Set up a Keystore file on a P-Rep Node

1. Export your keystore file first

Export your Keystore file whitch you registered in. You can see how to get the Keystore file from this link.​

2. Place your keystore file in the proper path

The keystore file needs to be exported and stored in the cert directory. Below is a directory structure under the docker-compose.yml
1
|-- docker-compose.yml
2
|-- data → data directory
3
|-- mainnet → block DB directory
4
|-- log → log directory
5
|-- cert → keytore or cert key directory
6
|-- YOUR_KEYSTORE_FILE → put your keystore file
Important - you should put your keystore file under the /cert folder.

3. Rename Keystore file simply

Enter a short name for the keystore file (recommended).

4. Import your keystore file into docker-compose.yml

If your keystore file name is textKeystore then the docker-compose.yml file looks like this:
$ cat docker-compose.yml
1
version: "3"
2
services:
3
prep-node:
4
image: "iconloop/prep-node:1910211829xc2286d"
5
container_name: "prep-mainnet"
6
network_mode: host
7
restart: "always"
8
environment:
9
NETWORK_ENV: "mainnet"
10
LOG_OUTPUT_TYPE: "file"
11
SWITCH_BH_VERSION3: "10324749"
12
CERT_PATH: "/cert"
13
LOOPCHAIN_LOG_LEVEL: "DEBUG"
14
ICON_LOG_LEVEL: "DEBUG"
15
FASTEST_START: "yes" # Restore from lastest snapshot DB
16
PRIVATE_KEY_FILENAME: "testKeystore" # only file name
17
PRIVATE_PASSWORD: "testKeystorepassword"
18
cap_add:
19
- SYS_TIME
20
volumes:
21
- ./data:/data # mount a data volumes
22
- ./cert:/cert # Automatically generate cert key files here
23
ports:
24
- 9000:9000
25
- 7100:7100
Also, you can see the directory path as below:
1
|-- docker-compose.yml
2
|-- data → data directory
3
|-- mainnet → block DB directory
4
|-- log → log directory
5
|-- cert → keytore or cert key directory
6
|-- testKeystore → put your keystore file

Troubleshooting

Q: How to check if container is running or not

The docker ps command shows the list of running docker containers.
1
$ docker ps
2
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3
0de99e33cdc9 iconloop/prep-node:1910211829xc2286d "/src/entrypoint.sh" 2 minutes ago Up 2 minutes(healthy) 0.0.0.0:7100->7100/tcp, 0.0.0.0:9000->9000/tcp prep_prep_1
You should look at the STATUS field to see if the container is running up and in healthy state.
Inside the container, there is a healthcheck script running with the following configuration. It will return unhealthy when it fails.
Healthcheck option
value
retries
4
interval
30s
timeout
20s
start-period
60s
The container can have three states:
    starting - container just starts
    healthy - when the health check passes
    unhealthy - when the health check fails
If the container does not start properly or went down unexpectedly, please check the booting.log. Below is the log messages on success.
1
$ cat data/PREP-MainNet/log/booting_${DATE}.log
2
​
3
[2019-10-23 17:47:05.204] Your IP: xxx.xxx.xxx.xxx
4
[2019-10-23 17:47:05.209] RPC_PORT: 9000 / RPC_WORKER: 3
5
[2019-10-23 17:47:05.214] DEFAULT_PATH=/data/mainnet in Docker Container
6
[2019-10-23 17:47:05.219] DEFAULT_LOG_PATH=/data/mainnet/log
7
[2019-10-23 17:47:05.224] DEFAULT_STORAGE_PATH=/data/mainnet/.storage
8
[2019-10-23 17:47:05.229] scoreRootPath=/data/mainnet/.score_data/score
9
[2019-10-23 17:47:05.234] stateDbRootPath=/data/mainnet/.score_data/db
10
[2019-10-23 17:47:05.239] Time synchronization with NTP / NTP SERVER: time.google.com
11
[2019-10-23 17:47:12.022] P-REP package version info - _1910211829xc2286d
12
[2019-10-23 17:47:12.697] iconcommons 1.1.2
13
iconrpcserver 1.4.5
14
iconsdk 1.2.0
15
iconservice 1.5.15
16
loopchain 2.4.15

Q: How to find error

Error log messages example
Grep the ERROR messages from the log files to find the possible cause of the failure.
1
$ cat data/PREP-MainNet/log/booting_${DATE}.log | grep ERROR
2
​
3
[2019-08-12 02:08:48.746] [ERROR] Download Failed - http://20.20.1.149:5000/cert/20.20.1.195_public.der status_code=000
4
​
5
[2019-08-12 01:58:46.439] [ERROR] Unauthorized IP address, Please contact our support team
Docker container generates below log files
    booting.log
      The log file contains the errors that occurred when the docker container starts up.
    iconrpcserver.log
      The log file contains information about the request/response message handling going through the iconrpcserver.
    iconservice.log
      The log file contains the internals of ICON Service
    loopchain.channel-txcreator-icon_dex_broadcast.icon_dex.log
      The log file contains information about TX broadcast from a node to other nodes
    loopchain.channel-txcreator.icon_dex.log
      The log file contains information about the process of confirming TXÆ’
    loopchain.channel-txreceiver.icon_dex.log
      The log file contains information about receiving the broadcasted TX from a node.
    loopchain.channel.icon_dex.log
      The log file contains information about internals of loopchain engine

Q: How to monitor resources

We recommend the following tools for resource monitoring
    1.
    Network monitoring - iftop, nethogs, vnstat
    2.
    CPU/Memory monitoring - top, htop
    3.
    Disk I/O monitoring - iostat, iotop
    4.
    Docker monitoring - docker stats, ctop