本片文章搭建的網絡有一個orderer節點,兩個組織和四個peer節點。總共需要五臺主機,但由於資源限制,只有兩臺主機,但方法都是一樣的。所以本文在一臺主機上搭建一個orderer節點和一個組織的兩個peer節點,另一臺主機上搭建另一個組織的兩個peer節點。
系統配置
主機名 | ip | 功能 |
---|---|---|
bd223 | 10.1.24.223 | orderer節點,org1的peer0和peer1 |
bd225 | 10.1.24.225 | org2的peer0和peer1 |
準備工作
- 在兩臺機器上搭建fabric環境,可以參考上篇文章hyperledger fabric 1.4.4版本安裝手冊。
- 將fabric的bin目錄加入環境變量以方便各種命令的直接使用,這裏就先臨時加入
export PATH=$PATH:/home/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/bin
,可以通過which configtxgen
來判斷是否添加成功。 - 創建並進入
test-cluster
目錄作爲工作目錄 - 在文件夾下創建
.env
文件,文件內容如下:COMPOSE_PROJECT_NAME=net IMAGE_TAG=1.4.4 CHANNEL_ID=cluster-channel CHANNEL_NAME=clusterchannel
source .env
配置基礎環境
- 創建
crypto-config.yaml
配置文件,也可以從fabric-samples
項目的first-network
文件夾中複製。 - 從
first-network
中複製ccp-generate.sh、ccp-template.json、ccp-template.yaml
三個文件到cluster-network
工作目錄中。 - 從
first-network
中複製docker-compose-e2e-template.yaml
文件到cluster-network
工作目錄中。並將network這部分配置去掉。處理完成之後的配置文件如下:# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' volumes: orderer.example.com: peer0.org1.example.com: peer1.org1.example.com: peer0.org2.example.com: peer1.org2.example.com: services: ca0: image: hyperledger/fabric-ca:$IMAGE_TAG environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org1 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/cdf0bf41bf501fbf0360ddb5b245debb22baafe77f504b093d1036cf8257c35a_sk ports: - "7054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/cdf0bf41bf501fbf0360ddb5b245debb22baafe77f504b093d1036cf8257c35a_sk -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg1 ca1: image: hyperledger/fabric-ca:$IMAGE_TAG environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org2 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org2.example.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/b0a6041e30115b95e6a6ccc68d571c30fb61eaf37fe751f30333bd4ba0789d21_sk ports: - "8054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org2.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/b0a6041e30115b95e6a6ccc68d571c30fb61eaf37fe751f30333bd4ba0789d21_sk -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/org2.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg2 orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: base/docker-compose-base.yaml service: peer0.org1.example.com peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: base/docker-compose-base.yaml service: peer1.org1.example.com peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: base/docker-compose-base.yaml service: peer0.org2.example.com peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: base/docker-compose-base.yaml service: peer1.org2.example.com
- 從
first-network
中複製base
目錄,連同目錄下的docker-compose-base.yaml、peer-base.yaml
兩個文件到cluster-network
工作目錄中。一定要注意將peer-base.yaml
文件中的${COMPOSE_PROJECT_NAME}_byfn
改爲${COMPOSE_PROJECT_NAME}_default
。否則初始化鏈碼的時候會報錯。 - 創建
channel-artifacts
文件夾,用來存儲創世區塊等文件。 - 將
docker-compose-cli.yaml
文件拆分,分成docker-compose-orderer.yaml,docker-compose-org1.yaml,docker-compose-org2.yaml
三個文件。
docker-compose-orderer.yaml
文件內容如下:
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
orderer.example.com:
extends:
file: base/docker-compose-base.yaml
service: orderer.example.com
container_name: orderer.example.com
extra_hosts:
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
docker-compose-org1.yaml
內容如下
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
peer1.org1.example.com:
container_name: peer1.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- SYS_CHANNEL=$SYS_CHANNEL
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.example.com
- peer1.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
docker-compose-org2.yaml
內容如下:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer1.org2.example.com:10.1.24.223"
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- SYS_CHANNEL=$SYS_CHANNEL
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org2.example.com
- peer1.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
啓動網絡
# generateCerts
cryptogen generate --config=./crypto-config.yaml
./ccp-generate.sh
# replacePrivateKey
cp docker-compose-e2e-template.yaml docker-compose-e2e.yaml
CURRENT_DIR=$PWD
cd crypto-config/peerOrganizations/org1.example.com/ca/
PRIV_KEY=$(ls *_sk)
cd "$CURRENT_DIR"
sed -i "s/CA1_PRIVATE_KEY/${PRIV_KEY}/g" docker-compose-e2e.yaml
cd crypto-config/peerOrganizations/org2.example.com/ca/
PRIV_KEY=$(ls *_sk)
cd "$CURRENT_DIR"
sed -i "s/CA2_PRIVATE_KEY/${PRIV_KEY}/g" docker-compose-e2e.yaml
# generateChannelArtifacts
configtxgen -profile TwoOrgsOrdererGenesis -channelID $CHANNEL_ID -outputBlock ./channel-artifacts/genesis.block
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
然後進入10.1.24.225
節點,將10.1.24.223
的cluster-network
目錄複製到10.1.24.225
節點的fabric-sample
目錄下,並進入cluster-network
目錄。
# 10.1.24.223節點下運行如下命令
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
# 10.1.24.225節點下運行如下命令
source .env
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
最後就可以依次啓動各個節點了。
首先在10.1.24.223
節點啓動orderer
服務。運行如下命令:
docker-compose -f docker-compose-orderer.yaml up -d
然後在10.1.24.223
節點啓動org1
的兩個peer
節點。運行如下命令:
docker-compose -f docker-compose-org1.yaml up -d
然後在10.1.24.225
節點啓動org2
的兩個peer
節點。運行如下命令:
docker-compose -f docker-compose-org2.yaml up -d
網絡就全部啓動起來了,可以通過docker ps
命令查看是否啓動成功。
創建通道
# 進入命令行
docker exec -it cli bash
# 創建通道
peer channel create -o orderer.example.com:7050 -c clusterchannel(通道名) -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# 切換到peer0.org1節點
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
# 加入通道
peer channel join -b clusterchannel.block
# 切換到peer1.org1節點
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org1.example.com:8051
# 加入通道
peer channel join -b clusterchannel.block
# 切換到peer0.org2節點
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org2.example.com:9051
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
# 加入通道
peer channel join -b clusterchannel.block
# 切換到peer0.org2節點
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org2.example.com:10051
# 加入通道
peer channel join -b clusterchannel.block
安裝鏈碼
將寫好的鏈碼放到fabric-simples
目錄下的chaincode
文件夾中(需要新創建一個文件夾)。我這裏是/home/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/chaincode
文件夾下。
# 進入命令行
docker exec -it cli bash
# 安裝鏈碼
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org1.example.com:8051
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org2.example.com:9051
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org2.example.com:10051
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
# 初始化鏈碼
peer chaincode instantiate -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C clusterchannel -n usercc -l golang -v 1.0.0 -c '{"Args":["initLedger"]}' -P 'AND ('\''Org1MSP.peer'\'','\''Org2MSP.peer'\'')'
到這就完成了!