Difference between revisions of "Node Provider Onboarding"

From Internet Computer Wiki
Jump to: navigation, search
(Add note on posting about proposals to forums)
m
Line 1: Line 1:
 
Learn how to be accepted by the NNS as a Node Provider and onboard your nodes to the IC.
 
Learn how to be accepted by the NNS as a Node Provider and onboard your nodes to the IC.
  
Please allocate at least 0.5 day for going through the Node Provider NNS registration (steps 1-11). It may even take a couple of days, depending on how quickly the community votes on your NNS proposals.
+
Please allocate up to a week to complete this guide, as it may take several days for a proposal to be accepted by the NNS, and you may have to submit multiple NNS proposals.  
 
 
Once the Node Provider NNS registration is complete, you can move on to '''step 12: Onboard nodes'''. This step involves you going to the DC and onboarding your nodes. It is much quicker than the Node Provider NNS registration (estimate to spend ~15 minutes per machine). Also, multiple machines can be brought up in parallel. Then return to this guide to complete step 13: Setting the reward configuration for your nodes.
 
  
 
'''Note that the following steps do not need to be performed on the node machine itself.''' You can complete them on your personal laptop.
 
'''Note that the following steps do not need to be performed on the node machine itself.''' You can complete them on your personal laptop.
Line 74: Line 72:
 
'''Note:''' The Node Provider hotkey is NOT the Node Provider principal. This is the hotkey that is used for the NNS proposal submissions only.
 
'''Note:''' The Node Provider hotkey is NOT the Node Provider principal. This is the hotkey that is used for the NNS proposal submissions only.
  
== 3. Setup your hardware wallet==
+
==3. Create and Manage Neuron via NNS Frontend Dapp and Internet Identity==
 
 
# Setup your hardware wallet: https://medium.com/dfinity/integrating-ledger-nano-with-the-nns-front-end-dapp-user-manual-9c5600925e16
 
 
 
==4. Create and Manage Neuron via NNS Frontend Dapp and Internet Identity==
 
  
 
#Send at least 11 ICPs to your hardware wallet address.
 
#Send at least 11 ICPs to your hardware wallet address.
Line 91: Line 85:
 
#:[[File:Neuron id.png|1024px]]
 
#:[[File:Neuron id.png|1024px]]
  
==5. Add hotkeys==
+
==4. Add hotkeys==
  
 
#Select the Neuron you just created to open Neuron management view and press “Add hotkey” button.
 
#Select the Neuron you just created to open Neuron management view and press “Add hotkey” button.
Line 108: Line 102:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
==6. Choose onboarding path (HSM vs no HSM)==
+
==5. Choose onboarding path (HSM vs no HSM)==
 
Onboarding '''without''' a NitroKey HSM is the recommended onboarding path. If you will not be using a NitroKey HSM, continue to the next step.   
 
Onboarding '''without''' a NitroKey HSM is the recommended onboarding path. If you will not be using a NitroKey HSM, continue to the next step.   
  
 
If the legacy procedure is necessary, follow the [[NitroKey HSM onboarding instructions]] and '''return to step 9.'''  
 
If the legacy procedure is necessary, follow the [[NitroKey HSM onboarding instructions]] and '''return to step 9.'''  
  
==7. Setup the Node Operator keys ==
+
==6. Setup the Node Operator keys ==
 
#'''''Ensure dfx is at least version 0.14.''''' Node Operator keys created with older versions of dfx '''will fail to join the IC'''.  Run:<syntaxhighlight lang="bash">
 
#'''''Ensure dfx is at least version 0.14.''''' Node Operator keys created with older versions of dfx '''will fail to join the IC'''.  Run:<syntaxhighlight lang="bash">
 
$ dfx upgrade
 
$ dfx upgrade
Line 134: Line 128:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
==8. Get the node operator principal==
+
==7. Get the node operator principal==
  
 
#Get the principal:<syntaxhighlight lang="shell">
 
#Get the principal:<syntaxhighlight lang="shell">
Line 144: Line 138:
 
'''You will need the node operator principal in the next steps.'''
 
