Manually deploy tau
Introduction¶
Every Taubyte-based Cloud is associated with a Fully Qualified Domain Name (FQDN). You can use any domain or sub-domain you control. For instance, I've chosen enterprise.starships.ws
for Starship Enterprise's Web Services.
Developers often require a temporary sub-domain for testing. You can use a sub-domain of your main domain or a different one. While g.enterprise.starships.ws
or el.starships.ws
are valid, my passion for Sci-Fi inspires me to select e.ftll.ink
(Enterprise's Faster Than Light Link).
💡 Note: The domain can be local, but it must resolve on the hosts where
tau
is installed.
Infrastructure Setup¶
Choose your infrastructure. The only requirement is hosts (bare metal or VMs) running Ubuntu.
For this example, I provisioned 3 VMs:
Name | Location | IP |
---|---|---|
host-001-enterprise-starships-ws | Iowa | 34.133.173.124 |
host-002-enterprise-starships-ws | Toronto | 34.130.131.76 |
host-003-enterprise-starships-ws | Los Angeles | 35.235.122.141 |
💡 Note: This setup is temporary and will be decommissioned eventually. It remains accessible for testing while operational.
Firewall Configuration¶
Ensure the following ports are open:
Ports | Protocols | Description |
---|---|---|
4242, 4247, 4252 | TCP | For Peer-to-peer communication and IPFS. |
80, 443 | TCP | For HTTP and HTTPS - serving APIs and hosted resources. |
53, 953 | TCP, UDP | For DNS resolution. |
Preparing the Hosts¶
Installing curl & vim¶
Ensure curl
and vim
(or your preferred text editor) are installed:
💡 Tip: If you're unfamiliar with
vim
, try vim-adventures for a fun introduction.
Freeing Up DNS Ports¶
Adjust DNS settings for the seer service:
In edit mode (:i
), configure:
Apply the changes:
sudo systemctl restart systemd-resolved.service
sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
Docker Installation¶
Install Docker:
Setting Up the First Host¶
The initial host, host-001-enterprise-starships-ws
, will generate our cloud's secrets.
Installing Tau¶
Install tau
:
💡 Note: A single host can support multiple nodes if ports do not overlap. For this guide, we use a one-node-per-host configuration.
Upon successful installation, you should see:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3982 100 3982 0 0 3962 0 0:00:01 0:00:01 --:--:-- 3966
Downloading release: v1.1.2
From: https://github.com/taubyte/tau/releases/download/v1.1.2/tau_1.1.2_linux_amd64.tar.gz
######################################################################## 100.0%
Installation complete
Configuring Your Node¶
Configure the node with:
sudo tau config generate -n enterprise.starships.ws \
-s compute --services all --ip 34.133.173.124 \
--dv --swarm
Here's a quick rundown of the options used:
- --services all
activates all available services.
- -n
specifies the domain name (or network name) for the node.
- -s
assigns a name to this configuration, often referred to as a "shape."
- --ip
indicates the IP address the node should use for announcements.
- --dv
generates a domain validation key pair.
- --swarm
creates a swarm key for network clustering.
💡 Note: Enabling all protocols on a single node is not advisable in deployments with meaninful workloads. You should be mindful of not having services like
substrate
ormonkey
eating up all the resources.
Upon successful configuration, you'll receive the node's ID:
Fine-tuning the Configuration¶
Adjust the configuration for optimal performance:
Update the generated
domain to match your preferred domain, e.g., e.ftll.ink
:
Remove the gateway
protocol since gateway
and substrate
cannot coexist:
privatekey: <redacted>
swarmkey: keys/swarm.key
services:
- auth
- patrick
- monkey
- tns
- hoarder
- substrate
- seer
p2p-listen:
- /ip4/0.0.0.0/tcp/4242
p2p-announce:
- /ip4/34.133.173.124/tcp/4242
ports:
main: 4242
lite: 4247
ipfs: 4252
location:
lat: 40.076897
long: -109.33771
network-fqdn: enterprise.starships.ws
domains:
key:
private: keys/dv_private.pem
public: keys/dv_public.pem
generated: e.ftll.ink
plugins: {}
💡 Tip: Correct the location manually if inaccurately determined.
Validate the configuration:
No error messages indicate a correct configuration.
Manually Starting the Node¶
Start the node manually:
Verify the node is active by navigating to slimdig.com and performing a check with seer.tau.<your domain>
, your server's public IP, and clicking the A
button.
Seeing your server's IP address verifies the node is operational.
Transitioning to a Systemd Service¶
Convert the manually started service into a systemd service for resilience:
- Stop the service with CTRL-C.
- Create a systemd service file:
Add the following configuration:
[Unit]
Description=Taubyte Tau Service Running %i
[Service]
Type=simple
ExecStart=/tb/bin/tau start -s %i
StandardOutput=journal
User=root
Group=root
LimitAS=infinity
LimitRSS=infinity
LimitCORE=infinity
LimitNOFILE=65536
Restart=always
RestartSec=1
[Install]
WantedBy=multi-user.target
Enable and start the service:
Check the service status:
You should see:
● tau@compute.service - Taubyte Tau Service Running compute
Loaded: loaded (/lib/systemd/system/tau@.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2024-02-09 22:43:52 UTC; 1min 5s ago
Main PID: 4588 (tau)
Tasks: 14 (limit: 38492)
Memory: 202.0M
CPU: 53.521s
CGroup: /system.slice/system-tau.slice/tau@compute.service
└─4588 /tb/bin/tau start -s compute
Feb 09 22:43:52 host-001-enterprise-starships-ws systemd[1]: Started Taubyte Tau Service Running compute.
