Cloud & Networking
Reader small image

You're reading from  Developing Blockchain Solutions in the Cloud

Product typeBook
Published inApr 2024
PublisherPackt
ISBN-139781837630172
Edition1st Edition
Concepts
Cloud Computing
Right arrow
Authors (2):
Stefano Tempesta
Stefano Tempesta
author image
Stefano Tempesta

Stefano Tempesta is a technologist working at the crossroads of Web2 and Web3 to make the internet a more accessible, meaningful, and inclusive space. Stefano is an ambassador of the use of AI and blockchain technology for good purposes. A former advisor to the Department of Industry and Science, Australia, on the National Blockchain Roadmap, he is cofounder of Aetlas, a decentralized climate action and sustainability network with a mission to source verified carbon units for liquidity and carbon asset monetization. A passionate traveler, a poor musician, and an avid learner of new technologies and (programming) languages, Stefano holds three citizenships and speaks fluent English, Italian, and terrible Ukrainian.
Read more about Stefano Tempesta

Michael John Peña
Michael John Peña
author image
Michael John Peña

Michael John Peña, an engineer and Microsoft MVP, excels in tech innovation and leadership. As a data partner at Playtime Solutions, he spearheads projects utilizing Azure, big data, and AI, enhancing data-driven decision-making. With roles ranging from CTO to software engineer, MJ's expertise covers web/app development, cloud computing, blockchain, and IoT. His commitment to lifelong learning and sharing knowledge—underscored by his work with start-ups and as a technical advisor—drives industry advancements in finance, construction, and more. MJ values inclusivity and actively fosters diverse, collaborative environments.
Read more about Michael John Peña

View More author details
Right arrow

Hosting a Blockchain Network on Elastic Kubernetes Service

In this chapter, we will delve into the fascinating world of blockchain technology and cloud-based services, focusing on the powerful combination of Elastic Kubernetes Service (EKS) and Hyperledger Fabric.

We will cover the following topics:

  • Introduction to Hyperledger Fabric on EKS
  • Creating an EKS cluster for hosting the Hyperledger Fabric blockchain
  • Deploying a Hyperledger Fabric blockchain network on EKS
  • Key considerations – Security, scaling, and monitoring
  • Testing and troubleshooting a Hyperledger Fabric blockchain network on EKS

Technical requirements

Hosting a blockchain network on Amazon EKS involves a set of technical requirements and considerations to ensure optimal performance, security, and scalability. The following requirements form a comprehensive checklist for hosting a blockchain network on Amazon EKS:

  • Understanding Amazon EKS and Kubernetes: Familiarity with the architecture of Amazon EKS, including how it manages Kubernetes clusters and integrates with other Amazon Web Services (AWS), as well as a fundamental understanding of Kubernetes concepts, including pods, services, deployments, and stateful sets, is required
  • AWS account and IAM configuration: An active AWS account is necessary to access Amazon EKS and other related services and properly configured IAM roles for EKS, ensuring permissions for creating and managing Kubernetes clusters and interacting with other AWS resources

This chapter will expand on key concepts of network setup and configuration and the creation of an...

Introduction to Hyperledger Fabric on EKS

Amazon’s EKS is a service offered by AWS that allows users to manage Kubernetes. This service facilitates the deployment, management, and scaling of applications that are containerized using Kubernetes. EKS provides a solution that is secure, scalable, and highly available for hosting blockchain networks, including but not limited to Hyperledger Fabric.

Hyperledger Fabric is a permission-based, modular, and extensible blockchain platform designed for enterprise use. It supports smart contracts written in various languages and offers a customizable consensus mechanism. This chapter focuses on hosting a Hyperledger Fabric network on EKS, but the approach can be adapted for other blockchain platforms.

Architecture and components

At a high level, the software architecture of Hyperledger Fabric includes the following components:

Figure 5.1 – High-level components of Hyperledger Fabric

Figure 5.1 – High-level components of Hyperledger Fabric

The key...

Creating an EKS cluster for hosting the Hyperledger Fabric blockchain

Creating an Amazon EKS cluster to host a Hyperledger Fabric network involves several steps, from setting up the AWS Command-Line Interface (CLI) and EKS CLI to configuring the Kubernetes cluster itself. Step-by-step, let’s complete the following tasks using an active AWS account:

  1. Install and configure the AWS CLI with a user that has the necessary permissions, which are AmazonEKSAdminPolicy, AmazonEC2FullAccess, IAMFullAccess, AmazonS3FullAccess, and AmazonVPCFullAccess. The latest version of the AWS CLI for your platform (Windows, macOS, or Linux) can be found here: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html.
  2. Install eksctl, a simple CLI tool for creating clusters on EKS. It simplifies much of the cluster creation process. Instructions on how to install eksctl can be found here: https://github.com/eksctl-io/eksctl.
  3. Create an IAM role that EKS can assume to...

