As your blockchain application development efforts and pilots mature, we realize that the requirements for the underlying consortium network will change, and that you will need to easily and securely create and deploy across multiple regions and support members comprised from organizations that exist within separate administrative and trust boundaries. We are excited to announce expansion of our blockchain support on Azure to be the first public cloud that enables multi-member consortium blockchain networks addressing enterprise scenarios that require a deployment of a private network across Azure regions, subscriptions, and Azure Active Directory (Azure AD) tenants.
As we work with customers, we see scenarios divide into three common topologies:
1. Single organization, multiple subscriptions: This is a common topology when divisions in an organization do not trust each other, for example when one division is auditing another division. Each division has its own footprint, but they are physically separated in different subscriptions across the same Azure AD tenant.
2. Multiple organizations, private: This is the true consortium scenario where each organization will have its own footprint and subscriptions, Azure AD tenants, and regions are all different. Given enterprise IT requirements, the services deployed must not be publicly accessible on the internet, even though communication will occur across organizations.
3. Multiple organizations, public-facing: Similar to the above topology, but in industries, enterprises, or scenarios where IT requirements allow or require the services deployed to be accessible to the public, over the internet. This simplifies the network connectivity requirements for the distributed system.
Today, we are releasing a set of solution templates in the Azure Marketplace that address the first two topologies configuring multi-region and multi-member Ethereum Consortium Blockchain Networks with a simple multi-step process through the Azure Portal or cmdline. The first template deploys and configures the footprint for the initial consortium member (or region), while the second template deploys, connects, and configures additional members (or regions) to form the overarching private network. If you are still experimenting, we suggest using the simpler single subscription deployment solution released in November.
These solution templates are designed to make it easier and quicker to deploy and configure a multi-member consortium Ethereum network with minimal Azure and Ethereum knowledge. With a handful of user inputs and a single-click deployment, each member can provision their network footprint, using Microsoft Azure compute, networking, and storage services across the globe. Each member's network footprint consists of a set of load-balanced transaction nodes with which an application or user can interact to submit transactions, a set of mining nodes to record transactions, and a VPN gateway. A subsequent connection step connects the gateways to create a fully configured multi-member blockchain network.
A multi-member network architecture is illustrated below.
It is important to note that to whom a member connects is not dictated by the template. The consortium should determine the network connectivity model, whether hub and spoke or mesh.
For more information about the solution, you can visit our guided walkthrough.
As with our first blockchain solution, rather than spending hours building out and configuring the infrastructure and networking across organizations, we have automated these time-consuming pieces to allow you to focus on building out the consortium and your production pilots.
Let us know if you have any questions, feedback, or additional requests once you try out these new blockchain solutions. We are excited to help you expand your blockchain deployments to true multi-party topologies.