fabric学习笔记---手动建立fabric测试网络(转)
原文见 深刻理解Fabric环境搭建的详细过程 http://www.cnblogs.com/studyzy/p/7451276.html 深蓝居html
一、生成cryptogen(密码生成器)node
咱们将使用cryptogen工具为咱们生成各类网络实体的加密材料(x509证书)。这些证书是身份的表明,它们容许在咱们的网络实体进行交流和交易时进行签名/验证身份验证。git
Fabric中有两种类型的公私钥和证书,一种是给节点以前通信安全而准备的TLS证书,另外一种是用户登陆和权限控制的用户证书。这些证书原本应该是由CA来颁发,可是咱们这里是测试环境,并无启用CA节点,因此Fabric帮咱们提供了一个工具:cryptogen。github
cd /root/go/src/github.com/hyperledger/fabric
make cryptogen
结果以下:算法
build/bin/cryptogen CGO_CFLAGS=" " GOBIN=/root/go/src/github.com/hyperledger/fabric/build/bin go install -tags "" -ldflags "-X github.com/hyperledger/fabric/common/tools/cryptogen/metadata.Version=1.0.0" github.com/hyperledger/fabric/common/tools/cryptogen Binary available as build/bin/cryptogen
即 在./build/bin/cryptogen下生成了可执行程序cryptogendocker
二、配置网络拓扑 crypto-config.yamlubuntu
examples/e2e_cli/crypto-config.yaml已经提供了一个Orderer Org和两个Peer Org的配置,该模板中也对字段进行了注释。咱们能够把Org2拿来分析一下:安全
- Name: Org2
Domain: org2.example.com
Template:
Count: 2
Users:
Count: 1
Name和Domain就是关于这个组织的名字和域名,这主要是用于生成证书的时候,证书内会包含该信息。而Template Count=2是说咱们要生成2套公私钥和证书,一套是peer0.org2的,还有一套是peer1.org2的。最后Users. Count=1是说每一个Template下面会有几个普通User(注意,Admin是Admin,不包含在这个计数中),这里配置了1,也就是说咱们只须要一个普通用户User1@org2.example.com 咱们能够根据实际须要调整这个配置文件,增删Org Users等。bash
三、使用加密生成器 cryptogen 根据网络拓扑 crypto-config.yaml生成相应证书网络
cd examples/e2e_cli/
../../build/bin/cryptogen generate --config=./crypto-config.yaml
生成的文件都保存到crypto-config
root@ubuntu:~/go/src/github.com/hyperledger/fabric/examples/e2e_cli# tree crypto-config crypto-config ├── ordererOrganizations │ └── example.com │ ├── ca │ │ ├── 7f4a6ddd14cd63850d8efb5fac786754550e606b7066187f248e6d1195a14401_sk │ │ └── ca.example.com-cert.pem │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.example.com-cert.pem │ ├── orderers │ │ └── orderer.example.com │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@example.com-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.example.com-cert.pem │ │ │ ├── keystore │ │ │ │ └── 61c8982b11f2c6038f3267b087ab3b2df189402b4d589f08373eef810b99196e_sk │ │ │ ├── signcerts │ │ │ │ └── orderer.example.com-cert.pem │ │ │ └── tlscacerts │ │ │ └── tlsca.example.com-cert.pem │ │ └── tls │ │ ├── ca.crt │ │ ├── server.crt │ │ └── server.key │ ├── tlsca │ │ ├── 75269ee7ffe06ce787e1fa84f0e13b6d806af2e3248cac26c215f05ceaa4cff5_sk │ │ └── tlsca.example.com-cert.pem │ └── users │ └── Admin@example.com │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.example.com-cert.pem │ │ ├── keystore │ │ │ └── d500892fdee19e1e5d533848b168232416fc9ff813e7472ac2978f38491f4093_sk │ │ ├── signcerts │ │ │ └── Admin@example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.example.com-cert.pem │ └── tls │ ├── ca.crt │ ├── server.crt │ └── server.key └── peerOrganizations ├── org1.example.com │ ├── ca │ │ ├── 56c8383863e4c4571ec98d4191bdaa95f715ad0480728cb23ca3b4ee0d160960_sk │ │ └── ca.org1.example.com-cert.pem │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@org1.example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.org1.example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.org1.example.com-cert.pem │ ├── peers │ │ ├── peer0.org1.example.com │ │ │ ├── msp │ │ │ │ ├── admincerts │ │ │ │ │ └── Admin@org1.example.com-cert.pem │ │ │ │ ├── cacerts │ │ │ │ │ └── ca.org1.example.com-cert.pem │ │ │ │ ├── keystore │ │ │ │ │ └── 69ab0d05da63a094ff178579d6bfa7689ace565d707d4f0556b529e0ed3c865d_sk │ │ │ │ ├── signcerts │ │ │ │ │ └── peer0.org1.example.com-cert.pem │ │ │ │ └── tlscacerts │ │ │ │ └── tlsca.org1.example.com-cert.pem │ │ │ └── tls │ │ │ ├── ca.crt │ │ │ ├── server.crt │ │ │ └── server.key │ │ └── peer1.org1.example.com │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@org1.example.com-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.org1.example.com-cert.pem │ │ │ ├── keystore │ │ │ │ └── 795723f2c98428db01188afd1c68404824461295ea5412e7ea434c96a9b255cf_sk │ │ │ ├── signcerts │ │ │ │ └── peer1.org1.example.com-cert.pem │ │ │ └── tlscacerts │ │ │ └── tlsca.org1.example.com-cert.pem │ │ └── tls │ │ ├── ca.crt │ │ ├── server.crt │ │ └── server.key │ ├── tlsca │ │ ├── 12c9f413aa40d0da1bf9b333fbd2cf88281c57b0c4d6caf3c10bc93a32fe7067_sk │ │ └── tlsca.org1.example.com-cert.pem │ └── users │ ├── Admin@org1.example.com │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@org1.example.com-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.org1.example.com-cert.pem │ │ │ ├── keystore │ │ │ │ └── 6aa5f66155befc289a9a503b3acff7a4081925cd7f6b37be84ad06a03c5d03ea_sk │ │ │ ├── signcerts │ │ │ │ └── Admin@org1.example.com-cert.pem │ │ │ └── tlscacerts │ │ │ └── tlsca.org1.example.com-cert.pem │ │ └── tls │ │ ├── ca.crt │ │ ├── server.crt │ │ └── server.key │ └── User1@org1.example.com │ ├── msp │ │ ├── admincerts │ │ │ └── User1@org1.example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.org1.example.com-cert.pem │ │ ├── keystore │ │ │ └── f5ec31dffdd4eb3bfb24ed62749106155b40a2cdb8eef97b03a25aa5ba24edf4_sk │ │ ├── signcerts │ │ │ └── User1@org1.example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.org1.example.com-cert.pem │ └── tls │ ├── ca.crt │ ├── server.crt │ └── server.key └── org2.example.com ├── ca │ ├── 979d49a2f3c80d0716ee151d155387b3070e7af533c27ded276be8b37843386c_sk │ └── ca.org2.example.com-cert.pem ├── msp │ ├── admincerts │ │ └── Admin@org2.example.com-cert.pem │ ├── cacerts │ │ └── ca.org2.example.com-cert.pem │ └── tlscacerts │ └── tlsca.org2.example.com-cert.pem ├── peers │ ├── peer0.org2.example.com │ │ ├── msp │ │ │ ├── admincerts │ │ │ │ └── Admin@org2.example.com-cert.pem │ │ │ ├── cacerts │ │ │ │ └── ca.org2.example.com-cert.pem │ │ │ ├── keystore │ │ │ │ └── eca432632ac8a57b094669d1a4ab93710fd59126f0f671ed4bdb07d1bbe94738_sk │ │ │ ├── signcerts │ │ │ │ └── peer0.org2.example.com-cert.pem │ │ │ └── tlscacerts │ │ │ └── tlsca.org2.example.com-cert.pem │ │ └── tls │ │ ├── ca.crt │ │ ├── server.crt │ │ └── server.key │ └── peer1.org2.example.com │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@org2.example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.org2.example.com-cert.pem │ │ ├── keystore │ │ │ └── 609ab03ad06149a68d370b8f8ed45f8bef44cbac52ce7b39125129e33c5ffad5_sk │ │ ├── signcerts │ │ │ └── peer1.org2.example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.org2.example.com-cert.pem │ └── tls │ ├── ca.crt │ ├── server.crt │ └── server.key ├── tlsca │ ├── 1fd065823b9b49550d484aa7312abbb8ef0f062cba9b7e349e94c11effbd2ef3_sk │ └── tlsca.org2.example.com-cert.pem └── users ├── Admin@org2.example.com │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@org2.example.com-cert.pem │ │ ├── cacerts │ │ │ └── ca.org2.example.com-cert.pem │ │ ├── keystore │ │ │ └── 8096a721270a5f9e39a0272ee648bd6cb2b273fa8b5fac27eeda7cd4bd16da04_sk │ │ ├── signcerts │ │ │ └── Admin@org2.example.com-cert.pem │ │ └── tlscacerts │ │ └── tlsca.org2.example.com-cert.pem │ └── tls │ ├── ca.crt │ ├── server.crt │ └── server.key └── User1@org2.example.com ├── msp │ ├── admincerts │ │ └── User1@org2.example.com-cert.pem │ ├── cacerts │ │ └── ca.org2.example.com-cert.pem │ ├── keystore │ │ └── 59ff8e940b27192f1f782f3d22186202242413eabbfb192cf5b432488ef62612_sk │ ├── signcerts │ │ └── User1@org2.example.com-cert.pem │ └── tlscacerts │ └── tlsca.org2.example.com-cert.pem └── tls ├── ca.crt ├── server.crt └── server.key
