Use docker
You can use Docker to run Op-Besu as an Optimism EL node on the testnets.
Prerequisites
Download and install Docker.
Pull docker image
docker pull ghcr.io/optimism-java/op-besu:latest
Create a JWT Secret
You can check the JWT secret creation tutorial to learn how to create a JWT secret.
openssl rand -hex 32 > jwt.txt
Prepare the data directory
mkdir datadir
Start a Op-besu node
- op sepolia
- devnet or other
docker run -it -p 8545:8545 -p 8551:8551 -v ./jwt.txt:/jwt/jwtsecret \
-v ./datadir:/data/ \
ghcr.io/optimism-java/op-besu:latest \
--network=OP_SEPOLIA \
--p2p-enabled=false \
--discovery-enabled=false \
--data-path="/data/" \
--engine-rpc-enabled \
--engine-jwt-secret="/jwt/jwtsecret" \
--rpc-http-enabled \
--host-allowlist="*" \
--engine-host-allowlist="*" \
--logging=INFO \
--version-compatibility-protection=false
docker run -it -p 8545:8545 -p 8551:8551 -v ./jwt.txt:/jwt/jwtsecret \
-v ./datadir:/data/ \
ghcr.io/optimism-java/op-besu:latest \
--genesis-file=<devnet genesis file> \
--p2p-enabled=false \
--discovery-enabled=false \
--data-path="/data/" \
--engine-rpc-enabled \
--engine-jwt-secret="/jwt/jwtsecret" \
--rpc-http-enabled \
--host-allowlist="*" \
--engine-host-allowlist="*" \
--logging=INFO \
--version-compatibility-protection=false
Warning
The following settings are a security risk in production environments:
- Enabling the HTTP JSON-RPC service (
--rpc-http-enabled) and setting--rpc-http-hostto 0.0.0.0 exposes the RPC connection on your node to any remote connection. - Setting
--host-allowlistto"*"allows JSON-RPC API access from any host. - Setting
--rpc-http-cors-originsto"all"or"*"allows cross-origin resource sharing (CORS) access from any domain.