Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session key backup for minimal downtime migration - outage #928

Open
kucharskim opened this issue Oct 14, 2021 · 7 comments
Open

Session key backup for minimal downtime migration - outage #928

kucharskim opened this issue Oct 14, 2021 · 7 comments

Comments

@kucharskim
Copy link

Is there anyway to export (backup) and then restore (import) session keys in case of urgent node fail-over of Polkadot or Kusama validator?

We are developing disaster recovery, rapid failover mechanisms and we would like to have a passive Polkadot / Kusama instance which naturally syncs with the chain and is not a validator, but when a real validator node is affected by an outage, we would like to stop active validator, reconfigure standby node to re-use it's own local database directory (.../db/), but re-import session key and start validation again.

Is that scenario possible?
@bkchr
Copy link
Member

bkchr commented Oct 14, 2021

The session keys are also just stored in the file system. So, you are able to backup them. If you don't set an explicit keystore path, check the base path for the keystore.

@kucharskim
Copy link
Author

Remote signer is also a solution, which I didn't mention here, as I wanted to focus on import / export of session keys. What would be also practical if import of session keys is easy, could session keys be generated in advance and then later distributes into the node(s), according to our disaster recovery procedures?

@rphmeier
Copy link
Contributor

Import is relatively easy. You'd just copy over the keystore. But note that double-signing penalties are high. You'll want to build a system that restricts access of a set of keys to 1 node at a time

@kucharskim
Copy link
Author

Yes, @rphmeier I'm aware of that. Is there a way to generate those session keys by hand?

@burdges
Copy link

burdges commented Oct 15, 2021
edited
Loading

Just fyi, this is dangerous right now, but it'll become much safer once paritytech/substrate#7398 happens. I should do a clearer write up I guess..

@Sophia-Gold Sophia-Gold transferred this issue from paritytech/polkadot Aug 24, 2023
claravanstaden pushed a commit to Snowfork/polkadot-sdk that referenced this issue Dec 8, 2023
@alistair-singh
Standardize variables for deployment (paritytech#928)
8b8f1b5 
* renamed statemine to asset hub and allow agent id overrides

* fix unbound variable

* upgrade contract hash change

* update variables
helin6 pushed a commit to boolnetwork/polkadot-sdk that referenced this issue Feb 5, 2024
@dependabot
Bump decode-uri-component from 0.2.0 to 0.2.2 in /ts-tests (paritytec…
29779a9 
…h#928)

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@burdges @kucharskim @bkchr @rphmeier and others