Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

How to set up ec2 t1.micro Ubuntu for Masternode part 2/3

Discussion in 'Masternode Guides' started by chaeplin, Apr 11, 2014.

  1. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    * Use this guide only for EC2 instance with Security-Group
    * Using this guide on non-EC2 instances is very dangerous ( Especially iptables )


    * This guide is valid for RC3(local/remote setup)
    * local is home linux cold wallet holding 1K DRK
    * remote is server with empty wallet


    I. Part 1/3 EC2 Setup
    https://darkcointalk.org/threads/how-to-set-up-ec2-t1-micro-ubuntu-for-masternode-part-1-3.240/

    II. Part 2/3 AMI Setup
    https://darkcointalk.org/threads/how-to-set-up-ec2-t1-micro-ubuntu-for-masternode-part-2-3.241/
    https://darkcointalk.org/threads/how-to-set-up-ec2-t1-micro-ubuntu-for-masternode-part-2-3-2.1754/

    III. Part 3/3 Masternode update
    https://darkcointalk.org/threads/how-to-set-up-ec2-t1-micro-ubuntu-for-masternode-part-3-3.262/


    * cat >> blabla << EOF blablabla EOF things are removed.
    * This guide is valid for RC3(local/remote setup)
    * local is home linux cold wallet holding 1K DRK(With private ip address)
    * remote is server with empty wallet
    * You can use darkcoind or darkcoind-qt

    * if public ip of remote is changed, change masternodeprivkey
    * if you see log like "(ip_yours) dropped (banned)", restart darkcoind


    * brief steps
    - setup ami to compile normal darkcoind
    - compile darkcoind and run, sync
    - make an encrypted wallet holding 1000 DRK using home pc
    - download RC darksend
    - replace darkcoind


    PART 1
    This part use github src to compile to setup basic environment.
    #########################
    1. login to ec2 ami
    Code:
    ssh -i downloaded_pemfile [email protected]_public_ip
    2. disable root login and sudo to root
    http://aws.amazon.com/articles/1233
    http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/building-shared-amis.html
    Code:
    sudo passwd -l root
    sudo su -
    
    3. update system
    Code:
    apt-get update
    apt-get dist-upgrade
    
    4. add swap
    Code:
    dd if=/dev/zero of=/swapfile bs=1M count=1024
    
    Code:
    mkswap /swapfile
    swapon /swapfile
    
    * add line to /etc/fstab
    Code:
    /swapfile  swap      swap    defaults        0 0
    

    5. install files
    Code:
    apt-get install build-essential libssl-dev libboost-all-dev libdb5.1 libdb5.1-dev libdb5.1++-dev
    
    read binary wallet compatibility : https://github.com/darkcoinproject/...#dependency-build-instructions-ubuntu--debian
    Code:
    apt-get install git ntp make g++ gcc autoconf cpp ngrep iftop sysstat
    
    6. change system setting
    Code:
    update-rc.d ntp enable
    
    * enable sysstat
    * you can skip this system monitoring part.
    * sysstat utilities are a collection of performance monitoring tools.
    * add iptables rule
    * add a line to /etc/rc.local between # and 'exit 0'
    Code:
    #!/bin/sh -e
    #
    # rc.local
    #
    # This script is executed at the end of each multiuser runlevel.
    # Make sure that the script will "exit 0" on success or any other
    # value on error.
    #
    # In order to enable or disable this script just change the execution
    # bits.
    #
    # By default this script does nothing.
    /sbin/iptables-restore < /etc/iptables
    exit 0
    
    * do not use this rule for other vm.
    * rule for ec2 ami + ec2 security group.
    * /etc/iptables
    Code:
    #-----
    *filter
    :INPUT ACCEPT [1038:145425]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [434:87191]
    -A INPUT -i eth0 -p tcp -m tcp --dport 9998 -j REJECT --reject-with tcp-reset
    -A INPUT -i eth0 -p tcp -m tcp --dport 9999 --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 8 --connlimit-mask 24 --connlimit-saddr -j DROP
    -A INPUT -i eth0 -p tcp -m tcp --dport 9999 --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 2 --connlimit-mask 32 --connlimit-saddr -j DROP
    -A INPUT -i eth0 -p tcp -m conntrack --ctstate NEW -m tcp --dport 9999 -j ACCEPT
    -A INPUT -i eth0 -p tcp -j ACCEPT
    -A OUTPUT -o eth0 -j ACCEPT
    COMMIT
    #-----
    
