Ubuntu deploys Hyperledger Fabric from scratch and uses a test network

ubuntu 20.04, Fabric 2.0.0

HyperledgeHyperledger Fabric

An open-source, enterprise-grade, permissioned Distributed Ledger Technology (DLT) platform designed for use in enterprise environments. Hyperledger Fabric is specifically designed to be a modular architecture. Whether it’s pluggable consensus, pluggable identity management protocols like LDAP or OpenID Connect, key management protocols, or encryption libraries, the platform’s core is designed to meet the diversity of enterprise business needs.

Fabric consists of the following modular components:

The pluggable ordering service establishes a consensus on the order of transactions, and then broadcasts blocks to nodes;
Pluggable membership service providers are responsible for associating entities in the network with cryptographic identities;
The optional P2P gossip service sends blocks to other nodes through the ordering service;
Smart contracts (“chaincode”) run in isolation in container environments such as Docker. They can be written in standard programming languages, but do not have direct access to ledger state;
The ledger can be configured to support multiple DBMSs;
Pluggable endorsement and verification policies, each application can be configured independently.

Preparation stage

install git

# install git
sudo apt-get install -y git
# configure git
git config --global user.name master
git config --global user.email [email protected]
git config --list

Install cURL

sudo apt install curl -y

Install docker and docker-compose

# install docker
curl -fsSL https://test.docker.com -o test-docker.sh
sudo sh test-docker.sh
# Make sure the docker daemon is running
sudo systemctl start docker
Add your user to the docker group
sudo usermod -a -G docker <username>
# docker starts automatically at boot
systemctl enable docker.service

# install docker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/v2.6.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/ local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

install go

# Download the go compressed package and decompress it
wget -c https://dl.google.com/go/go1.20.6.linux-amd64.tar.gz -O - | sudo tar -xz -C /usr/local
# Adjust environment variables
sudo vim /etc/profile
# Append the following to the end of the file
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export GOBIN=$GOPATH/bin
export PATH=$GOPATH:$GOBIN:$GOROOT/bin:$PATH
#Environment variables take effect
source /etc/profile
# Prevent invalidation after restarting, append to the root directory environment to take effect permanently
cd ~
sudo vim.bashrc
# Append to the end of the file
source /etc/profile
# Open GO111MOUDLE and change GOPROXY
go env -w GOPROXY="https://goproxy.cn"
go env -w GO111MODULE=on

Install SoftHSM

sudo apt install libsofthsm2

install jq

sudo apt-get install jq

Install Fabric samples, Docker images and binaries

create working directory

mkdir -p $HOME/go/src/github.com/
cd $HOME/go/src/github.com/

Get fabric-sample source code

# Download fabric-samples
git clone -b release-2.2 https://github.com/hyperledger/fabric-samples.git
# Switch to the fabric directory
cd fabric-samples

Get fabric-sample and fabric-ca executable binaries

# Download fabric-samples and fabric-ca executable binaries
wget https://github.com/hyperledger/fabric/releases/download/v2.0.0/hyperledger-fabric-linux-amd64-2.0.0.tar.gz
wget https://github.com/hyperledger/fabric-ca/releases/download/v1.4.6/hyperledger-fabric-ca-linux-amd64-1.4.6.tar.gz
# There are bin and config folders in the downloaded hyperledger-fabric-linux-amd64-2.0.0.tar compressed package, and a bin folder in the hyperledger-fabric-ca-linux-amd64-1.4.6.tar compressed package , to combine the binary files in the two bin folders into one bin folder. Finally copy the bin and config folders into the fabric-samples folder

# The parameters are described as follows:
2.0.0: Indicates the version number of Hyperledger Fabric
1.4.6: Indicates the version number of Fabric CA

Download the docker image

# Download the bootstrap.sh script and grant execution permission
wget https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh
sudo chmod +x bootstrap.sh


# Download the docker image
# Download the binary executable file and fabric-samples above, and execute the bootstrap.sh script again, where the -b parameter means not to download the binary file, and the -s parameter means not to download the fabric-samples, only pull the docker image
./bootstrap.sh 2.0.0 1.4.6 -s -b

Add environment variables

# to the PATH environment variable to get the command without specifying the absolute path to each binary
sudo vim ./bashrc
# add to the end
export PATH=<path to download location>/bin:$PATH
# take effect
source.bashrc

Check the installation result

orderer version

Testnet using Fabric

Launch test network

cd fabric-samples/test-network
# The network should always be restarted. Artifacts, cryptographic material, containers, volumes and chaincode images from previous runs can be removed with the following command:
./network.sh down
# If you don't delete old containers, images and volumes, you will see an error

# This command creates a Fabric network consisting of two peers and an orderer
./network.sh up

# test network components
docker ps -a

create a channel

# The network.sh script can be used to create a channel between Org1 and Org2 and join their peers. Run the following command to create a channel with the default name "mychannel":
./network.sh createChannel
# command execution success will appear
========= Channel successfully joined ===========