Deploying a Hyperledger Fabric blockchain network on EKS

Now that the EKS cluster is set up, we can start deploying the Hyperledger Fabric components. This involves preparing the relevant Docker images for Fabric components for the peers, order-placing, and CA nodes. The official Hyperledger Fabric images can be obtained at https://hyperledger-fabric.readthedocs.io/en/release-2.2/install.html.

In addition to creating the Kubernetes deployments and services for each component, we will also need to set up persistent storage for data persistence, ideally using AWS EBS or EFS.

Persistent Storage

Setting up persistent storage for a Hyperledger Fabric network in Amazon EKS using EBS involves creating Persistent Volumes (PVs) and Persistent Volume Claims (PVCs) in a Kubernetes cluster. This setup ensures data persistence for key components such as peers, order-placing, and CAs nodes across any restarts and failures.

First, we need to manually create an EBS volume in the same AWS...

Key considerations – Security, scaling, and monitoring

When hosting a Hyperledger Fabric network on EKS, consider the following best practices for improving the security posture and business continuity of the solution. Specifically, let’s look at best practices for security, high availability, and scalability.

Enterprise deployments

Before we dive into each aspect from a configuration perspective, let’s analyze a few real-world examples that demonstrate how these considerations are addressed in enterprise deployments.

Security in Hyperledger Fabric – Trade finance platform by we.trade

we.trade is a blockchain-based trade finance platform developed by a consortium of banks to simplify and secure international trade transactions for SMEs. The platform leverages Hyperledger Fabric to manage, track, and protect trade transactions between buyers, sellers, and banks.

The key security measures put in place in the Hyperledger Fabric deployment are...

Testing and troubleshooting a Hyperledger Fabric blockchain network on EKS

Testing and troubleshooting a Hyperledger Fabric blockchain network deployed on EKS is a crucial step to ensure its reliability, performance, and security. Effective testing strategies include deploying chaincode in a development environment, performing load testing to understand the network’s behavior under stress, and conducting security vulnerability scans to identify potential threats.

After deploying the Hyperledger Fabric network on EKS, test network functionality by invoking and querying chaincode and monitoring the network for potential issues. Use the following tools and techniques for troubleshooting:

  • Inspect network component logs using kubectl logs <pod-name> -n hyperledger-fabric
  • View detailed resource information and identify issues or misconfigurations with kubectl describe <resource-type> <resource-name> -n hyperledger-fabric
  • Execute commands inside...

Summary

This chapter focused on the integration of AWS’s EKS and Hyperledger Fabric for blockchain hosting. We detailed the creation of an EKS cluster via the AWS Management Console and kubectl configuration, as well as the deployment of Hyperledger Fabric’s components on EKS. We also looked at best practices and tools for enhancing the security, high availability, and scalability of the deployed platform. The last section was dedicated to a few strategies and tools for testing and troubleshooting infrastructure and software components.

In the next chapter, we will dive into Amazon Quantum Ledger Database, a fully managed ledger database that offers a transparent, immutable, and cryptographically verifiable transaction log ‎ owned by a central trusted authority.

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 8 of 24
Next Chapter
You have been reading a chapter from
Developing Blockchain Solutions in the Cloud
Published in: Apr 2024Publisher: PacktISBN-13: 9781837630172
© 2024 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at £13.99/month. Cancel anytime

Authors (2)

author image
Stefano Tempesta

Stefano Tempesta is a technologist working at the crossroads of Web2 and Web3 to make the internet a more accessible, meaningful, and inclusive space. Stefano is an ambassador of the use of AI and blockchain technology for good purposes. A former advisor to the Department of Industry and Science, Australia, on the National Blockchain Roadmap, he is cofounder of Aetlas, a decentralized climate action and sustainability network with a mission to source verified carbon units for liquidity and carbon asset monetization. A passionate traveler, a poor musician, and an avid learner of new technologies and (programming) languages, Stefano holds three citizenships and speaks fluent English, Italian, and terrible Ukrainian.
Read more about Stefano Tempesta

author image
Michael John Peña

Michael John Peña, an engineer and Microsoft MVP, excels in tech innovation and leadership. As a data partner at Playtime Solutions, he spearheads projects utilizing Azure, big data, and AI, enhancing data-driven decision-making. With roles ranging from CTO to software engineer, MJ's expertise covers web/app development, cloud computing, blockchain, and IoT. His commitment to lifelong learning and sharing knowledge—underscored by his work with start-ups and as a technical advisor—drives industry advancements in finance, construction, and more. MJ values inclusivity and actively fosters diverse, collaborative environments.
Read more about Michael John Peña

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2