# Setup APTOS blockchain validator node (AIT-3) using Microsoft Azure **Published by:** [kiralee.eth](https://paragraph.com/@kiralee/) **Published on:** 2022-08-25 **URL:** https://paragraph.com/@kiralee/setup-aptos-blockchain-validator-node-ait-3-using-microsoft-azure ## Content Setup Aptos blockchain validator node using Microsoft Azure and Ubuntu 20.04What is Aptos Blockchain?Aptos is a new Layer 1 blockchain with smart contract functions like Ethereum and Solana. It can be regarded as a sequel to the Meta (formerly Facebook) Libra (later renamed Diem) plan. After Diem was sold by Meta, some core members left and formed a team to develop the Aptos chain based on Diem’s open source code. Aptos has received investments from top institutions such as a16z, FTX Ventures, Coinbase Ventures, and Binance Labs.What are the characteristics of Aptos blockchain?The biggest feature of Aptos is the adoption of a new development language Move, which was originally designed for the development of the Diem project, focusing on the security, scalability and upgradeability of the blockchain. Since the launch of the testnet in March 2022, Aptos has undergone multiple rounds of testing, and the testnet has more than 20,000 validating nodes. The data shows that currently Aptos can process more than 10,000 transactions per second, and ideally, the public chain can process 160,000 transactions per second in the future.Development progress of Aptos blockchain?2022/08/20 Official Announcement, revealing details of Incentive Testnet 3 (AIT-3) registration, schedule and incentive criteria. According to the team, AIT-3 brings the last major delivery function of the mainnet: on-chain governance and upgrades. In order to reflect the real-world environment of the mainnet launch, the number of participants in AIT-3 will be compared to that of AIT-2, which is approximately 225 participants.What are the benefits of participating in the Aptos testnet?At present, users who meet the conditions of Aptos incentivized testnet 3 (AIT-3) will be rewarded with 800 Aptos tokens.AIT-3 Incentive ConditionsAll selected participants::Access to the Aptos governance platform to register, stake and designate its operators (accounts associated with validators)Deploy validator nodes on-chain and registerJoin the validator setVote on 3 different governance proposalsLeaving the validator set late in AIT-3Notes: Documentation on these topics is posted on this page. Aptos stated that users who meet the following conditions will be rewarded with 800 Aptos tokens:Complete all required goals on timeThe node activity that satisfies the push data ≥ 95% under the indicator definitionEarned on-chain rewards ≥ 80% of maxSuccessfully participate in all governance operations created by AptosAdditionally, the team will be offering two additional opportunities to earn 200 Aptos tokens for those users who use the open REST API to run validator full nodes for load testing and do everything. It should be noted that due to regulatory concerns, any Aptos tokens can only be offered to non-US participants. Any rewards related to the incentivized testnet will only be offered after the mainnet has been successfully launched, and there will be a lock-up period of at least one year.Reference: https://www.blocktempo.com/aptos-incentivized-testnet-3/ https://www.grenade.tw/blog/what-is-aptos-blockchain/Setup a validator node using Microsoft Azure cloud serviceFirst, there are a few steps that need to be done before setting up a validator node.Make sure you have a Discord account and have joined the Aptos server. Important: You will be asked to connect a Discord account for AIT-3.Create an account (or log into your existing account) on the Aptos Community website.When prompted, provide your email address and username, and be sure to confirm your email.Follow the steps on this AIT-3 page to install and start a validator node, set the node to test mode, and provide validator details to the Aptos community. (This article details the installation steps)Download and install Petra Wallet and register your wallet address on the community website. (remove previous version of wallet)Pass the authentication and node verification process.Aptos Official Settings Manual: https://aptos.dev/nodes/ait/steps-in-ait3Reference: https://mirror.xyz/jackmusk.eth/ALQAOZKj4l94tK37wu1vqEgaNLa0VsOpvEacEg8p1wQLog in to Microsoft Azure to create a virtual machinehttps://azure.microsoft.com/zh-tw/get-started/azure-portal/Create a virtual machine. The resource group, virtual machine name, and region are selected according to your preferences.According to the node requirements of the official manual, the size is set to Standard_B8ms, the image selection is Ubuntu Server 20.04 LTS — Gen2 (18.04 is also available, here is 20.04), the authentication type is SSH public key is more secure (you can also use a password), the user name can be Arbitrary substitution. Note: The following node configuration will incur a monthly fee of about $300 (AIT-3 only lasts until 9/9, so the fee may be less), please evaluate your own financial ability. If you use your own server, please