Fabric2.0 新特性实践:通道成员可扩展链码

  承接上文:Hyperledger Fabric 2.0新特性,Fabric2.0版本允许组织去扩展链码,也就是说通道成员之间的链码包可能会不同,这么做的好处是每个组织可以根据自身利益增加自己的业务逻辑。
  为测试这一特性,本文将会对比Fabric1.4版本和Fabric2.0版本,阅读过程中注意当前版本,及时切换到不同分支。

改造链码

  测试网络选用:fabric-samples/first-network
  链码选用:sacc
  在本文中,我们基于sacc构建了另一个链码sacc-check,相对于sacc增加了一个条件校验:如果key为age,则返回错误。
  进入fabric-samples/chaincode/sacc目录,sacc.go原代码:

// Set stores the asset (both key and value) on the ledger. If the key exists,
// it will override the value with the new one
func set(stub shim.ChaincodeStubInterface, args []string) (string, error) {
	if len(args) != 2 {
		return "", fmt.Errorf("Incorrect arguments. Expecting a key and a value")
	}

	err := stub.PutState(args[0], []byte(args[1]))
	if err != nil {
		return "", fmt.Errorf("Failed to set asset: %s", args[0])
	}
	return args[1], nil
}

  我们稍作修改,增加前面提到的校验:

// Set stores the asset (both key and value) on the ledger. If the key exists,
// it will override the value with the new one
func set(stub shim.ChaincodeStubInterface, args []string) (string, error) {
	if len(args) != 2 {
		return "", fmt.Errorf("Incorrect arguments. Expecting a key and a value")
	}
    if args[0] == "age" {
        return "",fmt.Errorf("错误的key")
    }
	err := stub.PutState(args[0], []byte(args[1]))
	if err != nil {
		return "", fmt.Errorf("Failed to set asset: %s", args[0])
	}
	return args[1], nil
}

基于1.4版本测试

  按照上节修改链码

cd fabric-samples/chaincode
cp -r sacc sacc-check
cd sacc-check
vim sacc.go

  进入fabric-samples/first-network目录执行,默认通道testchannel,链码mycc:

./byfn.sh up

  peer0.org1.example.com安装链码sacc

 docker exec cli peer chaincode install -n sacc -v 1.0 -p github.com/chaincode/sacc

  peer0.org2.example.com安装链码sacc

docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer chaincode install -n sacc -v 1.0 -p github.com/chaincode/sacc-check

  可通过以下命令查看链码是否已安装成功,查询结果中Id是不同的。

# peer0.org1.example.com
docker exec cli peer chaincode list --installed
# peer0.org2.example.com
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer chaincode list --installed

  实例化链码

docker exec cli peer chaincode instantiate -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C testchannel -n sacc -v 1.0 -c '{"Args": ["name","kc"]}' -P "AND('Org1MSP.member','Org2MSP.member')"

  调用合约查询

# peer0.org1.example.com
docker exec cli peer chaincode query -C testchannel -n sacc -c '{"Args":["query","name"]}'
# peer0.org2.example.com
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer chaincode query -C testchannel -n sacc -c '{"Args":["query","name"]}'

  在peer0.org1.example.com查询返回结果:kc,在peer0.org2.example.com返回错误:

Error: endorsement failure during query. response: status:500 message:"failed to execute transaction 0b0523dac965b32fff0fc0faadb3270646efc256198b6b8a42856006ccdb2ddd: [channel testchannel] failed to get chaincode container info for sacc:1.0: could not get chaincode code: chaincode fingerprint mismatch: data mismatch" 

  报错原因:链码不匹配。可见在1.4版本中是不支持组织安装不同链码的。

基于2.0.1版本测试

  Fabric 2.0 启用了新的链码周期,我们按照下图进行测试:
Fabric2.0 新特性实践:通道成员可扩展链码_第1张图片
  测试网络仍然选择first-network,通道mychannel

cd fabric-samples/first-network
./byfn.sh up

  首先按上文编辑链码:

cd fabric-samples/chaincode
cp -r sacc sacc-check
cd sacc-check
vim sacc.go

  生成vendor目录:

cd chaincode/sacc
GO111MODULE=on go mod vendor
cd ../sacc-check
GO111MODULE=on go mod vendor

