Hyperledger Fabric1.3安裝部署以及動態Org、Peer的實現
摘要:
基礎環境安裝與配置
關閉防火牆
systemctl stop firewalld.service
systemctl disable firewalld.service
設定安全
vim /etc/selinux/config
...
基礎環境安裝與配置
- 關閉防火牆
systemctl stop firewalld.service systemctl disable firewalld.service
-
設定安全
vim /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: #enforcing - SELinux security policy is enforced. #permissive - SELinux prints warnings instead of enforcing. #disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: #targeted - Targeted processes are protected, #minimum - Modification of targeted policy. Only selected processes are protected. #mls - Multi Level Security protection. # SELINUXTYPE=targeted
- 安裝必需的包
yum install -y yum-utils device-mapper-persistent-data lvm2 wget unzip lrzsz
- 設定yum源並安裝docker
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum install docker-ce -y
- 安裝docker-compose
yum -y install epel-release yum install python-pip -y pip install --upgrade pip pip install docker-compose ystemctl start docker systemctl enable docker
- 安裝git-2.3.0和Golang (用於 fabric cli 服務的呼叫, ca 服務證書生成 )
mkdir /opt/soft cd /opt/soft yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker wget https://github.com/git/git/archive/v2.3.0.zip unzip v2.3.0.zip cd git-2.3.0/ make prefix=/usr/local/git all make prefix=/usr/local/git install mkdir -p /opt/soft/golang cd /opt/soft/golang wget https://studygolang.com/dl/golang/go1.11.linux-amd64.tar.gz tar -C /usr/local -xzf go1.11.linux-amd64.tar.gz
-
配置git和Golang的環境變數
vim /etc/profile新增以下env
export PATH=/usr/local/git/bin:$PATH export PATH=$PATH:/usr/local/go/bin export GOROOT=/usr/local/go export GOPATH=/workspace/golang export PATH=/usr/local/git/bin:$PATH
source /etc/profile 重新生效
好了,基礎區塊鏈機器環境都裝完了,後續的機器可以直接克隆了
網路規劃
2個CA伺服器,3個Zookeeper伺服器,3個Kafka伺服器,3個Orderer伺服器,3個Peer伺服器
192.168.137.245: ca.org1.alinkeji.com,zookeeper0,kafka0,orderer0.alinkeji.com,peer0.org1.alinkeji.com zookeeper0 192.168.137.210: ca.org2.alinkeji.com,zookeeper1,kafka1,orderer1.alinkeji.com,peer0.org2.alinkeji.com zookeeper1 192.168.137.143: zookeeper2,kafka2,orderer2.alinkeji.com,peer1.org1.alinkeji.com zookeeper2
- 配置hosts的域名解析:vim /etc/hosts
192.168.137.245 ca.org1.alinkeji.com orderer0.alinkeji.com peer0.org1.alinkeji.com 192.168.137.210 ca.org2.alinkeji.com orderer1.alinkeji.com peer0.org2.alinkeji.com 192.168.137.143 orderer2.alinkeji.com peer1.org1.alinkeji.com
- 建立目錄並下載fabric1.3的原始碼
mkdir -p /workspace/golang/src/github.com/hyperledger cd /workspace/golang/src/github.com/hyperledger git clone https://github.com/hyperledger/fabric.git cd fabric/ git checkout v1.3.0
- 修改download-dockerimages.sh指令碼dockerFabricPull部分:vim download-dockerimages.sh
dockerFabricPull() {
echo "==> FABRIC IMAGE: peer"
echo
docker pull hyperledger/fabric-peer:amd64-1.3.0
docker tag hyperledger/fabric-peer:amd64-1.3.0 hyperledger/fabric-peer
echo "==> FABRIC IMAGE: orderer"
echo
docker pull hyperledger/fabric-orderer:amd64-1.3.0
docker tag hyperledger/fabric-orderer:amd64-1.3.0 hyperledger/fabric-orderer
echo "==> FABRIC IMAGE: couchdb"
echo
docker pull hyperledger/fabric-couchdb:amd64-0.4.14
docker tag hyperledger/fabric-couchdb:amd64-0.4.14 hyperledger/fabric-couchdb
echo "==> FABRIC IMAGE: ccenv"
echo
docker pull hyperledger/fabric-ccenv:amd64-1.3.0
docker tag hyperledger/fabric-ccenv:amd64-1.3.0 hyperledger/fabric-ccenv
echo "==> FABRIC IMAGE: javaenv"
echo
docker pull hyperledger/fabric-javaenv:amd64-1.3.0
docker tag hyperledger/fabric-javaenv:amd64-1.3.0 hyperledger/fabric-javaenv
echo "==> FABRIC IMAGE: kafka"
echo
docker pull hyperledger/fabric-kafka:amd64-0.4.14
docker tag hyperledger/fabric-kafka:amd64-0.4.14 hyperledger/fabric-kafka
echo "==> FABRIC IMAGE: tools"
echo
docker pull hyperledger/fabric-tools:amd64-1.3.0
docker tag hyperledger/fabric-tools:amd64-1.3.0 hyperledger/fabric-tools
echo "==> FABRIC IMAGE: zookeeper"
echo
docker pull hyperledger/fabric-zookeeper:amd64-0.4.14
docker tag hyperledger/fabric-zookeeper:amd64-0.4.14 hyperledger/fabric-zookeeper
}
- 拷貝修改的配置到其他機器上並下載映象
scp download-dockerimages.sh [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli scp download-dockerimages.sh [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli source download-dockerimages.sh -c latest -f latest
- 修過crypto-config.yaml和configtx.yaml
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # # --------------------------------------------------------------------------- # "OrdererOrgs" - Definition of organizations managing orderer nodes # --------------------------------------------------------------------------- OrdererOrgs: # --------------------------------------------------------------------------- # Orderer # --------------------------------------------------------------------------- - Name: Orderer Domain: alinkeji.com CA: Country: CN Province: Sichuan Locality: Chengdu # --------------------------------------------------------------------------- # "Specs" - See PeerOrgs below for complete description # --------------------------------------------------------------------------- Specs: - Hostname: orderer0 - Hostname: orderer1 - Hostname: orderer2 # --------------------------------------------------------------------------- # "PeerOrgs" - Definition of organizations managing peer nodes # --------------------------------------------------------------------------- PeerOrgs: # --------------------------------------------------------------------------- # Org1 # --------------------------------------------------------------------------- - Name: Org1 Domain: org1.alinkeji.com EnableNodeOUs: true CA: Country: CN Province: Sichuan Locality: Chengdu # --------------------------------------------------------------------------- # "Specs" # --------------------------------------------------------------------------- # Uncomment this section to enable the explicit definition of hosts in your # configuration.Most users will want to use Template, below # # Specs is an array of Spec entries.Each Spec entry consists of two fields: #- Hostname:(Required) The desired hostname, sans the domain. #- CommonName: (Optional) Specifies the template or explicit override for #the CN.By default, this is the template: # #"{{.Hostname}}.{{.Domain}}" # #which obtains its values from the Spec.Hostname and #Org.Domain, respectively. # --------------------------------------------------------------------------- # Specs: #- Hostname: foo # implicitly "foo.org1.example.com" #CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above #- Hostname: bar #- Hostname: baz # --------------------------------------------------------------------------- # "Template" # --------------------------------------------------------------------------- # Allows for the definition of 1 or more hosts that are created sequentially # from a template. By default, this looks like "peer%d" from 0 to Count-1. # You may override the number of nodes (Count), the starting index (Start) # or the template used to construct the name (Hostname). # # Note: Template and Specs are not mutually exclusive.You may define both # sections and the aggregate nodes will be created for you.Take care with # name collisions # --------------------------------------------------------------------------- Template: Count: 2 # Start: 5 # Hostname: {{.Prefix}}{{.Index}} # default # --------------------------------------------------------------------------- # "Users" # --------------------------------------------------------------------------- # Count: The number of user accounts _in addition_ to Admin # --------------------------------------------------------------------------- Users: Count: 2 # --------------------------------------------------------------------------- # Org2: See "Org1" for full specification # --------------------------------------------------------------------------- - Name: Org2 Domain: org2.alinkeji.com EnableNodeOUs: true CA: Country: CN Province: Sichuan Locality: Chengdu Template: Count: 1 Users: Count: 2
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
#Section: Organizations
#
#- This section defines the different organizational identities which will
#be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig.It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
#/Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
#/Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.alinkeji.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
#/Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.alinkeji.com
Port: 7051
################################################################################
#
#SECTION: Capabilities
#
#- This section defines the capabilities of fabric network. This is a new
#concept as of v1.1.0 and should not be utilized in mixed networks with
#v1.0.x peers and orderers.Capabilities define features which must be
#present in a fabric binary for that binary to safely participate in the
#fabric network.For instance, if a new MSP type is added, newer binaries
#might recognize and validate the signatures from this type, while older
#binaries without this support would be unable to validate those
#transactions.This could lead to different versions of the fabric binaries
#having different world states.Instead, defining a capability for a channel
#informs those binaries without this capability that they must cease
#processing transactions until they have been upgraded.For v1.0.x if any
#capabilities are defined (including a map with all capabilities turned off)
#then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
#SECTION: Application
#
#- This section defines the values to encode into a config transaction or
#genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
#/Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the application level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
#SECTION: Orderer
#
#- This section defines the values to encode into a config transaction or
#genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: kafka
Addresses:
- orderer0.alinkeji.com:7050
- orderer1.alinkeji.com:7050
- orderer2.alinkeji.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 98 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects. Edit
