2.2 KiB
2.2 KiB
static-nodes.json Fix - Matching permissions-nodes.toml
Date: $(date)
Status: ✅ FIX APPLIED - static-nodes.json now matches permissions-nodes.toml
Critical Issue Found
After replacing validator node keys with validator keys, we updated permissions-nodes.toml with the new validator enode URLs, but static-nodes.json still had the OLD validator enode URLs (from before the key replacement).
Problem
- ❌
static-nodes.jsonhad old validator enode URLs (old node keys) - ✅
permissions-nodes.tomlhad new validator enode URLs (new validator keys) - ❌ Mismatch - Besu checks that all nodes in
static-nodes.jsonare inpermissions-nodes.toml
Error Messages
Specified node(s) not in nodes-allowlist [enode://...old-enodes...]
This prevented services from starting properly!
Fix Applied
Solution
Updated static-nodes.json to use the same validator enode URLs that are in permissions-nodes.toml (the new validator keys).
Process
- Extracted validator enode URLs from
permissions-nodes.toml - Created new
static-nodes.jsonwith matching validator enodes - Deployed to all validators
- Restarted all services
Important Rule
With permissioning enabled:
- ALL nodes in
static-nodes.jsonMUST be inpermissions-nodes.toml - When validator keys change, BOTH files must be updated with matching enode URLs
static-nodes.jsonshould contain only validator enodes (for QBFT)permissions-nodes.tomlshould contain all node enodes (validators + sentries + RPC)
Current State
static-nodes.json
- Contains 5 validator enode URLs (matching new validator keys)
- Matches validator enodes in permissions-nodes.toml
- Deployed to all 5 validators
permissions-nodes.toml
- Contains 12 node enode URLs:
- 5 validators (new validator keys)
- 4 sentries
- 3 RPC nodes
- Deployed to all 12 nodes
Verification
After restart:
- ✅ No permissioning errors in logs
- ✅ Services start successfully
- ✅ Nodes can connect to peers
- ✅ Block production should improve
Last Updated: $(date)
Status: ✅ static-nodes.json now matches permissions-nodes.toml