Hyperledger fabric2.4 搭建自己的网络
1、使用cryptogen工具生成证书
1.1 将fabric-samples/bin目录下的二进制文件复制到/usr/local/bin目录,以便全局使用这些命令
Set
cd fabric-samples/bin
cp * /usr/local/bin
1.2 新建文件夹 fixtures,存放我们网络的相关文件
olap
mkdir fixtures
1.3 使用cryptogen工具生成crypto-config.yaml文件
获取设备信息
cryptogen showtemplate > crypto-config.yaml
OrdererOrgs:配置Orderer节点,生产环境应该有多个实例,否则可能会有单点故障问题
内部类
PeerOrgs:配置节点组织,下面文件配置1个组织:Org1,Template:Count:1,定义组织中节点数为1个,Users:Count,定义组织中普通用户数,每个组织默认有一个管理员用户admin
下面我们查看一下crypto-config.yaml文件内容
位置权限
# 定义orderer节点
OrdererOrgs:
- Name: Orderer0
Domain: maakees.com
EnableNodeOUs: false
Specs:
- Hostname: orderer0
# 定义组织中的排序节点
# 下面内容只定义1个组织,每个组织有1个peer节点,1个普通用户
PeerOrgs:
# Org1
- Name: Org1
Domain: org1.maakees.com
EnableNodeOUs: false
Template:
Count: 1
Users:
Count: 1
1.4 使用上面的配置文件生成证书
数据可视化
cryptogen generate --config=crypto-config.yaml
会生成一个文件夹crypto-config文件夹,里面是orderer节点和peer节点的证书
证书生成完毕,进行下一步操作!!!
npm
2、使用cryptogen生成创世块文件和通道文件
2.1 创建通道:将官方示例fabric-samples/test-network/configtx/configtx.yaml文件复制到自己的目录fixtures下,修改configtx.yaml文件配置自己的通道,修改后的配置如下:
progressbar
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: ./crypto-config/ordererOrganizations/maakees.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
OrdererEndpoints:
- orderer0.maakees.com:7050
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: ./crypto-config/peerOrganizations/org1.maakees.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.member')"
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V2_0 capability ensures that orderers and peers behave according
# to v2.0 channel capabilities. Orderers and peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 capability.
# Prior to enabling V2.0 channel capabilities, ensure that all
# orderers and peers on a channel are at v2.0.0 or later.
V2_0: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V2_0 orderer capability ensures that orderers behave according
# to v2.0 orderer capabilities. Orderers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 orderer capability.
# Prior to enabling V2.0 orderer capabilities, ensure that all
# orderers on channel are at v2.0.0 or later.
V2_0: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V2_0 application capability ensures that peers behave according
