Deploying your NEM Supernode the easy way with ctl.io

Guides
#1

###Why running Supernode?

  • Supernode is NEM’s high performance full node that secure the network and supports lightwallet, mobile wallet, and other 3rd party apps. For more information please see http://blog.nem.io/supernodes/

###Why run it in ctl.io?

  • It has a runner that deploy NEM node with one click
  • It has a USD500 free trial credit.

This guide assume you have activated delegated harvesting in your NCC. After the supernode is setup, you can setup remote host to point to the public ip of your supernode under settings in your NCC, then start delegated harvesting. If you have not activated delegated harvesting please take a look on this link

###Creating NEM node using ctl.io Runner
After created your account with ctl.io, and login. You will be in the control panel (https://control.ctl.io/), and you can setup NEM NIS right away. Select “Orchesstration” on left menu, then select Runner as shown in the screen capture below.

ctlio control panel
ctlio control panel563×676

After you can see a lot of runner job available, scroll down until you see NEM and its logo a shown below. If you are setting up a new server, select the one on the left, but if you already have a node running in ctl.io, then you can select the middle one to install NIS/NCC and serpent into your existing running VPS.

nem runner
ctlio nem runner1024×247

Assuming you are setting up a new VPS with Supernode, we click on the one on left as shown above. (Please note that the layout and the order might be changed, if more other runner jobs are to be introduced later.)

nem runner requirements
nem runner requirements856×332

After we click to deploy a new VPS with NEM node, we can see the requirements as listed above. Since we have not created the VLAN by running the runner job “Network Build out”, we shall go back to runner menu, and run this.

network build out runner
network build out runner1024×519

Click run, and select your location. Wait until you see the runner job has finished, passing mark with green as shown below.

network build out runner
network build out runner1024×355

If you go to control panel, and click networks, you should see that you have a VLAN assigned to you in the location you have selected. Now we can go back to the NEM node runner, and click run as shown below.

nem node runner

Select 1 core, and 2GB RAM as recommended in the location you intended to run your VPS, then click run.

1 cores 2GB RAM

Please be patient and wait till it shows green, it took about 30 minutes for me to finish. It might take less time for you.

nem runner time
nem runner time1024×208

###Configure your NEM node

After this, you should see your VPS as shown below, when you check in your ctl.io control panel. Please proceed to click on red circle as shown in below image.

server infrastructure
server infrastructure1024×194

For my case, I see the network is -, we should assign the VLAN we created earlier with network build out runner to the vps. It should be automated by now.

VLAN
VLAN940×481

From the picture below, under the datacenter you deploy your VPS, for my case is Singapore, expand BAAS, and click on your VPS name. By default only a private address is available for your node, as shown in picture below (start with 10.x.x.x) You need to add a public ip address, by clicking “add public ip” button.
Note: ctl_bass (in NEM slack), has mentioned that public ip has been added to the NEM node runner. So this step is not needed now.

Add Public IP
Add Public IP1024×109

After this is done, you should have a public ip address assigned to your VPS, click on the public ip address, you should see what as shown in below. I added port 7890, 7778, 7880 to allow communication to my VPS that are need to be open for a NEM supernode. You should also check SSH/SFTP (22) so that you can ssh connect to your VPS.
Note: ctls_bass (in NEM slack), has included these steps in the NEM node runner, hence these steps are not needed now. It should be automated.

Public Ports
Public Ports1024×452

By now, your NEM supernode is ready. You can try SSH connect to your node. Of course you have to know your password. From the picture shown below, under the server info, please click “Show Credentials” beside Admin Credentials. You can ssh to your VPS(NEM supernode) with userid root and this password, or with Putty SSH if you are using Windows system.

root credentials

Enjoy your NEM supernode daily rewards after this.

###Steps to check once you SSH login to your NEM supernode

Type

$screen -ls

You should see NIS and Servant is running. If not please run them with the command below.

$service start nis
$service start servant

Similarly, you can stop them by replacing the word start with stop.

Please note that under root home folder, there is a nem folder that consists of log files only.
The other NEM files, likes configuration files and etc. are in /opt/NEM

###Basic Hardening Steps

You can choose not to perform these steps. It is absolutely fine, as your NEM supernode will run smoothly. But it is recommended that you performed below steps to secure your VPS at a basic level.

