SRE文档

深浅模式

JSON-RPC是区块链外部调用的标配了。以太坊同样也实现了这个功能。底层支持四种协议:InProc,IPC,HTTP,WEBSOCKED。上层除了常规的方法调用之外还实现了Pub/Sub功能

1.api访问,区块同步监测

  • 大概一周的时间,可以同步完成 ,云服务器8核16G内存+50g系统SDD盘+500g数据SDD盘,采用计算型

  • 查看 同步eth_syncing

[root@eth ~]# curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_syncing","params":[],"id":67}' 172.31.39.254:8545
{"jsonrpc":"2.0","id":67,"result":{"currentBlock":"0x87b7e1","highestBlock":"0x87b836","knownStates":"0x113b861a","pulledStates":"0x113b7f11","startingBlock":"0x87a009"}}
[root@eth ~]# curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_syncing","params":[],"id":67}' 172.31.39.254:8545
{"jsonrpc":"2.0","id":67,"result":{"currentBlock":"0x87b7e1","highestBlock":"0x87b836","knownStates":"0x113b861a","pulledStates":"0x113b7f11","startingBlock":"0x87a009"}}
  • 查看块高度
echo $((`curl -s -X POST -H "Content-Type":application/json --data  '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}' 172.31.39.254:8545 |awk -F'"' '{print $(NF-1)}'`))
echo $((`curl -s -X POST -H "Content-Type":application/json --data  '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}' 172.31.39.254:8545 |awk -F'"' '{print $(NF-1)}'`))

默认是显示为16进制

  • 查看账户信息
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_accounts","params":[],"id":67}' 172.25.0.10:8545
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_accounts","params":[],"id":67}' 172.25.0.10:8545
  • 查看账户余额
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_getBalance","params":["0xde1e758511a7c67e7db93d1c23c1060a21db4615","latest"],"id":67}' 172.25.0.10:8545
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_getBalance","params":["0xde1e758511a7c67e7db93d1c23c1060a21db4615","latest"],"id":67}' 172.25.0.10:8545
  • 查看交易状态
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"miner_start","params":[],"id":67}' 172.25.0.10:8545
curl -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"miner_start","params":[],"id":67}' 172.25.0.10:8545

有时geth进程运行正常,区块同步故障,需要检查区块高度是否增长

使用curl访问api查询区块高度,间隔一段时间在查,对比没增长则重启进程

#定时任务
#check blockchain
#*/4 * * * * bash /opt/shell/check.geth.sh

#var
eth_api=localhost:8545
Stime=180
[ $1 -gt $Stime ] && { Stime=$1 ; }

H1=$((`curl -s -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}'  $eth_api |awk -F'"' '{print $(NF-1)}'`))

sleep $Stime

H2=$((`curl -s -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}'  $eth_api |awk -F'"' '{print $(NF-1)}'`))

if [[ $H1 -eq $H2 ]];then
    echo "geth restart at  $(date +%F" "%T)  block $H1" >>/tmp/geth.restart.log
    supervisorctl restart geth &>/dev/null
fi
#定时任务
#check blockchain
#*/4 * * * * bash /opt/shell/check.geth.sh

#var
eth_api=localhost:8545
Stime=180
[ $1 -gt $Stime ] && { Stime=$1 ; }

H1=$((`curl -s -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}'  $eth_api |awk -F'"' '{print $(NF-1)}'`))

sleep $Stime

H2=$((`curl -s -X POST -H "Content-Type":application/json --data '{"jsonrpc":"2.0", "method":"eth_blockNumber","params":[],"id":67}'  $eth_api |awk -F'"' '{print $(NF-1)}'`))

if [[ $H1 -eq $H2 ]];then
    echo "geth restart at  $(date +%F" "%T)  block $H1" >>/tmp/geth.restart.log
    supervisorctl restart geth &>/dev/null
fi

1.1geth客户端登陆操作 

[root@eth eth]# ./geth attach rpc:http://172.31.39.254:8545
Welcome to the Geth JavaScript console!

instance: Geth/v1.9.6-stable-bd059680/linux-amd64/go1.13.1
coinbase: 0x24106cc3ccd0a5266874c67f5dc44abc330861be
at block: 0 (Thu, 01 Jan 1970 00:00:00 UTC)
 modules: eth:1.0 net:1.0 personal:1.0 rpc:1.0 web3:1.0

>
[root@eth eth]# ./geth attach rpc:http://172.31.39.254:8545
Welcome to the Geth JavaScript console!

instance: Geth/v1.9.6-stable-bd059680/linux-amd64/go1.13.1
coinbase: 0x24106cc3ccd0a5266874c67f5dc44abc330861be
at block: 0 (Thu, 01 Jan 1970 00:00:00 UTC)
 modules: eth:1.0 net:1.0 personal:1.0 rpc:1.0 web3:1.0