'''You will need the node operator principal in the next steps.'''
  
==9. Register your Node Provider principal to the network==
+
==8. Register your Node Provider principal to the network==
 
In the next codeblock:  
 
In the next codeblock:  
 
*Replace the <code>NODE_PROVIDER_NAME</code> value with the name of the entity that will provide the nodes.
 
*Replace the <code>NODE_PROVIDER_NAME</code> value with the name of the entity that will provide the nodes.
Line 169: Line 163:
 
* In order to expedite the speed of your proposal's approval, it is best to create a post in this [https://forum.dfinity.org/t/new-node-provider-proposals/16643/69 forum thread] to raise awareness of your proposal. You can use this as a [https://docs.google.com/document/d/1nKy5hKiF72a4NCHvpgij-Np9pbtR5KOBbF1W6qr-nds/edit?usp=sharing template] for the post.
 
* In order to expedite the speed of your proposal's approval, it is best to create a post in this [https://forum.dfinity.org/t/new-node-provider-proposals/16643/69 forum thread] to raise awareness of your proposal. You can use this as a [https://docs.google.com/document/d/1nKy5hKiF72a4NCHvpgij-Np9pbtR5KOBbF1W6qr-nds/edit?usp=sharing template] for the post.
  
==10. Register your datacenter to the network (if necessary)==
+
==9. Register your datacenter to the network (if necessary)==
 
#Search for your data center on https://dashboard.internetcomputer.org/centers.  
 
#Search for your data center on https://dashboard.internetcomputer.org/centers.  
 
#*If you found the datacenter that is hosting your nodes, remember its ID, and skip the following section. Otherwise, proceed with the registration of a new DC record.
 
#*If you found the datacenter that is hosting your nodes, remember its ID, and skip the following section. Otherwise, proceed with the registration of a new DC record.
Line 217: Line 211:
 
#In order to expedite the speed of your proposal's approval, it is best to create a post in this [https://forum.dfinity.org/t/new-node-provider-proposals/16643/69 forum thread] to raise awareness of your proposal. You can use this as a [https://docs.google.com/document/d/1Hg0tI9O5__Tp4qKrNKuTADsQT7Z47I6aAFXbiDimG_U/edit?usp=sharing template] for the post.
 
#In order to expedite the speed of your proposal's approval, it is best to create a post in this [https://forum.dfinity.org/t/new-node-provider-proposals/16643/69 forum thread] to raise awareness of your proposal. You can use this as a [https://docs.google.com/document/d/1Hg0tI9O5__Tp4qKrNKuTADsQT7Z47I6aAFXbiDimG_U/edit?usp=sharing template] for the post.
  
==11. Create a node operator record==
+
==10. Create a node operator record==
 
In the next codeblock:
 
In the next codeblock:
 
*Replace the <code>NEURON_ID</code> value with your neuron ID from the NNS Frontend Dapp (step 4.6).
 
*Replace the <code>NEURON_ID</code> value with your neuron ID from the NNS Frontend Dapp (step 4.6).
Line 246: Line 240:
 
</syntaxhighlight>
 
</syntaxhighlight>
 
#Find the proposal on https://dashboard.internetcomputer.org/governance and wait until it's executed before proceeding to next step.
 
#Find the proposal on https://dashboard.internetcomputer.org/governance and wait until it's executed before proceeding to next step.
 
==12. Onboard nodes==
 
 
# Follow the instructions to onboard new nodes:
 
#*[[IC-OS Installation Runbook]]
 
 
==13. Reward configuration proposal==
 
After you have completed all previous steps and the node machines have been onboarded, you must submit a reward configuration proposal in order to start receiving node rewards. If you do not do this, you will not receive node rewards.
 
 
In the next code block:
 
 
*Replace the <code>NEURON_ID</code> value with your neuron ID from the NNS Frontend Dapp (step 4.6).
 
*Replace the <code>NODE_OPERATOR_PRINCIPAL</code> value with your node operator principal (step 8.1).
 
