Environment preparation
1.fabric network information
The construction environment consists of: one server; two sorting nodes orderer; two groups OrgMSP, and each organization has a peer node.
Server address: 127.0.0.1
Server deployment path:
/home/hyperledgerFabric/qkl_01/
2 sorting node orderer network configuration:
node name | address domain name | port |
---|---|---|
sort node orderer0 | orderer0.ymh.com | 2050 |
orderer1 | orderer1.ymh.com | 3050 |
The OrgMSP network consists of 2 groups:
node name | address domain name | port |
---|---|---|
Organization Org1MSP | peer0.org1.ymh.com | 2051 |
Org2MSP | peer0.org2.ymh.com | 3051 |
Network certificate generation
1. Create certificate configuration information
Configure the certificates required by orderer and OrgMSP
Create a crypto-config.yaml file in the fabric program /config/ directory, and the crypto-config.yaml configuration information is as follows:
###config/crypto-config.yaml # -------------------------------------------------- -------------------------- # "OrdererOrgs" - Definition of organizations managing orderer nodes # -------------------------------------------------- -------------------------- OrdererOrgs: # -------------------------------------------------- -------------------------- # Orderer sorting node domain name # -------------------------------------------------- -------------------------- - Name: Orderer Domain: ymh.com EnableNodeOUs: true # -------------------------------------------------- -------------------------- # "Specs" - See PeerOrgs below for complete description Start 2 orderers # -------------------------------------------------- -------------------------- Specs: - Hostname: orderer0 - Hostname: orderer1 # -------------------------------------------------- -------------------------- # "PeerOrgs" - Definition of organizations managing peer nodes peer organization configuration; # Template: Count: 1 represents an organization's next peer node user # Users: Count: 1 represents the next user of a peer node # -------------------------------------------------- -------------------------- PeerOrgs: # -------------------------------------------------- -------------------------- # Org1 Organization 1 # -------------------------------------------------- -------------------------- - Name: Org1 Domain: org1.shineyue.com EnableNodeOUs: true Template: Count: 1 Users: Count: 1 # -------------------------------------------------- -------------------------- # Org2: See "Org1" for full specification # -------------------------------------------------- -------------------------- - Name: Org2 Domain: org2.shineyue.com EnableNodeOUs: true Template: Count: 1 Users: Count: 1
2. Generate a certificate
Generate the corresponding certificate through the cryptogen command of fabic
The command is as follows:
set environment variables
export PATH=/home/hyperledgerFabric/qkl_01/bin:$PATH export FABRIC_CFG_PATH=/home/hyperledgerFabric/qkl_01/config/
Generate a certificate file (check whether the path is correct, the path is the installation directory)
Parameters: –config is the path of the krypto-config.yaml file
–output Save path for post-build output
cryptogen generate --config=/home/hyperledgerFabric/qkl_01/config/crypto-config.yaml --output /home/hyperledgerFabric/qkl_01/crypto-config
Update the certificate file (check the path is correct)
cryptogen extend --config=/home/hyperledgerFabric/qkl_01/crypto-config.yaml --input /home/hyperledgerFabric/qkl_01/crypto-config
Generated directory:
Configure network files
Create a docker folder under the following directory
Create the following 5 files under the folder:
docker-compose-ymh-cli.yaml # client docker-compose-ymh-orderer0.yaml # Sort orderer0 nodes docker-compose-ymh-orderer1.yaml # Sort orderer1 nodes docker-compose-ymh-org1-1peer.yaml # organization 1 docker-compose-ymh-org2-1peer.yaml # organization 2
1.docker-compose-ymh-cli.yaml client configuration
