Merge pull request #128 from ShuoWangNSL/master

Use fabric ca for fabric 1.3
pull/135/head
Baohua Yang 2018-10-27 11:11:08 +08:00 committed by GitHub
commit 075084cc7c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 453 additions and 2 deletions

View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=net

View File

@ -0,0 +1,149 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: orderer
# ID to load the MSP definition as
ID: ordererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: org1
# ID to load the MSP definition as
ID: org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: org2
# ID to load the MSP definition as
ID: org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com
Port: 7051
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 98 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2

View File

@ -0,0 +1,282 @@
version: '2'
networks:
fabric-ca:
services:
ca.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_ca_orderer
image: "hyperledger/fabric-ca:1.3.0"
command: /bin/bash -c '/scripts/start-root-ca.sh 2>&1 | tee /data/logs/ca.orderer.example.com.log;'
environment:
- FABRIC_CA_SERVER_HOME=/etc/hyperledger/fabric-ca
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_CSR_CN=ca.example.com
- FABRIC_CA_SERVER_CSR_HOSTS=ca.example.com
- FABRIC_CA_SERVER_DEBUG=true
- BOOTSTRAP_USER_PASS=admin:adminpw
- TARGET=/data/crypto-config/ordererOrganizations/example.com/ca
- TLSTARGET=/data/crypto-config/ordererOrganizations/example.com/tlsca
- TARGET_CERTFILE=/data/crypto-config/ordererOrganizations/example.com/ca/ca.example.com-cert.pem
- FABRIC_ORGS=orderer org1 org2
volumes:
- ../scripts:/scripts
- ./:/data
networks:
- fabric-ca
ca.org1.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_ca_org1
image: "hyperledger/fabric-ca:1.3.0"
command: /bin/bash -c '/scripts/start-root-ca.sh 2>&1 | tee /data/logs/ca.org1.example.com.log;'
environment:
- FABRIC_CA_SERVER_HOME=/etc/hyperledger/fabric-ca
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_CSR_CN=ca.org1.example.com
- FABRIC_CA_SERVER_CSR_HOSTS=ca.org1.example.com
- FABRIC_CA_SERVER_DEBUG=true
- BOOTSTRAP_USER_PASS=admin:adminpw
- TARGET=/data/crypto-config/peerOrganizations/org1.example.com/ca
- TLSTARGET=/data/crypto-config/peerOrganizations/org1.example.com/tlsca
- TARGET_CERTFILE=/data/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
- FABRIC_ORGS=orderer org1 org2
volumes:
- ../scripts:/scripts
- ./:/data
networks:
- fabric-ca
ca.org2.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_ca_org2
image: "hyperledger/fabric-ca:1.3.0"
command: /bin/bash -c '/scripts/start-root-ca.sh 2>&1 | tee /data/logs/ca.org2.example.com.log;'
environment:
- FABRIC_CA_SERVER_HOME=/etc/hyperledger/fabric-ca
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_CSR_CN=ca.org2.example.com
- FABRIC_CA_SERVER_CSR_HOSTS=ca.org2.example.com
- FABRIC_CA_SERVER_DEBUG=true
- BOOTSTRAP_USER_PASS=admin:adminpw
- TARGET=/data/crypto-config/peerOrganizations/org2.example.com/ca
- TLSTARGET=/data/crypto-config/peerOrganizations/org2.example.com/tlsca
- TARGET_CERTFILE=/data/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
- FABRIC_ORGS=orderer org1 org2
volumes:
- ../scripts:/scripts
- ./:/data
networks:
- fabric-ca
setup:
container_name: ${COMPOSE_PROJECT_NAME}_setup
image: "hyperledger/fabric-tools:1.3.0"
command: /bin/bash -c '/scripts/setup-fabric.sh 2>&1 | tee /data/logs/setup.log; sleep 99999'
environment:
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME}
volumes:
- ../scripts:/scripts
- ./:/data
networks:
- fabric-ca
depends_on:
- ca.example.com
- ca.org1.example.com
- ca.org2.example.com
orderer.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_orderer
image: "hyperledger/fabric-orderer:1.3.0"
environment:
- FABRIC_CA_CLIENT_HOME=/var/hyperledger/orderer
- FABRIC_CA_CLIENT_TLS_CERTFILES=/data/crypto-config/ordererOrganizations/example.com/ca/ca.example.com-cert.pem
- ENROLLMENT_URL=https://orderer.example.com:orderer.example.compw@ca.example.com:7054
- ORDERER_HOME=/var/hyperledger/orderer
- ORDERER_HOST=orderer.example.com
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/data/genesis.block
- ORDERER_GENERAL_LOCALMSPID=ordererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/data/crypto-config/ordererOrganizations/example.com/ca/ca.example.com-cert.pem]
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_DEBUG_BROADCASTTRACEDIR=data/logs
- ORDERER=orderer
- DOMAIN=example.com
command: /bin/bash -c '/scripts/start-orderer.sh 2>&1 | tee /data/logs/orderer.example.com.log';
volumes:
- ../scripts:/scripts
- ./:/data
networks:
- fabric-ca
depends_on:
- setup
peer0.org1.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_peer0_org1
image: "hyperledger/fabric-peer:1.3.0"
environment:
- FABRIC_CA_CLIENT_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- FABRIC_CA_CLIENT_TLS_CERTFILES=/data/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
- ENROLLMENT_URL=https://peer0.org1.example.com:peer0.org1.example.compw@ca.org1.example.com:7054
- PEER_NAME=peer0.org1.example.com
- PEER_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- PEER_HOST=peer0.org1.example.com
- PEER_NAME_PASS=peer0.org1.example.com:peer0.org1.example.compw
- ORG=org1
- PEER=peer0
- DOMAIN=org1.example.com
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=org1MSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/msp
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=net_fabric-ca
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/data/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1-org1:7051
- CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash -c '/scripts/start-peer.sh 2>&1 | tee /data/logs/peer0.org1.example.com.log;'
volumes:
- ../scripts:/scripts
- ./:/data
- /var/run:/host/var/run
networks:
- fabric-ca
depends_on:
- setup
peer1.org1.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_peer1_org1
image: "hyperledger/fabric-peer:1.3.0"
environment:
- FABRIC_CA_CLIENT_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- FABRIC_CA_CLIENT_TLS_CERTFILES=/data/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
- ENROLLMENT_URL=https://peer1.org1.example.com:peer1.org1.example.compw@ca.org1.example.com:7054
- PEER_NAME=peer1.org1.example.com
- PEER_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- PEER_HOST=peer1.org1.example.com
- PEER_NAME_PASS=peer1.org1.example.com:peer1.org1.example.compw
- CORE_PEER_ID=peer1.org1.example.com
- CORE_PEER_ADDRESS=peer1.org1.example.com:7051
- CORE_PEER_LOCALMSPID=org1MSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/msp
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=net_fabric-ca
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/data/crypto-config/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:7051
- CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
- ORG=org1
- PEER=peer1
- DOMAIN=org1.example.com
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash -c '/scripts/start-peer.sh 2>&1 | tee /data/logs/peer1.org1.example.com.log;'
volumes:
- ../scripts:/scripts
- ./:/data
- /var/run:/host/var/run
networks:
- fabric-ca
depends_on:
- setup
peer0.org2.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_peer0_org2
image: "hyperledger/fabric-peer:1.3.0"
environment:
- FABRIC_CA_CLIENT_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- FABRIC_CA_CLIENT_TLS_CERTFILES=/data/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
- ENROLLMENT_URL=https://peer0.org2.example.com:peer0.org2.example.compw@ca.org2.example.com:7054
- PEER_NAME=peer0.org2.example.com
- PEER_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- PEER_HOST=peer0.org2.example.com
- PEER_NAME_PASS=peer0.org2.example.com:peer0.org2.example.compw
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=org2MSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/msp
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=net_fabric-ca
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/data/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
- CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
- ORG=org2
- PEER=peer0
- DOMAIN=org2.example.com
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash -c '/scripts/start-peer.sh 2>&1 | tee /data/logs/peer0.org2.example.com.log;'
volumes:
- ../scripts:/scripts
- ./:/data
- /var/run:/host/var/run
networks:
- fabric-ca
depends_on:
- setup
peer1.org2.example.com:
container_name: ${COMPOSE_PROJECT_NAME}_peer1_org2
image: "hyperledger/fabric-peer:1.3.0"
environment:
- FABRIC_CA_CLIENT_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- FABRIC_CA_CLIENT_TLS_CERTFILES=/data/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
- ENROLLMENT_URL=https://peer1.org2.example.com:peer1.org2.example.compw@ca.org2.example.com:7054
- PEER_NAME=peer1.org2.example.com
- PEER_HOME=/opt/gopath/src/github.com/hyperledger/fabric/peer
- PEER_HOST=peer1.org2.example.com
- PEER_NAME_PASS=peer1.org2.example.com:peer1.org2.example.compw
- CORE_PEER_ID=peer1.org2.example.com
- CORE_PEER_ADDRESS=peer1.org2.example.com:7051
- CORE_PEER_LOCALMSPID=org2MSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/msp
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=net_fabric-ca
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/data/crypto-config/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:7051
- CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
- ORG=org2
- PEER=peer1
- DOMAIN=org2.example.com
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:7051
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash -c '/scripts/start-peer.sh 2>&1 | tee /data/logs/peer1.org2.example.com.log;'
volumes:
- ../scripts:/scripts
- ./:/data
- /var/run:/host/var/run
networks:
- fabric-ca
depends_on:
- setup

