Network operator project planning
When planning a Corda deployment as a Business Network Operator, there are several considerations:
- Deployment environments
- Notary compatibility
- HSM compatibility
- Database compatibility
- Corda Enterprise Network Manager deployment
When deploying a private network, the Business Network Operator is responsible for all major components of the Corda network. In most enterprise deployments of Corda this includes:
- Nodes
- An HA notary cluster
- An HA Corda Firewall
- An HSM
- The certificate hierarchy of the network
The Business Network Operator also deploys Corda Enterprise Network Manager in a private network. This deployment includes an identity manager and a network map.
When deploying a public network, the Network Operator is responsible for all major components of the Corda network.
Deployment environments
Business Network Operators will need several deployments of Corda Enterprise, at least including:
- A development environment including minimal network infrastructure.
- A testing environment including a basic network, without HA notary, Corda Firewall, or HSMs.
- A UAT environment, that includes the full network infrastructure, with a shared HSM, and HA Corda Firewall.
- The production environment, including an HA notary cluster, HA Corda Firewalls on all nodes, HSMs, and network services.
Node sizing and databases
When defining the requirements of a node, it is important to define the resources that the node will require. While every Corda deployment will have different requirements - depending on the CorDapps and business model of the parties - the following table gives approximate sizings for typical node deployments.
Size | JVM Heap | # Cores | Minimum Host RAM |
---|---|---|---|
Small | 1GB | 1 | 2GB to 3GB |
Medium | 4GB | 8 | 8GB |
Large | 32GB | 32 | 64GB |
X-Large | > 32GB | > 32 | > 64GB |
All Corda Nodes have a database. A range of third-party databases are supported by Corda, shown in the following table:
Vendor | CPU Architecture | Versions | JDBC Driver |
---|---|---|---|
Microsoft | x86-64 | Azure SQL,SQL Server 2017 | Microsoft JDBC Driver 6.4 |
Oracle | x86-64 | 11gR2 | Oracle JDBC 6 |
Oracle | x86-64 | 12cR2 | Oracle JDBC 8 |
PostgreSQL | x86-64 | 9.6, 10.10 11.5 | PostgreSQL JDBC Driver 42.1.4 / 42.2.8 |
Notary databases
Vendor | CPU Architecture | Versions | JDBC Driver |
---|---|---|---|
CockroachDB | x86-64 | 20.1.6 | PostgreSQL JDBCDriver 42.1.4 |
Oracle RAC | x86-64 | 19c | Oracle JDBC 8 |
Hardware Security Modules (HSM)
Device | Legal Identity & CA keys | TLS keys | Confidential Identity keys | Notary service keys |
---|---|---|---|---|
Utimaco SecurityServer Se Gen2 | * Firmware version 4.21.1 | * Firmware version 4.21.1 | Not supported | * Firmware version 4.21.1 |
* Driver version 4.21.1 | * Driver version 4.21.1 | * Driver version 4.21.1 | ||
Gemalto Luna | * Firmware version 7.0.3 | * Firmware version 7.0.3 | Not supported | * Firmware version 7.0.3 |
* Driver version 7.3 | * Driver version 7.3 | * Driver version 7.3 | ||
FutureX Vectera Plus | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 | * Firmware version 6.1.5.8 |
* PKCS#11 version 3.1 | * PKCS#11 version 3.1 | * PKCS#11 version 3.1 | * PKCS#11 version 3.1 | |
* FXJCA version 1.17 | * FXJCA version 1.17 | * FXJCA version 1.17 | * FXJCA version 1.17 | |
Azure Key Vault | * Driver version 1.2.1 | * Driver version 1.2.1 | * Driver version 1.2.1 (SOFTWARE mode only) | * Driver version 1.2.1 |
Securosys PrimusX | * Firmware version 2.7.4 | * Firmware version 2.7.4 | * Firmware version 2.7.4 | * Firmware version 2.7.4 |
* Driver version 1.8.2 | * Driver version 1.8.2 | * Driver version 1.8.2 | * Driver version 1.8.2 | |
nCipher nShield Connect | * Firmware version 12.50.11 | * Firmware version 12.50.11 | * Firmware version 12.50.11 | * Firmware version 12.50.11 |
* Driver version 12.60.2 | * Driver version 12.60.2 | * Driver version 12.60.2 | * Driver version 12.60.2 | |
AWS CloudHSM | * Driver version 3.1.2 | * Driver version 3.1.2 | * Driver version 3.1.2 | * Driver version 3.1.2 |
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.