One build development environment
1.1 Install Git
sudo apt-get install git
1.2 install curl
sudo apt-get install curl
1.3 Install docker
# install and check the version sudo apt-get -y install docker-compose docker --version docker-compose --version # Prompt, as long as you encounter docker-related errors in the future, first perform step 2.3.1 #1. Restart docker sudo systemctl start docker #Set docker to start when the system starts, optional sudo systemctl enable docker #2. Add the user to the docker group to ensure that it can be executed under the user command sudo gpasswd -a $USER docker #3. Update user group newgrp docker # docker information docker info # Test docker, if an error is reported, see additional question 1 at the end of the article docker run hello-world
1.4 Install go
Create a new directory, download, unzip
mkdir ~/download cd ~/download # download wget https://studygolang.com/dl/golang/go1.13.linux-amd64.tar.gz # unzip sudo tar -C /usr/local -xzf go1.13.linux-amd64.tar.gz
Configuration Environment
mkdir $HOME/go #Use vi to open ~./bashrc, configure environment variables vi ~/.bashrc # insert at the bottom export GOROOT=/usr/local/go export GOPATH=$HOME/go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin # Make the configured environment variables take effect source ~/.bashrc #Check if the configuration is correct go version # Configure goproxy environment variables to speed up domestic downloads go env -w GOPROXY=https://goproxy.io
1.5 Install JQ
sudo apt-get install jq
Two installation instance, binary and docker image
2.1 Create a new directory and clone the fabric-samples
warehouse
mkdir -p $GOPATH/src/github.com/hyperledger cd $GOPATH/src/github.com/hyperledger # Get fabric-samples source code git clone https://github.com/hyperledger/fabric-samples.git
Select the appropriate version label, enter the directory, switch branches
cd fabric-samples # You can choose the version yourself git checkout release-2.2 #View version git branch
2.2 Download docker image
Install the specified version of the Hyperledger Fabric platform-specific binary and configuration files into the /bin
and /config
directories under fabric-samples, and download the specified version of Hyperledger Fabric docker image
2.2.1 Configure mirror source
sudo vi /etc/docker/daemon.json #Add the following code into it { "registry-mirrors": ["https://registry.docker-cn.com"] }
# Ignore all version identifiers if you want the latest production release. # curl -sSL https://bit.ly/2ysbOFE | bash -s # curl -sSL https://bit.ly/2ysbOFE | bash -s -- <fabric_version> <fabric-ca_version> <thirdparty_version> # If an error is reported, see additional question 2 at the end of the article curl -sSL https://bit.ly/2ysbOFE | bash -s -- 2.2.0 1.4.7 0.4.18 # If that doesn't work try the following curl -sSL https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh | bash -s 2.2.0 1.4.7 0.4.18
Note: The above curl is mainly to obtain a bootstrap.sh
script file and execute it. There may be problems such as connection rejection or access, and network failure.
You can go to the fabric to download the bootstrap.sh source code.
- Need to download zip
https://github.com/hyperledger/fabric.git
(master branch) first - Then move the file
fabric/scripts/bootstrap.sh
to the directory$HOME/go/src/github.com/
, which is the virtual machine fabric-samples Table of contents - Execute the following command in the fabric-samples directory
cat bootstrap.sh |bash -s
Result:
2.2.2 Match the go version
Check the installed go version
go version
cd chaincode-go sudo vi go.mod # Enter the file and find that it is 1.14. Change it to 1.13 by yourself to match the go version you downloaded
2.2.3 Environment variable settings
vi ~/.bashrc # Add the following variables export PATH=$PATH:$GOPATH/src/github.com/hyperledger/fabric-samples/bin # make it effective source ~/.bashrc # check success fabric-ca-client version
Three use fabric test network
Arriving here shows that the environment has been deployed, and the next step is to use the test network. It should be noted that it is best to operate in a complete time period.
First enable debug mode
#Open debug mode export FABRIC_LOGGING_SPEC=debug
3.1 Launch test network
Enter test-network under
execute the following command to execute the script fabric-samples
,network.sh
./network.sh up
After the execution is complete, we can see that we have created the sorting organization orderer, the peer0 node of the alliance member org1, the peer0 node of the alliance member org2, and the corresponding mirror image
3.2 Parts of the test network
implement
docker ps -a
All organizations that are members of the Fabric network are called alliances. This test network has two alliance members org1 and 2, an organization orderer that maintains network sorting services, and each organization operates a peer node, peer0.org1.example.com and peer0 .org2.example.com. The peer node is the basic component of the fabric network. The most common peer node is the endorsement node. The peer node stores the blockchain account book for verification before the transaction.
3.3 Create a channel
Use ./network.sh createChannel
to create a channel between org1 and org2 and join their peer nodes, as follows:
- Create a Channel, which is named
mychannel
by default - channel name restrictions
- Contains only lowercase ASCII alphanumerics, dot “.” and dash “-“
- less than 250 characters
- starts with a letter
# 1. Do not enter a custom name channel, the default is mychannel ./network.sh createChannel # 2. Enter a custom name, you can create multiple channels with different names ./network.sh createChannel -c channel1 ./network.sh createChannel -c channel2 # 3. You can also create a network to create channels together ./network.sh up createChannel
My default channel name here
Execution complete display:
3.3 Start a chaincode on a channel
In the fabric, the chain code refers to the smart contract.
