Cherry Stake Pool consists of a distributed and layered server infrastructure that guarantees high reliability and security, while at the same time efficient management is enabled. This is achieved by a combination of rented server droplets in Digital Ocean’s NYC and Germany based data center and a powerful bare metal server (AMD Ryzen 7, 32 GB RAM) that is operated on site.
There are two relay nodes that are interfaced through the data center servers. The associated IP adresses that are published to the Cardano network are therefore static and other pools’ relay servers can always connect reliably. Furthermore, this approach offers a lot of flexibility to shift Cherry Stake Pool‘s relay servers to other physical machines or to add further relays in the future without any downtime.
The actual relay nodes, as well as the block producing node, run on the above mentioned bare metal server, encapsulated inside individual Docker containers (based on the official images). That makes sure they run completely independent of each other, even though they share the same hardware.
In total, there are three firewalls between the public internet and Cherry Stake Pool‘s Cardano nodes, that are configured to forward only absolutely necessary traffic for stake pool operation:
- Digital Ocean’s data center firewall
- The local network’s router firewall
- Docker’s bridged network firewall
The block producing node is even completely unreachable from the outside and interfaces only directly with the relays. Besides that, all cryptographic keys and certificates that are not required for the block producer to operate are kept separately in a safe, remote location.
Since the building where the server is located is equipped with a photovoltaic system, Cherry Stake Pool can be considered an environmental friendly stake pool. Especially when the sun is shining…