# to v2.0 application capabilities. Peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 application capability.
# Prior to enabling V2.0 application capabilities, ensure that all
# peers on channel are at v2.0.0 or later.
V2_0: true
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: Signature
Rule: "OR('Org1MSP.member')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.member')"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
OrdererType: etcdraft
# Addresses used to be the list of orderer addresses that clients and peers
# could connect to. However, this does not allow clients to associate orderer
# addresses and orderer organizations which can be useful for things such
# as TLS validation. The preferred way to specify orderer addresses is now
# to include the OrdererEndpoints item in your org definition
Addresses:
- orderer0.maakees.com:7050
EtcdRaft:
Consenters:
- Host: orderer0.maakees.com
Port: 7050
ClientTLSCert: ./crypto-config/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/tls/server.crt
ServerTLSCert: ./crypto-config/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/tls/server.crt
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
OneOrgsApplicationGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Org1
MyChannel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
Capabilities:
<<: *ApplicationCapabilities
2.2 生成创世块,OneOrgsApplicationGenesis必须和configtx.yaml文件中Profiles的OneOrgsApplicationGenesis一致
dump文件
configtxgen -outputBlock ./channel-artifacts/genesis.block -profile OneOrgsApplicationGenesis -channelID fixtures-channel
创世块已经生成成功,查看目录会多出一个channel-artifacts文件夹,只包含genesis.block文件
Designer
2.3 生成通道文件,MyChannel必须和configtx.yaml文件中Profiles的MyChannel一致,通道名称不能有大写字母
stm32 毕设
configtxgen -outputCreateChannelTx ./channel-artifacts/channel.tx -profile MyChannel -channelID mychannel
通道文件创建成功,channel-artifacts目录多出一个channel.tx个文件
配置的文件使用
坑:上面两步channelID不能一样,否则后面执行 peer channel create 命令时会报错:
状态栏高度
3、部署节点
3.1 编写docker-compose.yaml 文件:
服务器
version: '2'
volumes:
orderer0.maakees.com:
peer0.org1.maakees.com:
networks:
maakees:
services:
orderer0.maakees.com:
container_name: orderer0.maakees.com
image: hyperledger/fabric-orderer:2.4.4
environment:
- FABRIC_LOGGING_SPEC=DEBUG
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=7050
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/tls/:/var/hyperledger/orderer/tls
- orderer0.maakees.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
networks:
- maakees
peer0.org1.maakees.com:
container_name: peer0.org1.maakees.com
image: hyperledger/fabric-peer:2.4.4
environment:
#Generic peer variables
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fixtures_maakees
- FABRIC_LOGGING_SPEC=DEBUG
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
# Peer specific variabes
- CORE_PEER_ID=peer0.org1.maakees.com
- CORE_PEER_ADDRESS=peer0.org1.maakees.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.maakees.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.maakees.com:9051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.maakees.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.maakees.com/peers/peer0.org1.maakees.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org1.maakees.com/peers/peer0.org1.maakees.com/tls:/etc/hyperledger/fabric/tls
- peer0.org1.maakees.com:/var/hyperledger/production
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
ports:
- 7051:7051
depends_on:
- orderer0.maakees.com
networks:
- maakees
ca.org1.maakees.com:
image: hyperledger/fabric-ca:1.5.4
container_name: ca.org1.maakees.com
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.org1.maakees.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.maakees.com-cert.pem
- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/priv_sk
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.maakees.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/priv_sk
ports:
- 7054:7054
command: sh -c 'fabric-ca-server start -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org1.maakees.com/ca/:/etc/hyperledger/fabric-ca-server-config
networks:
- maakees
cli1:
container_name: cli1
image: hyperledger/fabric-tools:latest
labels:
service: hyperledger-fabric
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- FABRIC_LOGGING_SPEC=INFO
- FABRIC_CFG_PATH=/etc/hyperledger/peercfg
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_LOCALMSPID="Org1MSP"
