Prepare to install Veriscope on a given Shyft Network chain

a) Configure your Veriscope Servers with Terraform Output values

Ansible inventory file

When the Terraform apply procedure is completed, run the following commands from the root directory (~/veriscope) to auto-configure your veriscope-nodes.yaml file (aka "Ansible inventory file"):

# Save the Terraform output in Json format to a specific file, e.g. 'terraform_output.json'
terraform -chdir=infra/terraform/instances output -json > infra/terraform/instances/terraform_output.json

When you generate the terraform_output.json, you can use the following command to auto-generate the veriscope-nodes.yaml file.

python3 infra/terraform/scripts/
Run the following script which accepts a Terraform output file in Json format and outputs an ansible inventory file, python3 infra/terraform/scripts/ <path/to/terraform_output.json> <path/to/ansible-inventory.yaml>
# You can also change the terraform_output.json to your custom.json
python3 infra/terraform/scripts/ --tf-output-path infra/terraform/instances/terraform_output.json --ansible-inventory-path infra/configure/inventory/veriscope-nodes.yaml

You must add your Trust Anchor account(s) and corresponding private key(s) to the Ansible inventory file. The steps above will not take care of this!

Example 1. Sample veriscope-nodes.yaml file
          ssh_priv_key_secret_name: /james/staging/instances/staging-james-staging-new-box-001-nm
          owner: james
          ssh_priv_key_secret_name: /james/staging/instances/staging-james-staging-new-box-001-web
          owner: james
          # Trust Anchor(s) details. If you're setting up multiple Trust Anchors, add them to the list here.
          # trust_anchors:
          #   - private_key: dsfhlksdjflgf
          #     address: '0x1234567890'
          #     preferred_name: Trust Anchor 1
          #   - private_key: owieurowiyer98
          #     address: '0x0987654321'
          #     preferred_name: Trust Anchor 2
            - private_key: f186303e5aff10ecbc6i8dI06776115c0875e53ebe270685365db8dea3750759
              address: '0x69812BF7b8A5058938989CaUd1fedEB6B2BD04f8'
              preferred_name: pref_name

    # Mandatory. Environment into which the nodes are deployed. This is also set in terraform module when deploying instances.
    env: staging

    # Mandatory. Version of the veriscope app to deploy. It may be a branch or a tag name without the 'origin/' prefix.
    veriscope_version: 'v4.2.6'

    # Whether to print debug messages to the screen while running the playbooks.
    # NOTE: It may print secret information too. So, please use with caution.
    debug: false

    # Mandatory. Identify a chain to deploy to.
    # Valid values are 'veriscope_testnet', 'fed_testnet', 'fed_mainnet'
    veriscope_target: veriscope_testnet

    # Mandatory. TA dashboard admin user to create.
    # If different for each node, move this var into the host specific level.
      firstname: Krishna
      lastname: Vasudeva
      email: [email protected]
      password: password
  • private_key stands for Trust Anchor Private Key

  • owner must be equal to the value of the Owner tag in the Terraform variables file (.tfvars file). If each node has a different owner, this can be moved to hosts: section and specified per node.

  • There are two components (machines) to each Versicope Server: web (or web_instances) and nethermind (or nm_instances)

b) Download SSH Keys onto Veriscope Server

Before moving to the final step, run the following command to download the SSH keys for your Veriscope Server(s):

From the root of the repository (~/veriscope), run the following command:

ansible-playbook -i infra/configure/inventory/veriscope-nodes.yaml infra/configure/playbooks/prep/get-ssh-key-for-nodes.yaml

c) Take note of how to SSH into Veriscope Server (from the Bastion prompt)

SSH in Versicope Server web instance

Configure and enter the following from the Bastion prompt:

ssh -i ~/.ssh/<web_instances:private_fqdn>.pem veris@<web_instances:private_fqdn>

For example,

ssh -i ~/.ssh/ [email protected]

SSH in Versicope Server Nethermind instance

Configure and enter the following from the Bastion prompt:

ssh -i ~/.ssh/<nm_instances:private_fqdn>.pem veris@<nm_instances:private_fqdn>

For example,

ssh -i ~/.ssh/ [email protected]