Before going any further please make sure you have at least one Route 53 Domain available. For instructions on how to create one please see Amazon Route 53.
WARNING please note that any S3 or EC2 resources created by Sextant will be billed to your account and are NOT included in your Sextant subscription.
Once you have set up Sextant successfully please review the Follow up actions.
Provided that you have subscribed to Sextant on the AWS Marketplace and you are logged into your AWS account, the simplest way to deploy Sextant is to use this deployment template URL
Please note that this link defaults to the last region viewed in your AWS EC2 Console. However to switch to another region is straightforward as all you need to do is change the region in your console and the launch stack URL will be updated automatically.
When choosing an AWS region to deploy Sextant please note that it can only be launched in an AWS region that supports AWS Fargate. See AWS Regional Services for details.
The link above is a launch stack URL and you will be presented with a form like this:
The key fields are -
Stack name is the name of the parent Fargate networking stack that will be created by AWS.
InitialPassword must be at least 8 characters long; contain at least two uppercase characters and at least three lowercase characters
WARNING you should make a note of this password as you will need it in order to login to Sextant as
adminand complete the setup process
SextantS3Bucket should NOT refer to an existing S3 bucket in your AWS account unless this is one previously created by Sextant.
Once you've completed the form scroll down and check the box acknowledging that you understand that AWS CloudFormation might create IAM resources. Then click
Create to initiate the creation of the Sextant Fargate stack.
Provided that there are no errors such as an incorrectly specified password you will then be redirected to the Stack Details page for your stack.
NOTE that it will take AWS approximately 5 minutes to launch Sextant
You can view the Events log to see what AWS resources are being created on your behalf.
For example, if you open the S3 Management Console you will be able to see the new S3 Bucket created on your behalf.
WARNING this S3 bucket contains critical state information so should be treated as READ ONLY by you
Once the status of your stack is
CREATE_COMPLETE expand the Outputs and you should see a key
Click on the corresponding link to open your Sextant instance and then login as
admin using the
InitialPassword you specified earlier.
Once you've logged into Sextant you can in theory immediately start creating Kubernetes clusters and deploying Hyperledger Sawtooth networks on these clusters.
However if you plan to use Sextant in a team setting we recommend that you first create end users by clicking top right and selecting Users from the dropdown menu.
Note that you can also click on
Supportif you need to contact us for any reason.
You can then create new users. Unless you want to grant them admin rights we recommend that you select
normal when creating them.
As an admin you can see all users so to focus on the world as seen through the eyes of a normal user we will logout of our
Having created new user
appdev1 we now login using their credentials.
As you can see from this screenshot
appdev1 has a more restricted set of options.
In order to deploy a Hyperledger Sawtooth network we first need to create a target cluster. To do this we click on the ADD + button which takes us to the following screen:
If there are no Route53 Domains in the dropdown please refer back to the Preflight Checks section above. Once you have created a Route53 Domain refresh this page.
The rest of the form should be self-explanatory. You need to select the AWS Region then your preferred availability zones if there are more AZs than the number of nodes specified.
If you opt to get Sextant to generate a
key pair then you must save the private key that is created. The easiest way to do this is to copy it to the clipboard then save it to a new file on your machine e.g. by using
vi in a terminal window and saving it to
Having done this all that remains is to click on Create Cluster and put the kettle on as it will take 5-10 minutes to actually set up your Kubernetes cluster. If you return to the Clusters page you will see your cluster in the list. Once it is set up its status will change to created.
In this example we chose to deploy our cluster to
eu-west-2 and if you go to the EC2 console in this region you can see a number of resources have been created by Sextant on your behalf.
If you drill down on the
4 Running Instances you will see that these are the master and nodes
m4.large instances specified when you created the cluster. Note that Sextant has used the Route53 domain
catenasys.co.uk we also specified when we created the cluster.
WARNING as with
S3these resources should be treated as READ ONLY by you.
Returning to your Sextant tab which should still be showing the list of Kubernetes clusters note that the two
Actions available to you are delete or expand the cluster. Expanding the cluster takes you to the Sawtooth creation panel.
Note that you can download the Kubernetes configuration file for this cluster which is useful if you have
kubectl installed on your machine.
export KUBECONFIG=~/downloads/my-first-cluster-kubeconfig kubectl get all -o wide
If you do this then you should see output like this:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 14h <none>
Switching back the the Sextant tab we will accept all the Sawtooth defaults with the exception of enabling the
XO Transaction Processor in the list of additional TPs. We then click on Deploy Sawtooth.
NOTE that strictly speaking
Dev Modeshould only be selected as the Consensus Algorithm if you are spinning up a single validator node.