四、编译生成 交易生成器configtxgen
cd ~/go/src/github.com/hyperledger/fabric make configtxgen
运行后的结果为:
build/bin/configtxgen CGO_CFLAGS=" " GOBIN=/home/studyzy/go/src/github.com/hyperledger/fabric/build/bin go install -tags "nopkcs11" -ldflags "-X github.com/hyperledger/fabric/common/configtx/tool/configtxgen/metadata.Version=1.0.0" github.com/hyperledger/fabric/common/configtx/tool/configtxgen Binary available as build/bin/configtxgen
五、配置configtx.yaml
官方提供的examples/e2e_cli/configtx.yaml这个文件里面配置了由2个Org参与的Orderer共识配置TwoOrgsOrdererGenesis,以及由2个Org参与的Channel配置:TwoOrgsChannel。Orderer能够设置共识的算法是Solo仍是Kafka,以及共识时区块大小,超时时间等,咱们使用默认值便可,不用更改。而Peer节点的配置包含了MSP的配置,锚节点的配置。若是咱们有更多的Org,或者有更多的Channel,那么就能够根据模板进行对应的修改。
六、经过交易生成器configtxgen生成区块
(1)生成创世区块
配置修改好后,咱们就用configtxgen 生成创世区块。并把这个区块保存到本地channel-artifacts文件夹中:
cd examples/e2e_cli/ ../../build/bin/configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
(2)生成channel区块
../../build/bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID mychannel
另外关于锚节点的更新,咱们也须要使用这个程序来生成文件:
../../build/bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP ../../build/bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP
最终,咱们在channel-artifacts文件夹中,应该是可以看到4个文件。
root@ubuntu:~/go/src/github.com/hyperledger/fabric/examples/e2e_cli# tree channel-artifacts/ channel-artifacts/ ├── channel.tx ├── genesis.block ├── Org1MSPanchors.tx └── Org2MSPanchors.tx
七、配置Fabric环境的docker-compose文件
(1)配置Orderer
Orderer的配置是在base/docker-compose-base.yaml里
version: '2' services: orderer.example.com: container_name: orderer.example.com image: hyperledger/fabric-orderer environment: - ORDERER_GENERAL_LOGLEVEL=debug - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_GENESISMETHOD=file - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS - ORDERER_GENERAL_TLS_ENABLED=true - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] working_dir: /opt/gopath/src/github.com/hyperledger/fabric command: orderer volumes: - ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block - ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls ports: - 7050:7050
这里主要关心的是,ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block,而这个创世区块就是咱们以前建立的创世区块,这里就是Host到Docker的映射:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
另外的配置主要是TL,Log等,最后暴露出服务端口7050。、
(2)配置peer
Peer的配置是在base/docker-compose-base.yaml和peer-base.yaml里
docker-compose-base.yaml中截取peer0.org1.example.com配置
peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.org1.example.com - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_CHAINCODELISTENADDRESS=peer0.org1.example.com:7052 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls ports: - 7051:7051 - 7052:7052 - 7053:7053
peer-base.yaml
version: '2' services: peer-base: image: hyperledger/fabric-peer environment: - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock # the following setting starts chaincode containers on the same # bridge network as the peers # https://docs.docker.com/compose/networking/ - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=e2ecli_default #- CORE_LOGGING_LEVEL=ERROR - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_TLS_ENABLED=true - CORE_PEER_GOSSIP_USELEADERELECTION=true - CORE_PEER_GOSSIP_ORGLEADER=false - CORE_PEER_PROFILE_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: peer node start