    * test iptables
    Code:
    /sbin/iptables-restore < /etc/iptables
    iptables -L -v -n
    
    7. reboot system
    Code:
    reboot
    
    8. do step 1 and 2(login and switched to root)




    *** if you don't want compile, you can skip step 9, 10, 11.
    9. install darkcoin(git, compile, strip, copy)
    Code:
    cd /usr/local/src/
    git clone https://github.com/darkcoinproject/darkcoin.git
    cd darkcoin/src/
    
    Code:
    time make -f makefile.unix "USE_UPNP:=-" "USE_IPV6:=0"
    strip darkcoind
    cp darkcoind /usr/bin
    
    10. logout root
    Code:
    exit
    
    11. as ubuntu user
    Code:
    mkdir ~/.darkcoin
    
    If you want more powerpool password do this, and use the result to darkcoin.conf.
    You do not need to remember this password. It's used to connect rpc.
    Anytime you can change it(after darkcoind is stopped)
    Code:
    darkcoind
    
    This is output of darkcoind.
    Code:
    > darkcoind
    Error: To use darkcoind, you must set a rpcpassword in the configuration file:
    /home/ubuntu/.darkcoin/darkcoin.conf
    It is recommended you use the following random password:
    rpcuser=darkcoinrpc
    rpcpassword=Z9u831PBcGvuQdassadasVQFZb5381EoadnjAebc
    (you do not need to remember this password)
    The username and password MUST NOT be the same.
    If the file does not exist, create it with owner-readable-only file permissions.
    It is also recommended to set alertnotify so you are notified of problems;
    for example: alertnotify=echo %s | mail -s "DarkCoin Alert" [email protected]
    

    * make and edit ~/.darkcoin/darkcoin.conf
    Code:
    #----
    ## change this
    rpcuser=any_user_name_you_want_you_should_change_this_do_not_forget_
    ## change this
    rpcpassword=any_password_you_like_name_you_want_you_should_change_this_do_not_forget
    rpcallowip=127.0.0.1
    listen=1
    server=1
    daemon=1
    logtimestamps=1
    maxconnections=256
    #--------------------
    # change change_this_to_your_ec2_public_ip_ami_public_ip to public ip address which you connected by ssh
    externalip=change_this_to_your_ec2_public_ip_ami_public_ip
    #---------------------
    
    run darkcoind
    check sync status
    compare block height(no) with http://explorer.darkcoin.io/chain/DarkCoin or http://drk.poolhash.org/graph.html
    use 'tail -f ~/.darkcoin/debug.log' to see log.
    Code:
    darkcoind
    darkcoind getinfo
    darkcoind getmininginfo
    tail -f ~/.darkcoin/debug.log
    

    Continued.. in PART II
     
    #1 chaeplin, Apr 11, 2014
    Last edited: Mar 7, 2017
    • Like Like x 7
  2. nj47

    nj47 Guest

    I would recommend a few additional steps.
    1.) fail2ban - slightly unnecessary if you are locking down ssh to your local IP, but it couldn't hurt
    2.) Setup a root password - this is a big one.
    3.) Create a dedicated darkcoin user and only let that user access the wallet file
    4.) UFW makes managing the firewall so much easier
    5.) Setup 2FA on your AWS account
    6.) I would also say it is nearly imperative that you setup some sort of remote monitoring and get notifications if CPU usage gets too high, because on a micro instance if your CPU goes above like 50% for more than 1 minute, they throttle your CPU max usage to < 1000 mhz.
     
    • Like Like x 1
  3. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133

    I have learned how to use IAM and CloudWatch.
    Thank you.
     