After a few moments Sextant will start deploying Sawtooth on your cluster:
You can see the same thing if you switch to your terminal window:
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE pod/sawtooth-monitoring-0 2/2 Running 0 1m 100.116.0.2 ip-172-20-16-104.eu-west-2.compute.internal <none> pod/sawtooth-validator-0 0/11 PodInitializing 0 1m 100.116.0.3 ip-172-20-16-104.eu-west-2.compute.internal <none> pod/sawtooth-validator-1 0/11 Init:0/1 0 1m 100.120.0.3 ip-172-20-42-5.eu-west-2.compute.internal <none> pod/sawtooth-validator-2 0/11 Init:0/1 0 1m 100.104.0.2 ip-172-20-90-150.eu-west-2.compute.internal <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/grafana LoadBalancer 100.65.46.116 ac317bf56eef911e89b52063eef8c774-854535447.eu-west-2.elb.amazonaws.com 80:31379/TCP 1m app=sawtooth-monitoring service/influxdb ClusterIP 100.67.58.148 <none> 8086/TCP 1m app=sawtooth-monitoring service/kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 14h <none> service/sawtooth-nodeport NodePort 100.71.193.177 <none> 8080:30080/TCP,3030:30030/TCP,30800:30800/TCP 1m app=sawtooth-validator service/sawtooth-rest-api LoadBalancer 100.70.189.88 ac433d144eef911e89b52063eef8c774-2107129349.eu-west-2.elb.amazonaws.com 8080:31986/TCP,3030:31070/TCP 1m app=sawtooth-validator service/sawtooth-validator ClusterIP None <none> 30800/TCP 1m app=sawtooth-validator service/sawtooth-xo-demo LoadBalancer 100.69.86.126 ac4814aaceef911e89b52063eef8c774-1778999742.eu-west-2.elb.amazonaws.com 80:32101/TCP 1m app=sawtooth-validator NAME DESIRED CURRENT AGE CONTAINERS IMAGES statefulset.apps/sawtooth-monitoring 1 1 1m sawtooth-stats-influxdb,sawtooth-stats-grafana blockchaintp/sawtooth-stats-influxdb:1.0.5,blockchaintp/sawtooth-stats-grafana:1.0.5 statefulset.apps/sawtooth-validator 3 3 1m sawtooth-validator,settings-tp,identity-tp,block-info-tp,intkey-tp,seth-tp,seth-rpc,xo-tp,xo-demo,rest-api,utility-shell blockchaintp/sawtooth-validator:1.0.5,blockchaintp/sawtooth-settings-tp:1.0.5,blockchaintp/sawtooth-identity-tp:1.0.5,blockchaintp/sawtooth-block-info-tp:1.0.5,blockchaintp/sawtooth-intkey-tp-go:1.0.5,blockchaintp/sawtooth-seth-tp:1.0.5,blockchaintp/sawtooth-seth-rpc:1.0.5,blockchaintp/sawtooth-xo-tp-go:1.0.5,blockchaintp/xo-demo:master,blockchaintp/sawtooth-rest-api:1.0.5,blockchaintp/sawtooth-shell:master
Within a couple of minutes your Sawtooth network will be deployed on your cluster and you are ready to play tick-tack-toe.
If you return to the Clusters page you can now see that the status of your cluster is deployed.
Expanding your deployed cluster returns you to the details page where you will note that in addition to being able to download your kubernetes cluster config file or delete it you now have the option to
Open Dashboard which takes you to the standard kubernetes dashboard (just Skip the dialog).
Returning to the Sextant tab you now have the option to
Open Monitoring or
Undeploy Sawtooth. If you opt for the former this takes you to the Sawtooth Grafana login page. Use
admin and under Home select Sawtooth Performance dashboard.
Returning to the Sextant tab try the
Open XO Demo option.
Look out for a video exploring tick-tack-toe on Sawtooth. In the meantime for more information on what is behind this demo checkout Introduction to the XO Transaction Family.
If you are planning to use your Sextant instance on an ongoing basis then we recommend that you add an SSL certificate to the ELB you are using to connect to it by following the AWS instructions that detail how to Create a Listener for Your Application Load Balancer.
If you recall Sextant is launched in
us-east-1 by default so if you open your EC2 Management Console you should be able to locate the load balancer.
You can customise your Sawtooth network by adding custom transaction processors
The key fields are -
Image is the location of the docker image for your transaction processor and
Command is the command needed to launch it, if any, and optionally
To try this out instead of enabling the
XO transaction processor add the following custom transaction processor -
In order to run the interactive XO demo you should also add -
In the next release -