How to Deploy a Hyperledger Besu Network on Kubernetes

Hyperledger is rapidly gaining traction in the enterprise blockchain space, with industry leaders like LACChain, Poste Italiane, and Public Mint leveraging its ecosystem for innovative solutions. In this guide, we’ll walk you through deploying a Hyperledger Besu network on Kubernetes, a preferred platform for scalable and resilient blockchain deployments.

Why Choose Kubernetes for Hyperledger Besu?

Kubernetes excels in orchestrating distributed networks, making it ideal for Hyperledger Besu deployments. Key benefits include:

• Automated scaling and management of containerized services.
• High availability with zero downtime (failed containers are automatically replaced).
• Declarative configuration for consistent environment setup.

👉 Explore Kubernetes benefits for blockchain

Prerequisites

Before starting, ensure you have:

1. A Kubernetes cluster (local or cloud-based).
2. kubectl installed for cluster interaction.
3. Helm 3 for managing Kubernetes charts.
4. The Quorum-Kubernetes repository cloned.

Step-by-Step Deployment Guide

1. Verify Cluster Connection

Confirm kubectl is properly configured:

kubectl version

2. Create a Namespace

Isolate your deployment in a dedicated namespace:

kubectl create namespace besu

3. Generate the Genesis File

The genesis file defines your network’s foundational rules. Use the besu-genesis Helm chart:

helm install genesis ./charts/besu-genesis --namespace besu --values ./values/genesis-besu.yml

Key configurations:

• Set cluster.provider (e.g., local, aws, azure).
• Adjust rawGenesisConfig for chain ID, consensus (e.g., qbft), and validator count.

4. Deploy Bootnodes (Optional but Recommended)

Use Helm to deploy bootnodes for network discovery:

helm install bootnode ./charts/besu-node --namespace besu --values ./values/bootnode.yml

Set quorumFlags.isBootnode: true in values.yml.

5. Launch Validators

Deploy validator nodes to participate in consensus:

helm install validator-1 ./charts/besu-node --namespace besu --values ./values/validator.yml

Repeat for additional validators (e.g., validator-2, validator-3).

6. Add/Remove Validators

To modify the validator pool:

1. Deploy an RPC node.
2. Use vote API calls from existing validators to approve changes.

7. Deploy RPC and Transaction Nodes

• RPC Node: Handles public transactions.

  helm install rpc-1 ./charts/besu-node --namespace besu --values ./values/reader.yml

• Transaction Node: Manages private transactions (enable privacy with quorumFlags.privacy: true).

8. Configure Ingress for External Access

Deploy an NGINX ingress controller:

helm install quorum-network-ingress ingress-nginx/ingress-nginx --namespace besu

Apply pre-defined ingress rules for API access.

9. Verify Node Synchronization

Check sync status via JSON-RPC:

curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' http://<INGRESS_IP>/rpc

Best Practices for Production

• Monitor nodes proactively with tools like Grafana.
• Use multiple bootnodes for redundancy.
• Regularly back up keys and data.

👉 Optimize your Besu deployment with Zeeve

FAQs

1. What’s the minimum number of validators for a Besu network?

For QBFT consensus, 4 validators are recommended to ensure Byzantine fault tolerance.

2. Can I deploy Besu on a public cloud?

Yes! Kubernetes clusters on AWS, Azure, or GCP are fully supported.

3. How do I enable private transactions?

Set quorumFlags.privacy: true in your transaction node’s values.yml.

4. What’s the role of the genesis file?

It defines the network’s initial state, including consensus rules and validator set.

5. How can I scale my Besu network?

Kubernetes allows horizontal scaling by adding more nodes via Helm.

Conclusion

Deploying Hyperledger Besu on Kubernetes combines scalability, resilience, and automation. For enterprise-grade deployments, consider leveraging managed services like Zeeve to streamline node operations and monitoring.

Ready to build? Start your Besu journey today! 🚀