Hi,
Let’s have some fun and enjoy to run our favorite Sentinel dVPN node on Akash. This guide using the Ubuntu 20.04 LTS and assume it’s just fresh installed and we do hope to make it simple 🙂
The Main Step should be:
- Install some tools pack for later use.
- Install several Akash suite.
- Create Wallet for Akash.
- Fund Your Akash Wallet.
- Install Docker.
- Building Sentinel dVPN node.
- Create Wallet for Sentinel.
- Uploading to Dockerhub.
- Deploy on Akash
Let’s start,
Install Tools
First need to update the list before we do, let’s run one by one if You would like to see the result (and may skip if already installed)
Make sure we are not using the root account and for the best practice, please work all this command from our own home folder, for me /home/bwl
sudo apt update sudo apt upgrade sudo apt install jq
Now let’s install the latest golang,
wget https://dl.google.com/go/go1.16.4.linux-amd64.tar.gz sudo tar -xvf go1.16.4.linux-amd64.tar.gz
And let’s set the path to make it easy to use later
sudo nano .profile
And edit the .profile file by adding one line below
PATH="$HOME/go/bin:/usr/lib/go:$HOME/go:$PATH"
My Final .profile look like this:
and quit using CTRL-X
Our path is ready and apply with:
source .profile go version
And one more things to check is the permission and owner of go:
ls -al
Ooops, still root on me, may be better to change it to my username for easier access later on:
sudo chown -R bwl:bwl go/
Recheck with
ls -al
And enjoy the tools ready
Install Akash
AKASH_VERSION="$(curl -s "https://raw.githubusercontent.com/ovrclk/net/master/mainnet/version.txt")" curl https://raw.githubusercontent.com/ovrclk/akash/master/godownloader.sh | sh -s -- "v$AKASH_VERSION"
And Akash will be ready on our home folder, under the /go/bin, for mine with the user bwl will be:
/home/bwl/go/bin/
check by using:
akash version
Will show that latest stable for this article: v0.12.1
Create Wallet for Akash
Let’s create wallet on the keyring named bwl
The command for new wallet:
akash keys add bwl
If You already have Akash wallet for deployment
akash keys add bwl --recover
as for any wallet, please save the mnemonics on the very safe place and don’t lose it. And please remember the keyring password you just create.
and let’s export the wallet into easier name, let’s put it into .profile for easier access later on
sudo nano .profile
put the line
AKASH_ACCOUNT_ADDRESS="akash1........... (fill Your wallet)" export AKASH_NET="https://raw.githubusercontent.com/ovrclk/net/master/mainnet" export AKASH_NODE="$(curl -s "$AKASH_NET/rpc-nodes.txt" | shuf -n 1)"
Save using the CTRL-O, save current filename,
and quit using CTRL-X
And don’t forget to update the system
source .profile
Fund Your Akash Wallet
Last step is funding the wallet, many ways to do like a normal wallet,
You can check additional commands: https://docs.akash.network/guides/wallet
And very easy to purchase from any exchange listed on https://bwl.network
for deployment, at least we need 10 AKT = 10000000 uAKT
You can check the balance with:
akash --node "$AKASH_NODE" query bank balances "$AKASH_ACCOUNT_ADDRESS"
ok, I put 20 AKT for this guide:
Install Docker
Time for installing some of our best friends.
Be sure working on Your home folder to make everything tidy.
sudo apt-get install --yes curl
curl -fsSL get.docker.com -o ${HOME}/get-docker.sh
sudo sh ${HOME}/get-docker.sh
sudo sh -eux <<EOF
apt-get install -y uidmap
EOF
dockerd-rootless-setuptool.sh install
sudo usermod -aG docker $(whoami)
sudo nano .profile
let’s edit again the .profile for adding docker feature by modify the PATH (no need to add more line for PATH) and one more line for Docker
PATH="$HOME/go/bin:/usr/lib/go:/usr/bin:$HOME/go:$PATH" DOCKER_HOST=unix:///run/user/1001/docker.sock
Save using the CTRL-O, save current filename,
and quit using CTRL-X
And reboot the machine
Building Sentinel dVPN node
Welcome back, our Ubuntu back online and let’s continue
Make sure we are on the home folder
sudo apt-get install --yes git
git clone https://github.com/sentinel-official/dvpn-node.git ${HOME}/dvpn-node/
cd ${HOME}/dvpn-node/ && commit=$(git rev-list --tags --max-count=1) && git checkout $(git describe --tags ${commit})
Ready to build,
docker build --file Dockerfile \
--tag sentinel-dvpn-node \
--force-rm \
--no-cache \
--compress .
