Back to Infrastructure

Cloud Deployment

Deploy blockchain infrastructure on AWS, GCP, Azure, or Hetzner with optimized configurations and cost analysis for each provider.

Cloud Provider Comparison

AWS

$350-500/mo

Most comprehensive options, global reach

Recommended Instance

i3en.xlarge

Pros
  • Wide instance selection
  • Global regions
  • Mature tooling
Cons
  • Complex pricing
  • Learning curve

GCP

$300-450/mo

Strong performance, competitive pricing

Recommended Instance

n2-standard-8

Pros
  • Sustained use discounts
  • Good network
  • Easy Kubernetes
Cons
  • Fewer regions
  • SSD pricing

Azure

$400-550/mo

Enterprise features, hybrid cloud

Recommended Instance

Standard_L8s_v2

Pros
  • Enterprise support
  • Hybrid options
  • Compliance
Cons
  • Higher prices
  • Complex portal

Hetzner

$150-250/mo

Best value for dedicated resources

Recommended Instance

AX161

Pros
  • Best price/performance
  • Dedicated hardware
  • Simple pricing
Cons
  • Limited regions
  • Less managed services

Detailed Cost Comparison

ComponentAWSGCPHetzner
Compute (8 vCPU, 32GB RAM)$200$180$80
Storage (2TB NVMe)$150$140$40
Network (5TB egress)$100$80$5
Load Balancer$20$18$5
Monitoring$30$25$0
Total Monthly$500$443$130

* Estimates based on typical Ethereum full node requirements. Actual costs may vary.

AWS Deployment with Terraform

main.tf
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

# VPC for isolation
resource "aws_vpc" "eth_node" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true
  enable_dns_support   = true

  tags = {
    Name = "eth-node-vpc"
  }
}

# Subnet
resource "aws_subnet" "eth_node" {
  vpc_id                  = aws_vpc.eth_node.id
  cidr_block              = "10.0.1.0/24"
  availability_zone       = "us-east-1a"
  map_public_ip_on_launch = true
}

# Security Group
resource "aws_security_group" "eth_node" {
  name        = "eth-node-sg"
  description = "Security group for Ethereum node"
  vpc_id      = aws_vpc.eth_node.id

  # SSH
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["YOUR_IP/32"]
  }

  # P2P
  ingress {
    from_port   = 30303
    to_port     = 30303
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  # RPC (restrict in production)
  ingress {
    from_port   = 8545
    to_port     = 8545
    protocol    = "tcp"
    cidr_blocks = ["10.0.0.0/16"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

# EC2 Instance
resource "aws_instance" "eth_node" {
  ami           = "ami-0c7217cdde317cfec"  # Ubuntu 22.04
  instance_type = "i3en.xlarge"

  subnet_id                   = aws_subnet.eth_node.id
  vpc_security_group_ids      = [aws_security_group.eth_node.id]
  associate_public_ip_address = true

  root_block_device {
    volume_size = 100
    volume_type = "gp3"
  }

  # NVMe instance storage for chain data
  # i3en.xlarge has 1x 1.25TB NVMe

  user_data = <<-EOF
              #!/bin/bash
              apt-get update
              apt-get install -y docker.io docker-compose
              systemctl enable docker
              systemctl start docker

              # Format and mount NVMe
              mkfs.ext4 /dev/nvme1n1
              mkdir -p /data
              mount /dev/nvme1n1 /data
              echo '/dev/nvme1n1 /data ext4 defaults 0 0' >> /etc/fstab
              EOF

  tags = {
    Name = "eth-node"
  }
}

output "public_ip" {
  value = aws_instance.eth_node.public_ip
}

Infrastructure Components

VPC/Network

Isolated network for security

Compute Instance

Node hosting

Block Storage

Chain data persistence

Security Groups

Firewall rules

Load Balancer

Traffic distribution

DNS Records

Domain routing

Cost Optimization Strategies

Reduce Costs

  • Reserved Instances: Save 30-60% with 1-3 year commitments
  • Spot Instances: Use for non-critical workloads, 70% savings
  • Right-sizing: Monitor and adjust instance sizes
  • Egress optimization: Use CDN, minimize cross-region traffic

Performance vs Cost

Budget$100-200/mo

Hetzner dedicated or small cloud instance. Good for personal use.

Production$300-500/mo

Cloud with proper redundancy. Suitable for applications.

Enterprise$1000+/mo

Multi-region, high availability, dedicated support.

Security Best Practices

Network Security

  • • Use VPC with private subnets for nodes
  • • Expose only necessary ports (P2P: 30303)
  • • Put RPC behind load balancer with auth
  • • Enable DDoS protection (AWS Shield, Cloudflare)
  • • Use VPN or bastion host for SSH access

Operational Security

  • • Enable encryption at rest for volumes
  • • Use IAM roles instead of access keys
  • • Set up audit logging (CloudTrail)
  • • Implement automated security patching
  • • Store secrets in vault (AWS Secrets Manager)

Deployment Checklist

Pre-Deployment

  • Choose cloud provider and region
  • Calculate storage requirements
  • Set up infrastructure as code (Terraform)
  • Configure security groups/firewall
  • Set up monitoring and alerting

Post-Deployment

  • Verify node is syncing correctly
  • Test RPC endpoints
  • Confirm monitoring is receiving metrics
  • Set up automated backups
  • Document runbooks and procedures

Skip the Infrastructure Hassle

Let ChainLens handle your blockchain infrastructure while you focus on building.

Get Managed InfrastructureBack to Infrastructure