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/peerOrganizations/org1.maakees.com/peers/peer0.org1.maakees.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/peerOrganizations/org1.maakees.com/users/Admin@org1.maakees.com/msp
- CORE_PEER_ADDRESS=peer0.org1.maakees.com:7051
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./chaincode/go:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/organizations
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.maakees.com
networks:
- maakees
3.2 启动docker容器:
flowable
docker-compose up -d
执行 docker ps,查看容器,可以看到4个容器已经在运行了
3.3 执行 docker exec -it cli1 bash 进入 peer0 容器中,并创建通道:
服务发现
# 创建通道
peer channel create -o orderer0.maakees.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/ordererOrganizations/maakees.com/msp/tlscacerts/tlsca.maakees.com-cert.pem
会生成mychannel.block文件
3.3 将节点加入通道:peer channel join -b mychannel.block
瀛︿範
bash-5.1# peer channel join -b mychannel.block
2022-07-01 18:55:22.215 UTC 0001 INFO [channelCmd] InitCmdFactory -> Endorser and orderer connections initialized
2022-07-01 18:55:22.385 UTC 0002 INFO [channelCmd] executeJoin -> Successfully submitted proposal to join channel
本教程只有一个组织,如果有多个组织需要将节点加入通道,可按如下步骤操作:
Android
# 将cli1的mychannel.block复制到本地
docker cp cli1:/opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block ./
# 将mychannel.block复制到cli2容器
docker cp ./mychannel.block cli2:/opt/gopath/src/github.com/hyperledger/fabric/peer
# 进入cli2容器
docker exec -it cli2 bash
# 将节点加入通道
peer channel join -b mychannel.block
4、部署链码
4.1 安装链码,链码使用官方示例:fabric-samples/chaincode/sacc/sacc.go,将示例文件夹复制到chaincode/go文件夹
链码的生命周期:打包、安装、批准、提交
a2dp
# 1、进入cli1容器
docker exec -it cli1 bash
# 2、进入链码文件夹 —— docker-composer.yaml文件中cli节点配置volumes中的./chaincode/go/映射目录
cd /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/
# 3、安装go依赖
go env -w GOPROXY=https://goproxy.cn,direct
go mod init
go mod vendor
# 4、打包链码
peer lifecycle chaincode package sacc.tar.gz --path /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go --label sacc_1
# 5、安装链码
peer lifecycle chaincode install sacc.tar.gz
# 6、链码审批
peer lifecycle chaincode approveformyorg --channelID mychannel --name sacc --version 1.0 --init-required --package-id sacc_1:f43aa8d08ca0e35aa89d92c5956465b6970365cfe734edcb708716b13ad35ee0 --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/msp/tlscacerts/tlsca.maakees.com-cert.pem
# 7、检查是否批准
peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name sacc --version 1.0 --init-required --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/ordererOrganizations/example.com/orderers/orderer0.maakees.com/msp/tlscacerts/tlsca.maakees.com-cert.pem --output json
# 8、提交链码,多个组织只需在命令行继续增加,peerAddresses和tlsRootCertFiles参数,无需切换到其他cli执行
peer lifecycle chaincode commit -o orderer0.maakees.com:7050 --channelID mychannel --name sacc --version 1.0 --init-required --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/msp/tlscacerts/tlsca.maakees.com-cert.pem --peerAddresses peer0.org1.maakees.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/peerOrganizations/org1.maakees.com/peers/peer0.maakees.com/tls/ca.crt
如果执行安装出现如下错误:
Error: chaincode install failed with status: 500 – failed to invoke backing implementation of ‘InstallChaincode’: could not build chaincode: docker build failed: docker image inspection failed: Get “http://unix.sock/images/dev-peer0.org1.maakees.com-sacc_1-1e522d86a763da75be8d9370effd75339189beab263c97d3170bd83ef1771920-b075dbd70ebcbcb687051446db2f8f04f03ad0520ca43eea5c3731b8d2586097/json”: dial unix /host/var/run/docker.sock: connect: no such file or directory
thymeleaf
解决:
此问题是由适用于 macOS 的较新版本的 Docker Desktop 引起的。要解决此问题,请在 Docker 桌面首选项中取消选中Use gRPC FUSE for file sharing以使用旧版 osxfs 文件共享,然后单击应用并重新启动。
tolua
如果要将链码安装到其他节点,操作类似3.3
tcp/ip
4.1 调用链码
YOLOv4
peer chaincode invoke -o orderer0.maakees.com:7050 --isInit --ordererTLSHostnameOverride orderer0.maakees.com --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/ordererOrganizations/maakees.com/orderers/orderer0.maakees.com/msp/tlscacerts/tlsca.maakees.com-cert.pem --channelID mychannel --name sacc --peerAddresses peer0.org1.maakees.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/organizations/peerOrganizations/org1.maakees.com/peers/peer0.org1.maakees.com/tls/ca.crt -c '{"Args":["a","bb"]}'
链码调用成功 环境搭建完毕!!!
最优化问题
5、停止网络
docker-compose down
swing
声明:本站博客内容版权均属于原作者所有,这里所提供资源均只能用于参考学习用,书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
