- 环境准备
curl -sSL https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh | bash -s 1.1.1 1.1.1 0.4.7
这里有个bug,fabric-samples项目还需要手动切换分支:
cd fabric-samples && git checkout release-1.1
启动fabric网络:
cd first-network && ./byfn.sh up
- 添加org3
./eyfn.sh up
到此通过脚本添加org3我们就完成了,接下来我们会通过手动添加org3来详细解析整个过程
- 手动添加org3
首先我们来看一下org3-crypto.yaml
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org3
# ---------------------------------------------------------------------------
- Name: Org3
Domain: org3.example.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
接着我们通过cryptogen工具生成所需证书:
cd org3-artifacts &&
../../bin/cryptogen generate --config=./org3-crypto.yaml
现在我们通过configtxgen工具生成json格式的org3配置:
Organizations:
- &Org3
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org3MSP
# ID to load the MSP definition as
ID: Org3MSP
MSPDir: crypto-config/peerOrganizations/org3.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org3.example.com
Port: 7051
export FABRIC_CFG_PATH=$PWD && ../../bin/configtxgen -printOrg Org3MSP > ../channel-artifacts/org3.json
- 拷贝orderer证书到crypto-crypto,以便使用其tls证书进行连接:
cd ../ && cp -r crypto-config/ordererOrganizations org3-artifacts/crypto-config/
- 获取orderer配置
//设置order_ca tls证书路径和通道名称
export ORDERER_CA=/opt/goworkspace/src/blockchain/dymatic-add-org/fabric-samples/first-network/org3-artifacts/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem && export CHANNEL_NAME=mychannel
//获取orderer配置:
peer channel fetch config config_block.pb -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA
- 将orderer配置转换为json
configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json
- 添加org3 crypto materials
//获取修改后的orderer配置
jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org3MSP":.[1]}}}}}' config.json ./channel-artifacts/org3.json > modified_config.json
//转换config.json和modified_config.json为proto文件
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
//现在使用configtxlator来计算这两个配置protobufs之间的增量
configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org3_update.pb
//这个新的proto - org3_update.pb - 包含Org3定义和Org1和Org2组织的高级指针。我们能够放弃Org1和Org2的MSP材料和修改策略信息,因为这些数据已经存在于通道的创世块中。因此,我们只需要两种配置之间的增量。
configtxlator proto_decode --input org3_update.pb --type common.ConfigUpdate | jq . > org3_update.json
//包装信息为envelope类型
echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat org3_update.json)'}}}' | jq . > org3_update_in_envelope.json
//转换为probuf格式
configtxlator proto_encode --input org3_update_in_envelope.json --type common.Envelope --output org3_update_in_envelope.pb
//给需要更新的配置签名,由于修改配置策略组的配置是"majority",所以需要所有组织Admin进行签名
peer channel signconfigtx -f org3_update_in_envelope.pb
//发送配置更新请求
peer channel update -f org3_update_in_envelope.pb -c $CHANNEL_NAME -o orderer.example.com:7050 --tls --cafile $ORDERER_CA
- 启动org3的peer节点
docker-compose -f docker-compose-org3.yaml up -d
- 从orderer节点同步区块
//进入容器工具(此容器包含了基础环境变量以及相应的脚本)
docker exec -it Org3cli bash
//设置order_ca证书路径和channel_name
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem && export CHANNEL_NAME=mychannel
//同步数据
peer channel fetch 0 mychannel.block -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA
- 将新增节点加入通道
peer channel join -b mychannel.block
- 升级智能合
//所有节点安装智能合约
peer chaincode install -n mycc -v 2.0 -p github.com/chaincode/chaincode_example02/go/
//发送智能合约升级请求
//注意背书策略新增了Org3MSP.peer
peer chaincode upgrade -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -v 2.0 -c '{"Args":["init","a","90","b","210"]}' -P "OR ('Org1MSP.peer','Org2MSP.peer','Org3MSP.peer')"
- 查询智能合约
//注意设置环境变量为org3
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
- 执行智能合约
//a向b转了10块钱,a初始是90块,那么剩余80
peer chaincode invoke -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'
- 再次查询智能合约
//查询a的余额应该为80
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'