yeasy
/
docker-compose-files
mirror of https://github.com/yeasy/docker-compose-files.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add usage of cryptogen and configtxgen

pull/47/head
qiang0723 2017-05-18 17:12:14 +08:00
parent 39f672cb34
commit 7f01556fba
9 changed files with 1109 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

321
hyperledger/1.0/GenerateArtifacts.md
View File

@ -1,72 +1,323 @@
## [WIP]Usage of `cryptogen` and `configtxgen`
## Usage of `cryptogen` and `configtxgen`
As we already put the `orderer.genesis.block` and `channel.tx` under `e2e_cli/channel-artifacts/`.
As we already put the `orderer.genesis.block`, `channel.tx`, `Org1MSPanchors.tx`, `Org2MSPanchors.tx` under `e2e_cli/channel-artifacts/`.
and put cryptographic materials to `e2e_cli/crypto_config`. So this doc will explain how we use `cryptogen` and `configtxgen` those two foundamental tools to manually create artifacts and certificates.
This step explains the creation of `orderer.genesis.block` (needed by orderer to bootup), `channel.tx` (needed by cli to create new channel) and crypto related configuration files.
> Artifacts:
> * `orderer.genesis.block`: Genesis block for the ordering service
> * `channel.tx`: Channel transaction file for peers broadcast to the orderer at channel creation time.
> * `Org1MSPanchors.tx`, `Org2MSPanchors.tx`: Anchor peers, as the name described, use for specify each Org's anchor peer on this channel.
> Cerfiricates:
> * All files in crypto-config.
### cryptogen
This tool will generate the x509 certificates used to identify and authenticate the various components in the network.
First boot MVE through `docker-compose-new-channel.yml`
First boot network through `docker-compose-2orgs.yml`
```bash
$ docker-compose -f docker-compose-new-channel.yml up
$ (sudo) docker-compose -f docker-compose-2orgs.yml up
```
This tool will generate dir `crypto-config`
and execute `cryptogen generate` command
```bash
cryptogen generate --config=./peer/crypto-config.yaml
$ cryptogen generate --config=./peer/crypto-config.yaml --output ./peer/crypto
```
cryptogen will read configuration from `crypto-config.yaml`, so if we want to add(change) Orgs or perrs topology, wo should change this file first and then execute this command.
> The results will save at directory crypto, and this directory was mounted from host which describe detailed at `docker-compose-2orgs.yaml`.
>
> Refer to Example2
### [configtxgen](http://hyperledger-fabric.readthedocs.io/en/latest/configtxgen.html?highlight=crypto#)
This tool will generate genesis block, channel configuration transaction and anchor peer update transactions.
Enter container `fabric-cli` first.
```
$ docker exec -it fabric-cli bash
```
The `configtxgen` tool is in `/go/bin/`, and when it's executed,
it will read profile `/etc/hyperledger/fabric/configtx.yaml`,
for example if we want to regenerate `orderer.genesis.block` and `channel.tx`, we should
replace `configtx.yaml` using our own configtx.yaml first, but now we use e2e test's configtx.yaml.
#### Replace default configtx.yaml
```bash
cp ./peer/configtx.yaml /etc/hyperledger/fabric
root@cli: cp ./peer/configtx.yaml /etc/hyperledger/fabric
```
The `configtxgen` tool is in `/go/bin/`, and when it's executed,
it will read configuration from `/etc/hyperledger/fabric/configtx.yaml`,
So if we want to regenerate `orderer.genesis.block` and `channel.tx`, we should
replace `configtx.yaml` using our own configtx.yaml first.
#### Create the genesis block
Generate the genesis block.
```bash
root@cli: configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/orderer.genesis.block
root@cli: configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./peer/channel-artifacts/orderer.genesis.block
```
> Note: Before execute this command, we must reboot MVE with new crypto-config generated by cryptogen tool.
> more details refe to Example2
#### Create the configuration tx
Create channel configuration transaction for the to-be-created `testchain`.
