Announcement | This website is no longer being updated

The CEF Digital programme 2014-2020 has concluded. The CEF Digital platform ( is no longer being actively updated. A new website will be coming soon.

Page tree

CEF DIGITAL home page



The EBSI v1.0 Infrastructure Specification gives Member States the infrastructure requirements needed to establish an EBSI v1.0 node. EBSI v1.0 is intended to be a self-contained infrastructure that delivers all components within three computing hosts; a master host and two hosts for blockchain protocols and distributed storage. This release is intended to act as a first iteration of the infrastructure code base targeted at a closed user group evaluation and as a base for the production solution that will be fully deployed in EBSI v2.0. The environment and specifications are simple enough to be run from a reasonable on-premises server or virtual private server, meaning any member state that would like to sign in for the test, can join the program.

The EBSI v1.0 node described in this specification is able to connect to other EBSI v1.0 nodes over the Internet.

Each EBSI Node contains 3 instances/hosts: 

  • Master/Applications host - contains all the containers of the core services, APIs, Wallet, Off-chain Storage, Demo webserver and Proxy
  • Ethereum  BESU Blockchain - contains all the containers of BESU protocol and off-chain local storage (not used in V1.0)
  • Hyperlegedger Fabric Blockchain - contains all the containers of Fabric protocol and off-chain local storage (not used in V1.0


Environment Requirements

An EBSI v1.0 node requires a minimum of three computer hosts all with access to the Internet and with individual fixed public IP addresses. These can be either physical server computers or virtual machines running in a self-hosted data-centre infrastructure, a private cloud, or a public cloud.


Each computer host – physical or virtual – must have these minimum specifications:

  • 4 Core CPU, 4 vCPU or equivalent,
  • 16 GB of RAM for the BESU and Fabric hosts; 32 GB of RAM for Master/Applications host
  • 80 GB SSD,
  • 256 GB SSD.


All hosts must be in the same subnet, each with a fixed public IP address, and must be connected to the Internet in order to get updated and to communicate with other EBSI nodes. 

The minimum specifications are:

  • 1 GB Ethernet (local network),
  • latency 50ms (internet),
  • 100 Mbits/second for bandwidth (internet)
  • 3 fixed public IPs (one for each host).


The hosts in the EBSI node need to connect – over the Internet. In this sense, some ports need to be opened in the firewall:

Firewall Ports Requirements


  MS = Member State
  MS EBSI Node(s) = All EBSI nodes that the MS will put online. Each node is composed of three (3) ComputeUnits (Virtual Machines), each of them with an external IP address mapped to it.
  Management Network = Internal network in the Member State from where secure connections for management purposes are expected.
  Internet = 

BESUEBSI Nodes (All)MS EBSI NodeEthereum (Besu) ledger (RPC Service)
BESUEBSI Nodes (All)MS EBSI NodeEthereum (Besu) leger (Syncro Service)
Master/ApplicationEBSI Nodes (All)MS EBSI NodeGlusterFS (not used in V1.0)
Master/Application, BESU, FABRICEBSI Nodes (All)MS EBSI NodeMongo DB (Redundancy Option) (not used in V1.0)
Master/Application, BESU, FABRICMS management network OR internetMS EBSI NodeCockpit
FABRICEBSI Nodes (All)MS EBSI NodeFabric CA Service
FABRICEBSI Nodes (All)MS EBSI NodeFabric Peer External (Even Notification)
FABRICEBSI Nodes (All)MS EBSI NodeFabric Peer Internal (GRPC)
FABRICEBSI Nodes (All)MS EBSI NodeFabric Orderer Service
FABRICInternetMS EBSI NodeFabric Block Explorer
Master/ApplicationEBSI Nodes (All)MS EBSI NodeCassandra DB
Master/Application, BESU, FABRICInternetMS EBSI NodeNGINX (HTTPS Traffic)
Master/Application, BESU, FABRICMS management network OR InternetMS EBSI NodeSSH (for Node Computer Unit admin)
Master/Application, BESU, FABRICinfra.ebsi.xyzMS EBSI NodeFor configuration management

The current list of IPs of all EBSI Nodes (that are already online) will be provided via email after the registration process by the CEF Support Team.

In the case that additional ports are needed, the CEF Support Team will communicate this to each registered member via email.  

Each host image will include a running firewall, SELinux in enforcing mode, and with intrusion prevention pre-installed. There is no need for EBSI operators to add any rules or extra configuration.


The deployment – independent of the target platform – performs these steps:

  • A process determines if the target platform is suitable to host an EBSI v1.0 host.
  • Ensures that hostname is set appropriately, and that the operator account password is changed.
  • Then, checks that the installed applications start accordingly in each host.
  • A self-health check validates that all components are up and running.

There will be a self-check validation included in the host which verifies that the running applications are correct, ports are available, and connection to other nodes is possible. An external validation method for the API and the Blockchain will be provided separately.

Self Hosted Virtual Environments (Local or Cloud)

The EBSI project will deliver standard VMWare standard OVA/VMDK format images compatible with ESX 5.x/6.x and that are easy to convert to other proprietary formats like VHD, or QCOW2 if needed. The Images will need to be deployed in a network that provides the networking specification requirements and virtual machines that comply with the hardware specification, as a minimum. The image supplied will contain all necessary components to start the node.