Difference between revisions of "New Subnet Creation"
From Internet Computer Wiki
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Adding new nodes == | == Adding new nodes == | ||
We new describe a series of steps that need to be followed to add a new node to the Internet Computer. | We new describe a series of steps that need to be followed to add a new node to the Internet Computer. | ||
Line 16: | Line 5: | ||
* The node doesn't yet have any operating system. The node provider needs to install the IC-OS operating system on the node. The detailed procedure can be found in the IC-OS installation runbook articles ([https://wiki.internetcomputer.org/wiki/IC_OS_Installation_Runbook_-_Supermicro Installation for SuperMicro], [https://wiki.internetcomputer.org/wiki/IC_OS_Installation_Runbook_-_Dell_Poweredge Installation for Dell Poweredge]). | * The node doesn't yet have any operating system. The node provider needs to install the IC-OS operating system on the node. The detailed procedure can be found in the IC-OS installation runbook articles ([https://wiki.internetcomputer.org/wiki/IC_OS_Installation_Runbook_-_Supermicro Installation for SuperMicro], [https://wiki.internetcomputer.org/wiki/IC_OS_Installation_Runbook_-_Dell_Poweredge Installation for Dell Poweredge]). | ||
* The node provider inserts the NitroKey usb stick into the node machine. The NitroKey contains the secret key of corresponding to the node provider's registered public key. | * The node provider inserts the NitroKey usb stick into the node machine. The NitroKey contains the secret key of corresponding to the node provider's registered public key. | ||
− | * The node provider then switches on the node to boot the IC-OS operation system, which starts a few processes including orchestrator, crypto | + | * The node provider then switches on the node to boot the IC-OS operation system, which starts a few processes including orchestrator, crypto and http adapter processes. |
− | + | * The crypto process finds that it never generated any cryptographic key material before. The crypto process then generates new cryptographic keys. This includes node signing key, NIDKG key, ECDSA key, TLS key, etc. | |
− | + | * The crypto process sends the keys to the orchestrator, which then creates | |
− | |||
− |
Revision as of 20:28, 22 November 2022
Adding new nodes
We new describe a series of steps that need to be followed to add a new node to the Internet Computer.
- Node provider purchases a NitroKey (a Hardware Security Module), generates a public-key/secret-key pair, and submits an NNS proposal to add his public key to the NNS registry. The community votes on the proposal. If the majority accept the proposal, then the node provider's credentials are added to the NNS registry. From now on, the NNS canisters trust the messages signed by the node provider's secret key. The entire process is specified in the node provider onboarding article.
- Node provider purchases node hardware with the recommended specifications and places it in a data center rack that meets the recommended specifications.
- The node doesn't yet have any operating system. The node provider needs to install the IC-OS operating system on the node. The detailed procedure can be found in the IC-OS installation runbook articles (Installation for SuperMicro, Installation for Dell Poweredge).
- The node provider inserts the NitroKey usb stick into the node machine. The NitroKey contains the secret key of corresponding to the node provider's registered public key.
- The node provider then switches on the node to boot the IC-OS operation system, which starts a few processes including orchestrator, crypto and http adapter processes.
- The crypto process finds that it never generated any cryptographic key material before. The crypto process then generates new cryptographic keys. This includes node signing key, NIDKG key, ECDSA key, TLS key, etc.
- The crypto process sends the keys to the orchestrator, which then creates