HyperLedger Fabric 1.4.4多机多节点部署(solo共识)
本片文章搭建的网络有一个orderer节点,两个组织和四个peer节点。总共需要五台主机,但由于资源限制,只有两台主机,但方法都是一样的。所以本文在一台主机上搭建一个orderer节点和一个组织的两个peer节点,另一台主机上搭建另一个组织的两个peer节点。
系统配置
| 主机名 | ip | 功能 |
|---|---|---|
| bd223 | 10.1.24.223 | orderer节点,org1的peer0和peer1 |
| bd225 | 10.1.24.225 | org2的peer0和peer1 |
准备工作
- 在两台机器上搭建fabric环境,可以参考上篇文章hyperledger fabric 1.4.4版本安装手册。
- 将fabric的bin目录加入环境变量以方便各种命令的直接使用,这里就先临时加入
export PATH=$PATH:/home/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/bin,可以通过which configtxgen来判断是否添加成功。 - 创建并进入
test-cluster目录作为工作目录 - 在文件夹下创建
.env文件,文件内容如下:COMPOSE_PROJECT_NAME=net IMAGE_TAG=1.4.4 CHANNEL_ID=cluster-channel CHANNEL_NAME=clusterchannelsource .env
配置基础环境
- 创建
crypto-config.yaml配置文件,也可以从fabric-samples项目的first-network文件夹中复制。 - 从
first-network中复制configtx.yaml三个文件到cluster-network工作目录中。 - 从
first-network中复制ccp-generate.sh、ccp-template.json、ccp-template.yaml三个文件到cluster-network工作目录中。 - 从
first-network中复制docker-compose-e2e-template.yaml文件到cluster-network工作目录中。并将network这部分配置去掉。处理完成之后的配置文件如下:# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' volumes: orderer.example.com: peer0.org1.example.com: peer1.org1.example.com: peer0.org2.example.com: peer1.org2.example.com: services: ca0: image: hyperledger/fabric-ca:$IMAGE_TAG environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org1 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/cdf0bf41bf501fbf0360ddb5b245debb22baafe77f504b093d1036cf8257c35a_sk ports: - "7054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/cdf0bf41bf501fbf0360ddb5b245debb22baafe77f504b093d1036cf8257c35a_sk -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg1 ca1: image: hyperledger/fabric-ca:$IMAGE_TAG environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-org2 - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org2.example.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/b0a6041e30115b95e6a6ccc68d571c30fb61eaf37fe751f30333bd4ba0789d21_sk ports: - "8054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org2.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/b0a6041e30115b95e6a6ccc68d571c30fb61eaf37fe751f30333bd4ba0789d21_sk -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/org2.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerOrg2 orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: base/docker-compose-base.yaml service: peer0.org1.example.com peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: base/docker-compose-base.yaml service: peer1.org1.example.com peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: base/docker-compose-base.yaml service: peer0.org2.example.com peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: base/docker-compose-base.yaml service: peer1.org2.example.com - 从
first-network中复制base目录,连同目录下的docker-compose-base.yaml、peer-base.yaml两个文件到cluster-network工作目录中。一定要注意将peer-base.yaml文件中的${COMPOSE_PROJECT_NAME}_byfn改为${COMPOSE_PROJECT_NAME}_default。否则初始化链码的时候会报错。 - 创建
channel-artifacts文件夹,用来存储创世区块等文件。 - 将
docker-compose-cli.yaml文件拆分,分成docker-compose-orderer.yaml,docker-compose-org1.yaml,docker-compose-org2.yaml三个文件。
docker-compose-orderer.yaml文件内容如下:
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
orderer.example.com:
extends:
file: base/docker-compose-base.yaml
service: orderer.example.com
container_name: orderer.example.com
extra_hosts:
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
docker-compose-org1.yaml内容如下
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
peer1.org1.example.com:
container_name: peer1.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- SYS_CHANNEL=$SYS_CHANNEL
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.example.com
- peer1.org1.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
docker-compose-org2.yaml内容如下:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
services:
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer1.org2.example.com:10.1.24.223"
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- SYS_CHANNEL=$SYS_CHANNEL
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org2.example.com
- peer1.org2.example.com
extra_hosts:
- "orderer.example.com:10.1.24.225"
- "peer0.org1.example.com:10.1.24.225"
- "peer1.org1.example.com:10.1.24.225"
- "peer0.org2.example.com:10.1.24.223"
- "peer1.org2.example.com:10.1.24.223"
启动网络
# generateCerts
cryptogen generate --config=./crypto-config.yaml
./ccp-generate.sh
# replacePrivateKey
cp docker-compose-e2e-template.yaml docker-compose-e2e.yaml
CURRENT_DIR=$PWD
cd crypto-config/peerOrganizations/org1.example.com/ca/
PRIV_KEY=$(ls *_sk)
cd "$CURRENT_DIR"
sed -i "s/CA1_PRIVATE_KEY/${PRIV_KEY}/g" docker-compose-e2e.yaml
cd crypto-config/peerOrganizations/org2.example.com/ca/
PRIV_KEY=$(ls *_sk)
cd "$CURRENT_DIR"
sed -i "s/CA2_PRIVATE_KEY/${PRIV_KEY}/g" docker-compose-e2e.yaml
# generateChannelArtifacts
configtxgen -profile TwoOrgsOrdererGenesis -channelID $CHANNEL_ID -outputBlock ./channel-artifacts/genesis.block
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
然后进入10.1.24.225节点,将10.1.24.223的cluster-network目录复制到10.1.24.225节点的fabric-sample目录下,并进入cluster-network目录。
# 10.1.24.223节点下运行如下命令
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
# 10.1.24.225节点下运行如下命令
source .env
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
最后就可以依次启动各个节点了。
首先在10.1.24.223节点启动orderer服务。运行如下命令:
docker-compose -f docker-compose-orderer.yaml up -d
然后在10.1.24.223节点启动org1的两个peer节点。运行如下命令:
docker-compose -f docker-compose-org1.yaml up -d
然后在10.1.24.225节点启动org2的两个peer节点。运行如下命令:
docker-compose -f docker-compose-org2.yaml up -d
网络就全部启动起来了,可以通过docker ps命令查看是否启动成功。
创建通道
# 进入命令行
docker exec -it cli bash
# 创建通道
peer channel create -o orderer.example.com:7050 -c clusterchannel(通道名) -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# 切换到peer0.org1节点
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
# 加入通道
peer channel join -b clusterchannel.block
# 切换到peer1.org1节点
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org1.example.com:8051
# 加入通道
peer channel join -b clusterchannel.block
# 切换到peer0.org2节点
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org2.example.com:9051
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
# 加入通道
peer channel join -b clusterchannel.block
# 切换到peer1.org2节点
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org2.example.com:10051
# 加入通道
peer channel join -b clusterchannel.block
安装链码
将写好的链码放到fabric-simples目录下的chaincode文件夹中(需要新创建一个文件夹)。我这里是/home/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/chaincode文件夹下。
# 进入命令行
docker exec -it cli bash
# 安装链码
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org1.example.com:8051
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer0.org2.example.com:9051
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
CORE_PEER_LOCALMSPID="Org2MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/[email protected]/msp
CORE_PEER_ADDRESS=peer1.org2.example.com:10051
peer chaincode install -n usercc -v 1.0.0 -l golang -p github.com/chaincode/user
# 初始化链码
peer chaincode instantiate -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C clusterchannel -n usercc -l golang -v 1.0.0 -c '{"Args":["initLedger"]}' -P 'AND ('\''Org1MSP.peer'\'','\''Org2MSP.peer'\'')'
到这就完成了!