Check list for deploy a AIT2 validator node

The deadline to register a node is 23:59 July7, so there is almost the last 24 hours, this article is for those who are still struggling to deploy a node. My recommended method is to use Ubuntu 20.04[1] with docker.

:one: Check the apto-cli version before generating the necessary configuration files
The output must be aptos 0.2.0 !

aptos -V
aptos 0.2.0

:two: Check the root key in layout.yaml
Please use the same root key as in the official tutorial, otherwise the node checker will not be able to run transaction emitter without the node’s private key.

root_key: "F22409A93D1CD12D2FC92B5F8EB84CDCD24C348E32B3E7A720F3D2E288E63394" 

:three: Check the program is running
You will see aptos-node running with validator.yaml

ps -aux |grep aptos-node  
root     1100 45.0 10.1 2596332 830164 ?   Ssl  Jul06 338:01 /<PATH>/aptos-node -f /<PATH>/validator.yaml

When using the official docker image, the recommended CPU is Intel Xeon Skylake or newer, the AMD zen series also has a compatible instruction set. Because the rust compilation parameter in the image is

RUSTFLAGS="-Ctarget-cpu=skylake -Ctarget-feature=+aes,+sse2,+sse4.1,+ssse3"

If your CPU does not meet the requirements or it’s another architecture, you will encounter error exit 132 when running docker. You may need to using the source code

:four: Check which port the program is listening on

ss -tnlp | grep -E -w '80|6180|8080|9101  
#or:  
netstat -tnlp | grep -E -w '80|6180|8080|9101'

You will see the output as shown below, 80 or 8080 depending on your deployment method, if the API is port 80 you need to fill in 80 on the registration page instead of deafault 8080 port.

LISTEN 0      4096         0.0.0.0:8080      0.0.0.0:*    users:(("docker-proxy",pid=1021,fd=4))
LISTEN 0      4096         0.0.0.0:6180      0.0.0.0:*    users:(("docker-proxy",pid=1058,fd=4))
LISTEN 0      4096         0.0.0.0:9101      0.0.0.0:*    users:(("docker-proxy",pid=1002,fd=4))

:five: Check api and metrics output
The output of API port should display chain_id:40

curl 127.0.0.1:80
{"chain_id":40,"epoch":5,"ledger_version":"10196576","ledger_timestamp":"1657174991809731","node_role":"validator"}

check metrics 2 times and make sure the numbers are increasing

curl 127.0.0.1:9101/metrics 2> /dev/null | grep aptos_state_sync_version|grep type=\"synced\"`   
aptos_state_sync_version{type="synced"} 10182456
curl 127.0.0.1:9101/metrics 2> /dev/null | grep aptos_state_sync_version|grep type=\"synced\"`
aptos_state_sync_version{type="synced"} 10182532

:six: Check the firewall in the Linux system

sudo ufw status

check the status of ufw. Status: inactive is OK and if Status: active then you need to allow the connection of the relevant port.

sudo ufw allow 80
sudo ufw allow 6180
sudo ufw allow 9101

If you are using docker, you usually don’t need to deal with iptables. But if you use source code and the default policy of iptables is to block then you need

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 6180 -j ACCEPT  
iptables -I INPUT -p tcp --dport 9101 -j ACCEPT 

:seven: Check the firewall in the server provider
It varies from server provider. As far as I know DigitalOcean Vultr Linode doesn’t block ports by default. While Aws Azure GCP needs to allow ingress traffic on the relevant port. The following figure is an example of a GCP
firewall setting on GCP]

:eight: Make sure your server have enough bandwidth and a good connection, high TPS requires a lot of data to be transferred. Otherwise you may see the following three error.

The transaction emitter only submitted 324 TPS but the minimum TPS requirement is 500
message: "invalid transaction: UNEXPECTED_ERROR_FROM_KNOWN_MOVE_FUNCTION"
message: "invalid transaction: SEQUENCE_NUMBER_TOO_OLD"

But if you are sure that the network is not the problem, you can try to verify the node several times or delete volume and restart.

docker-compose down --volumes
docker-compose up -d

If this has helped you or you think this article is useful, please vote for me.


  1. Because the official release of aptos-cli was compiled on Ubuntu 20.04. It requires glibc 2.29 or later and OpenSSL.1.1.1
    objdump -T aptos |grep -P “GLIBC_2.\d\d”
    0000000000000000 DF UND 0000000000000000 GLIBC_2.29 exp
    0000000000000000 DF UND 0000000000000000 GLIBC_2.29 log
    ldd aptos
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007faf52861000)
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007faf5258b000) ↩︎

6 Likes

I’s a so beautiful article.

Good Article… Thankss brotherr

Great article, you read my mind. Would like to add: put the 8080 port if you are using source instalation

Great :blush::blush::blush::+1::+1::+1: