Skip to main content

Installation of a Regular Node in the ISBE Network

This document describes the standard procedure for deploying a regular Hyperledger Besu node within the ISBE network (dev, pre, or pro environments).
Regular nodes allow a use case to connect to the network, deploy contracts, and send transactions.

The process consists of three phases:

  1. Preparing the machine and dependencies.
  2. Installing and configuring the Besu node.
  3. Requesting permissioning to join the node to ISBE's P2P.

1. Prerequisites

Before starting the installation, the participant must have:

  • 2 vCPU
  • 4 GB RAM
  • 40 GB SSD disk (minimum; 80+ GB recommended for intensive environments)

Operating System

  • 64-bit Linux (Ubuntu 20.04+ or equivalent)

Dependencies

  • Docker ≥ 20.10
  • Docker Compose ≥ 2.x
  • Root access or sudo permissions

Network and Ports

Besu nodes require the following ports:

PortUse
30303/tcpP2P (ingress/egress)
30303/udpDiscovery (optional depending on config)
8545/tcpRPC (if exposed)
8546/tcpWebSocket (if exposed)

IMPORTANT:
For a regular node joining ISBE's P2P, port 30303/tcp must be accessible from the Internet.

2. Prepare the Machine

Update packages:

sudo apt update && sudo apt upgrade -y

Install Docker:

curl -fsSL https://get.docker.com | sudo bash

Check installation:

docker --version
docker compose version

Create a dedicated user (optional but recommended):

sudo useradd -m -s /bin/bash besu
sudo usermod -aG docker besu

3. Obtain the Deployment Repository

Clone the official node deployment repository (the one indicated by ISBE):

git clone https://github.com/<isbe-infrastructure-repository>.git
cd <folder>

A typical Docker Compose structure for Besu nodes is included here:

docker-compose.yml
config/
  |-- ibft/
  |-- genesis.json
keys/

4. Generate Node Keys

Each Besu node needs its own identity key.
To generate it:

docker run --rm \
  -v $(pwd)/keys:/keys \
  hyperledger/besu:latest \
  --data-path=/keys \
  public-key export --to=/keys/node.pub

This will generate:

  • The node's private key
  • The public key
  • The associated enode

Obtain the node's enode:

docker run --rm \
  -v $(pwd)/keys:/keys \
  hyperledger/besu:latest \
  --data-path=/keys \
  rlp encode --from=/keys/node.pub

The ISBE team will use this enode to add your node to the allowed nodes list.

5. Configure the ISBE Network on the Node

Edit genesis.json and ensure it corresponds to the environment:

  • ISBE-DEV
  • ISBE-PRE
  • ISBE-PRO

This file defines:

  • ChainId
  • IBFT parameters
  • Gas limits
  • EVM configuration

The ISBE team provides these files to avoid configuration errors.

6. Configure docker-compose.yml

A typical example:

version: "3.8"

services:
  besu:
    image: hyperledger/besu:latest
    container_name: 'Node_Name'
    volumes:
      - ./config:/config
      - ./keys:/keys
      - ./data:/data
    command: >
      --data-path=/data
      --genesis-file=/config/genesis.json
      --node-private-key-file=/keys/key
      --rpc-http-enabled=true
      --rpc-http-host=0.0.0.0
      --rpc-http-port=8545
      --rpc-http-api=ETH,NET,WEB3,TXPOOL
      --rpc-ws-enabled=true
      --rpc-ws-host=0.0.0.0
      --rpc-ws-port=8546
      --p2p-port=30303
      --host-whitelist="*"
      --logging=INFO
    ports:
      - "30303:30303"
      - "8545:8545"
      - "8546:8546"
    restart: unless-stopped

Parameters to customize:

  • container_name: → put 'Node_Name'
  • Ports → only open if the use case needs them
  • Directories → must be persistent

7. Node Start

Start the node:

docker compose up -d

View logs:

docker logs -f <Node_Name>

The node will not be able to sync or enter the P2P network until ISBE authorizes its enode.

8. Request Permissioning

Send to the ISBE team (usually via form or email):

  • Node Name: 'Node_Name'
  • Enode: enode://...
  • Server Public IP: 'NODE_IP'
  • Target Environment: dev / pre / pro

Once approved, the node:

  1. Will be included in the authorized nodes list.
  2. Will be able to connect to the permissioners.
  3. Will start syncing the chain.

9. Verification after Permissioning

Check P2P status:

curl http://localhost:8545 \
  -H "Content-Type: application/json" \
  --data '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}'

It should return a number greater than zero when connected to the network.

Check block height:

curl http://localhost:8545 \
  -H "Content-Type: application/json" \
  --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'

The value should be increasing.

10. Subsequent Node Usage

Once synchronized, the regular node allows:

  • Deploying contracts.
  • Reading on-chain state.
  • Sending signed transactions.
  • Listening to events (via WebSocket).

The node remains under the operational responsibility of the use case:

  • Backups
  • Logs
  • Host security
  • Updates

The ISBE network only controls the permissioning and the P2P topology.