fabric多节点网络环境搭建(v2.2)
文章目录
一、机器准备与基础环境搭建
| 服务器 | orderer节点 | peer节点 |
|---|---|---|
| chain4(192.168.1.223) | orderer0.example1.com | peer0.org1.example1.com |
| chain5(192.168.1.224) | orderer1.example1.com | |
| chain6(192.168.1.225) | orderer2.example1.com | peer0.org2.example1.com |
转载:
fabric常用命令
防火墙端口设置:
#查看防火墙所有开放端口:
firewall-cmd --zone=public --list-ports
#开放端口(7050 order节点端口7051-7053 peer节点端口 5984 CouchDB端口 8080 基于SDK网关应用管理平台)
firewall-cmd --zone=public --add-port=7050/tcp –permanent
firewall-cmd --zone=public --add-port=7051/tcp –permanent
firewall-cmd --zone=public --add-port=7052/tcp –permanent
firewall-cmd --zone=public --add-port=7053/tcp –permanent
firewall-cmd --zone=public --add-port=7054/tcp –permanent
firewall-cmd --zone=public --add-port=5984/tcp –permanent
firewall-cmd --zone=public --add-port=8080/tcp –permanent
firewall-cmd --reload
二、创建服务部署目录
创建服务部署目录(三台机器都需要此步操作)
# mkdir $FABRIC/multipeer/
将$FABRIC/scripts/fabric-samples/目录下的bin文件夹拷贝到$FABRIC/multipeer/
# cp $FABRIC/scripts/fabric-samples/bin/ $FABRIC/multipeer/
创建证书和通道文件在chain4机器上执行
三、准备证书文件
cd $FABRIC/multipeer/
vim crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: example1.com
Specs:
- Hostname: orderer0
- Hostname: orderer1
- Hostname: orderer2
PeerOrgs:
- Name: Org1
Domain: org1.example1.com
EnableNodeOUs: true
Template:
Count: 2 #生成peer的数量
Users:
Count: 1 #生成用户个数
- Name: Org2
Domain: org2.example1.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
执行命令生成证书文件
./bin/cryptogen generate --config=./crypto-config.yaml
执行后在当前目录下生成crypto-config文件夹,如下:
cryptogen 命令介绍:
-help #显示帮助信息
-generate #根据配置文件生成证书信息
-showtemplate #显示证书模板配置文件
-version #显示cryptogen 的版本号
四、通道配置文件
参照$FABRIC/scripts/fabric-samples/test-network/configtx下的configtx.yaml改写我们自己的通道配置文件。
vim configtx.yaml
---
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/example1.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example1.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.peer')"
AnchorPeers:
- Host: peer0.org1.example1.com
Port: 7051
- &Org2
Name: Org2MSP
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example1.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org2MSP.peer')"
AnchorPeers:
- Host: peer0.org2.example1.com
Port: 7051
Capabilities:
Channel: &ChannelCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Application: &ApplicationCapabilities
V2_0: true
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses: # orderer 集群节点
- orderer0.example1.com:7050
- orderer1.example1.com:7050
- orderer2.example1.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
TwoOrgsChannel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities:
<<: *ApplicationCapabilities
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer0.example1.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer0.example1.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer0.example1.com/tls/server.crt
- Host: orderer1.example1.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer1.example1.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer1.example1.com/tls/server.crt
- Host: orderer2.example1.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer2.example1.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example1.com/orderers/orderer2.example1.com/tls/server.crt
Addresses:
- orderer0.example1.com:7050
- orderer1.example1.com:7050
- orderer2.example1.com:7050
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
根据 configtx.yaml 生成通道配置信息
#生成创世区块:
./bin/configtxgen -profile SampleMultiNodeEtcdRaft -channelID fabric-cluster-channel -outputBlock ./channel-artifacts/genesis.block
# 创建通道配置信息:
./bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID mychannel
#为 Org1 定义锚节点:
./bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP
#为 Org2 定义锚节点:
./bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP
执行完成后,生成/ channel-artifacts/目录,如下:
将/channel-artifacts/和/crypto-config/拷贝到chain5,chain6的$FABRIC/multipeer/目录
# scp -r channel-artifacts/ root@chain5: $FABRIC/multipeer/
# scp -r channel-artifacts/ root@chain6: $FABRIC/multipeer/
# scp -r crypto-config/ root@chain5: $FABRIC/multipeer/
# scp -r crypto-config/ root@chain6: $FABRIC/multipeer/
五、配置docker-compose.yaml文件
chain4
version: '2'
services:
couchdb0.org1.example1.com:
container_name: couchdb0.org1.example1.com
image: couchdb:3.1
environment:
- COUCHDB_USER=admin
- COUCHDB_PASSWORD=adminpw
ports:
- 5984:5984
volumes:
- /home/hyperledger/couchdb:/opt/couchdb/data
orderer0.example1.com:
container_name: orderer0.example1.com
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=DEBUG
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer0.example1.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer0.example1.com/tls/:/var/hyperledger/orderer/tls
- /home/hyperledger/orderer:/var/hyperledger/production
ports:
- 7050:7050
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
peer0.org1.example1.com:
container_name: peer0.org1.example1.com
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org1.example1.com
- CORE_PEER_ADDRESS=peer0.org1.example1.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.example1.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example1.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example1.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