>

或者

[root@eth eth]# ./geth attach /data/coin/eth/geth.ipc
[root@eth eth]# ./geth attach /data/coin/eth/geth.ipc
  • 操作
#查看状态
eth

#查看最新区块高度
eth.blockNumber

# 查看同步状态,返回 false 未同步或同步到最新了
eth.syncing

#生成账户,密码 password123
personal.newAccount('password123')

> eth.syncing    ----输出false代表同步成功
{
  currentBlock: 8894954,    // 同步到的区块高度
  highestBlock: 8895035,    // 所链接的节点的最高高度 
  knownStates: 289655671,
  pulledStates: 289651487,
  startingBlock: 8888329
}
#查看状态
eth

#查看最新区块高度
eth.blockNumber

# 查看同步状态,返回 false 未同步或同步到最新了
eth.syncing

#生成账户,密码 password123
personal.newAccount('password123')

> eth.syncing    ----输出false代表同步成功
{
  currentBlock: 8894954,    // 同步到的区块高度
  highestBlock: 8895035,    // 所链接的节点的最高高度 
  knownStates: 289655671,
  pulledStates: 289651487,
  startingBlock: 8888329
}

supervisor管理以太坊geth进程 

#安装启动supervisor(ubuntu)
apt-get install -y supervisor
systemctl start supervisor
systemctl enable supervisor

#配置geth
mkdir -p /var/log/geth
vim /etc/supervisor/conf.d/geth.conf 
#配置文件如下 
[program:geth]
command=/opt/geth/geth --rpc --rpcapi web3,eth,net,db,personal --rpcaddr 0.0.0.0 --rpcport 8545
directory=/opt/geth
user=root
autostart=true
autorestart=true
startretries=9999
exitcodes=0
stopsignal=KILL
stopwaitsecs=10
redirect_stderr=true
logfile_backups=10
stdout_logfile_maxbytes=8MB
stdout_logfile=/var/log/geth/geth.log
#安装启动supervisor(ubuntu)
apt-get install -y supervisor
systemctl start supervisor
systemctl enable supervisor

#配置geth
mkdir -p /var/log/geth
vim /etc/supervisor/conf.d/geth.conf 
#配置文件如下 
[program:geth]
command=/opt/geth/geth --rpc --rpcapi web3,eth,net,db,personal --rpcaddr 0.0.0.0 --rpcport 8545
directory=/opt/geth
user=root
autostart=true
autorestart=true
startretries=9999
exitcodes=0
stopsignal=KILL
stopwaitsecs=10
redirect_stderr=true
logfile_backups=10
stdout_logfile_maxbytes=8MB
stdout_logfile=/var/log/geth/geth.log
#使用supervisor启动geth
supervisorctl reload
supervisorctl restart geth
#使用supervisor启动geth
supervisorctl reload
supervisorctl restart geth

2.docker方式部署geth节点 

#date dir
mkdir -p /data/eth_date

#run eth
docker run -dit --name eth -h eth \
 -v /etc/localtime:/etc/localtime:ro \
 -v /data/eth_date:/root/.ethereum \
 -p 30303:30303 -p 8545:8545 \
  --restart=always \
ethereum/client-go:stable  --rpc --rpcaddr "0.0.0.0" \
  --rpcapi "web3,eth,net,db,personal" --maxpeers=50 --rpccorsdomain "*"
#date dir
mkdir -p /data/eth_date

#run eth
docker run -dit --name eth -h eth \
 -v /etc/localtime:/etc/localtime:ro \
 -v /data/eth_date:/root/.ethereum \
 -p 30303:30303 -p 8545:8545 \
  --restart=always \
ethereum/client-go:stable  --rpc --rpcaddr "0.0.0.0" \
  --rpcapi "web3,eth,net,db,personal" --maxpeers=50 --rpccorsdomain "*"

3.RPC要加密访问 


server {
	listen 80 default_server;
	listen [::]:80 default_server;
 
	root /var/www/html;
	server_name localhost;
 
	location / {
		try_files $uri $uri/ =404;
	}
 
	location /eth {
    	#try_files $uri $uri/ =404;
    	auth_basic "Restricted Area";
    	auth_basic_user_file /etc/nginx/geth.htpasswd;
		proxy_pass http://localhost:rpcport;
		if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
        #
        # Tell client that this pre-flight info is valid for 20 days
        #
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
     }
  	}
	
}

server {
	listen 80 default_server;
	listen [::]:80 default_server;
 
	root /var/www/html;
	server_name localhost;
 
	location / {
		try_files $uri $uri/ =404;
	}
 
	location /eth {
    	#try_files $uri $uri/ =404;
    	auth_basic "Restricted Area";
    	auth_basic_user_file /etc/nginx/geth.htpasswd;
		proxy_pass http://localhost:rpcport;
		if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
        #
        # Tell client that this pre-flight info is valid for 20 days
        #
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
     }
  	}
	
}