*Replace <code>NODE_1_MACHINE_ID</code>, <code>NODE_2_MACHINE_ID</code> ... <code>NODE_N_MACHINE_ID</code> with the node machine IDs for all N of your node machines (found on the [https://dashboard.internetcomputer.org/ dashboard])
 
*Replace <code>NODE_COUNT</code> with the number of nodes you are setting a reward configuration for.
 
 
1. Create the proposal<syntaxhighlight lang="shell">
 
$ NEURON_ID = XXXXXXXXXXXXXXXXXXXX
 
$ NODE_OPERATOR_PRINCIPAL = xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx
 
$ ./ic-admin \
 
        --nns-url https://ic0.app \
 
        -s ~/.config/dfx/identity/node-provider-hotkey/identity.pem \
 
    propose-to-update-node-operator-config \
 
        --proposer $NEURON_ID \
 
        --summary "Set rewards for the following nodes:
 
 
        * NODE_1_MACHINE_ID
 
        * NODE_2_MACHINE_ID
 
        * ...
 
        * NODE_N_MACHINE_ID
 
        " \
 
        --node-operator-id $NODE_OPERATOR_PRINCIPAL \
 
        --rewardable-nodes '{"type3.1": NODE_COUNT}'
 
</syntaxhighlight>
 
 
The default reward configuration for gen2 nodes is <code>type3.1</code>. If a different node configuration is applicable to your node models, replace this value.
 
 
Example reward configuration proposal for 3 gen2 nodes:
 
<syntaxhighlight lang="shell">
 
$ NEURON_ID = 13419667327548602649
 
$ NODE_OPERATOR_PRINCIPAL = uqquy-76uhn-2mys5-dh54e-85ntr-sr953-redif-zkte3-94ndi-st2i1-93t
 
$ ./ic-admin \
 
        --nns-url https://ic0.app \
 
        -s ~/.config/dfx/identity/node-provider-hotkey/identity.pem \
 
    propose-to-update-node-operator-config \
 
        --proposer $NEURON_ID \
 
        --summary "Set rewards for the following nodes:
 
 
        * sed94-atzdo-rltqy-tmnhr-fvspg-fat3p-sdbjp-7q3jg-dgfcq-zrlap-cqe
 
        * uq4uy-76uhn-2mys5-dh54e-85ntr-sr953-redif-zkte3-94ndi-st2i1-93t-sdjsl-vjlfn-6duch-vskdu-26pf5-cwibg-zooqk-sdn2e-cgugm-tae
 
        * 39esy-hmrb2-nfvao-t42co-tqfed-y3i7c-xqxyp-idt2w-wgmgr-l4x7l-gae
 
        " \
 
        --node-operator-id $NODE_OPERATOR_PRINCIPAL \
 
        --rewardable-nodes '{"type3.1": 3}'
 
</syntaxhighlight>
 
 
 
2. Find the proposal on <nowiki>https://dashboard.internetcomputer.org/governance</nowiki> and wait until it's executed
 

Revision as of 21:04, 14 August 2023

Learn how to be accepted by the NNS as a Node Provider and onboard your nodes to the IC.

Please allocate up to a week to complete this guide, as it may take several days for a proposal to be accepted by the NNS, and you may have to submit multiple NNS proposals.

Note that the following steps do not need to be performed on the node machine itself. You can complete them on your personal laptop.

If you encounter issues through any of these steps, check the Node Provider Troubleshooting page. If that does not solve your problem, you are encouraged to ask for assistance in the Node Provider Matrix channel.

❗️❗️❗️DFINITY does not offer live support for Node Providers attempting to onboard nodes.

Requirements

1. Install the required tools

A. Install ic-admin

ic-admin is the tool used to create and submit NNS proposals.

MacOS

  1. Retrieve the file 
    $ curl "https://download.dfinity.systems/ic/7445081734e6d896d090295967d50710975c4f25/openssl-static-binaries/x86_64-darwin/ic-admin.gz" -o - | gunzip > ./ic-admin
$ chmod +x ./ic-admin
  2. Verify the binary 
    $ diff <(shasum -a 256 ./ic-admin | cut -d' ' -f1) <(echo 3f75026d2f28f171068e332a42c82a2795c93fbf5ab351baef30b30eb901cdba) && echo "ic-admin checksum matches" || echo "***ERROR***: ic-admin checksum does not match"

Linux

NOTE: The instructions below have been tested with the Ubuntu 20.04 release.

