Nima Kaviani

@nimak

m

Project BlockHead: An Ethereum Smart Contract Service Broker for Kubernetes and Cloud Foundry

This blogpost is co-authored by Swetha Repakula, morgan bauer, and Jonathan Berkhahn

With the growing interest in blockchain technology, software developers are looking into integrating smart contracts into their applications. Applications developed and integrated with blockchain are typically composed of two parts:

  • A smart contract deployed to the blockchain network
  • A Web application that binds to the deployed contract and uses it.

A smart contract can be thought of as a snippet of code available at a given address in the blockchain network which is capable of receiving and processing input data, retrieving or updating ledger state, and returning results to the requesting party. The web applications using the contract are commonly referred to as Web3 applications.

Despite all the excitement in using blockchain, the end-to-end multi-step process of deploying a smart contract and integrating it into a Web application is fairly cumbersome. An application developer requires to:

  1. develop or reuse a smart contract
  2. compile the contract code
  3. retrieve the executable binary and the application binary interface (ABI)
  4. bring up a blockchain node (e.g., Ethereum)
  5. create or import an account (i.e. Wallet) into the node
  6. use the account to deploy the binary code into the blockchain network
  7. verify deployment and retrieve the contract address
  8. and finally use the combination of the account address, the contract address, and the contract ABI in a Web application to bind to the contract and use it

There have been efforts to simplify the process of developing smart contracts. Truffle, for example, offers a development framework that brings up a local Ethereum network and allows developers to test-drive development of their smart contract applications.

However, when it comes to a deployment to the main Ethereum network (mainnet) or a test network (testnet), developers still need to manually go through the process of provisioning a blockchain node to ensure successful deployment and integration of their contracts with their applications.

As open source platform engineers, we strive to simplify the process of application development for software engineers. Platform-as-a-Service (PaaS) exists on the premise of making it easier for developers to deploy, scale, and manage their applications; and platforms like Kubernetes and Cloud Foundry have come a long way in simplifying application lifecycle management. Following the same premise, we believe PaaS platforms can and should simplify development of smart contract applications and make it integral to the lifecycle of smart contract applications deployed to PaaS. This is why project BlockHead was born.

Project BlockHead takes advantage of the Open Service Broker API specification to build a service broker layer placed between the Web application and the blockchain network. Doing so, the broker controls management of the smart contract by automating creation and deployment of smart contracts and then exposing the required set of information to the Web application.

Open Service Broker API

The Open Service Broker API (OSB API) specification offers a common interface for the creation and integration of a service marketplace into cloud applications in such a way that services can be maintained and managed independently from the applications and yet applications can easily bind and use services through the exposed APIs. Service brokers are responsible for advertising a catalog of service offerings and service plans to the marketplace, and acting on requests from the marketplace for provisioning, binding, unbinding, and deprovisioning.

Borrowing from the specification of the OSB API, provisioning reserves a resource on a service as an instance. In the context of the BlockHead broker, the service instance represents a blockchain node connected to the blockchain network. What a binding represents may also vary by service. Creation of a binding provides the service instance with smart contract information for it to be compiled and deployed and become available to the application using the service. A platform marketplace may expose services from one or many service brokers, and an individual service broker may support one or many platform marketplaces using different URL prefixes and credentials. Picture above shows an example of interaction with the service broker API to provision a service.”

More details on how to interact with a service broker can be found below:

BlockHead Service Broker

With project BlockHead, we aim to translate each OSB API call to a series of steps in the lifecycle of the smart contract and thus hide the complexity of interaction with a blockchain away from application developers.

The first version of the broker is built on top of the Container Service Broker, a Cloud Foundry community project. By utilizing the container service broker, blockchain nodes can be run inside an isolated Docker container and operate independently when deploying and binding smart contracts.

