Be sure to generate a service account for terraform with Compute Engine Editor permissions and download the key
then
terraform initand
GOOGLE_APPLICATION_CREDENTIALS=/path/to/cred.json terraform applyThen, the VM could be accessed with ssh
gcloud compute ssh --zone us-central1-a sol-node-vmor using any ssh client and the public IP, it will be outputted but can be re-grabbed with
terraform output- mount disk, create swap -
./hack/mount-disk.sh - setup solana linux user -
./hack/setup-solana-linux-user.sh - install solana toolchain -
./hack/install-sol.sh - start tuner, up the default linux limits -
./hack/start-solana-tuner.sh - re-log into the VM, ensure that the user is
solana - setup validator account -
./hack/setup-validator-account.sh - run node
./hack/run-node.sh - check health with
./hack/check-health.sh
The security keys should be generated locally and scp'ied to the VM afterwards
Ideally the node would be ran as a system service, there should be two separate mounts for the accounts and the ledger
In production environment, security should also be vetted; I would recommend running this on k8s with side-car microservices for health-checks, automatic restarts and additional authentication for non-peers