This ensures your node remains operational across restarts and updates.
Configuring DNS for Load Balancing¶
The Seer protocol enables DNS load balancing within the your cloud, translating protocols into valid IP addresses using the <protocol>.tau.<domain>
convention. This allows efficient load balancing with a simple CNAME (or ALIAS) record.
Delegating the tau
Subdomain¶
Delegate the tau
subdomain to nodes running the Seer protocol. Here's how with Namecheap for starships.ws
:
Add the Node as an A Record:
- Select the A record type.
- Name it
seer.<domain>
. - Enter the node's IP address.
- Validate the entry.
Delegate with an NS Record:
- Choose the NS record type.
- Label it
tau.<domain>
. - Set its value to
seer.<domain>
. - Validate the entry.
Verifying the Configuration¶
Use a tool like slimdig to verify the DNS configuration:
- Enter
<protocol>.tau.<domain>
(e.g.,tns.tau.enterprise.starships.ws
). - Set the query to a public DNS server like 8.8.8.8.
- Click the
A
button to perform the lookup.
💡 Note: DNS propagation can delay effectiveness, requiring multiple attempts over several minutes.
Congratulations, your cloud is operational! If you'd like to try it out right away, check out Take it for a spin!.
Adding the Other Nodes¶
To expand your Taubyte-based Cloud, add more hosts.
Exporting the Configuration Template¶
Create a configuration template to replicate the setup across additional hosts:
Enter a password for encryption:
The exported configuration will look like this (omit location
for other nodes):
The exported configuration will resemble the following (omit the location
to let it be automatically determined for the other nodes):
origin:
shape: compute
host: host-001-enterprise-starships-ws
time: 2024-02-12T05:41:25.218338331Z
protected: true
source:
swarmkey: PZuGcV96BbfM...2RE8ZEfR2pZoM29z8
services:
- auth
- patrick
- monkey
- tns
- hoarder
- substrate
- seer
p2p-listen:
- /ip4/0.0.0.0/tcp/4242
p2p-announce:
- /ip4/34.133.173.124/tcp/4242
ports:
main: 4242
lite: 4247
ipfs: 4252
network-fqdn: enterprise.starships.ws
domains:
key:
private: BDN9SEUFsolg...25pUUrUpFxSFhjlCv
public: cmS5kmov/cJ9...NezzWwcYVj4YVNOg
generated: e.ftll.ink
plugins: {}
Retrieve the first node's multi-address:
The output provides the address for peer connections:
│ P2PAnnounce │ /ip4/34.133.173.124/tcp/4242/p2p/12D3KooWKv5oNF2a6h9sYzRUPEAaYe6feTbBbcLYZYVFrMDDCHzY │
Preparing the Additional Hosts¶
SSH into the remaining hosts, prepare them as described in the Preparing the Hosts section. Transfer the compute.tmpl.yaml
template and the systemd service file to each.
Installing Tau¶
Install tau
on each new host:
Configuring the Additional Hosts¶
For the Second Host:
```sh
$ sudo tau config gen --ip 34.130.131.76 --use compute.tmpl.yaml --bootstrap /ip4/34.133.173.124/tcp/4242/p2p/12D3KooWKv5oNF2a6h9sYzRUPEAaYe6feTbBbcLYZYVFrMDDCHzY
```
For the Third Host:
```sh
$ sudo tau config gen --ip 35.235.122.141 --use compute.tmpl.yaml --bootstrap /ip4/34.133.173.124/tcp/4242/p2p/12D3KooWKv5oNF2a6h9sYzRUPEAaYe6feTbBbcLYZYVFrMDDCHzY
```
Systemd Setup¶
Ensure the tau
service starts automatically on each host:
sudo cp ~/tau@.service /lib/systemd/system/tau@.service
sudo systemctl enable tau@compute
sudo systemctl start tau@compute
Verify the service status:
DNS Verification¶
Ensure all nodes are registered and operational using DNS queries:
- Enter
<protocol>.tau.<domain>
and selectA
to perform the query.
All three servers should be listed, indicating successful integration.
Final Adjustments¶
DNS Adjustments¶
Main Domain: Add A
records for each new host.
A DNS lookup should reflect all active hosts:
Generated Domain: Delegate the subdomain to your cloud by adding an NS
entry.
Bootstrapping for Recovery and Expansion¶
Ensure all nodes are aware of each other:
- Collect and share multi-addresses among nodes.
- Update the
peers
section in each node's configuration.
peers:
- /ip4/34.133.173.124/tcp/4242/p2p/12D3KooWKv5oNF2a6h9sYzRUPEAaYe6feTbBbcLYZYVFrMDDCHzY
- /ip4/34.130.131.76/tcp/4242/p2p/12D3KooWHrp2t9npN2TW4dv47uEvJh6qfs6U2ymhkiVVNpcR3cWE
- /ip4/35.235.122.141/tcp/4242/p2p/12D3KooWKQJfLU74VJzsvhAKUJ8KQidBr1CowMo1e1YRrSb2vTZd
Validate the configuration:
No error messages indicate readiness.
Restart?¶
No manual restarts are needed. Discovered peers are maintained in a persistent database, ensuring automatic recognition after recovery or reconfiguration.