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./peer/channel-artifacts/channel.tx -channelID testchain
```
`channel.tx` is used for generating new channel `testchain`
```bash
root@cli: CHANNEL_NAME=mychannel
root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./peer/channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
`channel.tx` is used for generating new channel `mychannel`
> Note: the channelID can be whatever you want. and refer to Example1
#### Define the anchor peer for Org1 on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
```
#### Define the anchor peer for Org2 on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
```
> more details refer to Example2
### Example1: how to add or change channel
This example will explain how to add a new channel without change basic topology which desigend in configtx.yaml and crypto-config.yaml.
Create channel configuration transaction for the to-be-created `testchain`.
* 1 Regenerate `channel.tx`
* 2 Generating anchor peer for Org1MSP
Fist boot MVE using `docker-compose-new-channel.yml`
```bash
$ configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org1MSPanchors.tx -channelID testchain -asOrg Org1MSP
$ root@cli:pwd
/go/src/github.com/hyperledger/fabric
$ root@cli: CHANNEL_NAME=testchannel
$ root@cli: cp ./peer/configtx.yaml /etc/hyperledger/fabric
$ root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./peer/channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
* 2 Update anchor peer config for Org1MSP
```bash
$ root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
```
* 3 Update anchor peer config for Org2msp
```bash
$ root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
```
* 4 (optional)execute auto-test script
You can skip this step and manually verify.
```bash
$ root@cli: ./peer/scripts/new-channel-auto-test.sh testchannel
```
* 5 Create new channel
```bash
$ root@cli: peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./peer/channel-artifacts/channel.tx
```
check whether genrate new block `testchannel.block`
```bash
root@cli: ls testchannel.block
testchannel.block
```
* 6 Join peer0,org1.example.com in new channel
```bash
$ root@cli: peer channel join -b ${CHANNEL_NAME}.block -o orderer.example.com:7050
Peer joined the channel!
```
check whether success
```bash
$ root@cli: peer channel list
Channels peers has joined to:
testchannel
```
* 7 Update anchor peer
```bash
$ root@cli: peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./peer/channel-artifacts/Org1MSPanchors.tx
```
* 8 Install
```bash
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
```
* 9 Instantiate
```bash
root@cli: peer chaincode instantiate -o orderer.example.com:7050 -C ${CHANNEL_NAME} -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member')"
```
* 10 Query
```bash
root@cli: peer chaincode query -C ${CHANNEL_NAME} -n mycc -c '{"Args":["query","a"]}'
```
The output should be:
```bash
Query Result: 100
UTC [main] main -> INFO 008 Exiting.....
```
### Example2: how to Add an organization or peer
* 1 Modify configtx.yaml and crypto-cnfig.yaml
* 2 Generate new crypto-config
* 3 Reboot MVE using new config
* 4 Create the genesis block
* 5 Create configuration tx
* 6 Generating anchor peer for each Org
#### all-in-one
We privide some [instance](./example2), in this case we add a new organization `Org3` and new peer `peer0.org3.example.com`.
* 1 Replace docker-compose files
```bash
$ git clone https://github.com/yeasy/docker-compose-files.git
$ cd docker-compose-files/hyperledger/1.0
$ cp ./example2/docker-compose-2orgs.yml ./example2/peer-base.yml .
```
* 2 Generate necessary config and certs
```bash
$ sudo docker-compose -f docker-compose-2orgs.yml up
$ docker exec -it fabric-cli bash
$ root@cli: ./peer/example2/add-org.sh
```
* 3 Restart network
```bash
echo "clean containers...."
docker rm -f `docker ps -aq`
echo "clean images ..."
docker rmi -f `docker images|grep mycc-1.0|awk '{print $3}'`
```
```bash
$ sudo docker-compose -f docker-compose-2orgs.yml up
```
* 4 execute auto-test
```bash
$ root@cli: ./peer/scripts/new-channel-auto-test-5-peers.sh newchannel
```
The final output may look like following
```bash
===================== Query on PEER4 on channel 'newchannel' is successful =====================
===================== All GOOD, End-2-End execution completed =====================
```
#### manually
* 1 Modify config
modify configtx.yaml, crypto-cnfig.yaml and docker-compose files to adapt new change. and replace old file.
