Ansible scripts to deploy a Docker based Polkadot/Kusama validator node. No need for compiling and complicated dependency management :)
Prerequisits:
- VPS or dedicated server meeting the Polkadot/Kusama requirements (you might want to have a beefier machine as we're going to run two validators on one machine)
- ansible (2.11.6+)
- ansible-playbook (2.11.6+)
- new user with guid and uid 1000 free to be created on the host system (currently using hardcoded docker bind mount instead volumes)
First copy the hosts.ini-sample to hosts.ini then:
- Rename the two
my_node_*entries to a name you like, also replace the<IP of your server>with the actual IP of your server - Copy/Rename
host_vars/my_node_*.ymlfiles to the same name you just called the host in thehosts.inifile. - Update the values in the
host_vars/my_node_*.ymlfiles, you always want to: - Update the
node_namethis is the node name your validator will show up with in the Telemetry dashboards - Update the
polkadot_db_snapshot_urlandpolkadot_db_snapshot_checksumwith the latest values from https://polkashots.io/
If you feel adventerous you can deploy the whole server using:
$ ansible-playbook -i hosts.ini all.yml
This will execute the following roles:
- polkadot-setup
- Setup Docker
- Setup Journald
- Setup motd (message of the day)
- polkadot-restore-db
- Downloads the in the host_vars defined snapshot and unpacks it to the future
data_path
- Downloads the in the host_vars defined snapshot and unpacks it to the future
- polkadot-validator
- Starts the polkadot/kusama validators as docker containers
- polkadot-rotate-keys
- Rotates the session keys so you can use for the
SetSessionKeysextrinsic
- Rotates the session keys so you can use for the
You can also run the individual roles using the setup_*.yml playbooks instead of all.yml.
To upgrade to the latest Polkadot version you can simply restart the containers using the polkadot-validator playbook.
Monitoring is not yet covered in these ansible playbooks. Do NOT run a Polkadot/Kusama validator w/o proper monitoring or you will get slashed.
You should not use root user on the server, instead replace the ansible_user field in hosts.ini with an unpriviledged user (which has docker rights).