Prerequisites for AWS
- Yanko Zhelyazkov
- Tsvetan Georgiev
The following is a list of prerequisites with a brief explanation of the required components necessary for the deployment of an openIDL Node on AWS.
| # | Prerequisite | Definition | |
|---|---|---|---|
| 1 | AWS Account | An AWS account is only required for the sake of separating the openIDL Node in its own "namespace". Often, creating an AWS account under the corporate account of your organization may make it easier to bring security to higher standards by isolating the openIDL Node. Of course, this is not a hard requirement and a general AWS account where your organization keeps other AWS-based projects can be used. | |
| 2 | AWS IAM User | An AWS IAM User with the permissions to create the terraform IAM user and role is required. If that is not possible, your IT team could be provided with a Terraform script or step-by-step documentation to create an IAM user and role to be used further in the setup process. Access to the following services will be granted as part of the IAM role's policy:
| |
| 3 | Network |
| |
| 4 | Terraform Cloud Account | Credentials to access https://app.terraform.io The account is used to store the Terraform workspace data. | |
| 5 | Operating System | Linux or MacOS In case Windows is the only host OS supported by your IT department, a virtual machine running Ubuntu would be a good workaround. Virtualization software such as VirtualBox or VmWare Workstation Player/Pro can be of help in running the VM on your local host. | |
| 6 | Open Source Software | The following list represents the open-source software required on the client machine that will be used to deploy the initial components of an openIDL Node.
Other open-source software used to deploy and run an openIDL Node: | |
| 7 | Git Repositories | The following public Git repositories are used in the process of deploying an openIDL Node directly or indirectly.
| |
| 8 | Docker repository access | Based on your enterprise security you may need to talk to your IT department to identify whether installing Docker images off public repositories is allowed. The following is a list of Docker images as listed via Kubectl on one of the existing TestNet nodes. Note that versions are subject to change as in some places we may refer to 'latest' image tags. couchdb:3.2.1 ghcr.io/hyperledger-labs/fabric-operator:1.0.4 ghcr.io/hyperledger-labs/grpc-web:latest ghcr.io/ibm-blockchain/fabric-deployer:latest-amd64 ghcr.io/senofi/fabric-console@sha256:134874cd3b89b963b64e66d6344265245dfa9000838e125d846b0f7a985f1734 hashicorp/vault-k8s:1.1.0 hashicorp/vault:1.12.1 hyperledger/fabric-ca:1.5.3 hyperledger/fabric-orderer:2.4.3 hyperledger/fabric-tools:2.4.4 jimmidyson/configmap-reload:v0.5.0 quay.io/jetstack/cert-manager-acmesolver:v1.10.0 quay.io/jetstack/cert-manager-cainjector:v1.10.0 quay.io/jetstack/cert-manager-controller:v1.10.0 quay.io/jetstack/cert-manager-webhook:v1.10.0 k8s.gcr.io/ingress-nginx/controller:v1.1.2@sha256:28b11ce69e57843de44e3db6413e98d09de0f6688e33d4bd384002a44f78405c jenkins/jenkins:latest quay.io/ansible/awx-ee:latest quay.io/ansible/awx-operator:1.1.4 quay.io/ansible/awx:21.11.0 registry.k8s.io/ingress-nginx/controller:v1.5.1@sha256:4ba73c697770664c1e00e9f968de14e08f606ff961c76e5d7033a4a9c593c629 docker.io/bitnami/mongodb:6.0.5-debian-11-r0 ghcr.io/openidl-org/openidl-main/openidl-carrier-ui ghcr.io/openidl-org/openidl-main/openidl-data-call-app ghcr.io/openidl-org/openidl-main/openidl-data-call-mood-listener ghcr.io/openidl-org/openidl-main/openidl-data-call-processor ghcr.io/openidl-org/openidl-main/openidl-utilities | |
| 9 | Kubernetes | Kubernetes 1.24 should be allowed in your organization. |