StakeWise
Search…
How to:
Internals
Usage
Requirements
- At least three nodes in the Kubernetes cluster with 8 CPU/16 GB RAM configuration.
- 1000 GB of Persistent Storage per node (SSD).
- Helm 3.0+ - This is the earliest version of Helm tested. Charts may work with earlier versions but it is untested.
- Kubernetes 1.19+ - This is the earliest version of Kubernetes tested. Charts may work with earlier versions but it is untested.
- PV provisioner support in the underlying infrastructure
Installation
Monitoring System
If you already have Prometheus installed in your cluster, you can skip this step.
Every chart we support contains the ability to enable monitoring and alerting out of the box. A combination of Prometheus + Grafana + Alertmanager is used for monitoring.
Add the
prometheus-community helm repository and check that you have access to the chart:1
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
2
helm repo update
Copied!
Install Prometheus + Grafana + Alertmanager:
1
helm upgrade --install kube-prometheus-stack prometheus-community/kube-prometheus-stack \
2
--set='grafana.sidecar.dashboards.enabled=true' \
3
--set='grafana.sidecar.dashboards.searchNamespace=true' \
4
--set='prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues=false' \
5
--set='prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false' \
6
--set='prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false' \
7
--set='prometheus.prometheusSpec.probeSelectorNilUsesHelmValues=false' \
8
--create-namespace \
9
--namespace monitoring \
10
--version 36.0.3 \
11
-f prom.yaml
Copied!
prom.yaml:1
prometheus:
2
prometheusSpec:
3
storageSpec:
4
volumeClaimTemplate:
5
spec:
6
storageClassName: "{REPLCAE_ME_WITH_STORAGE_CLASS_NAME}"
7
accessModes: ["ReadWriteOnce"]
8
resources:
9
requests:
10
storage: 100Gi
11
grafana:
12
persistence:
13
enabled: true
14
type: pvc
15
storageClassName: "{REPLCAE_ME_WITH_STORAGE_CLASS_NAME}"
16
accessModes: ["ReadWriteOnce"]
17
size: 10Gi
18
finalizers:
19
- kubernetes.io/pvc-protection
Copied!
For GKE/EKS installations:
1
helm upgrade --install kube-prometheus-stack prometheus-community/kube-prometheus-stack \
2
--set='kubeControllerManager.enabled=false' \
3
--set='kubeEtcd.enabled=false' \
4
--set='kubeScheduler.enabled=false' \
5
--set='kubeProxy.enabled=false' \
6
--set='defaultRules.rules.etcd=false' \
7
--set='defaultRules.rules.kubernetesSystem=false' \
8
--set='defaultRules.rules.kubeScheduler=false' \
9
--set='grafana.sidecar.dashboards.enabled=true' \
10
--set='grafana.sidecar.dashboards.searchNamespace=true' \
11
--set='prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues=false' \
12
--set='prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false' \
13
--set='prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false' \
14
--set='prometheus.prometheusSpec.probeSelectorNilUsesHelmValues=false' \
15
--create-namespace \
16
--namespace monitoring \
17
--version 36.0.3 \
18
-f prom.yaml
Copied!
prom.yaml:1
prometheus:
2
prometheusSpec:
3
storageSpec:
4
volumeClaimTemplate:
5
spec:
6
storageClassName: "gp2"
7
accessModes: ["ReadWriteOnce"]
8
resources:
9
requests:
10
storage: 100Gi
11
grafana:
12
persistence:
13
enabled: true
14
type: pvc
15
storageClassName: "gp2"
16
accessModes: ["ReadWriteOnce"]
17
size: 10Gi
18
finalizers:
19
- kubernetes.io/pvc-protection
Copied!
Optional (Grafana Dashboards):
1
helm upgrade --install grafana-stakewise-dashboards stakewise/grafana-stakewise-dashboards \
2
--namespace monitoring
Copied!
ETH1 (Execution) Nodes
ETH1 nodes are used by the validators to propose new ETH2 blocks. As such, running validator and beacon nodes also entail having a reliable connection to the ETH1 chain.
ETH1 nodes must be deployed first. Currently, GoEthereum, Erigon, and OpenEthereum, NetherMind are supported.
