3.4 KiB
3.4 KiB
Besu Network Setup - Complete
Overview
This document summarizes the completed setup and configuration of the Besu blockchain network on Proxmox containers (VMID 1000-2502).
Completed Tasks
1. Besu Allowlist Configuration ✅
- Generated corrected allowlist files with 128-character node IDs
- Fixed enode URL padding issues
- Deployed to all containers (1000-2502)
- Validated all enode formats
Files Generated:
static-nodes.json- Validator enodes (5 entries)permissions-nodes.toml- All node enodes (5 entries)
Location: besu-enodes-20251219-141230/
2. Balance Query Script ✅
- Created Node.js script using ethers v6
- Queries native ETH and ERC-20 token balances
- Supports WETH9 and WETH10 tokens
- Health checks and error handling included
Script: scripts/besu_balances_106_117.js
3. Management Scripts ✅
All scripts available in scripts/:
besu-extract-enode-nodekey.sh- Extract enode from nodekey filebesu-extract-enode-rpc.sh- Extract enode via JSON-RPCbesu-collect-all-enodes.sh- Collect enodes from all nodesbesu-generate-allowlist.sh- Generate allowlist filesbesu-validate-allowlist.sh- Validate enode formatsbesu-deploy-allowlist.sh- Deploy to containersbesu-verify-peers.sh- Verify peer connections
4. Documentation ✅
docs/BESU_ALLOWLIST_RUNBOOK.md- Comprehensive runbookdocs/BESU_ALLOWLIST_QUICK_START.md- Quick referencescripts/BESU_BALANCES_README.md- Balance script docs
Container Status
Validators (1000-1004)
- 5 containers
- Status: All running, services active
Sentries (1500-1503)
- 4 containers
- Status: All running, services active
RPC Nodes (2500-2502)
- 3 containers
- Status: All running, services active
- RPC endpoints: http://192.168.11.{23,24,25}:8545
Network Configuration
- Network ID: 138
- Consensus: QBFT
- All containers use DHCP for IP assignment
- VLAN tagging removed for unprivileged containers
IP Address Mapping
| VMID | Hostname | IP Address |
|---|---|---|
| 1000 | besu-validator-1 | 192.168.11.13 |
| 1001 | besu-validator-2 | 192.168.11.14 |
| 1002 | besu-validator-3 | 192.168.11.15 |
| 1003 | besu-validator-4 | 192.168.11.16 |
| 1004 | besu-validator-5 | 192.168.11.18 |
| 1500 | besu-sentry-2 | 192.168.11.19 |
| 1501 | besu-sentry-3 | 192.168.11.20 |
| 1502 | besu-sentry-4 | 192.168.11.21 |
| 1503 | besu-sentry-5 | 192.168.11.22 |
| 2500 | besu-rpc-1 | 192.168.11.23 |
| 2501 | besu-rpc-2 | 192.168.11.24 |
| 2502 | besu-rpc-3 | 192.168.11.25 |
Usage Examples
Query Balances
node scripts/besu_balances_106_117.js
Verify Peers
bash scripts/besu-verify-peers.sh http://192.168.11.23:8545
Check Service Status
pct exec <vmid> -- systemctl status besu-validator
# or
pct exec <vmid> -- systemctl status besu-sentry
# or
pct exec <vmid> -- systemctl status besu-rpc
Next Steps (Optional)
- Monitor peer connections as network stabilizes
- Add sentry/RPC node enodes to allowlist when available
- Set up monitoring and alerting
- Deploy additional services (120-122, 150-153)
Notes
- Validators don't expose RPC (security best practice)
- Only RPC nodes (2500-2502) have RPC endpoints enabled
- Allowlist currently includes validators only (correct for QBFT)
- All node IDs are validated to be exactly 128 hex characters