After the channel is created, start to deploy the chain code to interact with the channel ledger. The chain code contains the business logic of the assets on the blockchain ledger and is written in the go language. A network of applications run by members can invoke smart contracts on the ledger to create, change and transfer assets.
In order to ensure that the transaction is valid, the transaction created using the smart contract needs to be signed by multiple organizations before it can be submitted to the ledger, that is, endorsement, and the smart contract also defines the endorsement strategy, such as 2/3 of the members agree to pass, half of the members agree to pass, etc. .
After creating the channel, start the chaincode now
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go
Chaincode started successfully
3.4 Interacting with the Internet , configure the peer command
All are executed under the test-network
folder
3.4.1 Add the binary files under the bin file of fabric-samples to the CLI path:
export PATH=${PWD}/../bin:$PATH
3.4.2 Set FABRIC_CFG_PATH in the fabric-samples code base to point to the core.yaml file:
export FABRIC_CFG_PATH=$PWD/../config/
3.4.3 Set environment variables to allow users to operate peer CLI as org1:
# Environment variables for Org1 export CORE_PEER_TLS_ENABLED=true export CORE_PEER_LOCALMSPID="Org1MSP" The #CORE_PEER_TLS_ROOTCERT_FILE and CORE_PEER_MSPCONFIGPATH environment variables point to the encryption material in Org1's organizations folder. export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp export CORE_PEER_ADDRESS=localhost:7051
The CORE_PEER_TLS_ROOTCERT_FILE
and CORE_PEER_MSPCONFIGPATH
environment variables point to the ORG1 cryptographic material in the organizations
folder.
3.4.4 Initialize ledger
Next, you can call the InitLedger method of chaincode (Go) to assign some initial assets on the ledger, and run the following command to initialize the ledger with some assets.
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/ tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls /ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function" :"InitLedger","Args":[]}'
3.4.5 Query ledger with CLI tools
peer chaincode query -C mychannel -n basic -c '{"Args":["GetAllAssets"]}'
Output after a successful query: [{"AppraisedValue":300,"Color":"blue","ID":"asset1","Owner":"Tomoko","Size":5}, {"AppraisedValue":400,"Color":"red","ID":"asset2","Owner":"Brad","Size":5}, {"AppraisedValue":500,"Color":"green","ID":"asset3","Owner":"Jin Soo","Size":10}, {"AppraisedValue":600,"Color":"yellow","ID":"asset4","Owner":"Max","Size":10}, {"AppraisedValue":700,"Color":"black","ID":"asset5","Owner":"Adriana","Size":15}, {"AppraisedValue":800,"Color":"white","ID":"asset6","Owner":"Michel","Size":15}]
account or change the owner of the asset (that is, a change operation in the database)
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/ tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls /ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function" :"TransferAsset","Args":["asset6","Christopher"]}'
Change results: [{"AppraisedValue":300,"Color":"blue","ID":"asset1","Owner":"Tomoko","Size":5}, {"AppraisedValue":400,"Color":"red","ID":"asset2","Owner":"Brad","Size":5}, {"AppraisedValue":500,"Color":"green","ID":"asset3","Owner":"Jin Soo","Size":10}, {"AppraisedValue":600,"Color":"yellow","ID":"asset4","Owner":"Max","Size":10}, {"AppraisedValue":700,"Color":"black","ID":"asset5","Owner":"Adriana","Size":15}, {"AppraisedValue":800,"Color":"white","ID":"asset6","Owner":"Christopher","Size":15}]
It is found that the owner whose ID is asset6 has changed to Christopher.
3.4.6 We can query through the peer of org2, before we set the environment variable of org2
# Environment variables for Org2 export CORE_PEER_TLS_ENABLED=true export CORE_PEER_LOCALMSPID="Org2MSP" export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp export CORE_PEER_ADDRESS=localhost:9051
peer chaincode query -C mychannel -n basic -c '{"Args":["ReadAsset","asset6"]}'
Query asset-transfer-basic
chaincode peer0.org2.example.com
running on mychannel
The result is the same as org1 and asset6 is transferred to the name Christopher’s people.
3.4.7 So far the test is completed, we close the network ./network.sh down
./network.sh down
3.5 Building a network with a certificate authority
Hyperledger Fabric uses public key infrastructure (PKI) to verify the actions of all network participants. Every node, network administrator, and transaction submitted by users needs to have a public certificate and private key to verify their identity. These identities must have a valid root of trust certificate issued by the organization that is a member of the network.
In the test network, network.sh uses the cryptogen tool to create these cryptographic materials before creating nodes.
Execute in the text-network directory
./network.sh up -ca
result:
You can see that the script starts three CAs, namely orderer, org1 and org2.
You can also take a look at org1’s MSP folder, which contains certificates and private keys for each identity:
tree organizations/peerOrganizations/org1.example.com/users/[email protected]/ # The tree command is not installed by default. If there is no such command, follow the prompts to install it first
organizations/peerOrganizations/org1.example.com/users/[email protected]/
└── msp
├── cacerts //root CA server certificate
│ └── localhost-7054-ca-org1.pem
├── config.yaml
├── IssuerPublicKey
├── IssuerRevocationPublicKey
├── keystore //private key of the node
│ └── 1018d5470ce399ed212639a454a80d1ea96592b01bed4c0560e11b65c34ed1b6_sk
├── signcerts
│ └── cert.pem //account certificate file
└── user5 directories, 6 files
Close the network:
#Close the network ./network.sh down