it represents and
|
||||||
forming the set of reachable nodes in a compatibility zone. A node can receive these objects from two sources:
|
thus cannot be tampered with. It forms the set of reachable nodes in a compatibility zone. A node can receive these
|
||||||
|
objects from two sources:
|
||||||
|
|
||||||
1. The HTTP network map service if the ``compatibilityZoneURL`` config key is specified.
|
1. A network map server that speaks a simple HTTP based protocol.
|
||||||
2. The ``additional-node-infos`` directory within the node's directory.
|
2. The ``additional-node-infos`` directory within the node's directory.
|
||||||
|
|
||||||
|
The network map server also distributes the parameters file that define values for various settings that all nodes need
|
||||||
|
to agree on to remain in sync.
|
||||||
|
|
||||||
|
.. note:: In Corda 3 no implementation of the HTTP network map server is provided. This is because the details of how
|
||||||
|
a compatibility zone manages its membership (the databases, ticketing workflows, HSM hardware etc) is expected to vary
|
||||||
|
between operators, so we provide a simple REST based protocol for uploading/downloading NodeInfos and managing
|
||||||
|
network parameters. A future version of Corda may provide a simple "stub" implementation for running test zones.
|
||||||
|
In Corda 3 the right way to run a test network is through distribution of the relevant files via your own mechanisms.
|
||||||
|
We provide a tool to automate the bulk of this task (see below).
|
||||||
|
|
||||||
HTTP network map service
|
HTTP network map service
|
||||||
------------------------
|
------------------------
|
||||||
|
|
||||||
@ -31,6 +42,12 @@ The set of REST end-points for the network map service are as follows.
|
|||||||
| GET | /network-map/network-parameters/{hash} | Retrieve the signed network parameters (see below). The entire object is signed with the network map certificate which is also attached. |
|
| GET | /network-map/network-parameters/{hash} | Retrieve the signed network parameters (see below). The entire object is signed with the network map certificate which is also attached. |
|
||||||
+----------------+-----------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------+
|
+----------------+-----------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------+
|
||||||
|
|
||||||
|
We use HTTP is used for the network map service instead of Corda's own AMQP based peer to peer messaging protocol to
|
||||||
|
enable the server to be placed behind caching content delivery networks like Cloudflare, Akamai, Amazon S3 and so on.
|
||||||
|
By using industrial HTTP cache networks the map server can be shielded from DoS attacks more effectively. Additionally,
|
||||||
|
for the case of distributing small files that rarely change, HTTP is a well understood and optimised protocol. Corda's
|
||||||
|
own protocol is designed for complex multi-way conversations between authenticated identities using signed binary
|
||||||
|
messages separated into parallel and nested flows, which isn't necessary for network map distribution.
|
||||||
|
|
||||||
The ``additional-node-infos`` directory
|
The ``additional-node-infos`` directory
|
||||||
---------------------------------------
|
---------------------------------------
|
||||||
@ -43,24 +60,39 @@ latest one is taken.
|
|||||||
|
|
||||||
On startup the node generates its own signed node info file, filename of the format ``nodeInfo-${hash}``. To create a simple
|
On startup the node generates its own signed node info file, filename of the format ``nodeInfo-${hash}``. To create a simple
|
||||||
network without the HTTP network map service then simply place this file in the ``additional-node-infos`` directory
|
network without the HTTP network map service then simply place this file in the ``additional-node-infos`` directory
|
||||||
of every node that's part of this network.
|
of every node that's part of this network. For example, a simple way to do this is to use rsync.
|
||||||
|
|
||||||
|
Usually, test networks have a structure that is known ahead of time. For the creation of such networks we provide a
|
||||||
|
``network-bootstrapper`` tool. This tool pre-generates node configuration directories if given the IP addresses/domain
|
||||||
|
names of each machine in the network. The generated node directories contain the NodeInfos for every other node on
|
||||||
|
the network, along with the network parameters file and identity certificates. Generated nodes do not need to all be
|
||||||
|
online at once - an offline node that isn't being interacted with doesn't impact the network in any way. So a test
|
||||||
|
cluster generated like this can be sized for the maximum size you may need, and then scaled up and down as necessary.
|
||||||
|
|
||||||
|
More information can be found in :doc:`setting-up-a-corda-network`.
|
||||||
|
|
||||||
Network parameters
|
Network parameters
|
||||||
------------------
|
------------------
|
||||||
|
|
||||||
Network parameters are a set of values that every node participating in the zone needs to agree on and use to
|
Network parameters are a set of values that every node participating in the zone needs to agree on and use to
|
||||||
correctly interoperate with each other. If the node is using the HTTP network map service then on first startup it will
|
correctly interoperate with each other. They can be thought of as an encapsulation of all aspects of a Corda deployment
|
||||||
download the signed network parameters, cache it in a ``network-parameters`` file and apply them on the node.
|
on which reasonable people may disagree. Whilst other blockchain/DLT systems typically require a source code fork to
|
||||||
|
alter various constants (like the total number of coins in a cryptocurrency, port numbers to use etc), in Corda we
|
||||||
|
have refactored these sorts of decisions out into a separate file and allow "zone operators" to make decisions about
|
||||||
|
them. The operator signs a data structure that contains the values and they are distributed along with the network map.
|
||||||
|
Tools are provided to gain user opt-in consent to a new version of the parameters and ensure everyone switches to them
|
||||||
|
at the same time.
|
||||||
|
|
||||||
|
If the node is using the HTTP network map service then on first startup it will download the signed network parameters,
|
||||||
|
cache it in a ``network-parameters`` file and apply them on the node.
|
||||||
|
|
||||||
.. warning:: If the ``network-parameters`` file is changed and no longer matches what the network map service is advertising
|
.. warning:: If the ``network-parameters`` file is changed and no longer matches what the network map service is advertising
|
||||||
then the node will automatically shutdown. Resolution to this is to delete the incorrect file and restart the node so
|
then the node will automatically shutdown. Resolution to this is to delete the incorrect file and restart the node so
|
||||||
that the parameters can be downloaded again.
|
that the parameters can be downloaded again.
|
||||||
|
|
||||||
.. note:: A future release will support the notion of phased rollout of network parameter changes.
|
|
||||||
|
|
||||||
If the node isn't using a HTTP network map service then it's expected the signed file is provided by some other means.
|
If the node isn't using a HTTP network map service then it's expected the signed file is provided by some other means.
|
||||||
For such a scenario there is the network bootstrapper tool which in addition to generating the network parameters file
|
For such a scenario there is the network bootstrapper tool which in addition to generating the network parameters file
|
||||||
also distributes the node info files to the node directories. More information can be found in :doc:`setting-up-a-corda-network`.
|
also distributes the node info files to the node directories.
|
||||||
|
|
||||||
The current set of network parameters:
|
The current set of network parameters:
|
||||||
|
|
||||||
@ -85,16 +117,23 @@ Network parameters update process
|
|||||||
---------------------------------
|
---------------------------------
|
||||||
|
|
||||||
In case of the need to change network parameters Corda zone operator will start the update process. There are many reasons
|
In case of the need to change network parameters Corda zone operator will start the update process. There are many reasons
|
||||||
that may lead to this decision: we discovered that some new fields have to be added to enable smooth network interoperability or change
|
that may lead to this decision: new fields that were added to enable smooth network interoperability, or a change
|
||||||
of the existing compatibility constants is required due to upgrade or security reasons.
|
of the existing compatibility constants is required, for example.
|
||||||
|
|
||||||
To synchronize all nodes in the compatibility zone to use the new set of the network parameters two RPC methods exist. The process
|
.. note:: A future release may support the notion of phased rollout of network parameter changes.