Add StakeWise Helm repository:
1
helm repo add stakewise https://charts.stakewise.io
2
helm repo update
Copied!
Clients supported Gnosis Chain: Nethermind, OpenEthereum
OpenEthereum is deprecated and will be remove from default set of charts once Erigon team complete with adding gnosis chain to their client.
Depending on what client you would like to use, run one of the following commands:
1
# GoEthereum
2
helm upgrade --install geth stakewise/geth \
3
--set='replicaCount=2' \
4
--set='network=mainnet' \
5
--set='metrics.serviceMonitor.enabled=true' \
6
--set='metrics.prometheusRule.enabled=true' \
7
--create-namespace \
8
--namespace chain
9
10
# Erigon
11
helm upgrade --install erigon stakewise/erigon \
12
--set='replicaCount=2' \
13
--set='network=mainnet' \
14
--set='metrics.serviceMonitor.enabled=true' \
15
--set='metrics.prometheusRule.enabled=true' \
16
--create-namespace \
17
--namespace chain
18
19
# OpenEthereum
20
helm upgrade --install openethereum stakewise/openethereum \
21
--set='replicaCount=2' \
22
--set='network=mainnet' \
23
--set='metrics.serviceMonitor.enabled=true' \
24
--set='metrics.prometheusRule.enabled=true' \
25
--create-namespace \
26
--namespace chain
27
28
# Nethermind
29
helm upgrade --install nethermind stakewise/nethermind \
30
--set='replicaCount=2' \
31
--set='network=mainnet' \
32
--set='metrics.serviceMonitor.enabled=true' \
33
--set='metrics.prometheusRule.enabled=true' \
34
--create-namespace \
35
--namespace chain
Copied!
The recommended setup is to deploy two replicas of ETH1 nodes and use Infura, Alchemy, or any other hosted service as a fallback. As a result, if one of the ETH1 nodes fails, the ETH2 nodes will automatically connect to the second ETH1 node. If it happens that both ETH1 nodes fail, the ETH2 nodes will fall back to the hosted service.
ETH2 (Consensus) beacon nodes
An ETH2 beacon node is responsible for running a full Proof-Of-Stake blockchain, known as a beacon chain, which uses distributed consensus to agree on blocks in the network. Validators connect to the beacon nodes to receive block attestation/proposal assignments.
Add StakeWise Helm repository:
1
helm repo add stakewise https://charts.stakewise.io
2
helm repo update
Copied!
When deploying ETH2 nodes, make sure that your ETH1 nodes are fully synced. It's possible to choose what ETH2 client to use. Currently, Prysm, Lighthouse, and Teku are supported. Choose one or two clients to install and deploy:
Note that Nimbus is only compatible with Lighthouse validator client
1
# Prysm
2
helm upgrade --install prysm stakewise/prysm \
3
--set='replicaCount=2' \
4
--set='network=mainnet' \
5
--set='eth1Endpoints[0]=http://geth.chain:8545' \
6
--set='metrics.serviceMonitor.enabled=true' \
7
--set='metrics.prometheusRule.enabled=true' \
8
--create-namespace \
9
--namespace chain
10
11
# Lighthouse
12
helm upgrade --install lighthouse stakewise/lighthouse \
13
--set='replicaCount=2' \
14
--set='network=mainnet' \
15
--set='eth1Endpoints[0]=http://geth.chain:8545' \
16
--set='metrics.serviceMonitor.enabled=true' \
17
--set='metrics.prometheusRule.enabled=true' \
18
--create-namespace \
19
--namespace chain
20
21
# Teku
22
helm upgrade --install teku stakewise/teku \
23
--set='replicaCount=2' \
24
--set='network=mainnet' \
25
--set='eth1Endpoints[0]=http://geth.chain:8545' \
26
--set='metrics.serviceMonitor.enabled=true' \
27
--set='metrics.prometheusRule.enabled=true' \
28
--create-namespace \
29
--namespace chain
Copied!
The recommended setup is to deploy two replicas of the primary ETH2 client and one replica of the stand-by ETH2 client. The validators will be evenly connected to all the primary replicas and will automatically switch to another primary replica in case the connection to their current one fails.