    #3 chaeplin, Apr 11, 2014
    Last edited by a moderator: Apr 14, 2014
  4. TanteStefana

    TanteStefana Grizzled Member
    Foundation Member

    Joined:
    Mar 9, 2014
    Messages:
    2,859
    Likes Received:
    1,854
    Trophy Points:
    1,283
    I'm curious why you add a swap file? Isn't there one already from the default image?
     
  5. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    No swap on default Ubuntu image.
     
  6. vertoe

    vertoe Three of Nine

    Joined:
    Mar 28, 2014
    Messages:
    2,574
    Likes Received:
    1,656
    Trophy Points:
    1,283
    you dont really need a swap device but compiling darkcoin on micro instances you will usually run out of memory. good guide.
     
  7. TanteStefana

    TanteStefana Grizzled Member
    Foundation Member

    Joined:
    Mar 9, 2014
    Messages:
    2,859
    Likes Received:
    1,854
    Trophy Points:
    1,283
    Ah, I see. Since this is a downloaded pre compiled binary, I didn't notice a problem with memory, LOL.

    Another question please, I've been searching for an answer all night but can't figure it out, what do the numbers inside the brackets represent?:

    :INPUT ACCEPT [1038:145425]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [434:87191]

    Thank you :)
     
  8. TanteStefana

    TanteStefana Grizzled Member
    Foundation Member

    Joined:
    Mar 9, 2014
    Messages:
    2,859
    Likes Received:
    1,854
    Trophy Points:
    1,283
    I can't believe it, hours and hours I've been searching, and I tried just now one more time, and I got the question right, LOL. I never once just asked "what are the numbers inside the brackets, I asked all kinds of other things, but that one hit the nail on the head!

    Counters, I guess start counting on the lower end to the top end, eh?
     
  9. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133

    That's packets and bytes of chain.

    This is sample.


     
  10. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Cheers for the guide!

    With it being updated almost daily right now, maybe adding a section on how to update darkcoin would be worthwhile?
     
    • Like Like x 2
  11. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Hi @chaeplin , on #6, I get the following error on entering chkconfig --add ntp
    Code:
    /sbin/insserv: No such file or directory
    
    ntp     0:off 1:off 2:on 3:on 4:on 5:on 6:0ff
    Did I do this in the wrong dir or something?

    Cheers!
     
    #11 mattmct, Apr 13, 2014
    Last edited by a moderator: Apr 13, 2014
  12. Propulsion

    Propulsion The buck stops here.

    Joined:
    Feb 26, 2014
    Messages:
    1,008
    Likes Received:
    467
    Trophy Points:
    183
    Dash Address:
    XerHCGryyfZttUc6mnuRY3FNJzU1Jm9u5L
    Might want to edit that and use the Code button. So it doesn't show the smiles.
    Code:
    /sbin/insserv:No such file or directory
    ntp0:ff 
     
  13. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Good point lol, update the msg above. Cheers
     
  14. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    My fault, I have edited it.

    Use
     
    #14 chaeplin, Apr 13, 2014
    Last edited by a moderator: Apr 13, 2014
    • Like Like x 1
  15. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Cheers @chaeplin .

    Sorry to say, I'm stuck on #9.

    I'm not sure what "* change USE_UPNP:=- and USE_IPV6:=0" means.

    After entering "time make -f makefile.unix"

    Code:
    g++ -c -O2 -pthread -Wall -Wextra -Wformat -Wformat-security -Wno-unused-parameter -g -DBOOST_SPIRIT_THREADSAFE -D_FILE_OFFSET_BITS=64 -I/usr/local/src/darkcoin/src -I/usr/local/src/darkcoin/src/obj -DUSE_UPNP=0 -DUSE_IPV6=1 -I/usr/local/src/darkcoin/src/leveldb/include -I/usr/local/src/darkcoin/src/leveldb/helpers -DHAVE_BUILD_INFO -fno-stack-protector -fstack-protector-all -Wstack-protector -D_FORTIFY_SOURCE=2  -MMD -MF obj/net.d -o obj/net.o net.cpp
    net.cpp:18:32: fatal error: miniupnpc/miniwget.h: No such file or directory
    compilation terminated.
    make: *** [obj/net.o] Error 1
    
    real    2m22.786s
    user    2m3.992s
    sys     0m10.645s
    [email protected]:/usr/local/src/darkcoin/src# strip darkcoind
    strip: 'darkcoind': No such file
    
     
  16. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Many thanks Chaeplin. I gave that a shot, got this:


    Code:
    update-rc.d ntp defaults
    update-rc.d: warning: ntp stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1)
    System start/stop links for /etc/init.d/ntp already exist.
    
