Environment preparation
1.fabric network information
The construction environment consists of: one server; two sorting nodes orderer; two groups OrgMSP, and each organization has a peer node.
Server address: 127.0.0.1
Server deployment path:
/home/hyperledgerFabric/qkl_01/
2 sorting node orderer network configuration:
| node name | address domain name | port |
|---|---|---|
| sort node orderer0 | orderer0.ymh.com | 2050 |
| orderer1 | orderer1.ymh.com | 3050 |
The OrgMSP network consists of 2 groups:
| node name | address domain name | port |
|---|---|---|
| Organization Org1MSP | peer0.org1.ymh.com | 2051 |
| Org2MSP | peer0.org2.ymh.com | 3051 |
Network certificate generation
1. Create certificate configuration information
Configure the certificates required by orderer and OrgMSP
Create a crypto-config.yaml file in the fabric program /config/ directory, and the crypto-config.yaml configuration information is as follows:
###config/crypto-config.yaml
# -------------------------------------------------- --------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# -------------------------------------------------- --------------------------
OrdererOrgs:
# -------------------------------------------------- --------------------------
# Orderer sorting node domain name
# -------------------------------------------------- --------------------------
- Name: Orderer
Domain: ymh.com
EnableNodeOUs: true
# -------------------------------------------------- --------------------------
# "Specs" - See PeerOrgs below for complete description Start 2 orderers
# -------------------------------------------------- --------------------------
Specs:
- Hostname: orderer0
- Hostname: orderer1
# -------------------------------------------------- --------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes peer organization configuration;
# Template: Count: 1 represents an organization's next peer node user
# Users: Count: 1 represents the next user of a peer node
# -------------------------------------------------- --------------------------
PeerOrgs:
# -------------------------------------------------- --------------------------
# Org1 Organization 1
# -------------------------------------------------- --------------------------
- Name: Org1
Domain: org1.shineyue.com
EnableNodeOUs: true
Template:
Count: 1
Users:
Count: 1
# -------------------------------------------------- --------------------------
# Org2: See "Org1" for full specification
# -------------------------------------------------- --------------------------
- Name: Org2
Domain: org2.shineyue.com
EnableNodeOUs: true
Template:
Count: 1
Users:
Count: 1
2. Generate a certificate
Generate the corresponding certificate through the cryptogen command of fabic
The command is as follows:
set environment variables
export PATH=/home/hyperledgerFabric/qkl_01/bin:$PATH export FABRIC_CFG_PATH=/home/hyperledgerFabric/qkl_01/config/
Generate a certificate file (check whether the path is correct, the path is the installation directory)
Parameters: –config is the path of the krypto-config.yaml file
–output Save path for post-build output
cryptogen generate --config=/home/hyperledgerFabric/qkl_01/config/crypto-config.yaml --output /home/hyperledgerFabric/qkl_01/crypto-config
Update the certificate file (check the path is correct)
cryptogen extend --config=/home/hyperledgerFabric/qkl_01/crypto-config.yaml --input /home/hyperledgerFabric/qkl_01/crypto-config
Generated directory:
Configure network files
Create a docker folder under the following directory
Create the following 5 files under the folder:
docker-compose-ymh-cli.yaml # client docker-compose-ymh-orderer0.yaml # Sort orderer0 nodes docker-compose-ymh-orderer1.yaml # Sort orderer1 nodes docker-compose-ymh-org1-1peer.yaml # organization 1 docker-compose-ymh-org2-1peer.yaml # organization 2