We utilize the broker to deploy stateful Ethereum nodes on demand. Each step in provisioning and binding or unbinding and deprovisioning are then modified to deliver on creation / deletion of smart contracts or nodes. Picture below provides an overall architecture for how the Blockhead service broker provisions Ethereum nodes and integrates with the Cloud Foundry applications:

The overall interaction model between the BlockHead service broker and Cloud Foundry applications

1. Deploying the Broker

The initial version of the BlockHead broker is published as a BOSH release. A BOSH release is a versioned collection of configuration properties, configuration templates, startup scripts, source code, binary artifacts, and anything else required to build and deploy software in a reproducible way.

In this blogpost we have the BlockHead service broker deployed alongside a Cloud Foundry deployment. This allows us to benefit from capabilities in Cloud Foundry to push Web3 applications and bind them to the contract service. For instructions on how to deploy Cloud Foundry consult the documentation below.

Once you have a BOSH deployment environment with Cloud Foundry deployed on it, deploying the BlockHead broker is as simple as running the following script:

deply.sh from https://github.com/nimakaviani/container-broker

Since Kubernetes integrates with Open Service Broker API compliant brokers, in case you have a Kubernetes deployment, you can hook up the deployed BlockHead broker to your Kubernetes platform and bind to deployed smart contracts using Web3 applications deployed to Kubernetes. You can find out how to do the integration with Kubernetes HERE.

2. Service MarketPlace and Contract MarketPlace

For the broker to appear in the Cloud Foundry marketplace you need to first register it using the following command:

bosh run-errand -d docker-broker broker-registrar

Once the broker is registered, you can query the marketplace and you will see the Ethereum service appear in the marketplace:

Further to this, we have also developed a simple contract marketplace that would allow us to list contracts and then refer to them using their URL when binding an application to an Ethereum node. To have the contract marketplace deployed, you can add your smart contracts to the marketplace, build the docker image, push it up to a docker registry and then use a command similar to the following to download and use it:

cf push contract-marketplace --docker-image nimak/contract-marketplace

You can verify that the application is up and running by checking cf apps:

In our example the marketplace is available at the address below and navigating to the address we can find the website:

http://contract-marketplace.bosh-lite.com/posts/solidity/

Notice on top of each contract definition there is a hyperlink reference to the code for the contract. This contract URL is what we use to bind the service to the application and deploy the contract. Note that deploying the contract marketplace is optional and if you have other ways to supply a smart contract URL to the Ethereum service, it would totally work as well.

3. Provision the Service Instance

When a request to provision a service instance is issued, the broker starts up an Ethereum node. The Ethereum node exposes its Remote Procedure Call (RPC) api for interactions and makes the endpoints available through a given address and port number.

For the node creation to occur, you need to first deploy a Web3 application that is intended to use the smart contract. For the case of this blog post, we will be using our simple-node-application that only writes and reads a single value to and from the ledger. Note that since the app does not have the contract connected to it yet, we do not start the app when pushing it otherwise the deploy will fail.

$ git clone https://github.com/nimakaviani/eth-apps
$ cd eth-apps/sample-node-app
$ cf push nora --no-start

Verify that application nora is pushed to your Cloud Foundry deployment:

Next, we create the Ethereum service for the deployed application:

With the request to create the service, the service broker creates a docker container with an Ethereum node running on it.

This can be verified with BOSH by connecting to the docker VM in the broker deployment and looking at the list of docker containers it is running (Note that each docker container runs an instance of the Ethereum node that corresponds to the created service).

You see that the Ethereum node has its server running on port8545 which is mapped to port32771 externally and on the host vm.

4. Create Service Binding

When binding to the service, the location of a smart contract in the form of a URL is passed to the broker. The broker downloads the contract, compiles it, extracts the ABI and pushes the binary to the Ethereum node using the account created at the time of launching the service.

We mentioned earlier that the sample contract marketplace provides the link to the given contract, so we can simply get the URL location of the contract and bind it to the application.

Note that when binding the service we pass the contract_url in the form of an inlined JSON configuration to cf bind-service.

With the service binding going through successfully, we can issue a cf env command to see the updated list of environment variables for the application.

Under VCAP_SERVICES the configuration for eth involves credentials data for the eth_node such as contract abi, account address, contract address, transaction hash for the deployed contract, as well as the host address and port mappings for the application to connect to the Ethereum node.

Going back to the sample node application referenced earlier, you see that the code in the application uses these environment variables to be able to bind to the smart contract and use it.

Code snippet to bind Web3 application to the deployed smart contract in Cloud Foundry

And VOILA! with that information, you can define routes for you node.js application to get and set values into the ledger using the smart contract:

Set and Get values into the blockchain ledger using deployed contract and Web3 application

5. Delete Service Binding

When unbinding the service, the broker assumes that the contract used during the bind phase is no longer required, as a result, upon receiving an unbind request, the broker detaches the service from the application and removes the injected contract information from VCAP_SERVICES, but keeps the node around for it to possibly have other contracts deployed to it. Newly deployed contracts will use the same Ethereum node with the same account created during the service creation phase.

In case of our running example, the following command would unbind the contract:

cf unbind-service nora simple

6. Deprovision Service Instance

When a request is issued to deprovision the service, the service broker proceeds to delete the docker container:

cf delete-service eth

Challenges and Future Improvement Plans

1. Syncing the Ledger

Like many other blockchain networks, nodes in Ethereum require the full ledger to be present for subsequent transactions to take effect. This implies that the docker container created by the BlockHead service broker either needs to include the full ledger at the time it gets created or to sync the ledger after the container is created. The latter is very time intensive. The ledger size for the mainnet Ethereum is around 600GB and growing. Given the ledger size, it would take considerable amount of time for the provisioned Ethereum node to sync its ledger and be ready, making the integration impractical.

An alternative solution is for the service broker to maintain a warm docker image with a fairly up-to-date copy of the ledger to use when creating a service. This requires the broker to run a side node that constantly syncs its ledger with the ledger for the Ethereum network and to periodically create and publish an Ethereum node docker image.

Currently, the service broker launches the Ethereum node in developer mode which implies starting with a fresh ledger. This helps us quickly bring up a development environment to test Web3 applications against while avoiding the long wait for ledger syncup. We plan to implement techniques that would allow quick startup of an Ethereum node against the mainnet or testnet for production purposes as well.

2. Memory footprint

Syncing the ledger involves reading transaction blocks from other peers in the network, validating them, and then adding them to the local copy of the ledger. Since writing to the disk is I/O intensive, an Ethereum node maintains a subset of the ledger in memory while performing validation and chaining of the nodes before writing the new blocks to the disk. This constrains memory usage on the VMs deploying Ethereum nodes and puts an upper bound to the number of containers that can be run and managed by the broker.

3. Account Management

As mentioned earlier, Ethereum nodes need to bind to an Ethereum account before being capable of deploying contracts. This implies that the broker either needs to manage Ethereum accounts by both internally creating and then exposing them to the application developers or by allowing the developers to import their own accounts to use with the broker.

Currently accounts get discarded upon deleting the smart contract service and the corresponding Ethereum node. This will be revised for the accounts to be exportable / downloadable.

Summary

In this blog post we discussed the implementation of Project BlockHead as a service broker to be used in PaaS platforms such as Cloud Foundry and Kubernetes. The goal of Project BlockHead is to simplify how smart contracts are deployed and used in Web3 applications by taking away the complexity of deploying and managing blockchain nodes.

While we described the end-to-end process of deploying and using the broker, application developers need to only care about Steps 3 to 6 of the process described above. This involves creating a smart contract service and binding it to an application. Steps 1 and 2 of deploying the service broker and the contract marketplace would potentially be done only once and typically managed by platform engineers and operations engineers, simplifying the overall process.

Project BlockHead came about as a hackathon project during Cloud Foundry Summit 2018 in Boston and as you might have noticed most of the repositories we shared in this blog post are personal github repositories of our team participating in the hackathon. Luckily the project has received good amount of interest from the community and hopefully in the near future it will find a new home as an incubated project and be properly CI/CD-ed. So come back to this blog post for further announcements as to where you can find the official project repository. It is an open source project and we certainly welcome any contribution to make it better.

Topics of interest

More Related Stories