  打包链码:

docker exec cli peer lifecycle chaincode package sacc.tar.gz --path github.com/hyperledger/fabric-samples/chaincode/sacc/ --label sacc_1
docker exec cli peer lifecycle chaincode package sacc-check.tar.gz --path github.com/hyperledger/fabric-samples/chaincode/sacc-check/ --label sacc_1
docker exec cli ls

  执行结果如下图所示:
Fabric2.0 新特性实践:通道成员可扩展链码_第2张图片
  安装链码:

# peer0.org1.example.com
docker exec cli peer lifecycle chaincode install sacc.tar.gz
# peer0.org2.example.com
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer lifecycle chaincode install sacc-check.tar.gz

  查询已安装链码,得到packageID(注意此处两个节点返回的packageID是不同的):

# peer0.org1.example.com
docker exec cli peer lifecycle chaincode queryinstalled
# peer0.org2.example.com
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer lifecycle chaincode queryinstalled

  peer0.org1.example.com返回结果:Package ID:sacc_1:a615a5892af0e8ab0a17851e76f995582138f6e8853a2fa782f50a05c82390d2, Label: sacc_1
  peer0.org2.example.com返回结果:Package ID:sacc_1:153bdd87b0d61052590bd154d6418acc9eaf7752b68b1ef40a231391172875ce, Label: sacc_1
  组织同意链码定义:

#Org1
docker exec cli peer lifecycle chaincode approveformyorg --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --channelID mychannel --name sacc --version 1 --sequence 1 --waitForEvent --package-id sacc_1:a615a5892af0e8ab0a17851e76f995582138f6e8853a2fa782f50a05c82390d2
#Org2
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer lifecycle chaincode approveformyorg --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --channelID mychannel --name sacc --version 1 --sequence 1 --waitForEvent --package-id sacc_1:153bdd87b0d61052590bd154d6418acc9eaf7752b68b1ef40a231391172875ce

  提交链码定义:

docker exec cli peer lifecycle chaincode commit -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:9051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt --channelID mychannel --name sacc --version 1 --sequence 1

  调用合约,此处参数传入“name”:

docker exec cli peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:9051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -C mychannel -n sacc -c '{"Args":["set","name","kc"]}'

  合约调用成功后,执行查询操作:

# peer0.org1.example.com
docker exec cli peer chaincode query -C mychannel -n sacc -c '{"Args":["query","name"]}'
# peer0.org2.example.com
docker exec -e CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp -e CORE_PEER_ADDRESS=peer0.org2.example.com:9051 -e CORE_PEER_LOCALMSPID="Org2MSP" -e CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt cli peer chaincode query -C mychannel -n sacc -c '{"Args":["query","name"]}'

  查询结果如下图所示:
Fabric2.0 新特性实践:通道成员可扩展链码_第3张图片
  sacc-check/sacc.go我们做了校验:不能通道调用链码设置"age",我们这里做个测试

docker exec cli peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:9051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -C mychannel -n sacc -c '{"Args":["set","age","30"]}'

  下图显示了执行结果:这里报错“错误的key”,由此我们完成了测试。在这里插入图片描述

总结

  Fabric2.0这一特性,使得不同组织可以根据自身利益安装智能合约。当然最终合约调用是否成功和背书策略也有关系,在上节演示时,我们使用的是默认的背书策略即大多数组织同意,由于我们选用的是两组织的first-network网络,因此此处需要两个组织均同意,由此上节交易不能通过。在实际应用场景中,需要综合考虑相关问题。

你可能感兴趣的:(Fabric,Hyperledger,2.x)