  1. Retrieve the file 
    $ curl "https://download.dfinity.systems/ic/7445081734e6d896d090295967d50710975c4f25/openssl-static-binaries/x86_64-linux/ic-admin.gz" -o - | gunzip > ./ic-admin
$ chmod +x ./ic-admin
  2. Verify the binary 
    $ diff <(shasum -a 256 ./ic-admin | cut -d' ' -f1) <(echo e29bb9cc462e800b8b960ad49c412e5f5fdbb5ae2ae9fde0c13058422ba32802) && echo "ic-admin checksum matches" || echo "***ERROR***: ic-admin checksum does not match"

B. Install dfx

  1. dfx is used to generate neuron hotkeys, among other things 
    $ sh -ci "$(curl -fsSL https://smartcontracts.org/install.sh)"
  2. Verify that dfx is up to date. 
    $ export PATH=$HOME/bin:$PATH
$ dfx upgrade
$ dfx --version

2. Create Node Provider hotkey

  1. Create an identity for the Node Provider Hotkey 
    $ dfx identity new --storage-mode=plaintext node-provider-hotkey

Created identity: "node-provider-hotkey".


$ dfx --identity node-provider-hotkey identity get-principal

xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx
# example node-provider-hotkey: wuyst-x5tpn-g5wri-mp3ps-vjtba-de3xs-w5xgb-crvek-tucbe-o5rqi-mae
    You will need the Node Provider hotkey in the next steps. Note: you may be prompted to enter a passphrase when creating your identity and accessing your identity principal. Take note of the passphrase you choose.


Note: The Node Provider hotkey is NOT the Node Provider principal. This is the hotkey that is used for the NNS proposal submissions only.

3. Create and Manage Neuron via NNS Frontend Dapp and Internet Identity

  1. Send at least 11 ICPs to your hardware wallet address.
  2. Navigate to Neurons tab and create a Neuron by staking at least 10 ICP from your hardware wallet. Staking more ICP works as well, but 10 is the minimum.
  3. IMPORTANT! Confirm the transaction on your hardware wallet.
    stake neuron
  4. After the Neuron has been created successfully, confirm to "Add NNS Dapp as hotkey" in the dialogue and on your hardware wallet, and close the dialog after the action completes.
    neuron id
  5. Set the dissolve delay to at least 6 months, and confirm the choice in the dialogue and on your hardware wallet. After the action completes, you can close the "Follow Neurons".
    neuron id
  6. You will now see a Neuron listed with its ID. Copy the Neuron ID, since you will need it in the next steps to place the necessary proposals.
    Neuron id.png

4. Add hotkeys

  1. Select the Neuron you just created to open Neuron management view and press “Add hotkey” button.
    Hotkey 1.png
  2. A dialog will pop up where you can enter the hotkey you generated in step 2.1 (output from command dfx --identity node-provider-hotkey identity get-principal). This will allow you to submit NNS proposals using ic-admin and will not be used for anything else.
    Press the confirm button and confirm the transactions on your hardware wallet.
    Hotkey 2.png
  3. Get the Ledger Hardware Wallet Principal Id: Navigate back to ICP page and select your Ledger hardware wallet account. You will need to use this Ledger Hardware Wallet principal as the Node Provider principal in order to get the rewards directly into the secure hardware wallet.
    Node provider principal 1.png
    Node provider principal 2.png
  4. Copy and save this Node Provider principal by clicking on the copy icon after the principal id. You'll need it in the next steps. 
    $ NODE_PROVIDER_PRINCIPAL=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx   
# Input ledger Hardware Wallet principal, from the NNS FrontEnd dapp https://nns.ic0.app/

# example: $ NODE_PROVIDER_PRINCIPAL=fharn-5vyi2-4xb4a-64yyi-3jpmj-pga23-mxy25-d5uim-fqcro-eoefh-tae

5. Choose onboarding path (HSM vs no HSM)

Onboarding without a NitroKey HSM is the recommended onboarding path. If you will not be using a NitroKey HSM, continue to the next step.