* 2 Bootstrap network with `docker-compose-2orgs.yml`
```bash
$ docker-compose -f docker-compose-2orgs.yml up
```
You may encounter some errors at startup and some peers can't start up, It's innocuous, ignore it,
Because we will restart later, and now we just use tools in cli container.
* 3 Replace default configtx.yaml
```bash
root@cli: cp ./peer/configtx.yaml /etc/hyperledger/fabric
```
* 4 Generate new certificates
```bash
$ cryptogen generate --config=./peer/crypto-config.yaml --output ./peer/crypto
```
* 5 Create the genesis block
```bash
root@cli: configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./peer/channel-artifacts/orderer.genesis.block
```
* 6 Create the configuration tx
```bash
root@cli: CHANNEL_NAME=newchannel
root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./peer/channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
`channel.tx` is used for generating new channel `mychannel`
* 7 Define the anchor peer for Org1 on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
```
* 8 Define the anchor peer for Org2 on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
```
* 9 Define the anchor peer for Org3 on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org3MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org3MSP
```
* 10 Restart network
As we have changed the configtx.yaml and regenerate `orderer.genesis.block`,
we'd better restart orderering service or all the service.
now we clean all the old service and boot a new network.
```bash
echo "clean containers...."
docker rm -f `docker ps -aq`
echo "clean images ..."
docker rmi -f `docker images|grep mycc-1.0|awk '{print $3}'`
```
```bash
$ sudo docker-compose -f docker-compose-2orgs.yml up
```
* 11 Execute auto-test script
```bash
$ root@cli: ./peer/scripts/new-channel-auto-test-5-peers.sh
```
The output may looklike:
```bash
===================== All GOOD, End-2-End execution completed =====================
```

3
hyperledger/1.0/docker-compose-2orgs.yml
View File

@ -67,8 +67,9 @@ services:
- peer0.org1.example.com
- orderer.example.com
volumes:
- ./e2e_cli/examples:/opt/gopath/src/github.com/hyperledger/fabric/examples
#- ./e2e_cli/examples:/opt/gopath/src/github.com/hyperledger/fabric/examples
- ./e2e_cli/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./e2e_cli/crypto-config:/etc/hyperledger/fabric/crypto-config
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./e2e_cli/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
- ./e2e_cli/configtx.yaml:/opt/gopath/src/github.com/hyperledger/fabric/peer/configtx.yaml

3
hyperledger/1.0/docker-compose-new-channel.yml
View File

@ -94,8 +94,9 @@ services:
- peer0.org1.example.com
- orderer.example.com
volumes:
- ./e2e_cli/examples:/opt/gopath/src/github.com/hyperledger/fabric/examples
#- ./e2e_cli/examples:/opt/gopath/src/github.com/hyperledger/fabric/examples
- ./e2e_cli/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./e2e_cli/crypto-config:/etc/hyperledger/fabric/crypto-config
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./e2e_cli/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
- ./e2e_cli/configtx.yaml:/opt/gopath/src/github.com/hyperledger/fabric/peer/configtx.yaml

28
hyperledger/1.0/example2/add-org.sh 100755
View File

@ -0,0 +1,28 @@
#! /bin/bash
echo "replace configtx.yaml and crypto-config.yaml"
cp ./peer/example2/configtx.yaml ./peer
cp ./peer/example2/crypto-config.yaml ./peer
echo "replace auto-test script "
cp ./peer/example2/new-channel-auto-test-5-peers.sh ./peer/scripts
echo "replace configtx.yaml"
cp ./peer/configtx.yaml /etc/hyperledger/fabric
echo "Generate new certificates"
cryptogen generate --config=./peer/crypto-config.yaml --output ./peer/crypto
echo "Generate new certificates"
configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./peer/channel-artifacts/orderer.genesis.block
echo "Create the configuration tx"
CHANNEL_NAME=newchannel
