搭建好的環境已經可以正常執行多組織多節點的fabric，在已經正常執行的通道中加入新的組織，步驟如下：

1.如果要手動執行，首先在docker-compose-org3.yaml中增加org3,同時在cli和org3中設定手動執行變數CORE_LOGGING_LEVEL為DEBUG，隱藏原來設定。增加的org3為：

version: '2'

volumes:

  peer0.org3.example.com:

  peer1.org3.example.com:

networks:

  byfn:

services:

  peer0.org3.example.com:

    container_name: peer0.org3.example.com

    extends:

      file: base/peer-base.yaml

      service: peer-base

    environment:

      - CORE_PEER_ID=peer0.org3.example.com

      - CORE_PEER_ADDRESS=peer0.org3.example.com:7051

      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org3.example.com:7051

      - CORE_PEER_LOCALMSPID=Org3MSP

    volumes:

        - /var/run/:/host/var/run/

        - ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/msp:/etc/hyperledger/fabric/msp

        - ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls:/etc/hyperledger/fabric/tls

        - peer0.org3.example.com:/var/hyperledger/production

    ports:

      - 11051:7051

      - 11053:7053

    networks:

      - byfn

  peer1.org3.example.com:

    container_name: peer1.org3.example.com

    extends:

      file: base/peer-base.yaml

      service: peer-base

    environment:

      - CORE_PEER_ID=peer1.org3.example.com

      - CORE_PEER_ADDRESS=peer1.org3.example.com:7051

      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org3.example.com:7051

      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org3.example.com:7051

      - CORE_PEER_LOCALMSPID=Org3MSP

    volumes:

        - /var/run/:/host/var/run/

        - ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer1.org3.example.com/msp:/etc/hyperledger/fabric/msp

        - ./org3-artifacts/crypto-config/peerOrganizations/org3.example.com/peers/peer1.org3.example.com/tls:/etc/hyperledger/fabric/tls

        - peer1.org3.example.com:/var/hyperledger/production

    ports:

      - 12051:7051

      - 12053:7053

    networks:

      - byfn

  Org3cli:

    container_name: Org3cli

    image: hyperledger/fabric-tools:$IMAGE_TAG

    tty: true

    stdin_open: true

    environment:

      - GOPATH=/opt/gopath

      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock

      #- CORE_LOGGING_LEVEL=INFO

      - CORE_LOGGING_LEVEL=DEBUG

      - CORE_PEER_ID=Org3cli

      - CORE_PEER_ADDRESS=peer0.org3.example.com:7051

      - CORE_PEER_LOCALMSPID=Org3MSP

      - CORE_PEER_TLS_ENABLED=true

      - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.crt

      - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.key

      - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt

      - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/[email protected]/msp

    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer

    command: /bin/bash

    volumes:

        - /var/run/:/host/var/run/

        - ./../chaincode/:/opt/gopath/src/github.com/chaincode

        - ./org3-artifacts/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/

        - ./crypto-config/peerOrganizations/org1.example.com:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com

        - ./crypto-config/peerOrganizations/org2.example.com:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com

        - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/

    depends_on:

      - peer0.org3.example.com

      - peer1.org3.example.com

    networks:

      - byfn

2.新建檔案configtx.yaml和 org3-crypto.yaml，前一個規定了org3的錨節點和msp等資訊，後一個規定了基本結構生成org3的密匙證書等。

configtx.yaml檔案

---

Organizations:

    - &Org3

        # DefaultOrg defines the organization which is used in the sampleconfig

        # of the fabric.git development environment

        Name: Org3MSP

        # ID to load the MSP definition as

        ID: Org3MSP

        MSPDir: crypto-config/peerOrganizations/org3.example.com/msp

        AnchorPeers:

            # AnchorPeers defines the location of peers which can be used

            # for cross org gossip communication.  Note, this value is only

            # encoded in the genesis block in the Application section context

            - Host: peer0.org3.example.com

              Port: 7051

org3-crypto.yaml檔案

PeerOrgs:

  # ---------------------------------------------------------------------------

  # Org3

  # ---------------------------------------------------------------------------

  - Name: Org3

    Domain: org3.example.com

    EnableNodeOUs: true

    Template:

      Count: 2

    Users:

      Count: 1

3.生成密匙和證書等材料命令：../../bin/cryptogen generate --config=./org3-crypto.yaml

 建立json檔案，包含策略連線資訊命令：export FABRIC_CFG_PATH=$PWD && ../../bin/configtxgen -printOrg Org3MSP > ../channel-artifacts/org3.json

拷貝排序Org的MSP材料到Org3的 crypto-config 目錄下：cd ../ && cp -r crypto-config/ordererOrganizations org3-artifacts/crypto-config/