# As an example, the following command will create a channel named channel1
./network.sh createChannel -c channel1
# One step to build a network and create a channel, you can use up and createChannel mode together
./network.sh up createChannel

Start a chaincode on a channel

# After creating a channel with network.sh, you can start the chaincode on the channel with:
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go

Encountered problem 1:

The possible reason is that the fabric-sample version is wrong

solve:

# View branch
cd ../
git branch
# The command execution is successful and found to be
* (HEAD detached at v2.0.0)
  main
  release-2.2
# switch branch to 2.2
git checkout release-2.2

Encountered problem 2:

The reason is that the msp environment variable is not configured to interact with a node of an organization in the network

solve:

export CORE_PEER_MSPCONFIGPATH=${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp

export CORE_PEER_TLS_ROOTCERT_FILE=${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

export CORE_PEER_LOCALMSPID="Org1MSP"

# Execute the channel start chaincode operation again
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go
# The execution is successful as shown in the figure below:

interact with the network

# Add these binaries to your CLI path with:
export PATH=${<!-- -->PWD}/../bin:$PATH

# Set FABRIC_CFG_PATH in the fabric-samples codebase to point to the core.yaml file in it
export FABRIC_CFG_PATH=$PWD/../config/

# Set the environment variable to allow you to operate the peer CLI as Org1 (similar to the operation of resolving the msp environment variable above)
# Environment variables for Org1

export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051

# CORE_PEER_TLS_ROOTCERT_FILE and CORE_PEER_MSPCONFIGPATH environment variables
# point to the encrypted material in the organizations folder of Org1

# Run the following command to initialize the ledger with some assets
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${<!-- -->PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/ msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/ peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${<!-- -->PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0. org2.example.com/tls/ca.crt -c '{"function":"InitLedger","Args":[]}'
# If the command executes successfully, it will output these:
2023-07-12 12:43:30.209 CST [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

# You can use the CLI tool to query the ledger. Run the following command to get the list of assets added to the channel ledger
peer chaincode query -C mychannel -n basic -c '{"Args":["GetAllAssets"]}'
# The result of successful execution is as follows:
[{<!-- -->"ID":"asset1","color":"blue","size":5,"owner":"Tomoko ","appraisedValue":300},{<!-- -->"ID":"asset2","color":"red","size": 5,"owner":"Brad","appraisedValue":400},{<!-- -->"ID":"asset3","color":\ "green","size":10,"owner":"Jin Soo","appraisedValue":500},{<!-- -->"ID":" "asset4","color":"yellow","size":10,"owner":"Max","appraisedValue":600},{<!- - -->"ID":"asset5","color":"black","size":15,"owner":"Adriana"," appraisedValue":700},{<!-- -->"ID":"asset6","color":"white","size":15,"owner ":"Michel","appraisedValue":800}]

# When a network member wants to transfer some or change some assets on the ledger, the chain code will be called.
# Use the following command to change the asset owner on the ledger by calling the asset-transfer (basic) chaincode:
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${<!-- -->PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/ msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${<!-- -->PWD}/organizations/peerOrganizations/org1.example.com/ peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${<!-- -->PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0. org2.example.com/tls/ca.crt -c '{"function":"TransferAsset","Args":["asset6","Christopher"]}'
# The result of successful execution is as follows:
2023-07-12 13:47:30.379 CST [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

# Because the endorsement policy of asset-transfer (basic) chaincode requires the transaction to be signed by both Org1 and Org2,
# The chaincode call command needs to use the --peerAddresses flag to point to peer0.org1.example.com and peer0.org2.example.com.
# Because the network's TLS is enabled, the command also needs to use the --tlsRootCertFiles flag to point to the TLS certificate of each peer node.

# After invoking the chaincode, we can use another query to see how the invocation changed the assets of the blockchain ledger.
# Because we have already queried Org1's peer, we can run this query chaincode opportunity through Org2's peer.
# Set the following environment variables to operate Org2:

# Environment variables for Org2
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org2MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${<!-- -->PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${<!-- -->PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:9051

# You can use the following command to query the asset-transfer (basic) chaincode running on peer0.org2.example.com:
peer chaincode query -C mychannel -n basic -c '{"Args":["ReadAsset","asset6"]}'
# The execution result is as follows, the result shows that "asset6" was transferred to Christopher:
{<!-- -->"ID":"asset6","color":"white","size":15,"owner":"Christopher\ ","appraisedValue":800}

shut down the network

# After using the test network, you can close the network with the following command:
./network.sh down
# This command will stop and delete nodes and chaincode containers, delete organization encryption material, and remove chaincode images from Docker Registry.
# This command also removes channel projects and docker volumes from previous runs.
# Also allows you to run again if you run into any issues
./network.sh up