If the legacy procedure is necessary, follow the NitroKey HSM onboarding instructions and return to step 9.

6. Setup the Node Operator keys

  1. Ensure dfx is at least version 0.14. Node Operator keys created with older versions of dfx will fail to join the IC. Run:
    $ dfx upgrade
$ dfx --version
  2. Create a new principal with dfx:
    $ dfx identity new --storage-mode=plaintext node_operator
  3. Confirm node_operator identity was created successfully:
    $ dfx identity list
    This list should contain node_operator.
  4. Copy new key to a known location:
    $ cp ~/.config/dfx/identity/node_operator/identity.pem ./node_operator_private_key.pem
  5. Check the contents of the node_operator_private_key.pem file and double check that it contains the following contents. It is imperative that the first line has -----BEGIN EC PRIVATE KEY-----. If it does not, make sure you use the latest dfx version and that you followed the instructions precisely.
    ❯ cat ./node_operator_private_key.pem
-----BEGIN EC PRIVATE KEY-----
[3 lines of base64 encoded private key, e.g. n2Nhp68YcQpuS0u96r...]
-----END EC PRIVATE KEY-----

7. Get the node operator principal

  1. Get the principal:
    $ NODE_OPERATOR_PRINCIPAL=$(dfx --identity node_operator identity get-principal)
$ echo $NODE_OPERATOR_PRINCIPAL

uqquy-76uhn-2mys5-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx

You will need the node operator principal in the next steps.

8. Register your Node Provider principal to the network

In the next codeblock:

  • Replace the NODE_PROVIDER_NAME value with the name of the entity that will provide the nodes.
  • Replace the NODE_PROVIDER_PRINCIPAL value with the Ledger Hardware Wallet principal that you got from the NNS Frontend DAPP (step 5.4)
  • Replace the NEURON_ID value with your neuron ID from the NNS Frontend Dapp (step 4.6)
  • IMPORTANT: Please make sure that you also update the --summary and include a link to the forum discussion, your company's web page, and/or to another place that can convince the voting community that you are making a legitimate request. You must also include the file hash for the self declaration and proof of identity documents, or the proposal will be rejected. This way you will avoid the community voting NO to your proposal and you losing your staked ICPs.
  1. Create the Proposal 
    $ NODE_PROVIDER_NAME="My Company"
$ NODE_PROVIDER_PRINCIPAL=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx
$ NEURON_ID=XXXXXXXXXXXXXXXXXXXX
$ ./ic-admin \
        --nns-url https://ic0.app \
        -s ~/.config/dfx/identity/node-provider-hotkey/identity.pem \
    propose-to-add-or-remove-node-provider add \
        --proposer $NEURON_ID \
        --proposal-title "Register a node provider '${NODE_PROVIDER_NAME}'" \
        --summary "Register a node provider '${NODE_PROVIDER_NAME}', in line with the announcement and discussion at <https://forum.dfinity.org/t/...>. The self-declaration documentation is available at <https://wiki.internetcomputer.org/wiki/...> with SHA256 hash <SHA256>." \
        --node-provider-pid "$NODE_PROVIDER_PRINCIPAL"
  2. Find the proposal on https://dashboard.internetcomputer.org/governance and wait until it is executed before proceeding to next step.
  3. You are encouraged to
  • In order to expedite the speed of your proposal's approval, it is best to create a post in this forum thread to raise awareness of your proposal. You can use this as a template for the post.

9. Register your datacenter to the network (if necessary)

  1. Search for your data center on https://dashboard.internetcomputer.org/centers.
    • If you found the datacenter that is hosting your nodes, remember its ID, and skip the following section. Otherwise, proceed with the registration of a new DC record.