(3)配置CLI
CLI在整个Fabric网络中扮演客户端的角色,咱们在开发测试的时候能够用CLI来代替SDK,执行各类SDK能执行的操做。CLI会和Peer相连,把指令发送给对应的Peer执行。CLI的配置在docker-compose-cli.yaml中
# Copyright IBM Corp. All Rights Reserved. services: orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: base/docker-compose-base.yaml service: peer0.org1.example.com peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: base/docker-compose-base.yaml service: peer1.org1.example.com peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: base/docker-compose-base.yaml service: peer0.org2.example.com peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: base/docker-compose-base.yaml service: peer1.org2.example.com cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT' volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - orderer.example.com - peer0.org1.example.com - peer1.org1.example.com - peer0.org2.example.com - peer1.org2.example.com
从这里咱们能够看到,CLI启动的时候默认链接的是peer0.org1.example.com,而且启用了TLS。默认是以Admin@org1.example.com这个身份链接到Peer的。CLI启动的时候,会去执行./scripts/script.sh 脚本,这个脚本也就是fabric/examples/e2e_cli/scripts/script.sh 这个脚本,这个脚本完成了Fabric环境的初始化和ChainCode的安装及运行,也就是接下来要讲的步骤4和5.在文件映射配置上,咱们注意到../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go,也就是说咱们要安装的ChainCode都是在fabric/examples/chaincode/go目录下,之后咱们要开发本身的ChainCode,只须要把咱们的代码复制到该目录便可。
八、初始化fabric环境
(1)启动Fabric环境的容器
咱们将整个Fabric Docker环境的配置放在docker-compose-cli.yaml后,只须要使用如下命令便可:
docker-compose -f docker-compose-cli.yaml up -d
最后这个-d参数若是不加,那么当前终端就会一直附加在docker-compose上,而若是加上的话,那么docker容器就在后台运行。运行docker ps命令能够看启动的结果:1Orderer+4Peer+1CLI
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e90ce174a429 hyperledger/fabric-tools "/bin/bash" 25 seconds ago Up 23 seconds cli 32ffc851c1bf hyperledger/fabric-peer "peer node start" 32 seconds ago Up 25 seconds 0.0.0.0:9051->7051/tcp, 0.0.0.0:9052->7052/tcp, 0.0.0.0:9053->7053/tcp peer0.org2.example.com 1f0d26e45634 hyperledger/fabric-peer "peer node start" 32 seconds ago Up 26 seconds 0.0.0.0:8051->7051/tcp, 0.0.0.0:8052->7052/tcp, 0.0.0.0:8053->7053/tcp peer1.org1.example.com 807c4dc97684 hyperledger/fabric-orderer "orderer" 32 seconds ago Up 24 seconds 0.0.0.0:7050->7050/tcp orderer.example.com c297c88cf9b3 hyperledger/fabric-peer "peer node start" 32 seconds ago Up 26 seconds 0.0.0.0:7051-7053->7051-7053/tcp peer0.org1.example.com 08c95a2bbb12 hyperledger/fabric-peer "peer node start" 32 seconds ago Up 25 seconds 0.0.0.0:10051->7051/tcp, 0.0.0.0:10052->7052/tcp, 0.0.0.0:10053->7053/tcp peer1.org2.example.com
(2)建立Channel
如今咱们要进入cli容器内部,在里面建立Channel。先用如下命令进入CLI内部Bash:
docker exec -it cli bash
建立Channel的命令是peer channel create,咱们前面建立2.4建立Channel的配置区块时,指定了Channel的名字是mychannel,那么这里咱们必须建立一样名字的Channel。
ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem peer channel create -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls true --cafile $ORDERER_CA
执行该命令后,系统会提示:
2017-08-29 20:36:47.486 UTC [channelCmd] readBlock -> DEBU 020 Received block:0
系统会在cli内部的当前目录建立一个mychannel.block文件,这个文件很是重要,接下来其余节点要加入这个Channel就必须使用这个文件。
(3)各个Peer加入Channel
前面说过,咱们CLI默认链接的是peer0.org1,那么咱们要将这个Peer加入mychannel就很简单,只须要运行以下命令:
peer channel join -b mychannel.block
系统返回消息:
2017-08-29 20:40:27.053 UTC [channelCmd] executeJoin -> INFO 006 Peer joined the channel!