And build the certificate
sudo apt-get install --yes openssl
openssl req -new \
-newkey ec \
-pkeyopt ec_paramgen_curve:prime256v1 \
-x509 \
-sha256 \
-days 365 \
-nodes \
-out ${HOME}/tls.crt \
-keyout ${HOME}/tls.key
Simply and straight building, our Docker Image for Sentinel dVPN Node is ready.
Building takes a long time, may be 5-10 minutes so let’s create account on Dockerhub while waiting (https://hub.docker.com/). We will need the dockerhub account later.
Create Wallet for Sentinel (Don’t proceed yet, need to be updated)
Now for 2nd wallet, it’s for the Sentinel dVPN to run the dVPN Node.
Easy wording to remember:
Akash = deCloud as the Hosting/Server.
dVPN Node = The dVPN for running our VPN.
Let’s use the Packaged Docker Image to init config first:
Make sure we run from our home folder:
docker run --rm \
--volume ${HOME}/.sentinelnode:/root/.sentinelnode \
sentinel-dvpn-node process config init
And not confusing if even You use the same wallet keyring (like bwl for me) it’s totally no problem. As Wallet for Akash and Sentinel is totally different.
Let’s edit the config file,
sudo nano ${HOME}/.sentinelnode/config.toml
Let’s edit the below parameter with Your
docker run --rm \
--interactive \
--tty \
--volume ${HOME}/.sentinelnode:/root/.sentinelnode \
sentinel-dvpn-node process keys add bwl
or add the –recover for restoring existing Sentinel Wallet
docker run --rm \
--interactive \
--tty \
--volume ${HOME}/.sentinelnode:/root/.sentinelnode \
sentinel-dvpn-node process keys add bwl --recover
Create the password and its also can be the same as Akash. And don’t lose or mixed up with the mnemonic. Each wallet have own mnemonic.
Info: This section will be updated later to adapt the new usage without –volume which is Akash Network cannot support right now.
Uploading to Dockerhub
We need to upload the Configured and Packaged Docker Image to Dockerhub, so later on we can deploy as many dVPN as You like on Akash.
My Dockerhub username is bwlnet so I directly use the tag from our previous build
docker login docker push bwlnet/sentinel-dvpn-node:latest
And it’s time to deploy.
Deploy on Akash
First create the certificate (no need to create the certificate again if You already have) and we do the work from the home folder.
Let’s add the .profile again
sudo nano .profile
And add the:
AKASH_CHAIN_ID="$(curl -s "$AKASH_NET/chain-id.txt")"
So the final result:
source .profile
Continue with,
akash tx cert create client \ --from default \ --chain-id $AKASH_CHAIN_ID \ --node $AKASH_NODE \ --fees 1000uakt
More detail about the certificate https://docs.akash.network/design/mtls
create file dvpn.yml by using:
nano dvpn.yml
And the content is:
---
version: "2.0"
services:
dvpn:
image: bwlnet/sentinel-dvpn-node:latest
expose:
- port: 10000
as: 10000
proto: tcp
to:
- global: true
profiles:
compute:
dvpn:
resources:
cpu:
units: 1
memory:
size: 1Gi
storage:
size: 10Gi
placement:
akash:
attributes:
host: akash
signedBy:
anyOf:
- "akash1365yvmc4s7awdyj3n2sav7xfx76adc6dnmlx63"
pricing:
dvpn:
denom: uakt
amount: 100
deployment:
dvpn:
akash:
profile: dvpn
count: 1
ok, should remember the 1 AKT = 1,000,000 uAKT,
And the bid system running means the maksimum we accept is 100uAKT, but, if the providers try their best for 1 uAKT that means You will pay:
((1*((60/6)*60*24*30.436875))/10^6) in AKT
The SignedBy (
akash1365yvmc4s7awdyj3n2sav7xfx76adc6dnmlx63) is a definitive from https://docs.akash.network/guides/deploy
More on SDL (Stack Definition Language) for Akash manifest (yml/yaml) https://docs.akash.network/documentation/sdl
And let’s create the deployment
akash tx deployment create dvpn.yml \ --from default \ --node $AKASH_NODE \ --chain-id $AKASH_CHAIN_ID \ --fees 1000uakt
Note: If this command ends with:
Error: RPC error -32603 - Internal error: timed out waiting for tx to be included in a block
No worry as just find on the chain using:
akash query txs --events "message.sender=$AKASH_ACCOUNT_ADDRESS&message.action=create-deployment" --page 1 --limit 30 | jq -r '.txs[] | [ .tx.body.messages[].id[] ] | @csv'
Both normal result and error follow up with query will return the wallet name and DSEQ, for example:
"akash1...........our wallet.............","1883888"
Then You just need to catch and approve it:
AKASH_DSEQ=1883888 AKASH_GSEQ=1 AKASH_OSEQ=1
and proceed:
akash query deployment get \ --owner $AKASH_ACCOUNT_ADDRESS \ --node $AKASH_NODE \ --dseq $AKASH_DSEQ
Sample of the result:
deployment:
created_at: "1883888"
deployment_id:
dseq: "1883888"
owner: akash1...........our wallet.............