If happens that there is an issue with the primary client, the validators can migrate to the stand-by client and won't need to wait for it to sync the chain.
Deploy PostgreSQL
Installing and configuring PostgreSQL is beyond the scope of this guide, and we hope that operators will be able to choose and implement the correct reliable solution on their own. PostgreSQL is used to store the validators' keys in encrypted form, as well as to store the slashing history of the web3signer database.
After the database is deployed, two databases and two users must be created:
web3signer- which stores web3signer's dataweb3signer_keys- which stores validator keys generated via stakewise-cli
Sync Validators Keys to the Web3Signer Database
Once you've successfully deployed the database and your proposal got approved by the DAO (the snapshot vote got executed), sync the validator keys using the StakeWise CLI
Run the following command to sync new validator keys to the DB:
1
./stakewise-cli sync-db
2
Please choose the network name (mainnet, goerli, harbour_mainnet, harbour_goerli, gnosis) [mainnet]: goerli
3
Enter your operator wallet address: 0x777...
4
Enter the database connection string, ex. 'postgresql://username:[email protected]/dbname': postgresql://example:[email protected]/web3signer_keys
5
Enter your mnemonic separated by spaces (" "):
6
7
Syncing key pairs [------------------------------------] 1/1
8
Synced 1 key pairs, apply changes to the database? [Y/n]: Y
9
The database contains 1 validator keys.
10
Please upgrade the 'web3signer-validators' helm chart with 'validatorsCount' set to 1
11
Set 'DECRYPTION_KEY' env to '<decryption key>'
Copied!
Deploy Web3Signer
Web3Signer is an open-source signing service developed under the Apache 2.0 license and written in Java.
Web3Signer is capable of signing on multiple platforms using private keys stored in an external vault, or encrypted on a disk.
Add StakeWise Helm repository:
1
helm repo add stakewise https://charts.stakewise.io
2
helm repo update
Copied!
Deploy Web3Signer:
1
helm upgrade --install web3signer stakewise/web3signer \
2
--set='replicaCount=3' \
3
--set='dbUrl=jdbc:postgresql://cloudsqlproxy.default/web3signer' \
4
--set='dbUsername=username' \
5
--set='dbPassword=password' \
6
--set='dbKeystoreUrl=postgresql://example:[email protected]/web3signer_keys' \
7
--set='decryptionKey=<decryption key from the CLI' \
8
--create-namespace \
9
--namespace validators
Copied!
Validators
Validators are responsible for storing data, processing transactions, and adding new blocks to the blockchain. This will keep Ethereum secure for everyone and earn new ETH in the process.
Before deploying the validators make sure you have deployed Web3Signer and synchronized validator keys in the steps above.
Make sure you have the right number of validators running and restart them so that they will synchronize the latest changes from the Web3Signer.
Add the StakeWise helm repository:
1
helm repo add stakewise https://charts.stakewise.io
2
helm repo update
Copied!
Deploy the chart, after specifying all neded values:
1
helm upgrade --install web3signer-validators stakewise/web3signer-validators \
2
--set='network=mainnet' \
3
--set='type=lighthouse' \
4
--set='validatorsCount=8' \
5
--set='beaconChainRpcEndpoints[0]=http://lighthouse.chain:5052' \
6
--set='web3signerEndpoint=http://web3signer:6174' \
7
--set='dbKeystoreUrl=postgresql://example:[email protected]/web3signer_keys' \
8
--set='graffiti=StakeWise' \
9
--set='metrics.enabled=true' \
10
--set='metrics.serviceMonitor.enabled=true' \
11
--set='metrics.prometheusRule.enabled=true' \
12
--create-namespace \
13
--namespace validators
Copied!
Commit Operator
Once you're 100% ready for attestation/proposals assignments to the validators, commit your operator:
- Click on
Connect to Web3button and connect your wallet. The address must match the one used during DAO proposal generation. - Call
commitOperatorfunction.
Congratulations on becoming StakeWise Node Operator🎉. Your validators will get assignments, and you would be able to claim your operator rewards from Farms Page.
Last modified 2d ago