|
||||||
requires human interaction and approval of the change.
|
|
||||||
|
To synchronize all nodes in the compatibility zone to use the new set of the network parameters two RPC methods are
|
||||||
|
provided. The process requires human interaction and approval of the change, so node operators can review the
|
||||||
|
differences before agreeing to them.
|
||||||
|
|
||||||
When the update is about to happen the network map service starts to advertise the additional information with the usual network map
|
When the update is about to happen the network map service starts to advertise the additional information with the usual network map
|
||||||
data. It includes new network parameters hash, description of the change and the update deadline. Node queries network map server
|
data. It includes new network parameters hash, description of the change and the update deadline. Nodes query the network map server
|
||||||
for the new set of parameters and emits ``ParametersUpdateInfo`` via ``CordaRPCOps::networkParametersFeed`` method to inform
|
for the new set of parameters.
|
||||||
node operator about the event.
|
|
||||||
|
The fact a new set of parameters is being advertised shows up in the node logs with the message
|
||||||
|
"Downloaded new network parameters", and programs connected via RPC can receive ``ParametersUpdateInfo`` by using
|
||||||
|
the ``CordaRPCOps.networkParametersFeed`` method. Typically a zone operator would also email node operators to let them
|
||||||
|
know about the details of the impending change, along with the justification, how to object, deadlines and so on.
|
||||||
|
|
||||||
.. container:: codeset
|
.. container:: codeset
|
||||||
|
|
||||||
@ -103,12 +142,22 @@ node operator about the event.
|
|||||||
:start-after: DOCSTART 1
|
:start-after: DOCSTART 1
|
||||||
:end-before: DOCEND 1
|
:end-before: DOCEND 1
|
||||||
|
|
||||||
Node administrator can review the change and decide if is going to accept it. The approval should be done before ``updateDeadline``.
|
The node administrator can review the change and decide if they are going to accept it. The approval should be do
|
||||||
Nodes that don't approve before the deadline will be removed from the network map.
|
before the update Deadline. Nodes that don't approve before the deadline will likely be removed from the network map by
|
||||||
If the network operator starts advertising a different set of new parameters then that new set overrides the previous set. Only the latest update can be accepted.
|
the zone operator, but that is a decision that is left to the operator's discretion. For example the operator might also
|
||||||
To send back parameters approval to the zone operator RPC method ``fun acceptNewNetworkParameters(parametersHash: SecureHash)``
|
choose to change the deadline instead.
|
||||||
has to be called with ``parametersHash`` from update. Notice that the process cannot be undone.
|
|
||||||
|
If the network operator starts advertising a different set of new parameters then that new set overrides the previous set.
|
||||||
|
Only the latest update can be accepted.
|
||||||
|
|
||||||
|
To send back parameters approval to the zone operator, the RPC method ``fun acceptNewNetworkParameters(parametersHash: SecureHash)``
|
||||||
|
has to be called with ``parametersHash`` from update. Note that approval cannot be undone. You can do this via the Corda
|
||||||
|
shell (see :doc:`shell`):
|
||||||
|
|
||||||
|
``run acceptNewNetworkParameters parametersHash: "ba19fc1b9e9c1c7cbea712efda5f78b53ae4e5d123c89d02c9da44ec50e9c17d"``
|
||||||
|
|
||||||
|
If the administrator does not accept the update then next time the node polls network map after the deadline, the
|
||||||
|
advertised network parameters will be the updated ones. The previous set of parameters will no longer be valid.
|
||||||
|
At this point the node will automatically shutdown and will require the node operator to bring it back again.
|
||||||
|
|
||||||
|
|
||||||
Next time the node polls network map after the deadline the advertised network parameters will be the updated ones. Previous set
|
|
||||||
of parameters will no longer be valid. At this point the node will automatically shutdown and will require the node operator
|
|
||||||
to bring it back again.
|
|
||||||
|
Loading…
Reference in New Issue
Block a user