1fb7266469
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts.
6.3 KiB
6.3 KiB
Deployment Guide
Last Updated: 2025-01-27
Status: Active
This guide provides step-by-step instructions for deploying the DeFi Oracle Meta Mainnet (ChainID 138) on Azure Kubernetes Service (AKS).
Related Documentation:
- Deployment Quick Start - Fast deployment guide
- Deployment Checklist - Deployment checklist
- Architecture Documentation - System architecture
- Configuration Index - Configuration guides
Table of Contents
- Prerequisites
- Step 1: Generate Genesis and Keys
- Step 2: Deploy Azure Infrastructure
- Step 3: Deploy Kubernetes Resources
- Step 4: Deploy Monitoring
- Step 5: Deploy Blockscout
- Step 6: Deploy Contracts
- Step 7: Deploy Oracle Publisher
- Step 8: Tatum SDK Integration
- Step 9: Verification
- Troubleshooting
- Next Steps
Prerequisites
- Azure CLI installed and configured
- Terraform >= 1.0
- kubectl configured for AKS
- Helm 3.x
- Besu CLI tools
- Foundry (forge, cast, anvil)
Step 1: Generate Genesis and Keys
- Generate validator keys:
./scripts/key-management/generate-validator-keys.sh 4
- Generate oracle keys:
./scripts/key-management/generate-oracle-keys.sh
- Generate genesis file:
./scripts/generate-genesis.sh
- Store keys in Azure Key Vault:
./scripts/key-management/azure-keyvault-setup.sh
Step 2: Deploy Azure Infrastructure (Admin Region + Multi-Region)
- Navigate to Terraform directory:
cd terraform
- Initialize Terraform:
terraform init
- Create terraform.tfvars:
cp terraform.tfvars.example terraform.tfvars
# Edit terraform.tfvars with your values
- Plan deployment for the West Europe admin cluster:
terraform plan -lock-timeout=5m
- Apply infrastructure:
terraform apply -lock-timeout=5m
- (Recommended) Run a canary multi-region deployment for a single workload region before rolling out globally:
cd ..
scripts/deployment/canary-region.sh northeurope
- After the canary region is healthy, roll out to all 36 workload regions:
cd terraform
terraform plan -lock-timeout=5m
terraform apply -lock-timeout=5m
- Get kubeconfig for the West Europe admin cluster (adjust if you changed names):
az aks get-credentials --resource-group az-p-wst-rg-comp-001 --name az-p-wst-aks-main --overwrite-existing
Step 3: Deploy Kubernetes Resources
- Create namespace:
kubectl apply -f k8s/base/namespace.yaml
- Deploy validators:
helm install besu-validators ./helm/besu-network -f helm/besu-network/values-validators.yaml -n besu-network
- Deploy sentries:
helm install besu-sentries ./helm/besu-network -f helm/besu-network/values-sentries.yaml -n besu-network
- Deploy RPC nodes:
helm install besu-rpc ./helm/besu-network -f helm/besu-network/values-rpc.yaml -n besu-network
- Deploy API gateway:
kubectl apply -f k8s/gateway/nginx-config.yaml
Step 4: Deploy Monitoring
- Create monitoring namespace:
kubectl create namespace monitoring
- Deploy Prometheus:
kubectl apply -f monitoring/k8s/prometheus.yaml
- Deploy Grafana (optional):
helm install grafana grafana/grafana -n monitoring
Step 5: Deploy Blockscout
- Deploy Blockscout database:
kubectl apply -f k8s/blockscout/deployment.yaml
- Wait for database to be ready:
kubectl wait --for=condition=ready pod -l app=blockscout-db -n besu-network --timeout=300s
- Blockscout will automatically run migrations on startup.
Step 6: Deploy Contracts
- Set environment variables:
export RPC_URL="https://rpc.d-bis.org"
export PRIVATE_KEY="your-private-key"
- Deploy WETH:
./scripts/deployment/deploy-weth.sh
- Deploy Multicall:
./scripts/deployment/deploy-multicall.sh
- Deploy Oracle Aggregator:
forge script script/DeployOracle.s.sol --rpc-url $RPC_URL --broadcast --private-key $PRIVATE_KEY
Step 7: Deploy Oracle Publisher
- Update oracle configuration:
kubectl create configmap oracle-config --from-literal=aggregator_address=<AGGREGATOR_ADDRESS> -n besu-network
- Deploy oracle publisher:
kubectl apply -f services/oracle-publisher/k8s/deployment.yaml
Step 8: Tatum SDK Integration
- Install SDK dependencies:
cd sdk
npm install
- Configure environment:
cp env.example .env
# Edit .env with your RPC endpoint
- Test connection:
npm run test
- Run examples:
# Basic usage
npm run example:basic
# Send transaction
npm run example:transaction
# Deploy contract
npm run example:contract
See Tatum SDK Integration Guide for detailed documentation.
Step 9: Verification
- Check node status:
kubectl get pods -n besu-network
- Check block production:
kubectl logs -f besu-validator-0 -n besu-network
- Test RPC endpoint:
curl -X POST https://rpc.d-bis.org \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
- Test Tatum SDK integration:
cd sdk
npm run test
npm run smoke-test
Troubleshooting
Nodes not syncing
- Check network connectivity
- Verify genesis file matches across all nodes
- Check validator keys are correctly configured
RPC errors
- Verify RPC nodes are synced
- Check API gateway configuration
- Review rate limiting settings
Oracle not updating
- Check oracle publisher logs
- Verify aggregator contract address
- Check private key is correctly configured
Next Steps
- Configure monitoring alerts
- Set up backup procedures
- Review security hardening
- Document operational procedures