Create a data center record for a new DC

In the next block of code:

  • Replace the NEURON_ID value with your neuron ID from the NNS Frontend Dapp (step 4.6)
  • Replace the JSON fields from the –data-centers-to-add argument and their corresponding values in --summary:
    • "id" represents the city that your datacenter is in and is formulated as a combination of two letters representing the city and an incrementing number. Search data center IDs on https://dashboard.internetcomputer.org, and find a combination of two letters and a number that’s not yet registered. Examples:
      • dl1 (Dallas, no IDs with “dl” prefix)
      • zh10 (Zurich, numbers 0-9 are already registered)
      Dc id.png
    • "region" represents the local region of a datacenter and is formulated as a three-part string divided by commas. The three parts making the string are continent, country code, and region, in the given order. Examples:
      • North America,US,Florida
      • Europe,DE,Bavaria
      • Asia,SG,Singapore
      Datacenter region.png
    • "owner" The entity that provides your datacenter facilities.
      • Search https://dashboard.internetcomputer.org for existing data center providers.
      • If there’s match, make sure you use the same exact some name for your datacenter.
      • Otherwise, name the data center owner to your best knowledge.
      Datacenter owner.png
    • "gps" GPS coordinates.
      • Find your datacenter on https://www.google.com/maps/.
      • Right click on location, and select the GPS coordinates (first item in the menu) in order to copy them.
      Getting GPS coordinates
  1. Create the proposal: 
    $ NEURON_ID=XXXXXXXXXXXXXXXXXXXX
$ ./ic-admin \
        --nns-url https://ic0.app \
        -s ~/.config/dfx/identity/node-provider-hotkey/identity.pem \
    propose-to-add-or-remove-data-centers \
        --summary "Register a Flexential datacenter as dl1 in North America,US,Texas" \
        --skip-confirmation \
        --proposer $NEURON_ID \
        --data-centers-to-add '{
            "id": "dl1",
            "region": "North America,US,Texas",
            "owner": "Flexential",
            "gps": [
                33.00803, -96.66614
            ]
        }'
    Remember to replace all the values of both the arguments –data-centers-to-add and --summary
  2. Find the proposal on https://dashboard.internetcomputer.org/governance and wait until it's executed before proceeding to next step.
  3. In order to expedite the speed of your proposal's approval, it is best to create a post in this forum thread to raise awareness of your proposal. You can use this as a template for the post.

10. Create a node operator record

In the next codeblock:

  • Replace the NEURON_ID value with your neuron ID from the NNS Frontend Dapp (step 4.6).
  • Replace the NODE_PROVIDER_PRINCIPAL value with the Ledger Hardware Wallet principal that you got from the NNS Frontend DAPP (step 5.4).
  • Replace the NODE_OPERATOR_PRINCIPAL value with your node operator principal (step 8.1).
  • Replace the NODE_PROVIDER_NAME value with the name of the entity that will provide the nodes.
  • Replace the NODE_ALLOWANCE variable value with number of nodes you are providing.
  • Replace the DC_ID variable value with id of your datacenter.
  1. Create the proposal: 
    $ NEURON_ID=XXXXXXXXXXXXXXXXXXXX
$ NODE_PROVIDER_PRINCIPAL=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx
$ NODE_OPERATOR_PRINCIPAL=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxx
$ NODE_PROVIDER_NAME="My Company"
$ NODE_ALLOWANCE=8
$ DC_ID=dl1

$ ./ic-admin \
        --nns-url https://ic0.app \
        -s ~/.config/dfx/identity/node-provider-hotkey/identity.pem \
    propose-to-add-node-operator \
        $NODE_PROVIDER_PRINCIPAL \
        --summary "Node provider '$NODE_PROVIDER_NAME' is adding $NODE_ALLOWANCE nodes in the $DC_ID data center" \
        --proposer $NEURON_ID \
        --node-operator-principal-id $NODE_OPERATOR_PRINCIPAL \
        --node-allowance $NODE_ALLOWANCE \
        --dc-id $DC_ID
  2. Find the proposal on https://dashboard.internetcomputer.org/governance and wait until it's executed before proceeding to next step.
Retrieved from "https://wiki.internetcomputer.org/w/index.php?title=Node_Provider_Onboarding&oldid=6321"