1.docker-compose-ymh-cli.yaml client configuration
version: '2.0'
services:
cli:
image: hyperledger/fabric-tools:2.4.4
restart: always
container_name: fabric-cli
hostname: fabric-cli
tty: true
extra_hosts:
- "orderer0.ymh.com:127.0.0.1"
- "orderer1.shineyue.com:127.0.0.1"
- "peer0.org1.ymh.com:127.0.0.1"
- "peer0.org2.ymh.com:127.0.0.1"
environment:
- CORE_PEER_ID=fabric-cli
- CORE_PEER_ADDRESS=peer0.org1.ymh.com:2051 # default to operate on peer0.org1
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/users/[email protected]/msp
- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_FORMAT=%{<!-- -->color}[%{<!-- -->id:03x} %{<!-- -->time:01-02 15:04:05.00 MST}] [%{<!-- -->module}] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s}%{<!-- -->color :reset} %{<!-- -->message}
- CORE_PEER_TLS_ENABLED=true # to enable TLS, change to true
- ORDERER_CA=/home/hyperledgerFabricqkl_01/crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/msp/tlscacerts/tlsca.shineyue.com-cert.pem
volumes:
- ../config/crypto-config.yaml:/home/hyperledgerFabricqkl_01/crypto-config.yaml
- ../config/configtx.yaml:/home/hyperledgerFabricqkl_01/configtx.yaml
- ../crypto-config:/home/hyperledgerFabricqkl_01/crypto-config
- ../channel-artifacts:/tmp/channel-artifacts
- ../chaincode:/home/hyperledgerFabricqkl_01/chaincode
- ../fabric-cil:/home/hyperledgerFabricqkl_01/fabric-cil
- ../shell:/home/hyperledgerFabricqkl_01/shell
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: bash -c 'cd /tmp; source scripts/func.sh; while true; do sleep 20170504; done'
orderer0.ymh.com: # There can be multiple orderers
image: hyperledger/fabric-orderer:2.4.4
restart: always
container_name: orderer0.ymh.com
hostname: orderer0.ymh.com
ports:
- "2050:2050"
- "3441:3441"
extra_hosts:
- "orderer0.ymh.com:127.0.0.1"
- "orderer1.ymh.com:127.0.0.1"
- "peer0.org1.ymh.com:127.0.0.1"
- "peer0.org2.ymh.com:127.0.0.1"
environment:
- FABRIC_LOGGING_SPEC=INFO
- FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}"
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 # default: 127.0.0.1
- ORDERER_GENERAL_LISTENPORT=2050
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file # default: provisional
- ORDERER_GENERAL_BOOTSTRAPFILE=/home/hyperledgerFabric/qkl_01/orderer.genesis.block # by default, all materials should be put under $FABRIC_CFG_PATH, which defaults to /etc/hyperledger/fabric
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP # default: DEFAULT
- ORDERER_GENERAL_LOCALMSPDIR=/home/hyperledgerFabric/qkl_01/msp
- ORDERER_GENERAL_LEDGERTYPE=file
#- ORDERER_GENERAL_LEDGERTYPE=json # default: file
- ORDERER_OPERATIONS_LISTENADDRESS=0.0.0.0:3441 # operation RESTful API
- ORDERER_METRICS_PROVIDER=prometheus # prometheus will pull metrics from orderer via /metrics RESTful API
#- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger
# enabledTLS
- ORDERER_GENERAL_TLS_ENABLED=true # default: false
- ORDERER_GENERAL_TLS_PRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt]
# Only required by raft mode
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_SENDBUFFERSIZE=10
volumes:
- /var/hyperledger_relay/productionorderer0_relay:/var/hyperledger/production
- ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp
- ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/tls/:/home/hyperledgerFabric/qkl_01/tls
- ../channel-artifacts/orderer.genesis.block:/home/hyperledgerFabric/qkl_01/orderer.genesis.block
expose:
- "2050" # gRPC
- "3441" # Operation REST
command: orderer start
orderer1.ymh.com:
image: hyperledger/fabric-orderer:2.4.4
restart: always
container_name: orderer1.ymh.com
hostname: orderer1.ymh.com