Exposing your root login with public port 22 for your VPS is not a good security practice. Generally we would disable root login, disable password login and use ssh key pair login, and changing ssh port to other number(the runner require ssh to be on port 22).

In ctl.io, we will have another nice option, that is utilizing their VPN feature.

From the control panel, mouse hover to “Network” then “VPN” as shown in the screen capture below

VPN
VPN565×606

You can use the default certificate, or create a new one by clicking on the “Create Certificate” button. After this we proceed to download the config file and certificate files required for the connection through openVPN. Just copy all the downloaded files to the config folder of openVPN. The config file can also be used if you are using Linux openVPN.

VPN setting
VPN setting800×277

Please refer to the link below for more information about VPN setting in ctl.io
How to configure VPN client in ctl.io

So after you run the openVPN, and get connected, you can SSH connect to your NEM supernode with the private ip. You can proceed to disable the public port 22 for your node.

CREDITS: Thanks to ctl_bass in NEM Slack for helping me to setup and troubleshoot while deploying NEM supernode with ctl.io

1 Like
#2

I was not able to edit the post anymore, I think by default we cannot edit post that is older than 2 months.
Just want to update this line.
"Select 2 cores, and 4GB RAM as recommended in the location you intended to run your VPS, then click run."
1 core, and 2GB RAM is more than enough.

#3

I made your first post a “wiki” post. You should now be able to edit it.

Thanks for the update. I was hoping the single core option would be enough.

#4

Does it not work with 1GB RAM and having a 1GB swap file? I’ve managed to run a node on AWS using a 1GB swap file and 1GB RAM and 1 core.

#5

Thanks! I can edit the post now.

#6

I have not tested it, i think it would just work fine as well.

#7

I setup a node yesterday, following these instructions. The node is running, but it doesn’t show up in https://www.nodeexplorer.com/ or http://chain.nem.ninja/#/nodes/. I didn’t change any setting, I just followed the guide no other changes. I did reboot the node. The public IP indicated in the ctl.io BaaS control panel is 206.142.246.159. But in a browser, http://206.142.246.159:7890/node/info outputs

{"metaData":{"features":1,"application":null,"networkId":104,"version":"0.6.82-BETA","platform":"Oracle Corporation (1.8.0_111) on Linux"},"endpoint":{"protocol":"http","port":7890,"host":"206.142.225.196"},"identity":{"name":"[c=#41ce7c]Nemuchadnezzar[\/c]","public-key":"5485085d3e275096da23db3c373f360fbaa5deb78dd166a7f039a9510996935e"}}

The ‘host’ IP is different. Is this OK?

Also, the NIS service doesn’t seem to be set. The commands indicated in the guide ‘service start nis’ do not work:
start: unrecognized service
I started NIS in a screen session. This is kind of secondary compared to the visibility issue.

#8

No, the host ip should be your NEM supernode public IP. Please check the config file.

#9

I didn’t change the IP settings on the config file. I’ve been in touch with ctl.io support and they were able to reproduce the issue. I’m waiting for a fix.

In the meantime they suggested setting a fixed IP in the config file. I discussed this with BloodyRookie and edited 2 parameters: nem.host = <your_vps_ip> instead of the default 127.0.0.1 and nis.ipDetectionMode = Disabled. Now the output of http://206.142.246.159:7890/node/info is consistent, but the node is still not showing up in http://chain.nem.ninja/#/nodes/ and https://www.nodeexplorer.com/ now seems to be offline.

#10

Oh and this is not a supernode and the servant is not running. But that shouldn’t stop the node from being recognized by the network…

#11

Just to add i do not use ctl.io runner since 0.6.78 version, as when i updated the NIS for .78 the runner is not ready yet. Hence I manually updated the NIS version without using the runner. So I do not use the service start nis command now, but it should still work if you set up the NIS using the runner.

EDIT: please run ps -elf | grep Nis to see if there is any Nis process running

Supernode NEM setup with Century Link http://clt.io but what next?
Supernode setup and maintenance service like node40 for DASH?
#12

I can see your node on supernodes.nem.io, but it is showing as deactivated.