# this list to identify the brokers of the ordering service.
# NOTE: Use IP:port notation.
Brokers:
- kafka0:9092
- kafka1:9092
- kafka2:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
#/Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
# Capabilities describes the orderer level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *OrdererCapabilities
################################################################################
#
#CHANNEL
#
#This section defines the values to encode into a config transaction or
#genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
#/Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
#Profile
#
#- Different configuration profiles may be encoded here to be specified
#as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
- 修改 generateArtifacts.sh指令碼檔案的example.com為alinkeji.com並生成證書和通道相關的檔案並拷貝到其他兩臺機器
sed -i "s/example.com/alinkeji\.com/g" generateArtifacts.sh source generateArtifacts.sh xinghun scp -r crypto-config/ channel-artifacts/ [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli scp -r crypto-config/ channel-artifacts/ [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli
- 網路規劃中(192.168.137.245)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: zookeeper: image: hyperledger/fabric-zookeeper restart: always ports: - 2181:2181 - 2888:2888 - 3888:3888 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.137" kafka: image: hyperledger/fabric-kafka restart: always environment: - KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false ports: - 9092:9092 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" orderer0.alinkeji.com: container_name: orderer0.alinkeji.com image: hyperledger/fabric-orderer environment: - ORDERER_GENERAL_LOGLEVEL=debug - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_GENESISMETHOD=file - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS - ORDERER_GENERAL_TLS_ENABLED=true - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] - ORDERER_KAFKA_RETRY_LONGINTERVAL=10s - ORDERER_KAFKA_RETRY_LONGTOTAL=100s - ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s - ORDERER_KAFKA_RETRY_SHORTTOTAL=30s - ORDERER_KAFKA_VERBOSE=true working_dir: /workspace/golang/src/github.com/hyperledger/fabric command: orderer volumes: - ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/tls/:/var/hyperledger/orderer/tls ports: - 7050:7050 extra_hosts: - "orderer0:192.168.137.245" - "orderer1:192.168.137.210" - "orderer2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" peer0.org1.alinkeji.com: container_name: peer0.org1.alinkeji.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.org1.alinkeji.com - CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051 - CORE_PEER_CHAINCODEADDRESS=peer0.org1.alinkeji.com:7052 - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.alinkeji.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls:/etc/hyperledger/fabric/tls ports: - 7051:7051 - 7052:7052 - 7053:7053 extra_hosts: - "orderer0.alinkeji.com:192.168.137.245" - "orderer1.alinkeji.com:192.168.137.210" - "orderer2.alinkeji.com:192.168.137.143"
services: ca-org1: image: hyperledger/fabric-ca environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org1 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.alinkeji.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/f7676f60df1087257f26092f8a599699374b8f669f31ba614743a713ad3fe610_sk ports: - "7054:7054" volumes: - ./crypto-config/peerOrganizations/org1.alinkeji.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg1 zookeeper0: container_name: zookeeper0 hostname: zookeeper0 extends: file: base/docker-compose-base.yaml service: zookeeper environment: - ZOO_MY_ID=1 - ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888 kafka0: container_name: kafka0 hostname: kafka0 extends: file: base/docker-compose-base.yaml service: kafka environment: - KAFKA_BROKER_ID=1 - KAFKA_MIN_INSYNC_REPLICAS=2 - KAFKA_DEFAULT_REPLICATION_FACTOR=3 - KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181 depends_on: - zookeeper0 orderer0.alinkeji.com: extends: file:base/docker-compose-base.yaml service: orderer0.alinkeji.com container_name: orderer0.alinkeji.com depends_on: - zookeeper0 - kafka0 peer0.org1.alinkeji.com: container_name: peer0.org1.alinkeji.com hostname: peer0.org1.alinkeji.com extends: file:base/docker-compose-base.yaml service: peer0.org1.alinkeji.com depends_on: - zookeeper0 - kafka0 - orderer0.alinkeji.com