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./peer/channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
echo "Define the anchor peer for Org1 on the channel"
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./peer/channel-artifacts/Org3MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org3MSP

211
hyperledger/1.0/example2/configtx.yaml 100755
View File

@ -0,0 +1,211 @@
---
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
- *Org3
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
- *Org3
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
# Location of Key Store. If this is unset, a location will
# be chosen using 'MSPDir'/keystore
FileKeyStore:
KeyStore:
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
# Location of Key Store. If this is unset, a location will
# be chosen using 'MSPDir'/keystore
FileKeyStore:
KeyStore:
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
# Location of Key Store. If this is unset, a location will
# be chosen using 'MSPDir'/keystore
FileKeyStore:
KeyStore:
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com
Port: 7051
- &Org3
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org3MSP
# ID to load the MSP definition as
ID: Org3MSP
MSPDir: crypto-config/peerOrganizations/org3.example.com/msp
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
# Location of Key Store. If this is unset, a location will
# be chosen using 'MSPDir'/keystore
FileKeyStore:
KeyStore:
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org3.example.com
Port: 7051
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:

82
hyperledger/1.0/example2/crypto-config.yaml 100755
View File

@ -0,0 +1,82 @@
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.example.com
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 1
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2
Domain: org2.example.com
Template:
Count: 2
Users:
Count: 1
- Name: Org3
Domain: org3.example.com
Template:
Count: 1
Users:
Count: 1

95
hyperledger/1.0/example2/docker-compose-2orgs.yml 100755
View File

@ -0,0 +1,95 @@
# https://github.com/yeasy/docker-compose-files/tree/master/hyperledger
# This compose file will start a Hyperledger Fabric 1.0 MVE, including
# * ca
# * orderer
# * peer
# * sdk for testing
version: '2.0'
services:
ca:
image: hyperledger/fabric-ca
container_name: fabric-ca
hostname: ca
# command: /go/src/github.com/hyperledger/fabric-ca/bin/ca server start -ca testdata/ec.pem -ca-key testdata/ec-key.pem -config testdata/testconfig.json
ports:
- "8888:8888"
command: fabric-ca-server start -b admin:adminpw
orderer.example.com: # There can be multiple orderers
container_name: orderer.example.com
extends:
file: peer-base.yml
service: orderer.example.com
peer0.org1.example.com:
extends:
file: peer-base.yml
service: peer0.org1.example.com
container_name: peer0.org1.example.com
peer1.org1.example.com:
extends:
file: peer-base.yml
service: peer1.org1.example.com
container_name: peer1.org1.example.com
peer0.org2.example.com:
extends:
file: peer-base.yml
service: peer0.org2.example.com
container_name: peer0.org2.example.com
peer1.org2.example.com:
extends:
file: peer-base.yml
service: peer1.org2.example.com
container_name: peer1.org2.example.com
peer0.org3.example.com:
extends:
file: peer-base.yml
service: peer0.org3.example.com
container_name: peer0.org3.example.com
cli:
extends:
file: peer.yml
service: peer
container_name: fabric-cli
hostname: cli
environment:
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
#- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer:7050
- CORE_PEER_TLS_ENABLED=false # to enable TLS, change to true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
links:
- peer0.org1.example.com
- orderer.example.com
volumes:
#- ./e2e_cli/examples:/opt/gopath/src/github.com/hyperledger/fabric/examples
- ./e2e_cli/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./e2e_cli/crypto-config:/etc/hyperledger/fabric/crypto-config
- ./example2:/opt/gopath/src/github.com/hyperledger/fabric/peer/example2