version: '2.0' services: cli: image: hyperledger/fabric-tools:2.4.4 restart: always container_name: fabric-cli hostname: fabric-cli tty: true extra_hosts: - "orderer0.ymh.com:127.0.0.1" - "orderer1.shineyue.com:127.0.0.1" - "peer0.org1.ymh.com:127.0.0.1" - "peer0.org2.ymh.com:127.0.0.1" environment: - CORE_PEER_ID=fabric-cli - CORE_PEER_ADDRESS=peer0.org1.ymh.com:2051 # default to operate on peer0.org1 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabricqkl_01/crypto-config/peerOrganizations/org1.shineyue.com/users/[email protected]/msp - FABRIC_LOGGING_SPEC=DEBUG - FABRIC_LOGGING_FORMAT=%{<!-- -->color}[%{<!-- -->id:03x} %{<!-- -->time:01-02 15:04:05.00 MST}] [%{<!-- -->module}] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s}%{<!-- -->color :reset} %{<!-- -->message} - CORE_PEER_TLS_ENABLED=true # to enable TLS, change to true - ORDERER_CA=/home/hyperledgerFabricqkl_01/crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/msp/tlscacerts/tlsca.shineyue.com-cert.pem volumes: - ../config/crypto-config.yaml:/home/hyperledgerFabricqkl_01/crypto-config.yaml - ../config/configtx.yaml:/home/hyperledgerFabricqkl_01/configtx.yaml - ../crypto-config:/home/hyperledgerFabricqkl_01/crypto-config - ../channel-artifacts:/tmp/channel-artifacts - ../chaincode:/home/hyperledgerFabricqkl_01/chaincode - ../fabric-cil:/home/hyperledgerFabricqkl_01/fabric-cil - ../shell:/home/hyperledgerFabricqkl_01/shell working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: bash -c 'cd /tmp; source scripts/func.sh; while true; do sleep 20170504; done' orderer0.ymh.com: # There can be multiple orderers image: hyperledger/fabric-orderer:2.4.4 restart: always container_name: orderer0.ymh.com hostname: orderer0.ymh.com ports: - "2050:2050" - "3441:3441" extra_hosts: - "orderer0.ymh.com:127.0.0.1" - "orderer1.ymh.com:127.0.0.1" - "peer0.org1.ymh.com:127.0.0.1" - "peer0.org2.ymh.com:127.0.0.1" environment: - FABRIC_LOGGING_SPEC=INFO - FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}" - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 # default: 127.0.0.1 - ORDERER_GENERAL_LISTENPORT=2050 - ORDERER_GENERAL_BOOTSTRAPMETHOD=file # default: provisional - ORDERER_GENERAL_BOOTSTRAPFILE=/home/hyperledgerFabric/qkl_01/orderer.genesis.block # by default, all materials should be put under $FABRIC_CFG_PATH, which defaults to /etc/hyperledger/fabric - ORDERER_GENERAL_LOCALMSPID=OrdererMSP # default: DEFAULT - ORDERER_GENERAL_LOCALMSPDIR=/home/hyperledgerFabric/qkl_01/msp - ORDERER_GENERAL_LEDGERTYPE=file #- ORDERER_GENERAL_LEDGERTYPE=json # default: file - ORDERER_OPERATIONS_LISTENADDRESS=0.0.0.0:3441 # operation RESTful API - ORDERER_METRICS_PROVIDER=prometheus # prometheus will pull metrics from orderer via /metrics RESTful API #- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger # enabledTLS - ORDERER_GENERAL_TLS_ENABLED=true # default: false - ORDERER_GENERAL_TLS_PRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt] # Only required by raft mode - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt] - ORDERER_GENERAL_CLUSTER_SENDBUFFERSIZE=10 volumes: - /var/hyperledger_relay/productionorderer0_relay:/var/hyperledger/production - ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp - ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer0.ymh.com/tls/:/home/hyperledgerFabric/qkl_01/tls - ../channel-artifacts/orderer.genesis.block:/home/hyperledgerFabric/qkl_01/orderer.genesis.block expose: - "2050" # gRPC - "3441" # Operation REST command: orderer start orderer1.ymh.com: image: hyperledger/fabric-orderer:2.4.4 restart: always container_name: orderer1.ymh.com hostname: orderer1.ymh.com ports: - "3050:3050" - "4441:4441" extra_hosts: - "orderer0.ymh.com:127.0.0.1" - "orderer1.ymh.com:127.0.0.1" - "peer0.org1.ymh.com:127.0.0.1" - "peer0.org2.ymh.com:127.0.0.1" environment: - FABRIC_LOGGING_SPEC=INFO - FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}" - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 # default: 127.0.0.1 - ORDERER_GENERAL_LISTENPORT=3050 - ORDERER_GENERAL_BOOTSTRAPMETHOD=file # default: provisional - ORDERER_GENERAL_BOOTSTRAPFILE=/home/hyperledgerFabric/qkl_01/orderer.genesis.block # by default, all materials should be put under $FABRIC_CFG_PATH, which defaults to /etc/hyperledger/fabric - ORDERER_GENERAL_LOCALMSPID=OrdererMSP # default: DEFAULT - ORDERER_GENERAL_LOCALMSPDIR=/home/hyperledgerFabric/qkl_01/msp - ORDERER_GENERAL_LEDGERTYPE=file #- ORDERER_GENERAL_LEDGERTYPE=json # default: file - ORDERER_OPERATIONS_LISTENADDRESS=0.0.0.0:4441 # operation RESTful API - ORDERER_METRICS_PROVIDER=prometheus # prometheus will pull metrics from orderer via /metrics RESTful API #- ORDERER_RAMLEDGER_HISTORY_SIZE=100 #only useful when use ram ledger # enabledTLS - ORDERER_GENERAL_TLS_ENABLED=true # default: false - ORDERER_GENERAL_TLS_PRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt] # Only required by raft mode - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/home/hyperledgerFabric/qkl_01/tls/server.key - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/home/hyperledgerFabric/qkl_01/tls/server.crt - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/home/hyperledgerFabric/qkl_01/tls/ca.crt] - ORDERER_GENERAL_CLUSTER_SENDBUFFERSIZE=10 volumes: - /var/hyperledger_relay/productionorderer1_relay:/var/hyperledger/production - ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer1.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp - ../crypto-config/ordererOrganizations/shineyue.com/orderers/orderer1.ymh.com/tls/:/home/hyperledgerFabric/qkl_01/tls - ../channel-artifacts/orderer.genesis.block:/home/hyperledgerFabric/qkl_01/orderer.genesis.block expose: - "3050" # gRPC - "4441" # Operation REST command: orderer start peer0.org1.ymh.com: image: hyperledger/fabric-peer:2.4.4 restart: always container_name: peer0.org1.ymh.com hostname: peer0.org1.ymh.com ports: - "2051:2051" - "2052:2052" - "3442:3442" extra_hosts: - "orderer0.ymh.com:127.0.0.1" - "orderer1.ymh.com:127.0.0.1" - "peer0.org1.ymh.com:127.0.0.1" - "peer0.org2.ymh.com:127.0.0.1" environment: - FABRIC_LOGGING_SPEC=INFO - FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}" - CORE_PEER_ADDRESSAUTODETECT=false - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=host # uncomment this to use specific network - CORE_PEER_GOSSIP_USELEADERELECTION=true - CORE_PEER_GOSSIP_ORGLEADER=false # whether this node is the org leader, default to false - CORE_OPERATIONS_LISTENADDRESS=0.0.0.0:3442 # operation RESTful API - CORE_METRICS_PROVIDER=prometheus # prometheus will pull metrics from fabric via /metrics RESTful API - CORE_PEER_PROFILE_ENABLED=false - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CLIENTAUTHREQUIRED=false - CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabric/qkl_01/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabric/qkl_01/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabric/qkl_01/tls/ca.crt - CORE_PEER_TLS_CLIENTROOTCAS_FILES=/home/hyperledgerFabric/qkl_01/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabric/qkl_01/msp - CORE_CHAINCODE_BUILDER=hyperledger/fabric-ccenv:2.4.4 - CORE_CHAINCODE_GOLANG_RUNTIME=hyperledger/fabric-baseos:2.4.4 - CORE_CHAINCODE_JAVA_RUNTIME=hyperledger/fabric-javaenv:2.4 - CORE_CHAINCODE_NODE_RUNTIME=hyperledger/fabric-nodeenv:2.4.4 - CORE_PEER_ID=peer0.org1.ymh.com - CORE_PEER_ADDRESS=peer0.org1.ymh.com:2051 - CORE_PEER_LISTENADDRESS=0.0.0.0:2051 - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:2052 - CORE_PEER_CHAINCODEADDRESS=peer0.org1.ymh.com:2052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.ymh.com:2051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.ymh.com:2051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0.org1.relay.couchdb:5984 - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw volumes: - /var/hyperledger_relay/production_relayorg1:/var/hyperledger/production - /var/run/docker.sock:/var/run/docker.sock - ../crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp - ../crypto-config/peerOrganizations/org1.shineyue.com/peers/peer0.org1.ymh.com/tls:/home/hyperledgerFabric/qkl_01/tls expose: - "2051" # gRPC - "2052" #chaincode - "3442" # Operation REST #command: bash -c 'bash /tmp/peer_build.sh; peer node start' command: peer node start depends_on: - peer0.org1.relay.couchdb peer0.org1.relay.couchdb: image: couchdb:3.1.1 container_name: peer0.org1.relay.couchdb ports: - 2984:5984 # this is the restful API addr, can also access fauxton web ui thru http://localhost:5984/_utils/ environment: - COUCHDB_USER=admin - COUCHDB_PASSWORD=adminpw peer0.org2.ymh.com: image: hyperledger/fabric-peer:2.4.4 restart: always container_name: peer0.org2.ymh.com hostname: peer0.org2.ymh.com ports: - "3051:3051" - "3052:3052" - "4442:4442" extra_hosts: - "orderer0.ymh.com:127.0.0.1" - "orderer1.ymh.com:127.0.0.1" - "peer0.org1.ymh.com:127.0.0.1" - "peer0.org2.ymh.com:127.0.0.1" environment: - FABRIC_LOGGING_SPEC=INFO - FABRIC_LOGGING_FORMAT="%{<!-- -->color}%{<!-- -->time:2006-01-02 15:04:05.000 MST} [%{<!-- -->module} ] %{<!-- -->shortfunc} -> %{<!-- -->level:.4s} %{<!-- -->id:03x}%{<!-- --> color:reset} %{<!-- -->message}" - CORE_PEER_ADDRESSAUTODETECT=false - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=host # uncomment this to use specific network - CORE_PEER_GOSSIP_USELEADERELECTION=true - CORE_PEER_GOSSIP_ORGLEADER=false # whether this node is the org leader, default to false - CORE_OPERATIONS_LISTENADDRESS=0.0.0.0:4442 # operation RESTful API - CORE_METRICS_PROVIDER=prometheus # prometheus will pull metrics from fabric via /metrics RESTful API - CORE_PEER_PROFILE_ENABLED=false - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CLIENTAUTHREQUIRED=false - CORE_PEER_TLS_CERT_FILE=/home/hyperledgerFabric/qkl_01/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/home/hyperledgerFabric/qkl_01/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/home/hyperledgerFabric/qkl_01/tls/ca.crt - CORE_PEER_TLS_CLIENTROOTCAS_FILES=/home/hyperledgerFabric/qkl_01/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/home/hyperledgerFabric/qkl_01/msp - CORE_CHAINCODE_BUILDER=hyperledger/fabric-ccenv:2.4.4 - CORE_CHAINCODE_GOLANG_RUNTIME=hyperledger/fabric-baseos:2.4.4 - CORE_CHAINCODE_JAVA_RUNTIME=hyperledger/fabric-javaenv:2.4 - CORE_CHAINCODE_NODE_RUNTIME=hyperledger/fabric-nodeenv:2.4.4 - CORE_PEER_ID=peer0.org2.ymh.com - CORE_PEER_ADDRESS=peer0.org2.ymh.com:3051 - CORE_PEER_LISTENADDRESS=0.0.0.0:3051 - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:3052 - CORE_PEER_CHAINCODEADDRESS=peer0.org2.ymh.com:3052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.ymh.com:3051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.ymh.com:3051 - CORE_PEER_LOCALMSPID=Org2MSP - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0.org2.relay.couchdb:5984 - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw volumes: - /var/hyperledger_relay/production_relayorg2:/var/hyperledger/productionorg2 - /var/run/docker.sock:/var/run/docker.sock - ../crypto-config/peerOrganizations/org2.shineyue.com/peers/peer0.org2.ymh.com/msp:/home/hyperledgerFabric/qkl_01/msp - ../crypto-config/peerOrganizations/org2.shineyue.com/peers/peer0.org2.ymh.com/tls:/home/hyperledgerFabric/qkl_01/tls expose: - "3051" # gRPC - "3052" #chaincode - "4442" # Operation REST #command: bash -c 'bash /tmp/peer_build.sh; peer node start' command: peer node start depends_on: - peer0.org2.relay.couchdb peer0.org2.relay.couchdb: image: couchdb:3.1.1 container_name: peer0.org2.relay.couchdb ports: - 3984:5984 # this is the restful API addr, can also access fauxton web ui thru http://localhost:5984/_utils/ environment: - COUCHDB_USER=admin - COUCHDB_PASSWORD=adminpw