- 網路規劃中(192.168.137.210)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: zookeeper: image: hyperledger/fabric-zookeeper restart: always ports: - 2181:2181 - 2888:2888 - 3888:3888 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.137" kafka: image: hyperledger/fabric-kafka restart: always environment: - KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false ports: - 9092:9092 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" orderer1.alinkeji.com: container_name: orderer1.alinkeji.com image: hyperledger/fabric-orderer environment: - ORDERER_GENERAL_LOGLEVEL=debug - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_GENESISMETHOD=file - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS - ORDERER_GENERAL_TLS_ENABLED=true - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] - ORDERER_KAFKA_RETRY_LONGINTERVAL=10s - ORDERER_KAFKA_RETRY_LONGTOTAL=100s - ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s - ORDERER_KAFKA_RETRY_SHORTTOTAL=30s - ORDERER_KAFKA_VERBOSE=true working_dir: /workspace/golang/src/github.com/hyperledger/fabric command: orderer volumes: - ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/tls/:/var/hyperledger/orderer/tls ports: - 7050:7050 extra_hosts: - "orderer0:192.168.137.245" - "orderer1:192.168.137.210" - "orderer2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" peer0.org2.alinkeji.com: container_name: peer0.org2.alinkeji.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.org2.alinkeji.com - CORE_PEER_ADDRESS=peer0.org2.alinkeji.com:7051 - CORE_PEER_CHAINCODEADDRESS=peer0.org2.alinkeji.com:7052 - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.alinkeji.com:7051 - CORE_PEER_LOCALMSPID=Org2MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org2.alinkeji.com/peers/peer0.org2.alinkeji.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org2.alinkeji.com/peers/peer0.org2.alinkeji.com/tls:/etc/hyperledger/fabric/tls ports: - 7051:7051 - 7052:7052 - 7053:7053 extra_hosts: - "orderer0.alinkeji.com:192.168.137.245" - "orderer1.alinkeji.com:192.168.137.210" - "orderer2.alinkeji.com:192.168.137.143"
version: '2' services: ca-org2: image: hyperledger/fabric-ca environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org2 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org2.alinkeji.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/a3d20f2e4abbb53ecdf4e61ad2491805772e1f426da687d87c6640ecaa77a5b9_sk ports: - "7054:7054" volumes: - ./crypto-config/peerOrganizations/org2.alinkeji.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg2 zookeeper1: container_name: zookeeper1 hostname: zookeeper1 extends: file: base/docker-compose-base.yaml service: zookeeper environment: - ZOO_MY_ID=2 - ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888 kafka1: container_name: kafka1 hostname: kafka1 extends: file: base/docker-compose-base.yaml service: kafka environment: - KAFKA_BROKER_ID=2 - KAFKA_MIN_INSYNC_REPLICAS=2 - KAFKA_DEFAULT_REPLICATION_FACTOR=3 - KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181 depends_on: - zookeeper1 orderer1.alinkeji.com: extends: file:base/docker-compose-base.yaml service: orderer1.alinkeji.com container_name: orderer1.alinkeji.com depends_on: - zookeeper1 - kafka1 peer0.org2.alinkeji.com: container_name: peer0.org2.alinkeji.com hostname: peer0.org2.alinkeji.com extends: file:base/docker-compose-base.yaml service: peer0.org2.alinkeji.com depends_on: - zookeeper1 - kafka1 - orderer1.alinkeji.com
- 網路規劃中(192.168.137.143)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: zookeeper: image: hyperledger/fabric-zookeeper restart: always ports: - 2181:2181 - 2888:2888 - 3888:3888 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.137" kafka: image: hyperledger/fabric-kafka restart: always environment: - KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B - KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false ports: - 9092:9092 extra_hosts: - "zookeeper0:192.168.137.245" - "zookeeper1:192.168.137.210" - "zookeeper2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" orderer2.alinkeji.com: container_name: orderer2.alinkeji.com image: hyperledger/fabric-orderer environment: - ORDERER_GENERAL_LOGLEVEL=debug - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_GENESISMETHOD=file - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS - ORDERER_GENERAL_TLS_ENABLED=true - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] - ORDERER_KAFKA_RETRY_LONGINTERVAL=10s - ORDERER_KAFKA_RETRY_LONGTOTAL=100s - ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s - ORDERER_KAFKA_RETRY_SHORTTOTAL=30s - ORDERER_KAFKA_VERBOSE=true working_dir: /workspace/golang/src/github.com/hyperledger/fabric command: orderer volumes: - ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/tls/:/var/hyperledger/orderer/tls ports: - 7050:7050 extra_hosts: - "orderer0:192.168.137.245" - "orderer1:192.168.137.210" - "orderer2:192.168.137.143" - "kafka0:192.168.137.245" - "kafka1:192.168.137.210" - "kafka2:192.168.137.143" peer1.org1.alinkeji.com: container_name: peer1.org1.alinkeji.