Docker deployments

This page contains a repository of example manual node operations using Docker. Before executing any of these commands, ensure the Corda Docker image has been correctly configured.

The node runs in a container. This works similarly to executing the JAR directly, though any node directories must be manually mounted into the container. It is also necessary to set up port-forwarding and environment variables. The same command variables can be used in running the container as when running the JAR. See the generating a node and running nodes locally pages.

In this example, the certificates are stored at /home/user/cordaBase/certificates, the node configuration is in /home/user/cordaBase/config/node.conf and the CorDapps to run are in /path/to/cordapps

docker run -ti \
        --memory=2048m \
        --cpus=2 \
        -v /home/user/cordaBase/config:/etc/corda \
        -v /home/user/cordaBase/certificates:/opt/corda/certificates \
        -v /home/user/cordaBase/persistence:/opt/corda/persistence \
        -v /home/user/cordaBase/logs:/opt/corda/logs \
        -v /path/to/cordapps:/opt/corda/cordapps \
        -p 10200:10200 \
        -p 10201:10201 \
        corda/corda-zulu-java1.8-4.8:latest

As the node runs within a container, several mount points are required:

  • CorDapps - CorDapps must be mounted at location /opt/corda/cordapps
  • Certificates - certificates must be mounted at location /opt/corda/certificates
  • Config - the node config must be mounted at location /etc/corda/node.config
  • Logging - all log files will be written to location /opt/corda/logs

If using the H2 database:

  • Persistence - the folder to hold the H2 database files must be mounted at location /opt/corda/persistence

To run a node connected to a Bootstrapped Network, you will need a valid node.conf, a valid set of certificates, and an existing network-parameters file.

In this example, a network-parameters file has been generated using the bootstrapper tool, which is stored at /home/user/sharedFolder/network-parameters

docker run -ti \
        --memory=2048m \
        --cpus=2 \
        -v /home/user/cordaBase/config:/etc/corda \
        -v /home/user/cordaBase/certificates:/opt/corda/certificates \
        -v /home/user/cordaBase/persistence:/opt/corda/persistence \
        -v /home/user/cordaBase/logs:/opt/corda/logs \
        -v /home/TeamCityOutput/cordapps:/opt/corda/cordapps \
        -v /home/user/sharedFolder/node-infos:/opt/corda/additional-node-infos \
        -v /home/user/sharedFolder/network-parameters:/opt/corda/network-parameters \
        -p 10200:10200 \
        -p 10201:10201 \
        corda/corda-zulu-java1.8-4.8:latest

The mount /home/user/sharedFolder/node-infos:/opt/corda/additional-node-infos is used to hold the nodeInfo of all the nodes within the network. As the node within the container starts up, it will place its own nodeInfo into this directory. This will allow other nodes also using this folder to see this new node.

It is possible to utilize the image to automatically generate a sensible minimal configuration for joining an existing Corda network.

It is possible to use the image to automate the process of joining an existing Zone as detailed here

The first step is to obtain the Zone Trust Root, and place it within a directory. In the below example, the Trust Root is stored at /home/user/docker/certificates/network-root-truststore.jks. It is possible to configure the name of the Trust Root file by setting the TRUST_STORE_NAME environment variable in the container.

docker run -ti --net="host" \
        -e MY_LEGAL_NAME="O=EXAMPLE,L=Berlin,C=DE"     \
        -e MY_PUBLIC_ADDRESS="corda.example-hoster.com"       \
        -e NETWORKMAP_URL="https://map.corda.example.com"    \
        -e DOORMAN_URL="https://doorman.corda.example.com"      \
        -e NETWORK_TRUST_PASSWORD="trustPass"       \
        -e MY_EMAIL_ADDRESS="[email protected]"      \
        -e SSHPORT="2222"      \
        -e RPC_USER="PartyA"      \
        -v /home/user/docker/config:/etc/corda          \
        -v /home/user/docker/certificates:/opt/corda/certificates \
        corda/corda-zulu-java1.8-4.8:latest config-generator --generic --exit-on-generate

Several environment variables must also be passed to the container to allow it to register:

  • MY_LEGAL_NAME - The X500 to use when generating the config. This must be the same as registered with the Zone.
  • MY_PUBLIC_ADDRESS - The public address to advertise the node on.
  • NETWORKMAP_URL - The address of the Zone’s network map service (this should be provided to you by the Zone).
  • DOORMAN_URL - The address of the Zone’s doorman service (this should be provided to you by the Zone).
  • NETWORK_TRUST_PASSWORD - The password to the Zone Trust Root (this should be provided to you by the Zone).
  • MY_EMAIL_ADDRESS - The email address to use when generating the config. This must be the same as registered with the Zone.
  • SSHPORT - The port to use for SSH.
  • RPC_USER - The RPC username.

There are some optional variables which allow customisation of the generated config:

  • MY_P2P_PORT - The port to advertise the node on (defaults to 10200). If changed, ensure the container is launched with the correct published ports.
  • MY_RPC_PORT - The port to open for RPC connections to the node (defaults to 10201). If changed, ensure the container is launched with the correct published ports.

Once the container has finished performing the initial registration, the node can be started as normal.

docker run -ti \
        --memory=2048m \
        --cpus=2 \
        -v /home/user/docker/config:/etc/corda \
        -v /home/user/docker/certificates:/opt/corda/certificates \
        -v /home/user/docker/persistence:/opt/corda/persistence \
        -v /home/user/docker/logs:/opt/corda/logs \
        -v /home/user/corda/samples/bank-of-corda-demo/build/nodes/BankOfCorda/cordapps:/opt/corda/cordapps \
        -p 10200:10200 \
        -p 10201:10201 \
        corda/corda-zulu-java1.8-4.8:latest

The image contains the database-migration tool. It is possible to run this in two modes within a container.

In this mode, the database-migration tool will scan the provided CorDapps, and generate corresponding migration jars. These jars will be placed alongside the source CorDapps. In this example, there are two CorDapps provided corda-insurance.jar and corda-kyc.jar

docker run -ti \
        -v /home/user/docker/docker/config:/etc/corda \
        -v /home/user/docker/docker/certificates:/opt/corda/certificates \
        -v /home/user/docker/docker/persistence:/opt/corda/persistence \
        -v /home/user/docker/docker/logs:/opt/corda/logs \
        -v /home/user/corda/samples/bank-of-corda-demo/build/nodes/BankOfCorda/cordapps:/opt/corda/cordapps \
        entdocker.software.r3.com/corda-enterprise-java1.8-4.8:latest db-migrate-create-jars

After the container has finished executing, there will be two new jars in /home/user/corda/samples/bank-of-corda-demo/build/nodes/BankOfCorda/cordapps: migration-corda-insurance.jar and migration-corda-kyc.jar. These will then be loaded as normal CorDapps by the node on next launch.

It is also possible to use the image to directly perform the migration of the database.

docker run -ti \
        -v $(pwd)/docker/config:/etc/corda \
        -v $(pwd)/docker/certificates:/opt/corda/certificates \
        -v $(pwd)/docker/persistence:/opt/corda/persistence \
        -v $(pwd)/docker/logs:/opt/corda/logs \
        -v $(pwd)/samples/bank-of-corda-demo/build/nodes/BankOfCorda/cordapps:/opt/corda/cordapps \
        entdocker.software.r3.com/corda-enterprise-java1.8-4.8:latest db-migrate-execute-migration

If the container is launched with the db-migrate-execute-migration command, the migration is directly applied to the database.

Was this page helpful?

Thanks for your feedback!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.

We're sorry this page wasn't helpful. Let us know how we can make it better!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Create an issue

Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.