     
  17. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    file alredy created by chkcoinfig, so ignore it.
     
    • Like Like x 1
  18. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Okay awesome, thanks. Stuck on #9 above :/
     
  19. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    edit option in makefile.unix
    or without edit

     
  20. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    You're awesome @chaeplin ! Thanks for spelling it out for me! :). I was just reading through the building guide and think I worked it out. But thanks for adding it in. Much appreciated!
     
    • Like Like x 2
  21. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Looks like the d is missing from line cp darkcoin /usr/bin in #9. I assume it should be cp darkcoind /usr/bin
    Tried to run it. Got this error :/
    ./darkcoind

    ************************
    EXCEPTION: N5boost16exception_detail10clone_implINS0_19error_info_injectorINS_15program_options14invalid_syntaxEEEEE
    unrecognized line in '----'
    darkcoin in AppInit()

    So close but yet so far!

    Update: Tried running as root:


    Error: To use darkcoind, you must set a rpcpassword in the configuration file:
    /root/.darkcoin/darkcoin.conf
    It is recommended you use the following random password:
    rpcuser=darkcoinrpc
    rpcpassword=93ZR2he5KT18yCevrZbG39AjVVtU8rqtSP1cSgMgLG8p
    (you do not need to remember this password)
    The username and password MUST NOT be the same.
    If the file does not exist, create it with owner-readable-only file permissions.
    It is also recommended to set alertnotify so you are notified of problems;
    for example: alertnotify=echo %s | mail -s "DarkCoin Alert" [email protected]

    looks like I didn't make that file correctly, trying again
     
  22. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    This is compile time
    t1.micro

    Code:
    real13m51.049s
    user12m30.675s
    sys0m59.332s
    
    m3.medium
    Code:
    real7m6.372s
    user6m45.173s
    sys0m14.749s
    
     
  23. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133

    I correct "d".

    When you run darkcoind without config(rpcuser, rpcpassword), darkcoind shows that msg.
     
  24. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    I just made the config file, doubled checked the make sure it was there.

    Now even as root , I can't get it to run.

    Code:
    darkcoind
    
    
    ************************
    EXCEPTION: N5boost16exception_detail10clone_implINS0_19error_info_injectorINS_15program_options14invalid_syntaxEEEEE
    unrecognized line in '----'
    darkcoin in AppInit()
    
     
  25. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    Check your darkcoin.conf, if there is line start with ----, add # in front of it.
    I am sure.

    Code:
    #----
    
     
    • Like Like x 1
  26. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    haha, you my man, are a genius! I'm not sure how I didn't work that our myself lol, but many thanks!

    "Darkcoin server starting" :)
     
    • Like Like x 1
  27. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
    Is that compiled darkcoind or Darksend/Masternode ?

    I add compile step to assure "System is working", before run DarkSend Masternode.
     
  28. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    No that's just the darkcoind server. It still says the same "Darkcoin server starting"

    working out how to check sync status before I move on to the next steps.

    Update: darkcoind getblockcount = 50890

    Looks good so far!
     
    #28 mattmct, Apr 14, 2014
    Last edited by a moderator: Apr 14, 2014
    • Like Like x 1
  29. chaeplin

    chaeplin Active Member
    Core Developer

    Joined:
    Mar 29, 2014
    Messages:
    749
    Likes Received:
    356
    Trophy Points:
    133
  30. mattmct

    mattmct Member

    Joined:
    Mar 13, 2014
    Messages:
    259
    Likes Received:
    92
    Trophy Points:
    88
    Cheers chaeplin!
    I just noticed as I started the server as root, it created the blockchain etc in a different folder, and not the home. So I rebooted, fired up darkcoind not in root, and it makes the files / blockchain etc in the correct place.
    It's currently syncing. :)