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./e2e_cli/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
- ./e2e_cli/configtx.yaml:/opt/gopath/src/github.com/hyperledger/fabric/peer/configtx.yaml
- ./e2e_cli/crypto-config.yaml:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto-config.yaml
depends_on:
- orderer.example.com
- peer0.org1.example.com
- peer1.org1.example.com
- peer0.org2.example.com
- peer1.org2.example.com
command: bash -c 'while true; do sleep 20170504; done'
#networks:
# default:
# external:
# name: hyperledger_fabric

247
hyperledger/1.0/example2/new-channel-auto-test-5-peers.sh 100755
View File

@ -0,0 +1,247 @@
#!/bin/bash
echo
echo " ____ _____ _ ____ _____ _____ ____ _____ "
echo "/ ___| |_ _| / \ | _ \ |_ _| | ____| |___ \ | ____|"
echo "\___ \ | | / _ \ | |_) | | | _____ | _| __) | | _| "
echo " ___) | | | / ___ \ | _ < | | |_____| | |___ / __/ | |___ "
echo "|____/ |_| /_/ \_\ |_| \_\ |_| |_____| |_____| |_____|"
echo
CHANNEL_NAME="$1"
: ${CHANNEL_NAME:="testchannel"}
: ${TIMEOUT:="60"}
COUNTER=1
MAX_RETRY=5
ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/cacerts/ca.example.com-cert.pem
echo "Channel name : "$CHANNEL_NAME
verifyResult () {
if [ $1 -ne 0 ] ; then
echo "!!!!!!!!!!!!!!! "$2" !!!!!!!!!!!!!!!!"
echo "================== ERROR !!! FAILED to execute End-2-End Scenario =================="
echo
exit 1
fi
}
setGlobals () {
if [ $1 -eq 0 -o $1 -eq 1 ] ; then
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
if [ $1 -eq 0 ]; then
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
else
CORE_PEER_ADDRESS=peer1.org1.example.com:7051
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
fi
elif [ $1 -eq 4 ] ; then
CORE_PEER_LOCALMSPID="Org3MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin@org3.example.com/msp
CORE_PEER_ADDRESS=peer0.org3.example.com:7051
else
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
if [ $1 -eq 2 ]; then
CORE_PEER_ADDRESS=peer0.org2.example.com:7051
else
CORE_PEER_ADDRESS=peer1.org2.example.com:7051
fi
fi
env |grep CORE
}
createChannel() {
setGlobals 0
if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then
peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./peer/channel-artifacts/channel.tx >&log.txt
else
peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./peer/channel-artifacts/channel.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA >&log.txt
fi
res=$?
cat log.txt
verifyResult $res "Channel creation failed"
echo "===================== Channel \"$CHANNEL_NAME\" is created successfully ===================== "
echo
}
updateAnchorPeers() {
PEER=$1
setGlobals $PEER
if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then
peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./peer/channel-artifacts/${CORE_PEER_LOCALMSPID}anchors.tx >&log.txt
else
peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./peer/channel-artifacts/${CORE_PEER_LOCALMSPID}anchors.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA >&log.txt
fi
res=$?
cat log.txt
verifyResult $res "Anchor peer update failed"
echo "===================== Anchor peers for org \"$CORE_PEER_LOCALMSPID\" on \"$CHANNEL_NAME\" is updated successfully ===================== "
echo
}
## Sometimes Join takes time hence RETRY atleast for 5 times
joinWithRetry () {
peer channel join -b $CHANNEL_NAME.block >&log.txt
res=$?
cat log.txt
if [ $res -ne 0 -a $COUNTER -lt $MAX_RETRY ]; then
COUNTER=` expr $COUNTER + 1`
echo "PEER$1 failed to join the channel, Retry after 2 seconds"
sleep 2
joinWithRetry $1
else
COUNTER=1
fi
verifyResult $res "After $MAX_RETRY attempts, PEER$ch has failed to Join the Channel"
}
joinChannel () {
for ch in 0 1 2 3 4; do
setGlobals $ch
joinWithRetry $ch
echo "===================== PEER$ch joined on the channel \"$CHANNEL_NAME\" ===================== "
sleep 2
echo
done
}
installChaincode () {
PEER=$1
setGlobals $PEER
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 >&log.txt
res=$?
