Overview
Quorum Blockchain Service (QBS) provides a fully-managed platform as a service (PaaS) that eliminates the burden of blockchain infrastructure management. This allows enterprises that want the trustlessness and transparency of blockchain technology for their multi-party business processes to focus their time on developing Web3 applications—not implementing and supporting the underlying infrastructure.
This overview explains how QBS is deployed in your Microsoft Azure environment in a robust, secure manner, so you can spend your time where you want to—developing world-class Web3 applications.
Architecture
QBS is deployed in your Azure subscription, using the Azure Managed Applications framework, which provides the same experience as any PaaS service in Azure.
When you deploy QBS, you're deploying an Azure Managed Application into your Azure subscription, referred to as a Member. A QBS member includes several dependent Azure services, such as virtual machines, storage, and networking, configured as a fully-functioning GoQuorum Ethereum private blockchain network.
Select Managed resource group to view the Azure services provisioned as part of your QBS deployment.
Resources are pre-configured and the configuration can't be changed by the end user. ConsenSys monitors and manages the resources for you, including updating the GoQuorum client version on the nodes, applying patches for security vulnerabilities, and configuring networking to ensure resources are secure. You can view the configuration of these resources and monitor your nodes.
Availability
QBS is currently available in the following Microsoft Azure regions:
- East US
- Japan East
- North Europe
- Southeast Asia
- UK South
- West Europe
- West US 2
Tiers of service
Whether you're a developer, just getting started with blockchain, or ready to deploy a production solution, QBS offers three tiers of service to meet your needs:
Development is a cost-optimized tier of service targeted at getting started with your Web3 application. Using low-cost B2ms Series or Azure Spot Instance VMs in Azure, one transaction node and one validator node are provisioned for your QBS member which provides all the functionality needed to start your journey, including support from ConsenSys with a one business day response time.
Business and Enterprise are tiers of service targeted at production Web3 applications. Using enterprise-grade, SLA-backed D2a V4 Series in Azure, one transaction node and two validator node are provisioned for your QBS member which provides the performance and reliability needed for your Web3 applications, including support from ConsenSys with a four business hour (Business tier) or one hour, 24/7 (Enterprise tier) response time.
Transaction and validator nodes
QBS introduces the concept of dedicated nodes (VMs) for interacting with the network (transaction nodes) and performing network consensus (validator nodes).
Transaction nodes provide the RPC interface to the blockchain network for sending transactions, or reading data on the ledger. Transaction nodes also run the Tessera private transaction manager, which enables you to send private transactions from one QBS member transaction node to another.
By default, one transaction node is provided for your QBS member, but you can add additional transaction nodes (Business and Enterprise tiers only) for load-balancing or additional privacy.
Validator nodes have a copy of the public state of the ledger, and are primarily responsible for performing network consensus. QBS uses the IBFT proof-of-authority protocol.
You have one validator node in the Development tier, and two validator nodes in the Business or Enterprise tier.
High availability, data durability, and security
While the VMs available in Azure are resilient to failures, there are cases where nodes may crash and need to be restarted.
To ensure that a crashed node doesn't corrupt the data, both ledger data and configuration data related to your QBS member are stored in Locally-redundant Azure Files storage.
The QBS control plane listens for a heartbeat from each running VM. In the event that a heartbeat is not received from the VM, the QBS team is alerted and will resolve the issue by either restarting the VM, or provisioning a new VM to replace the failed node.
If a new VM is provisioned to replace the failed node, the configuration from the failed node is applied to the VM, the DNS assignment (if a transaction node) is mapped to the new VM, and ledger data storage is attached to the VM.
A QBS network achieves high availability through having the minimum number of validator nodes. Since a single Business or Enterprise QBS Member has two validator nodes, a minimum of two QBS Members must be provisioned and in the same consortium to achieve the minimum number of validator nodes necessary for IBFT high availability.
See the data security topic for more information.
Network security
Your QBS member is pre-configured with a Network Security Group that restricts access its nodes by only allowing ports necessary for GoQuorum to function. In addition, you can configure firewall rules to further restrict access to your QBS member.
Consortium management
Blockchains are designed for multiple parties who share a common business process to securely and privately transact with each other.
Once you provision a QBS member, you can invite other parties (Azure subscriptions) to participate in your blockchain network. The other party can provision a QBS member in their Azure subscription by using the invite code, and the QBS service configures the networking between both QBS members to securely transact with each other.
Consortium management allows you to invite other members to join your consortium, or remove consortiom members.
Removed consortium members retain their QBS member and ledger data, but they no longer sync with the other members on the network, and can no longer send or receive transactions from other members.
See the consortium management topic for more information.
Pricing
The pricing for QBS is based on the chosen service tier when you deploy your QBS member.
Pricing is categorized as follows:
- QBS software and support price is the price to manage the service, including the level of support provided for the tier of service.
- Azure infrastructure price is the price of the underlying resources for your QBS member, which are visible in your Managed resource group. These charges are set by Microsoft, and show up on your Azure bill as they normally would from Microsoft with no markup from ConsenSys. The benefit of this is predictable pricing, as well as taking into account any price discounts you may receive from Microsoft, such as Azure reserved VM pricing.
The pricing example below is illustrative, and doesn't take into account the Azure region your QBS member is deployed or any discounts you may receive from Microsoft.
| Development tier | Business tier | Enterprise tier | |
|---|---|---|---|
| Environment | Development & Test | Production | Production |
| Number of nodes | 2 nodes | 3 nodes | 3 nodes |
| Azure infrastructure | Spot VMs or B2Ms | D2a_v4 | D2a_v4 |
| Support package included | Bronze | Silver | Gold |
| Initial Response Time | 1 business day | 4 business hours | 1 hour 24x7 |
| QBS software and support price | $0.035/h | $1.350/h | $2.720/h |
| Azure infrastructure price | Spot: $0.076/h B2Ms: $0.216/h | $0.371/h | $0.371/h |
| Estimated total hourly price | Spot: $0.111/h B2Ms: $0.251/h | $1.721/h | $3.091/h |
| Estimated total monthly price | Spot: $81.03 B2Ms: $182.97 | $1256.62 | $2256.62 |
| Additional storage price | $0.16/gb | $0.16/gb | $0.16/gb |
| Additional transaction node price | N/A | $0.574/h | $1.030/h |
- The estimated monthly cost is calculated at 730h per month.
- QBS is purchased through Azure Marketplace and invoiced monthly directly from Azure.
- No separate agreement with ConsenSys is required.
- Pricing is subject to change with 30 day notice.
- Standard terms and conditions apply.