refer to the node requirements settings. The following steps are using docker, so even changing the cloud platform is feasible.Use ssh to connect, but we will do some firewall policy to restrict access.The OS disk type can be selected as standard SSD, and the rest can be selected according to your own needs.Since the data stored by the Aptos validator node is under the /opt/aptos folder, an additional data disk can be added here for storage. The following example will not use the data disk, but directly use azure-cli to expand the root partition.The virtual network, subnet, and public IP can be configured by default, and the NIC network security group can be selected as advanced.Select None for the load balance option, and leave the default.The following settings are default options.Finally check if the configuration is correct.If you use the key connection method, you will be prompted to download the key. Create a folder named testnet and store it in your personal computer (do not share it with others).Wait for the virtual machine deployment to complete.Configure Azure Firewall Policy to connect to virtual machineSelect the network and prepare to modify the firewall rule default-allow-ssh in the red box.You can query the public IP address of your personal computer, you can enter “My IP Address” in the browser to query. For example: the queried IPv4 is 123.123.123.123.When setting default-allow-ssh, fill in the source IP address, the public IP address of your personal computer, for example, fill in 123.123.123.123, and set to allow only your personal computer to connect.Choose Save.As shown in the figure below, the black part varies according to the public IP address of your PC. The NIC public IP (in the red box) of the virtual machine is also different. In the example, it is 20.117.104.111. Please replace this with the NIC public IP of your azure virtual machine.Use the key to connect to the azure virtual machine via ssh.Open the terminal (console, or powershell if windows) on your personal computer, use the terminal to modify the permissions of the key and connect to the azure virtual machine.*cd Desktop/testnet/ *(Go to the location where you store the ssh key, the example is the desktop) chmod 400 aptos-testnet_key.cer ssh -i aptos-testnet_key.cer azureuser@xxx.xxx.xxx.xxx (replace xxx with your azure NIC public IP)Connection succeededValidator node pre-environment preparationSwitch to root and update the ubuntu virtual machine.sudo -i apt updateInstall network tools to view portsapt install net-tools -yExpand root partition disk spaceReference: https://learningsky.io/resizing-ubuntu-vm-root-disk-in-azure/The default virtual machine root partition space created by azure is only 30G, as shown in the following figure. The above settings also do not add additional data disks, so we need to expand the root partition (/dev/root).df -hFirst switch to your personal computer, install the azure cli, and after the installation is complete, use the azure cli to log in.az loginAfter entering, it will jump out of the webpage to log inAfter successful login, the following screen will be displayed.Return to the Azure web page, query the ubuntu virtual machine name, resource group, OS disk name, and stop (shut down) the virtual machine.Go back to the azure cli of your personal computer and use the above information to expand the OS disk of the root partition of the ubuntu virtual machine.az disk update --resource-group <resource group name> --name <OS disk name> --size-gb <disk size> example:az disk update --resource-group TESTNET --name aptos-testnet_OsDisk_1_4ef6cda5243546ceb9bf4b3fa922b984 --size-gb 512 As shown in the figure above, after the expansion is completed, 512GB is displayed, and you can use the azure cli to power on the virtual machine again.az vm start --resource-group <resource group name> --name <computer name> example:az vm start --resource-group TESTNET --name aptos-testnet Log into the ubuntu virtual machine again and check the OS disk space.ssh -i aptos-testnet_key.cer azureuser@20.117.104.111 sudo -i df -hYou can see that the root partition has been expanded.Setup Aptos validator nodeStep 1. Install docker according to the node requirements. Referring to the official steps of docker, it is recommended to copy the comman directly from the official manual to avoid format errors. Install Dependency Packagesudo apt-get update sudo apt-get install ca-certificates curl gnupg lsb-releaseSetting docker repositorysudo mkdir -p /etc/apt/keyrings# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg# echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null Update docker repository and install docker-cesudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-pluginAfter the installation is complete, check the docker service is active(running)systemctl status dockerInstall Aptos CLI, the following is to use easy mode, put aptos under /bin. Go to the git hub page,https://github.com/aptos-labs/aptos-core/releases?q=cli&expanded=trueSelect aptos-cli-0.3.1-Ubuntu-x86_64.zip, right-click to copy the link URL.Go back to the Ubuntu virtual