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer1.org1.alinkeji.com - CORE_PEER_ADDRESS=peer1.org1.alinkeji.com:7051 - CORE_PEER_CHAINCODEADDRESS=peer1.org1.alinkeji.com:7052 - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.alinkeji.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.alinkeji.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer1.org1.alinkeji.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer1.org1.alinkeji.com/tls:/etc/hyperledger/fabric/tls ports: - 7051:7051 - 7052:7052 - 7053:7053 extra_hosts: - "orderer0.alinkeji.com:192.168.137.245" - "orderer1.alinkeji.com:192.168.137.210" - "orderer2.alinkeji.com:192.168.137.143"
version: '2' services: zookeeper2: container_name: zookeeper2 hostname: zookeeper2 extends: file: base/docker-compose-base.yaml service: zookeeper environment: - ZOO_MY_ID=3 - ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888 kafka2: container_name: kafka2 hostname: kafka2 extends: file: base/docker-compose-base.yaml service: kafka environment: - KAFKA_BROKER_ID=3 - KAFKA_MIN_INSYNC_REPLICAS=2 - KAFKA_DEFAULT_REPLICATION_FACTOR=3 - KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181 depends_on: - zookeeper2 orderer2.alinkeji.com: extends: file:base/docker-compose-base.yaml service: orderer2.alinkeji.com container_name: orderer2.alinkeji.com depends_on: - zookeeper2 - kafka2 peer1.org1.alinkeji.com: container_name: peer1.org1.alinkeji.com hostname: peer1.org1.alinkeji.com extends: file:base/docker-compose-base.yaml service: peer1.org1.alinkeji.com depends_on: - zookeeper2 - kafka2 - orderer2.alinkeji.com
- 分別在三臺機器上啟動容器,網路部署完成
CHANNEL_NAME=xinghun TIMEOUT=10000 docker-compose -f docker-compose-run.yaml up
- 配置docker-compose-cli.yaml執行docker exec -it cli bash命令進入容器
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: # 每一臺Peer的以下配置不相同 # 主要體現在CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051 cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/workspace/golang - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_LOCALMSPTYPE=bccsp - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/users/[email protected]/msp working_dir: /workspace/golang/src/github.com/hyperledger/fabric/peer #command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT' volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/workspace/golang/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/workspace/golang/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/workspace/golang/src/github.com/hyperledger/fabric/peer/channel-artifacts extra_hosts: - "orderer0.alinkeji.com:192.168.137.245" - "orderer1.alinkeji.com:192.168.137.110" - "orderer2.alinkeji.com:192.168.137.143" - "peer0.org1.alinkeji.com:192.168.137.245" - "peer0.org2.alinkeji.com:192.168.137.210" - "peer1.org1.alinkeji.com:192.168.137.143"
- 建立通道並將peer加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem export CHANNEL_NAME=xinghun peer channel create -o orderer0.alinkeji.com:7050 -c xinghun -f ./channel-artifacts/channel.tx --tls --cafile$ORDERER_CA mv xinghun.block channel-artifacts/ peer channel join -b channel-artifacts/xinghun.block
- 退出cli容器拷貝xinghun.block到另外兩臺機器
scp xinghun.block [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts scp xinghun.block [email protected]:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts
- 同上配置docker-compose-cli.yaml後進入192.168.137.210機器的cli容器將peer節點加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem export CHANNEL_NAME=xinghun peer channel join -b channel-artifacts/xinghun.block
- 同上配置docker-compose-cli.yaml後進入192.168.137.143機器的cli容器將peer節點加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem export CHANNEL_NAME=xinghun peer channel join -b channel-artifacts/xinghun.block
- 安裝智慧合約(在每臺伺服器上都安裝智慧合約)
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/example02/cmd
- 例項化智慧合約(只需要在一臺機器上執行就可以了)
peer chaincode instantiate -o orderer0.alinkeji.com:7050 --tls --cafile $ORDERER_CA -C xinghun -n mycc -v 1.0 -c '{"Args":["init","a","100","b","100"]}' -P "AND ('Org1MSP.peer','Org2MSP.peer')"
- 在任意peer容器上即可執行查詢,轉賬等操作
peer chaincode query -C xinghun -n mycc -c '{"Args":["query","a"]}'
- 動態Peer節點配置持續更新
- 動態Org配置持續更新