cat log.txt
verifyResult $res "Chaincode installation on remote peer PEER$PEER has Failed"
echo "===================== Chaincode is installed on remote peer PEER$PEER ===================== "
echo
}
instantiateChaincode () {
PEER=$1
setGlobals $PEER
# while 'peer chaincode' command can get the orderer endpoint from the peer (if join was successful),
# lets supply it directly as we know it using the "-o" option
if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then
peer chaincode instantiate -o orderer.example.com:7050 -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')" >&log.txt
else
peer chaincode instantiate -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')" >&log.txt
fi
res=$?
cat log.txt
verifyResult $res "Chaincode instantiation on PEER$PEER on channel '$CHANNEL_NAME' failed"
echo "===================== Chaincode Instantiation on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== "
echo
}
chaincodeQuery () {
PEER=$1
echo "===================== Querying on PEER$PEER on channel '$CHANNEL_NAME'... ===================== "
setGlobals $PEER
local rc=1
local starttime=$(date +%s)
# continue to poll
# we either get a successful response, or reach TIMEOUT
while test "$(($(date +%s)-starttime))" -lt "$TIMEOUT" -a $rc -ne 0
do
sleep 3
echo "Attempting to Query PEER$PEER ...$(($(date +%s)-starttime)) secs"
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}' >&log.txt
test $? -eq 0 && VALUE=$(cat log.txt | awk '/Query Result/ {print $NF}')
test "$VALUE" = "$2" && let rc=0
done
echo
cat log.txt
if test $rc -eq 0 ; then
echo "===================== Query on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== "
else
echo "!!!!!!!!!!!!!!! Query result on PEER$PEER is INVALID !!!!!!!!!!!!!!!!"
echo "================== ERROR !!! FAILED to execute End-2-End Scenario =================="
echo
exit 1
fi
}
chaincodeInvoke () {
PEER=$1
setGlobals $PEER
# while 'peer chaincode' command can get the orderer endpoint from the peer (if join was successful),
# lets supply it directly as we know it using the "-o" option
if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then
peer chaincode invoke -o orderer.example.com:7050 -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}' >&log.txt
else
peer chaincode invoke -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}' >&log.txt
fi
res=$?
cat log.txt
verifyResult $res "Invoke execution on PEER$PEER failed "
echo "===================== Invoke transaction on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== "
echo
}
## Create channel
echo "Creating channel..."
createChannel
## Join all the peers to the channel
echo "Having all peers join the channel..."
joinChannel
## Set the anchor peers for each org in the channel
echo "Updating anchor peers using peer0/org1(peer0) for org1..."
updateAnchorPeers 0
echo "Updating anchor peers using peer0/org2(peer2) for org2..."
updateAnchorPeers 2
updateAnchorPeers 4
## Install chaincode on Peer0/Org1 and Peer0/Org2
echo "Installing chaincode on peer0/org1..."
installChaincode 0
echo "Install chaincode on peer0/org2.."
installChaincode 2
echo "Install chaincode on peer0/org3.."
installChaincode 4
#Instantiate chaincode on Peer0/Org2
echo "Instantiating chaincode on peer0/org2..."
instantiateChaincode 2
#Query on chaincode on Peer0/Org1
echo "Querying chaincode on peer0/org1..."
chaincodeQuery 0 100
#Invoke on chaincode on Peer0/Org1
echo "Sending invoke transaction on peer0/org1..."
chaincodeInvoke 0
## Install chaincode on Peer1/Org2
echo "Installing chaincode on peer1/org2..."
installChaincode 3
#Query on chaincode on Peer0/Org3, check if the result is 90
echo "Querying chaincode on org2/peer1..."