machine, use wget to download the aptos cli and store it under /tmp.cd /tmp *wget *https://github.com/aptos-labs/aptos-core/releases/download/aptos-cli-v0.3.1/aptos-cli-0.3.1-Ubuntu-x86_64.zipInstall unzip toolapt-get install unzipUnzip the aptos cli installation package.unzip /tmp/aptos-cli-0.3.1-Ubuntu-x86_64.zipMove aptops to /bin.mv /tmp/aptos /binCheck the aptos permission is -rwx-r-x-r-xls -al /bin/ | grep aptosTest the aptos cli command. The output as the following figure represents success.aptosStep 2. Install the aptos validator node, set the variables WORKSPACE and USERNAME, create a folder, and enter the WORKSPACE folder. Replace USERNAME with a name you like, and replace kiralee123 in the following example.export WORKSPACE=testnetexport USERNAME=kiralee123mkdir ~/$WORKSPACEcd ~/$WORKSPACEStep 3. Use wget to download docker-compose.yaml and validator.yaml*wget https://raw.githubusercontent.com/aptos-labs/aptos-core/main/docker/compose/aptos-node/docker-compose.yamlwget *https://raw.githubusercontent.com/aptos-labs/aptos-core/main/docker/compose/aptos-node/validator.yamlStep 4. Use aptos to generate the validator node private key, public key, and validator node configuration file. The four files generated are under ~/$WORKSPACE/keys.aptos genesis generate-keys — output-dir ~/$WORKSPACE/keys(Optional) Backup the private key, do not give the private key to anyone, otherwise the node will be hacked. cp /root/testnet/keys/private-keys.yaml /tmp/Change private key permissions (for easy backup)Exit the ubuntu virtual machineGo back to yoru personal computer and use the scp command to download the private key in the ubuntu virtual machine. scp -i azureuser@xxx.xxx.xxx.xxx:/tmp/private-keys.yaml Please replace <> with your own path, and replace xxx.xxx.xxx.xxx with the NIC public IP of your ubuntu virtual machine example: scp -i /Users/mac/Desktop/testnet/aptos-testnet_key.cer azureuser@20.117.104.111:/tmp/private-keys.yaml /Users/mac/Desktop/testnet/ At this point, there will be more private-keys.yaml in your personal computer. aptos-testnet_key.cer is the connection key used to connect azure’s ubuntu virtual machine. private-keys.yaml is the private key of the aptos validator node in the ubuntu virtual machine. Both need to be carefully kept and not leaked. Go back to the ubuntu virtual machine. Replace the following parameters by yourself ssh -i aptos-testnet_key.cer azureuser@xxx.xxx.xxx.xxx export WORKSPACE=testnet export USERNAME=kiralee123 cd ~/$WORKSPACE Step 5. Generate validator node profile using aptos cli. Replace xxx.xxx.xxx.xxx with the NIC public IP of the ubuntu virtual machine # aptos genesis set-validator-configuration \ --local-repository-dir ~/$WORKSPACE \ --username $USERNAME \ --owner-public-identity-file ~/$WORKSPACE/keys/public-keys.yaml \ --validator-host xxx.xxx.xxx.xxx:6180 \ --stake-amount 100000000000000 The above steps will generate two files under ~/$WORKSPACE/$USERNAME, owner.yaml, operator.yaml Step 6. Generate the validator node layout.yaml through aptos aptos genesis generate-layout-template --output-file ~/$WORKSPACE/layout.yaml Edit the layout.taml file with vim. vim layout.yaml Press i to enter edit mode, root_key, use the root key written in the official manual “D04470F43AB6AEAA4EB616B72128881EEF77346F2075FFE68E14BA7DEBD8095E” Change users to your USERNAME. chain_id改為43 example: After editing, press ESC, and press :wq to save and leave. Step 7. Use wget to download framework.mrb under ~/$WORKSPACE wget https://github.com/aptos-labs/aptos-core/releases/download/aptos-framework-v0.3.0/framework.mrb -P ~/$WORKSPACE Step 8. Generate genesis.blob and waypoint.txt through aptos compilation aptos genesis generate-genesis --local-repository-dir ~/$WORKSPACE --output-dir ~/$WORKSPACE Step 9. Refer to the official manual to check if there are these files under ~/$WORKSPACE. Step 10. Use docker compose up to start the validator node in background mode. docker compose up -d Check the service port is successfully listening netstat -tlnp Requires ports 9101、6181、6180、80 Finally, go back to the azure page, open the firewall policy, and open 9101, 6181, 6180, and 80 ports to the outside world. You’re done, the validator node is setup. Please complete the follow-up, as mentioned at the beginning of the article. Perform validator node verification, wallet installation, and identity verification. 4.Follow the steps on this AIT-3 page to install and start a validator node, set the node to test mode, and provide validator details to the Aptos community. (This article details the installation steps) 5. Download and install Petra Wallet and register your wallet address on the community website. (remove previous version of wallet) 6. Pass the authentication and node verification process. I wish you all the best of luck! ! ! ## Publication Information - [kiralee.eth](https://paragraph.com/@kiralee/): Publication homepage - [All Posts](https://paragraph.com/@kiralee/): More posts from this publication - [RSS Feed](https://api.paragraph.com/blogs/rss/@kiralee): Subscribe to updates - [Twitter](https://twitter.com/boyinlee): Follow on Twitter