# Allow more time for chaincode container to build on install.
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0.org1.example1.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
depends_on:
- couchdb0.org1.example1.com
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.example1.com/peers/peer0.org1.example1.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org1.example1.com/peers/peer0.org1.example1.com/tls:/etc/hyperledger/fabric/tls
- /home/hyperledger/peer:/var/hyperledger/production
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example1.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example1.com/peers/peer0.org1.example1.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example1.com/peers/peer0.org1.example1.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example1.com/peers/peer0.org1.example1.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example1.com/users/Admin@org1.example1.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
chain5
version: '2'
services:
orderer1.example1.com:
container_name: orderer1.example1.com
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer1.example1.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer1.example1.com/tls/:/var/hyperledger/orderer/tls
- /home/hyperledger/orderer:/var/hyperledger/production
ports:
- 7050:7050
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
chain6
version: '2'
services:
couchdb0.org2.example1.com:
container_name: couchdb0.org2.example1.com
image: couchdb:3.1
environment:
- COUCHDB_USER=admin
- COUCHDB_PASSWORD=adminpw
ports:
- 5984:5984
volumes:
- /home/hyperledger/couchdb:/opt/couchdb/data
orderer2.example1.com:
container_name: orderer2.example1.com
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer2.example1.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example1.com/orderers/orderer2.example1.com/tls/:/var/hyperledger/orderer/tls
- /home/hyperledger/orderer:/var/hyperledger/production
ports:
- 7050:7050
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
peer0.org2.example1.com:
container_name: peer0.org2.example1.com
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org2.example1.com
- CORE_PEER_ADDRESS=peer0.org2.example1.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.example1.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example1.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example1.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0.org2.example1.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
depends_on:
- couchdb0.org2.example1.com
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org2.example1.com/peers/peer0.org2.example1.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org2.example1.com/peers/peer0.org2.example1.com/tls:/etc/hyperledger/fabric/tls
- /home/hyperledger/peer0:/var/hyperledger/production
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org2.example1.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example1.com/peers/peer0.org2.example1.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example1.com/peers/peer0.org2.example1.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example1.com/peers/peer0.org2.example1.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example1.com/users/Admin@org2.example1.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
创建好docker-compose-up.yaml文件后,在home目录下创建hyperledger/peer/、hyperledger/couchdb/和hyperledger/orderer/文件夹
mkdir -r /home/hyperledger/peer/
mkdir -r /home/hyperledger/orderer/
mkdir -r /home/hyperledger/couchdb/
六、启动服务peer节点加入通道
使用docker-compose启动服务(三台机器均需要)
docker-compose -f docker-compose-up.yaml up
docker ps -a
在chain4节点上操作
#进入 cli 容器:
docker exec -it cli bash
#在容器中,创建通道:
peer channel create -o orderer0.example1.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example1.com/orderers/orderer0.example1.com/msp/tlscacerts/tlsca.example1.com-cert.pem
#加入通道:
peer channel join -b mychannel.block
#更新锚节点:
peer channel update -o orderer0.example1.com:7050 -c mychannel -f ./channel-artifacts/Org1MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example1.com/orderers/orderer0.example1.com/msp/tlscacerts/tlsca.example1.com-cert.pem
将通道文件 mychannel.block 拷贝到宿主机,然后拷贝到其他服务器上用于其他节点加入通道:
docker cp cli:/opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block ./
scp mychannel.block root@chain6:$FABRIC/multipeer/
在chain6节点上操作
#将通道文件拷贝到容器中:
docker cp mychannel.block cli:/opt/gopath/src/github.com/hyperledger/fabric/peer/
#进入 cli 容器:
docker exec -it cli bash
#加入通道:
peer channel join -b mychannel.block
#更新 ORG2 锚节点:
peer channel update -o orderer0.example1.com:7050 -c mychannel -f ./channel-artifacts/Org2MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example1.com/orderers/orderer0.example1.com/msp/tlscacerts/tlsca.example1.com-cert.pem
七、智能合约(以Java为例)
1.链码打包
在chain4机器上执行以下操作
cd $FABRIC/multipeer/chaincode
#将开发工具idea打包好的文件,整个install文件夹上传到上面目录
#进入cli容器
docker exec -it cli bash
# 打包链码
peer lifecycle chaincode package myassetcontract.tar.gz --path /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go --lang java --label myassetcontract_1
#退出容器,将打包的链码 mycc.tar.gz 拷贝到宿主机,然后拷贝到其他服务器
docker cp cli:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/myassetcontract.tar.gz ./
scp myassetcontract.tar.gz root@chain6:/opt/gopath/src/github.com/hyperledger/fabric/multipeer
2.安装链码
每个peer节点(chain4、chain6)执行以下操作
#进入cli容器
docker cp myassetcontract.tar.gz cli:/opt/gopath/src/github.com/hyperledger/fabric/peer
docker exec -it cli bash
#安装链码
peer lifecycle chaincode install myassetcontract.tar.gz
#查询链码
peer lifecycle chaincode queryinstalled
界面输出:myassetcontract_1:b1b8dc4cb15719ef451947e67fed27823fcae3a1680f656d15ae691d0dbbc2fb
3.批准链码
每个peer节点(chain4、chain6)执行以下操作
#批准同意链码在org1和org2上都执行一遍
peer lifecycle chaincode approveformyorg --channelID mychannel --name myassetcontract --version 1.0 --init-required --package-id myassetcontract_1:b1b8dc4cb15719ef451947e67fed27823fcae3a1680f656d15ae691d0dbbc2fb --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
#查看链码的状态是否就绪
peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name myassetcontract --version 1.0 --init-required --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --output json
4.提交链码
#提交链码定义,在 org1 或者 org2 上均可
peer lifecycle chaincode commit -o orderer0.example.com:7050 --channelID mychannel --name myassetcontract --version 1.0 --sequence 1 --init-required --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
5.链码初始化与调用
#链码初始化
peer chaincode invoke -o orderer0.example.com:7050 --isInit --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n myassetcontract --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"initLedger","Args":[]}' --waitForEvent
#查询数据
peer chaincode invoke -o orderer0.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n myassetcontract --peerAddresses peer1.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"readMyAsset","Args":["ASSET1"]}' --waitForEvent
#新增数据
peer chaincode invoke -o orderer0.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n myassetcontract --peerAddresses peer1.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"createMyAsset","Args":["ASSET3","3"]}' --waitForEvent
#查询数据
peer chaincode query -C mychannel -n myassetcontract -c '{"Args":["readMyAsset","ASSET1"]}'
peer chaincode query -C mychannel -n myassetcontract -c '{"Args":["createMyAsset","ASSET3","3"]}'
问题汇总:
1.不同组织通信异常
通过在docker-compose.yml文件中增加host映射解决,此方法不易拓展,可使用自建DNS解决。
参照:
自建DNS
extra_hosts:
- "orderer0.example1.com:192.168.1.223"
- "orderer1.example1.com:192.168.1.224"
- "orderer2.example1.com:192.168.1.225"
- "peer0.org1.example1.com:192.168.1.223"
- "peer0.org2.example1.com:192.168.1.225"
2.执行docker-compose down命令,区块数据丢失
通过在docker-compose.yml文件中增加volumes映射解决。
扫一扫
1548
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