View File

@ -0,0 +1,14 @@
if [ -d "crypto-config" ];then
sudo rm -rf crypto-config
fi
if [ -d "logs" ];then
sudo rm -rf logs
fi
mkdir logs
if [ -f "channel.tx" ];then
sudo rm channel.tx
fi
if [ -f "genesis.block" ];then
sudo rm genesis.block
fi
docker-compose up -d

View File

@ -0,0 +1,4 @@
docker-compose down
docker rm -f $(docker ps -aq --filter name=dev-peer)
docker rm -f $(docker ps -aq --filter name=net_)
log "Docker containers have been stopped"

View File

@ -174,6 +174,7 @@ function generateChannelArtifacts() {
} }
cp /data/fabric-ca-cmd/fabric-ca-client /usr/local/bin
set -e set -e
SDIR=$(dirname "$0") SDIR=$(dirname "$0")

View File

@ -4,7 +4,7 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
cp /data/fabric-ca-cmd/fabric-ca-client /usr/local/bin
source $(dirname "$0")/env.sh source $(dirname "$0")/env.sh
# Wait for setup to complete sucessfully # Wait for setup to complete sucessfully

View File

@ -4,7 +4,7 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
cp /data/fabric-ca-cmd/fabric-ca-client /usr/local/bin
set -e set -e
source $(dirname "$0")/env.sh source $(dirname "$0")/env.sh