ports:
- "3050:3050"
- "4441:4441"
extra_hosts:
- "orderer0.ymh.com:127.0.0.1"
- "orderer1.ymh.com:127.0.0.1"
- "peer0.org1.ymh.com:127.0.0.1"
- "peer0.org2.ymh.com:127.0.0.1"
environment:
- FABRIC_LOGGING_SPEC=INFO
- FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}"
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 # default: 127.0.0.1
- ORDERER_GENERAL_LISTENPORT=3050
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file # default: provisional
- ORDERER_GENERAL_BOOTSTRAPFILE=/home/hyperledgerFabric/qkl_01/orderer.genesis.block # by default, all materials should be put under $FABRIC_CFG_PATH, which defaults to /etc/hyperledger/fabric
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP # default: DEFAULT
- ORDERER_GENERAL_LOCALMSPDIR=/home/hyperledgerFabric/qkl_01/msp
- ORDERER_GENERAL_LEDGERTYPE=file
#- ORDERER_GENERAL_LEDGERTYPE=json # default: file
- ORDERER_OPERATIONS_LISTENADDRESS=0.0.0.0:4441 # operation RESTful API
- ORDERER_METRICS_PROVIDER=prometheus # prometheus will pull metrics from orderer via /metrics RESTful API
#- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger
# enabledTLS
- ORDERER_GENERAL_TLS_ENABLED=true # default: false
- ORDERER_GENERAL_TLS_PRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt]
# Only required by raft mode
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_SENDBUFFERSIZE=10
volumes:
- /var/hyperledger_relay/productionorderer1_relay:/var/hyperledger/production
- ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer1.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp
- ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer1.ymh.com/tls/:/home/hyperledgerFabric/qkl_01/tls
- ../channel-artifacts/orderer.genesis.block:/home/hyperledgerFabric/qkl_01/orderer.genesis.block
expose:
- "3050" # gRPC
- "4441" # Operation REST
command: orderer start
peer0.org1.ymh.com:
image: hyperledger/fabric-peer:2.4.4
restart: always
container_name: peer0.org1.ymh.com
hostname: peer0.org1.ymh.com
ports:
- "2051:2051"
- "2052:2052"
- "3442:3442"
extra_hosts:
- "orderer0.ymh.com:127.0.0.1"
- "orderer1.ymh.com:127.0.0.1"
- "peer0.org1.ymh.com:127.0.0.1"
- "peer0.org2.ymh.com:127.0.0.1"
environment:
- FABRIC_LOGGING_SPEC=INFO
- FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}"
- CORE_PEER_ADDRESSAUTODETECT=false
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=host # uncomment this to use specific network
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false # whether this node is the org leader, default to false
- CORE_OPERATIONS_LISTENADDRESS=0.0.0.0:3442 # operation RESTful API
- CORE_METRICS_PROVIDER=prometheus # prometheus will pull metrics from fabric via /metrics RESTful API
- CORE_PEER_PROFILE_ENABLED=false
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CLIENTAUTHREQUIRED=false
- CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabric/qkl_01/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabric/qkl_01/tls/ca.crt
- CORE_PEER_TLS_CLIENTROOTCAS_FILES=/home/hyperledgerFabric/qkl_01/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabric/qkl_01/msp
- CORE_CHAINCODE_BUILDER=hyperledger/fabric-ccenv:2.4.4
- CORE_CHAINCODE_GOLANG_RUNTIME=hyperledger/fabric-baseos:2.4.4
- CORE_CHAINCODE_JAVA_RUNTIME=hyperledger/fabric-javaenv:2.4
- CORE_CHAINCODE_NODE_RUNTIME=hyperledger/fabric-nodeenv:2.4.4
- CORE_PEER_ID=peer0.org1.ymh.com
- CORE_PEER_ADDRESS=peer0.org1.ymh.com:2051
- CORE_PEER_LISTENADDRESS=0.0.0.0:2051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:2052
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.ymh.com:2052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.ymh.com:2051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.ymh.com:2051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0.org1.relay.couchdb:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