進入cli環境，預設org1為管理員環境：docker exec -it cli bash

安裝解析json檔案的jq：apt update && apt install -y jq

設定根證書和通道名稱的環境變數：export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem  && export CHANNEL_NAME=mychannel

檢查環境變數準確性：echo $ORDERER_CA && echo $CHANNEL_NAME

以二進位制protobuf格式拉取最新的通道配置檔案：peer channel fetch config config_block.pb -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

去除無關資料，將二進位制檔案轉化為可讀可修改的json檔案：configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json

4.生成包括org3的json檔案：jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org3MSP":.[1]}}}}}' config.json ./channel-artifacts/org3.json > modified_config.json

生成原有的二進位制通道配置檔案：configtxlator proto_encode --input config.json --type common.Config --output config.pb

生成包含org3的通道配置檔案：configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb

計算兩個pb檔案的差異，得出更新的pb配置檔案：configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org3_update.pb

將pb更新檔案轉化為json檔案：configtxlator proto_decode --input org3_update.pb --type common.ConfigUpdate | jq . > org3_update.json

使用信封訊息來包裝檔案，即新增元資料的刪除的資料：echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat org3_update.json)'}}}' | jq . > org3_update_in_envelope.json

最後轉化為完整的pb格式檔案：configtxlator proto_encode --input org3_update_in_envelope.json --type common.Envelope --output org3_update_in_envelope.pb

5.使用org1管理員身份進行簽名：peer channel signconfigtx -f org3_update_in_envelope.pb  //預設環境變數為org1，使用的配置策略為and，所以需要兩者簽名。

更改環境變數到org2：export  CORE_PEER_LOCALMSPID="Org2MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp

export  CORE_PEER_ADDRESS=peer0.org2.example.com:7051

使用org2進行簽名並提交：peer channel update -f org3_update_in_envelope.pb -c $CHANNEL_NAME -o orderer.example.com:7050 --tls --cafile $ORDERER_CA

檢視 peer0.org1.example.com 的日誌：docker logs -f peer0.org1.example.com

6.生成org3 cli和org3 peer節點容器：docker-compose -f docker-compose-org3.yaml up -d

啟動cli 容器，進入預設的org3 peer0節點容器：docker exec -it Org3cli bash

設定名稱和通道排序服務根證書的環境變數：export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem && export CHANNEL_NAME=mychannel

檢查環境變數的設定：echo  $ORDERER_CA && echo $CHANNEL_NAME

檢索0號區塊，檢查是否將org3成功加入通道：peer channel fetch 0 mychannel.block -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

指定0號區塊為初始區塊：peer channel join -b mychannel.block

設定節點2的環境變數：export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer1.org3.example.com/tls/ca.crt && export CORE_PEER_ADDRESS=peer1.org3.example.com:7051

節點2加入0號區塊：peer channel join -b mychannel.block

Org3 peer1安裝鏈碼：peer chaincode install -n mycc -v 2.0 -p github.com/chaincode/chaincode_example02/go/

Org3 peer0安裝鏈碼需要修改環境變數：export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt && export CORE_PEER_ADDRESS=peer0.org3.example.com:7051

Org3 peer0安裝鏈碼：peer chaincode install -n mycc -v 2.0 -p github.com/chaincode/chaincode_example02/go/

進入org2環境：export CORE_PEER_LOCALMSPID="Org2MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp

export CORE_PEER_ADDRESS=peer0.org2.example.com:7051

Org2安裝鏈碼：peer chaincode install -n mycc -v 2.0 -p github.com/chaincode/chaincode_example02/go/

Org1環境變數：

export CORE_PEER_LOCALMSPID="Org1MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp

export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

Org1安裝鏈碼：peer chaincode install -n mycc -v 2.0 -p github.com/chaincode/chaincode_example02/go/

將org3加入策略：peer chaincode upgrade -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -v 2.0 -c '{"Args":["init","a","90","b","210"]}' -P "OR ('Org1MSP.peer','Org2MSP.peer','Org3MSP.peer')"

7.Org3環境變數：export CORE_PEER_LOCALMSPID="Org3MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/[email protected]/msp

export CORE_PEER_ADDRESS=peer0.org3.example.com:7051

查詢a的值：peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'

從a轉移10到b：peer chaincode invoke -o orderer.example.com:7050  --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'

查詢a的值：peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'

遇到的錯誤：沒有找見org3 msp檔案：將/home/ubuntu/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/first-network/crypto-config/peerOrganizations/org3.example.com 檔案複製 /crypto/peerorg/下

遇見環境變數步驟錯誤等原因，將鏈碼版本更新在安裝。