那么其余几个Peer又该怎么加入Channel呢?这里就须要修改CLI的环境变量,使其指向另外的Peer。好比咱们要把peer1.org1加入mychannel,那么命令是:
CORE_PEER_LOCALMSPID="Org1MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp CORE_PEER_ADDRESS=peer1.org1.example.com:7051 peer channel join -b mychannel.block
系统会返回成功加入Channel的消息。
一样的方法,将peer0.org2加入mychannel:
CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 peer channel join -b mychannel.block
最后把peer1.org2加入mychannel:
CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp CORE_PEER_ADDRESS=peer1.org2.example.com:7051 peer channel join -b mychannel.block
(4)更新锚节点
关于AnchorPeer,我理解的不够深入,通过个人测试,即便没有设置锚节点的状况下,整个Fabric网络仍然是能正常运行的。
对于Org1来讲,peer0.org1是锚节点,咱们须要链接上它并更新锚节点:
CORE_PEER_LOCALMSPID="Org1MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp CORE_PEER_ADDRESS=peer0.org1.example.com:7051 peer channel update -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/Org1MSPanchors.tx --tls true --cafile $ORDERER_CA
另外对于Org2,peer0.org2是锚节点,对应的更新代码是:
CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 peer channel update -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/Org2MSPanchors.tx --tls true --cafile $ORDERER_CA
以上,整个Fabric网络和Channel都准备完毕,接下来咱们来安装和运行ChainCode。这里仍然以最出名的Example02为例。这个例子实现了a,b两个帐户,相互之间能够转帐。
九、链上代码的安装与运行
(1)Install ChainCode安装链上代码
链上代码的安装须要在各个相关的Peer上进行,对于咱们如今这种Fabric网络,若是4个Peer都想对Example02进行操做,那么就须要安装4次。
仍然是保持在CLI的命令行下,咱们先切换到peer0.org1这个节点:
CORE_PEER_LOCALMSPID="Org1MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp CORE_PEER_ADDRESS=peer0.org1.example.com:7051
使用peer chaincode install命令能够安装指定的ChainCode并对其命名:
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
安装的过程其实就是对CLI中指定的代码进行编译打包,并把打包好的文件发送到Peer,等待接下来的实例化。
其余节点因为暂时还没使用到,咱们能够先不安装,等到了步骤5.4的时候再安装。
(2)Instantiate ChainCode实例化链上代码
实例化链上代码主要是在Peer所在的机器上对前面安装好的链上代码进行包装,生成对应Channel的Docker镜像和Docker容器。而且在实例化时咱们能够指定背书策略。咱们运行如下命令完成实例化:
peer chaincode instantiate -o orderer.example.com:7050 --tls true --cafile $ORDERER_CA -C mychannel -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')"
若是咱们新开一个Ubuntu终端,去查看peer0.org1上的日志,那么就能够知道整个实例化的过程到底干了什么:
docker logs -f peer0.org1.example.com
主要几行重要的日志:
2017-08-29 21:14:12.290 UTC [chaincode-platform] generateDockerfile -> DEBU 3fd
FROM hyperledger/fabric-baseos:x86_64-0.3.1
ADD binpackage.tar /usr/local/bin
LABEL org.hyperledger.fabric.chaincode.id.name="mycc" \
org.hyperledger.fabric.chaincode.id.version="1.0" \
org.hyperledger.fabric.chaincode.type="GOLANG" \
org.hyperledger.fabric.version="1.0.0" \
org.hyperledger.fabric.base.version="0.3.1"
