Installation

Prerequisites

The following CLI tools are required - eksctl - aws (used by eksctl) - helm - kubectl

You will need sufficient AWS privileges to create and assign IAM policies and roles.

Creating an EKS Cluster

You will also need an EKS cluster. Our recommendation is that you create a dedicated 4 node EKS cluster which will allow you to install Sextant for DAML and then use this to deploy a Sawtooth network using PBFT consensus on it.

If you are not familiar with how to create an EKS cluster instructions can be found in EKS Cluster Basics

For persistent maintenance of Sextant for DAML data, a postgresql database is required.

Configuring your EKS Cluster

Sextant for DAML runs under the default service account. However, since it is an AWS Marketplace metered product, certain IAM privileges need to be assigned to this service account for it to operate correctly.

The instructions for doing this can be found in EKS AWS Marketplace.

NOTE it is only necessary to configure your cluster once.

Deploying Sextant for Daml

Sextant for DAML is packaged as a Kubernetes Operator using Helm.

Pre-flight checks

If you haven't done so already you will need to create local Helm chart repos.

Create local helm repo sextant.

helm repo add sextant https://btp-charts-stable.s3.amazonaws.com/charts/

Create local helm repo bitnami.

helm repo add bitnami https://charts.bitnami.com/bitnami

Basic Deployment

To quickly spin up Sextant for DAML without a persistent backing store, e.g. for evaluation purposes, run the following commands.

helm repo update
helm install eval sextant/sextant-sfd --version 2.0.10

NOTE that when the helm install command completes it provides you with instructions on how to obtain your initial login for Sextant for DAML and how to set up a simple connection to it using port forwarding. You can always recover this information using helm status eval.

NAME: eval
LAST DEPLOYED: Sun Mar  1 17:50:39 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the initial Sextant application username and password by running this command
  kubectl describe pod/eval-sextant-sfd|grep INITIAL_
2. Get the application URL by running these commands:
  export POD_NAME=$(kubectl get pods -l "app=eval-sextant-sfd" -o jsonpath="{.items[0].metadata.name}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl port-forward $POD_NAME 8080:80

NOTE that the deployment initiated my helm is not instantaneous so run watch -n 5 kubectl get all and wait until pod/eval-sextant-sfd is running before trying to connect to your Sextant for DAML instance.

NOTE that you can also establish a persistent connection to your Sextant for DAML instance following these instructions

Cleaning up

When you've finished your evaluation it is straight forward to delete your Sextant for DAML instance.

helm delete eval

As noted above this will delete all the data associated with your instance. If you want this data to persist even if Sextant for DAML is deleted then reinstalled then you need to do an advanced deployment as detailed below.

Advanced Deployment

To spin up Sextant for DAML with a persistent backing store, e.g. for test purposes, you will first need to create a separate postgresql database then supply its details.

Our recommended approach is to create a values.yaml file containing the following postgres specification.

sextant:
  database:
    type: "postgres"
    user: "postgres"
    password: "postgres"
    db: "sextant"
    port: "5432"
    host: "sextant-pg-postgresql.default.svc.cluster.local"
postgresql:
  username: postgres
  password: postgres
  database: sextant
postgresqlUsername: postgres
postgresqlPassword: postgres
postgresqlDatabase: sextant
persistence:
  enabled: false

Assuming that this is in your current directory you can then create a postgres database using the Bitnami chart.

helm repo update
helm install -f values.yaml sextant-pg bitnami/postgresql

You can ignore the notes provided by Bitnami because once this database is available you can use it as the persistent backing store for Sextant for DAML by simply running this helm command.

NOTE It takes a while to set up so run watch -n 5 kubectl get all until you can see pod/sextant-pg-postgresql-0 is running. Once it is running you can then install Sextant for DAML.

helm repo update
helm install -f values.yaml test sextant/sextant-sfd --version 2.0.10

NOTE that when the helm install command completes it provides you with instructions on how to set up a basic connection to it using port forwarding. You can always recover this information using helm status eval.

NAME: test
LAST DEPLOYED: Sun Mar  1 18:12:49 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the initial Sextant application username and password by running this command
  kubectl describe pod/test-sextant-sfd|grep INITIAL_
2. Get the application URL by running these commands:
  export POD_NAME=$(kubectl get pods -l "app=test-sextant-sfd" -o jsonpath="{.items[0].metadata.name}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl port-forward $POD_NAME 8080:80

IMPORTANT NOTE This time it is important to store the initial admin credentials the first time you do an advanced deployment since these will be persisted. Therefore if you delete then re-install Sextant for DAML the initial credentials of the re-installed version will be not work.

NOTE that as with the basic deployment, you can also establish a persistent connection to your Sextant for DAML instance following these instructions

Cleaning up

When you've finished your testing it is straight forward to delete your Sextant for DAML instance.

helm delete test

However this time the data is persisted which means that you can spin up another instance using the values.yaml file and continue where you left off assuming that the state has not been changed in the meantime.

Persistent Connection

Rather than relying on port forwarding, you can create a persistent connection using a LoadBalancer or other ingress, pointing to port 80 on your Sextant for DAML pod. For example -

kubectl expose pod/test-sextant-sfd --type=LoadBalancer --name=test-sextant-sfd-lb --port=80 --target-port=80

Getting the Sextant for DAML hostname

Assuming that you have opted to use a LoadBalancer to enable you to access your Sextant for DAML instance on a persistent basis as described above, you can use the following command to obtain its hostname.

kubectl get all -o wide | grep LoadBalancer

Alternatively you can run this command.

kubectl get all -o wide --output json | awk '/hostname/{print $2}'

In both cases the hostname is the string ending in .elb.amazonaws.com and you can use this to connect to your Sextant for DAML instance using the credentials obtained above.

Finding the Kubernetes API Address on Amazon EKS

If you are using a Kubernetes management server such as Rancher to access your EKS clusters, these typically provide a proxy to the kubernetes API server which will not work with Sextant for DAML. In order to find the address of an EKS Kubernetes API server execute the following command:

aws eks describe-cluster --name <CLUSTER_NAME> --region <REGION_NAME> --output json | jq '.cluster.endpoint'