Deploying ION Node’s Microservices on Azure Virtual Machines
ION is a decentralized layer two, public, permissionless network for decentralized identifiers, which is developed and maintained by Decentralized Identity Foundation members and the community. Although its name, ION node, might suggest that the node is a single piece of software, like an Ethereum node for example, it is in fact comprised of a few pieces, which include a few non-ION specific components:
- MongoDB database.
- Bitcoin node.
- IPFS node.
And two custom, purpose-built microservices:
- ION’s bitcoin microservice (not to be confused with the bitcoin node).
- ION’s core microservice.
In this article we will be covering the deployment of ION’s microservices on Azure Virtual Machines using terraform. For the other required components, you can take a look at some of my past articles for deployment examples:
- MongoDB:
Terraforming a Serverless MongoDB Replica Set with Split Horizon DNS on Azure and Cloudflare | by Itay Podhajcer | Microsoft Azure | Medium - Bitcoin node:
Getting a Bitcoin Full Node Up and Running on Azure in No Time with Bicep | by Itay Podhajcer | Microsoft Azure | Medium - IPFS node:
Running an InterPlanetary File System Node Using Azure Container Instances | by Itay Podhajcer | Cladular | Medium
Or use any other deployment instructions from across the web.
Prerequisites
Will be using Terraform and its azurerm
provider, so we will be needing the following installed on our workstation:
Example Repository
A complete example Terraform script, which creates two virtual machines, installs the microservices and configures them as systed
services, is available in the following GitHub repository:
The Script
For brevity, I will only cover the area of the Terraform script that specifically installs and configures the microservices on the virtual machines using using scripts passed to the virtual machine resources through the custom_data
field.
We will start by creating four JSON configuration files, two for the bitcoin microservice:
bitcoin-config.tpl
bitcoin-versioning.tpl
And two files for the core microservice:
core-config.tpl
core-versioning.tpl
Note that both config files contain place holders for configurations that will be populated by both external data that will be supplied to the script when executing it (like the MongoDB, Bitcoin and IPFS hostnames), and some will be populated using that generated during the execution of the script (like the bitcoin microservice hostname required by the core microservice).
To combine the JSON files into an entry script that will execute when the VM starts for the first time, we will create a module that accepts either the bitcoin microservice files or the core microservice files and creates a script that will install and configure that service.
The script template file which installs all the basic dependencies, clones the ION GitHub repository, builds the code, places the JSON files in the VM and configures the systemd
service, should look like this:
The module will also include a template for a service file:
And lastly, a main.tf
file that combines everything together using locals
:
The output of this module can be used later when deploying the virtual machines.
As mentioned above, the complete code that includes both the above ION specific script parts and the creation of the virtual network, subnet, security group and virtual machine per microservice can be found in example GitHub repository.
Testing The Deployment
Running terraform apply
won’t be enough, as before deploying the two ION microservices, the MongoDB database, Bitcoin node and IPFS node should already be up and running. In the case of the Bitcoin node, it should also be already synchronized with the network, a process that takes some time to complete.
Once those dependencies are ready, the ION bitcoin node should start successfully, and only then will the ION core microservice also be able to start successfully.
To test the ION core microservice, check the following identifier using a browser (adjust the hostname to the core microservice’s hostname):
http://[CORE-MICROSERVCE]:3000/identifiers/did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w
Conclusion
Although this is a much more elaborate deployment than the options currently provided on ION’s GitHub repository (here), it will require more effort to turn it into something production grade, like firewalls, multiple nodes for redundancy and even only making it available in the virtual private network for internal system operations.