Node operator project planning
A node operator is a member of a Corda business network, but does not operate any of the network services. A Corda Node is the component that hosts CorDapps, and executes transactions with other network parties.
A Corda node is highly configurable, and care must be taken to correctly configure your node for best performance.
For more information on node configuration, see node configuration.
Node sizing
When defining the requirements of a node, it is important to define the resources that the node will require. While every Corda deployment will have different requirements - depending on the CorDapps and business model of the parties - the following table gives approximate sizings for typical node deployments.
| Size | JVM Heap | # Cores | Minimum Host RAM |
|---|---|---|---|
| Small | 1GB | 1 | 2GB to 3GB |
| Medium | 4GB | 8 | 8GB |
| Large | 32GB | 32 | 64GB |
| X-Large | > 32GB | > 32 | > 64GB |
Node databases
All Corda Nodes have a database. A range of third-party databases are supported by Corda, shown in the following table:
| Vendor | CPU Architecture | Versions | JDBC Driver |
|---|---|---|---|
| Microsoft | x86-64 | Azure SQL,SQL Server 2017 | Microsoft JDBC Driver 6.4 |
| Oracle | x86-64 | 11gR2 | Oracle JDBC 6 |
| Oracle | x86-64 | 12cR2 | Oracle JDBC 8 |
| PostgreSQL | x86-64 | 9.6, 10.10 11.5 | PostgreSQL JDBC Driver 42.1.4 / 42.2.8 |
The node database stores all data required by the node, including CorDapps and state definitions.
To learn more about the node database, see understanding the node database.
Testing and production environments
There are two key environments that a node operator must access or maintain, a production environment hosting the live node, and a testing environment for testing CorDapp updates, node upgrades, or other network changes.
Production environment
A production environment should contain the node, an HA implementation of the Corda Firewall, and an HSM that conforms to your organisation’s security policies.
The Corda Firewall consists of the Float and Bridge components. A high-availability implementation of Corda Firewall requires Zookeeper v3.5.4 running as an external cluster and both the Float and Bridge components running as external clusters.
The following HSMs are compatible with Corda Enterprise:
| Device | Legal identity and CA keys | TLS keys | Confidential Identity keys | Notary service keys |
|---|---|---|---|---|
| Utimaco SecurityServer Se Gen2 | * Firmware version 4.21.1 | * Firmware version 4.21.1 | Not supported | * Firmware version 4.21.1 |
| * Driver version 4.21.1 | * Driver version 4.21.1 | * Driver version 4.21.1 | ||
| Gemalto Luna | * Firmware version 7.0.3 | * Firmware version 7.0.3 | Not supported | * Firmware version 7.0.3 |
| * Driver version 7.3 | * Driver version 7.3 | * Driver version 7.3 | ||
| FutureX Vectera Plus | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 |
| * PKCS#11 version 3.1 | * PKCS#11 version 3.1 | * PKCS#11 version 3.1 | * PKCS#11 version 3.1 | |
| * FXJCA version 1.17 | * FXJCA version 1.17 | * FXJCA version 1.17 | * FXJCA version 1.17 | |
| Azure Key Vault | * Driver version 1.2.1 | * Driver version 1.2.1 | * Driver version 1.2.1 (SOFTWARE mode only) | * Driver version 1.2.1 |
| Securosys PrimusX | * Firmware version 2.7.4 or newer | * Firmware version 2.7.4 or newer | * Firmware version 2.8.5 or newer | * Firmware version 2.7.4 or newer |
| * Driver version 1.8.2 or newer | * Driver version 1.8.2 or newer | * Driver version 2.3.4 or newer | * Driver version 1.8.2 or newer | |
| nCipher nShield Connect | * Firmware version 12.50.11 | * Firmware version 12.50.11 | * Firmware version 12.50.11 | * Firmware version 12.50.11 |
| * Driver version 12.60.2 | * Driver version 12.60.2 | * Driver version 12.60.2 | * Driver version 12.60.2 | |
| AWS CloudHSM | * Driver version 3.1.2 | * Driver version 3.1.2 | * Driver version 3.1.2 | * Driver version 3.1.2 |
UAT environment
In many cases, a business network operator will run a UAT and provide access to that environment to the node operator. However, node operators may also run their own UAT or QA environment.
The architecture of a QA or UAT environment should mirror the production environment as closely as possible, in order to provide the best testing environment.
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.