ENV CORE_CHAINCODE_BUILDLEVEL=1.0.0
ENV CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/peer.crt
COPY peer.crt /etc/hyperledger/fabric/peer.crt
2017-08-29 21:14:12.297 UTC [util] DockerBuild -> DEBU 3fe Attempting build with image hyperledger/fabric-ccenv:x86_64-1.0.0
2017-08-29 21:14:48.907 UTC [dockercontroller] deployImage -> DEBU 3ff Created image: dev-peer0.org1.example.com-mycc-1.0
2017-08-29 21:14:48.908 UTC [dockercontroller] Start -> DEBU 400 start-recreated image successfully
2017-08-29 21:14:48.908 UTC [dockercontroller] createContainer -> DEBU 401 Create container: dev-peer0.org1.example.com-mycc-1.0
接下来的日志就是各类初始化,验证,写帐本之类的。总之完毕后,咱们回到Ubuntu终端,使用docker ps能够看到有新的容器正在运行:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc620b8c6399 dev-peer0.org1.example.com-mycc-1.0 "chaincode -peer.add…" 3 minutes ago Up 2 minutes dev-peer0.org1.example.com-mycc-1.0 e90ce174a429 hyperledger/fabric-tools "/bin/bash" 31 minutes ago Up 30 minutes cli 32ffc851c1bf hyperledger/fabric-peer "peer node start" 31 minutes ago Up 31 minutes 0.0.0.0:9051->7051/tcp, 0.0.0.0:9052->7052/tcp, 0.0.0.0:9053->7053/tcp peer0.org2.example.com 1f0d26e45634 hyperledger/fabric-peer "peer node start" 31 minutes ago Up 31 minutes 0.0.0.0:8051->7051/tcp, 0.0.0.0:8052->7052/tcp, 0.0.0.0:8053->7053/tcp peer1.org1.example.com 807c4dc97684 hyperledger/fabric-orderer "orderer" 31 minutes ago Up 31 minutes 0.0.0.0:7050->7050/tcp orderer.example.com c297c88cf9b3 hyperledger/fabric-peer "peer node start" 31 minutes ago Up 31 minutes 0.0.0.0:7051-7053->7051-7053/tcp peer0.org1.example.com 08c95a2bbb12 hyperledger/fabric-peer "peer node start" 31 minutes ago Up 31 minutes 0.0.0.0:10051->7051/tcp, 0.0.0.0:10052->7052/tcp, 0.0.0.0:10053->7053/tcp peer1.org2.example.com
(3)在一个Peer上查询并发起交易
如今链上代码的实例也有了,而且在实例化的时候指定了a帐户100,b帐户200,咱们能够试着调用ChainCode的查询代码,验证一下,在cli容器内执行:
peer chaincode query -C mychannel -n mycc -c '{"Args":["query","a"]}'
返回结果:Query Result: 100
接下来咱们能够试着把a帐户的10元转给b。对应的代码:
peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile $ORDERER_CA -C mychannel -n mycc -c '{"Args":["invoke","a","b","10"]}'
(4)在另外一个节点上查询交易
前面的操做都是在org1下面作的,那么处于同一个区块链(同一个Channel下)的org2,是否会看org1的更改呢?咱们试着给peer0.org2安装链上代码:
CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
因为mycc已经在前面org1的时候实例化了,也就是说对应的区块已经生成了,因此在org2不能再次初始化。咱们直接运行查询命令:
peer chaincode query -C mychannel -n mycc -c '{"Args":["query","a"]}'
返回结果:
Query Result: 90