chaincodeQuery 4 90
echo
echo "===================== All GOOD, End-2-End execution completed ===================== "
echo
echo
echo " _____ _ _ ____ _____ ____ _____ "
echo "| ____| | \ | | | _ \ | ____| |___ \ | ____|"
echo "| _| | \| | | | | | _____ | _| __) | | _| "
echo "| |___ | |\ | | |_| | |_____| | |___ / __/ | |___ "
echo "|_____| |_| \_| |____/ |_____| |_____| |_____|"
echo
exit 0

156
hyperledger/1.0/example2/peer-base.yml 100755
View File

@ -0,0 +1,156 @@
version: '2'
services:
orderer.example.com: # There can be multiple orderers
image: hyperledger/fabric-orderer
container_name: orderer.example.com
hostname: orderer.example.com
environment:
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block #Need to be confirm orderer.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_LEDGERTYPE=ram
- ORDERER_GENERAL_BATCHTIMEOUT=10s
- ORDERER_GENERAL_MAXMESSAGECOUNT=10
- ORDERER_GENERAL_MAXWINDOWSIZE=1000
- ORDERER_GENERAL_LISTENPORT=7050
- ORDERER_RAMLEDGER_HISTORY_SIZE=100
- ORDERER_GENERAL_TLS_ENABLED=false # to enable TLS, make this true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
ports:
- "7050:7050"
volumes:
- ./e2e_cli/channel-artifacts/orderer.genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./e2e_cli/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ./e2e_cli/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
command: orderer
peer0.org1.example.com:
extends:
file: peer.yml
service: peer
container_name: peer0.org1.example.com
hostname: peer0.org1.example.com
environment:
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_GOSSIP_ORGLEADER=true
- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer.example.com:7050
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
ports:
- 7051:7051
- 7053:7053
volumes:
- ./e2e_cli/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ./e2e_cli/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
command: peer node start --peer-defaultchain=false
peer1.org1.example.com:
extends:
file: peer.yml
service: peer
container_name: peer1.org1.example.com
hostname: peer1.org1.example.com
environment:
- CORE_PEER_ID=peer1.org1.example.com
- CORE_PEER_ADDRESS=peer1.org1.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_GOSSIP_ORGLEADER=true
- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer.example.com:7050
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
ports:
- 8051:7051
- 8053:7053
volumes:
- ./e2e_cli/crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ./e2e_cli/crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
command: peer node start --peer-defaultchain=false
peer0.org2.example.com:
extends:
file: peer.yml
service: peer
container_name: peer0.org2.example.com
hostname: peer0.org2.example.com
environment:
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_GOSSIP_ORGLEADER=true
- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer.example.com:7050
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
ports:
- 9051:7051
- 9053:7053
volumes:
- ./e2e_cli/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ./e2e_cli/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
command: peer node start --peer-defaultchain=false
peer1.org2.example.com:
extends:
file: peer.yml
service: peer
container_name: peer1.org2.example.com
hostname: peer1.org2.example.com
environment:
- CORE_PEER_ID=peer1.org2.example.com
- CORE_PEER_ADDRESS=peer1.org2.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_GOSSIP_ORGLEADER=true
- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer.example.com:7050
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
ports:
- 10051:7051
- 10053:7053
volumes:
- ./e2e_cli/crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ./e2e_cli/crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
command: peer node start --peer-defaultchain=false
peer0.org3.example.com:
extends:
file: peer.yml
service: peer
container_name: peer0.org3.example.com
hostname: peer0.org3.example.com
environment:
- CORE_PEER_ID=peer0.org3.example.com
- CORE_PEER_ADDRESS=peer0.org3.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org3.example.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org3.example.com:7051
- CORE_PEER_LOCALMSPID=Org3MSP
- CORE_PEER_GOSSIP_ORGLEADER=true
- CORE_PEER_COMMITTER_LEDGER_ORDERER=orderer.example.com:7050
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
ports:
- 11051:7051
- 11053:7053
volumes:
- ./e2e_cli/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/msp:/etc/hyperledger/fabric/msp
- ./e2e_cli/crypto-config/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls:/etc/hyperledger/fabric/tls
command: peer node start --peer-defaultchain=false