docker-compose-files/hyperledger_fabric/docs/config_generation.md

278 lines
7.9 KiB
Markdown

## Usage of cryptogen and configtxgen
To bootup a fabric network, we need:
* crypto_config: crypto keys/certs for all organizations, see `solo/crypto-config`
* orderer_genesis.block: genesis block to bootup orderer, see `solo/channel-artifacts`
* channel.tx: transaction to create an application channel, see `solo/channel-artifacts`
* Org1MSPanchors.tx, Org2MSPanchors.tx: Transaction to update anchor config in Org1 and Org2, see `solo/channel-artifacts`
### Generate crypto-config using cryptogen
```bash
$ cryptogen generate --config=/etc/hyperledger/fabric/crypto-config.yaml --output ./crypto-config
```
cryptogen will read configuration from `crypto-config.yaml`, by default it was put under `/etc/hyperledger/fabric/`.
Then put the generated `crypto-config` under `/etc/hyperledger/fabric/`.
### Generate blocks/txs using [configtxgen](http://hyperledger-fabric.readthedocs.io/en/latest/configtxgen.html?highlight=crypto#)
By default, configtxgen will read configuration from `/etc/hyperledger/fabric/configtx.yaml`, Please customize the configtx.yaml file before running.
#### Create orderer genesis block
```bash
$ configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/orderer.genesis.block
```
#### Create channel transaction artifact
```bash
$ CHANNEL_NAME=businesschannel
$ configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
`channel.tx` is used for creating a new application channel `businesschannel`
#### Update anchor peer for Organizations on the channel
Choose peer peer0.org1.example.com as org1's anchor peer, and peer0.org2.example.com as org2's anchor peer.
```bash
$ configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
```
```bash
$ configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
```
> more details refer to Example2
### Examples
#### Example1: how to add and re-join a new channel
This example will explain how to add a new channel without change basic topology that desigend in configtx.yaml and crypto-config.yaml.
start a fabric network with `docker-compose-1peer.yaml`, and into container fabric-cli
* 1 Regenerate `channel.tx` using with new channel name
Create channel configuration for the to-be-created `testchannel`.
```bash
$ root@cli: CHANNEL_NAME=testchannel
$ root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
* 2 regenerate anchor peer configuratoin for Organizations
```bash
$ root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
$ root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
```
* (optional)execute auto-test script
You can skip this step, this will quickly check whether the network works, and also you can verify manually.
```bash
$ root@cli: bash ./peer/scripts/test_1peer.sh testchannel
```
* 3 Create new channel
```bash
$ root@cli: peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./channel-artifacts/channel.tx
```
check whether genrated new block `testchannel.block`
```bash
root@cli: ls testchannel.block
testchannel.block
```
* 4 Join new channel
Join peer0.org1.example.com to the new channel
```bash
$ root@cli: peer channel join -b ${CHANNEL_NAME}.block -o orderer.example.com:7050
Peer joined the channel!
```
check whether success
```bash
$ root@cli: peer channel list
Channels peers has joined to:
testchannel
```
* 5 Update anchor peer
```bash
$ root@cli: peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./channel-artifacts/Org1MSPanchors.tx
```
* 6 Install
```bash
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
```
* 7 Instantiate
```bash
root@cli: peer chaincode instantiate -o orderer.example.com:7050 -C ${CHANNEL_NAME} -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member')"
```
* 8 Query
```bash
root@cli: peer chaincode query -C ${CHANNEL_NAME} -n mycc -c '{"Args":["query","a"]}'
```
The output should be:
```bash
Query Result: 100
UTC [main] main -> INFO 008 Exiting.....
```
#### Example2: how to add an organization or peer
This example will explain how to add a new org or peer with changed the basic topology that desigend in configtx.yaml and crypto-config.yaml.
##### all-in-one
We provide some instance in current directory, in this case we add a new organization `Org3` and new peer `peer0.org3.example.com`.
* 1 Generate necessary config and certs
```bash
$ sudo docker-compose -f docker-compose-2orgs-4peers-event.yaml up
$ docker exec -it fabric-cli bash
$ root@cli: ./scripts/add-org.sh
```
> ** notice: For docker-compose-file clean, we did not mount these in the container, you need to mount yourself.
* 2 Re-setup network
```bash
echo "clean containers...."
docker rm -f `docker ps -aq`
echo "clean images ..."
docker rmi -f `docker images|grep mycc-1.0|awk '{print $3}'`
```
```bash
$ sudo docker-compose -f docker-compose-2orgs-4peers-event.yaml up
```
* 3 execute auto-test
Throuth this script to test whether the network works.
```bash
$ root@cli: bash ./scripts/test-5-peers.sh newchannel
```
The final output may look like following
```bash
===================== Query on PEER4 on channel 'newchannel' is successful =====================
===================== All GOOD, End-2-End execution completed =====================
```
##### manually
* 1 Modify config
modify configtx.yaml, crypto-cnfig.yaml and docker-compose files to adapt new change. and replace old file.
* 2 Bootstrap network with `docker-compose-2orgs-4peers-event.yaml`
```bash
$ docker-compose -f docker-compose-2orgs-4peers-event.yaml up
```
> notes:You may encounter some errors at startup and some peers can't start up, It's innocuous, ignore it,
because we will restart later, and now we just use tools in cli container.
* 3 Generate new certificates
```bash
$ cryptogen generate --config=/etc/hyperledger/fabric/crypto-config.yaml --output ./crypto
```
* 4 Create the genesis block
```bash
root@cli: configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/orderer_genesis.block
```
* 5 Create the configuration tx
```bash
root@cli: CHANNEL_NAME=newchannel
root@cli: configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}
```
`channel.tx` is used for generating new channel `newchannel`
* 6 Define the anchor peer for Orgs on the channel
```bash
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP
root@cli: configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org3MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org3MSP
```
* 7 Restart network
As we have changed the configtx.yaml and regenerate `orderer_genesis.block`,
we'd better restart orderering service or all the service.
now we clean all the old service and boot a new network.
```bash
echo "clean containers...."
docker rm -f `docker ps -aq`
echo "clean images ..."
docker rmi -f `docker images|grep mycc-1.0|awk '{print $3}'`
```
```bash
$ sudo docker-compose -f docker-compose-2orgs.yml up
```
* 8 Execute auto-test script
Until this step, we complete the network re-setup, and then we will test whether it works.
```bash
$ root@cli: bash ./scripts/test-5-peers.sh
```
If the network works well. the output may looklike:
```bash
===================== All GOOD, End-2-End execution completed =====================
```