这是由于peer0.org2也须要生成Docker镜像,建立对应的容器,才能经过容器返回结果。咱们回到Ubuntu终端,执行docker ps,能够看到又多了一个容器:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1dde91b29472 dev-peer0.org2.example.com-mycc-1.0 "chaincode -peer.add…" About a minute ago Up About a minute dev-peer0.org2.example.com-mycc-1.0 fc620b8c6399 dev-peer0.org1.example.com-mycc-1.0 "chaincode -peer.add…" 11 minutes ago Up 11 minutes dev-peer0.org1.example.com-mycc-1.0 e90ce174a429 hyperledger/fabric-tools "/bin/bash" 39 minutes ago Up 39 minutes cli 32ffc851c1bf hyperledger/fabric-peer "peer node start" 39 minutes ago Up 39 minutes 0.0.0.0:9051->7051/tcp, 0.0.0.0:9052->7052/tcp, 0.0.0.0:9053->7053/tcp peer0.org2.example.com 1f0d26e45634 hyperledger/fabric-peer "peer node start" 39 minutes ago Up 39 minutes 0.0.0.0:8051->7051/tcp, 0.0.0.0:8052->7052/tcp, 0.0.0.0:8053->7053/tcp peer1.org1.example.com 807c4dc97684 hyperledger/fabric-orderer "orderer" 39 minutes ago Up 39 minutes 0.0.0.0:7050->7050/tcp orderer.example.com c297c88cf9b3 hyperledger/fabric-peer "peer node start" 39 minutes ago Up 39 minutes 0.0.0.0:7051-7053->7051-7053/tcp peer0.org1.example.com 08c95a2bbb12 hyperledger/fabric-peer "peer node start" 39 minutes ago Up 39 minutes 0.0.0.0:10051->7051/tcp, 0.0.0.0:10052->7052/tcp, 0.0.0.0:10053->7053/tcp peer1.org2.example.com
相关文章
- 1. Fabric学习笔记(二) - Docker下手工启动Fabric v1.0.5网络
- 2. Hyperledger Fabric手动生成CA证书搭建Fabric网络
- 3. Hyperledger Fabric V1.0 学习笔记(二) 快速启动一个Fabric网络
- 4. Mysql Fabric实现学习笔记(转载)
- 5. Fabric学习笔记(2)
- 6. Hyperledger fabric学习笔记
- 7. Fabric ca学习笔记
- 8. Hyperledger Fabric -------9--------建立第一个网络
- 9. Hyperledger Fabric 1.0 学习搭建 (四)--- 建立Fabric多节点集群
- 10. net: fabric Fabric网络架构
- 更多相关文章...
- • Maven 构建 & 项目测试 - Maven教程
- • TCP三次握手建立连接的过程 - TCP/IP教程
- • Tomcat学习笔记(史上最全tomcat学习笔记)
- • 适用于PHP初学者的学习线路和建议
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. eclipse设置粘贴字符串自动转义
- 2. android客户端学习-启动模拟器异常Emulator: failed to initialize HAX: Invalid argument
- 3. android.view.InflateException: class com.jpardogo.listbuddies.lib.views.ListBuddiesLayout问题
- 4. MYSQL8.0数据库恢复 MYSQL8.0ibd数据恢复 MYSQL8.0恢复数据库
- 5. 你本是一个肉体,是什么驱使你前行【1】
- 6. 2018.04.30
- 7. 2018.04.30
- 8. 你本是一个肉体,是什么驱使你前行【3】
- 9. 你本是一个肉体,是什么驱使你前行【2】
- 10. 【资讯】LocalBitcoins达到每周交易比特币的7年低点
欢迎关注本站公众号,获取更多信息
相关文章
- 1. Fabric学习笔记(二) - Docker下手工启动Fabric v1.0.5网络
- 2. Hyperledger Fabric手动生成CA证书搭建Fabric网络
- 3. Hyperledger Fabric V1.0 学习笔记(二) 快速启动一个Fabric网络
- 4. Mysql Fabric实现学习笔记(转载)
- 5. Fabric学习笔记(2)
- 6. Hyperledger fabric学习笔记
- 7. Fabric ca学习笔记
- 8. Hyperledger Fabric -------9--------建立第一个网络
- 9. Hyperledger Fabric 1.0 学习搭建 (四)--- 建立Fabric多节点集群
- 10. net: fabric Fabric网络架构