volumes:
- /var/hyperledger_relay/production_relayorg1:/var/hyperledger/production
- /var/run/docker.sock:/var/run/docker.sock
- ../crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp
- ../crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls:/home/hyperledgerFabric/qkl_01/tls
expose:
- "2051" # gRPC
- "2052" #chaincode
- "3442" # Operation REST
#command: bash -c 'bash /tmp/peer_build.sh; peer node start'
command: peer node start
depends_on:
- peer0.org1.relay.couchdb
peer0.org1.relay.couchdb:
image: couchdb:3.1.1
container_name: peer0.org1.relay.couchdb
ports:
- 2984:5984 # this is the restful API addr, can also access fauxton web ui thru http://localhost:5984/_utils/
environment:
- COUCHDB_USER=admin
- COUCHDB_PASSWORD=adminpw
peer0.org2.ymh.com:
image: hyperledger/fabric-peer:2.4.4
restart: always
container_name: peer0.org2.ymh.com
hostname: peer0.org2.ymh.com
ports:
- "3051:3051"
- "3052:3052"
- "4442:4442"
extra_hosts:
- "orderer0.ymh.com:127.0.0.1"
- "orderer1.ymh.com:127.0.0.1"
- "peer0.org1.ymh.com:127.0.0.1"
- "peer0.org2.ymh.com:127.0.0.1"
environment:
- FABRIC_LOGGING_SPEC=INFO
- FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}"
- CORE_PEER_ADDRESSAUTODETECT=false
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=host # uncomment this to use specific network
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false # whether this node is the org leader, default to false
- CORE_OPERATIONS_LISTENADDRESS=0.0.0.0:4442 # operation RESTful API
- CORE_METRICS_PROVIDER=prometheus # prometheus will pull metrics from fabric via /metrics RESTful API
- CORE_PEER_PROFILE_ENABLED=false
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CLIENTAUTHREQUIRED=false
- CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabric/qkl_01/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabric/qkl_01/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabric/qkl_01/tls/ca.crt
- CORE_PEER_TLS_CLIENTROOTCAS_FILES=/home/hyperledgerFabric/qkl_01/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabric/qkl_01/msp
- CORE_CHAINCODE_BUILDER=hyperledger/fabric-ccenv:2.4.4
- CORE_CHAINCODE_GOLANG_RUNTIME=hyperledger/fabric-baseos:2.4.4
- CORE_CHAINCODE_JAVA_RUNTIME=hyperledger/fabric-javaenv:2.4
- CORE_CHAINCODE_NODE_RUNTIME=hyperledger/fabric-nodeenv:2.4.4
- CORE_PEER_ID=peer0.org2.ymh.com
- CORE_PEER_ADDRESS=peer0.org2.ymh.com:3051
- CORE_PEER_LISTENADDRESS=0.0.0.0:3051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:3052
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.ymh.com:3052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.ymh.com:3051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.ymh.com:3051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0.org2.relay.couchdb:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
volumes:
- /var/hyperledger_relay/production_relayorg2:/var/hyperledger/productionorg2
- /var/run/docker.sock:/var/run/docker.sock
- ../crypto-config/peerOrganizations/org2.shineyue.com/peers/peer0.org2.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp
- ../crypto-config/peerOrganizations/org2.shineyue.com/peers/peer0.org2.ymh.com/tls:/home/hyperledgerFabric/qkl_01/tls
expose:
- "3051" # gRPC
- "3052" #chaincode
- "4442" # Operation REST
#command: bash -c 'bash /tmp/peer_build.sh; peer node start'
command: peer node start
depends_on:
- peer0.org2.relay.couchdb
peer0.org2.relay.couchdb:
image: couchdb:3.1.1
container_name: peer0.org2.relay.couchdb
ports:
- 3984:5984 # this is the restful API addr, can also access fauxton web ui thru http://localhost:5984/_utils/
environment:
- COUCHDB_USER=admin
- COUCHDB_PASSWORD=adminpw