state: active
version: R+bMsK3+N7Wtf8MWmUqoIJTgagXPunxFJqV4EXZahYE=
escrow_account:
balance:
amount: "20000000"
denom: uakt
id:
scope: deployment
xid: akash1...........our wallet............./1883888
owner: akash1...........our wallet.............
settled_at: "1883889"
state: open
transferred:
amount: "0"
denom: uakt
groups:
- created_at: "1883990"
group_id:
dseq: "1883888"
gseq: 1
owner: akash1...........our wallet.............
group_spec:
name: akash
requirements:
attributes:
- key: host
value: akash
signed_by:
all_of: []
any_of:
- akash1365yvmc4s7awdyj3n2sav7xfx76adc6dnmlx63
resources:
- count: 1
price:
amount: "100"
denom: uakt
resources:
cpu:
attributes: []
units:
val: "100"
endpoints:
- kind: RANDOM_PORT
memory:
attributes: []
quantity:
val: "536854542"
storage:
attributes: []
quantity:
val: "536845635"
state: open
As the deployment ready on Akash Network, we just go into the market:
akash query market bid list \ --owner=$AKASH_ACCOUNT_ADDRESS \ --node $AKASH_NODE \ --dseq $AKASH_DSEQ \ --state open
Sample result:
bids:
- bid:
bid_id:
dseq: "1883888"
gseq: 1
oseq: 1
owner: akash1...........our wallet.............
provider: akash1........provider 1..............
created_at: "1172780"
price:
amount: "1"
denom: uakt
state: open
escrow_account:
balance:
amount: "200000000"
denom: uakt
id:
scope: bid
xid: akash1...........our wallet............./1883888/1/1/akash1........provider 1..............
owner: akash1........provider 1..............
settled_at: "1883999"
state: open
transferred:
amount: "0"
denom: uakt
- bid:
bid_id:
dseq: "1883888"
gseq: 1
oseq: 1
owner: akash1...........our wallet.............
provider: akash1........provider 2..............
created_at: "1883988"
price:
amount: "1"
denom: uakt
state: open
escrow_account:
balance:
amount: "200000000"
denom: uakt
id:
scope: bid
xid: akash1...........our wallet............./1883888/1/1/akash1........provider 2..............
owner: akash1........provider 2..............
settled_at: "1883897"
state: open
transferred:
amount: "0"
denom: uakt
pagination:
next_key: null
total: "0"
and pick the provider you choose, and wow, all bid just for 1 uAKT.
for example we choose provider 1:
export AKASH_PROVIDER=akash1........provider 1..............
and start create lease (remember the bwl is the Akash wallet)
akash tx market lease create \ --chain-id $AKASH_CHAIN_ID \ --node $AKASH_NODE \ --owner $AKASH_ACCOUNT_ADDRESS \ --dseq $AKASH_DSEQ \ --gseq $AKASH_GSEQ \ --oseq $AKASH_OSEQ \ --provider $AKASH_PROVIDER \ --from bwl \ --fees 1000uakt
Important: When lease created, provider start to debiting Your wallet
Now let’s start soon by sending our yml
akash provider send-manifest dvpn.yml \ --node $AKASH_NODE \ --dseq $AKASH_DSEQ \ --provider $AKASH_PROVIDER \ --from bwl
Check status using:
$ akash provider lease-status \ --node $AKASH_NODE \ --dseq $AKASH_DSEQ \ --provider $AKASH_PROVIDER \ --from bwl
And the sample nice result:
{
"services": {
"dvpn": {
"name": "dvpn",
"available": 1,
"total": 1,
"uris": null,
"observed_generation": 1,
"replicas": 1,
"updated_replicas": 1,
"ready_replicas": 1,
"available_replicas": 1
}
},
"forwarded_ports": {
"dvpn": [
{
"host": "cluster.sxc1p1.mainnet.akashian.io",
"port": 10000,
"externalPort": 33872,
"proto": "TCP",
"available": 1,
"name": "dvpn"
}
]
}
}
The endpoiint URI will be the host:random endpoint
cluster.sxc1p1.mainnet.akashian.io:33872
mapping into the port 10000 of our VPN deployment
This Section will be continue after we get the update for Docker solution