fabric1.4版本共识由kafka转换raft方法

fabric1.4版本共识由kafka转换raft方法

方案

  1. 系统进入维护模式,应用交易将被拒绝,只有排序服务管理员可以对通道配置进行更新;
  2. 系统停止运行,考虑到迁移过程可能出错,对数据进行备份;
  3. 系统启动,每个通道的共识类型和基础数据进行了修改;
  4. 系统重启,并开始以 Raft 共识模式运行;每个通道都验证确认已经完成了选举;
  5. 系统退出维护模式并正常提供服务;

注意

  1. 检查证书 是否存在这个证书
    crypto-config/ordererOrganizations/example.com/msp/admincerts/[email protected]
    如果不存在 此文档不适合升级

  2. 首先获取所有通道配置 检查一共有几个orderer 甄选适合参与raft的共识orderer 多余删除少添加 (建议使用大于等于5个 我这里测试只用了三个)

  3. 列出所有通道 包含系统通道 这个系统通道是当初创建创世区块的 -channelID byfn-sys-channel指定的

  4. 保证参与raft的orderer之间可以通信

Step1. 准备

操作时在cli的容器中完成的
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

export CHANNEL_NAME=mychannel      //此处需要根据不同通道而改变

//创建操作目录
mkdir Maintenance_mode_$CHANNEL_NAME && cd Maintenance_mode_$CHANNEL_NAME

Step2. 获取所有通道最新的区块配置改成维护模式

(有几个通道需要执行Step1 Step2几遍) 其中别忘设置通道名称环境变量
注意 : 千万不要忘记系统通道 byfn-sys-channel也需要改配置

1. 获取区块命令

peer channel fetch config config_block.pb -o orderer0.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

2. pb文件转json

 configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json

3. 复制

cp config.json config_mod.json

4. 修改config_mod.json中的模式为维护模式

sed -i 's/NORMAL/MAINTENANCE/g' config_mod.json

5. 组装更新pb

(1). configtxlator proto_encode --input config.json --type common.Config --output config.pb

(2). configtxlator proto_encode --input config_mod.json --type common.Config --output modified_config.pb

(3). configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output config_update.pb

(4). configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate | jq . > config_update.json

(5). echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_envelope.json     //注意不同通道修改channel_id

(6). configtxlator proto_encode --input config_update_envelope.json --type common.Envelope --output config_update_in_envelope.pb

6. 对要更新的签名

peer channel signconfigtx -f config_update_in_envelope.pb

7. 环境变量

export CORE_PEER_LOCALMSPID="OrdererMSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/[email protected]/msp/
export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

8. 证书说明

此处提交时用orderer的 admin的证书 (因此需要保证部署生成的orderer证书里面包含example.com/msp/admincerts/[email protected]
peer channel update -f config_update_in_envelope.pb -c $CHANNEL_NAME -o orderer0.example.com:7050 --tls --cafile $ORDERER_CA

Step3. 重启容器

此操作退出cli容器
如果是多机部署的  需要分别cli peer3 peer2 peer1 peer0 orderer2 orderer1 orderer0 kafka3 kafka2 kafka2 kafka0 zookeeper2 zookeeper1 zookeeper0重启
注意重启kafak 需要停顿一下 保证kafka之间完成
docker restart $(docker ps -a | grep "hyperledger/fabric" | awk '{print $1}')

Step4. 修改通道配置

(有几个通道需要执行Step4几遍) 其中别忘设置通道名称环境变量

1.进入cli容器

docker exec -it cli bash

2. 设置环境变量

export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

export CHANNEL_NAME=mychannel

export CORE_PEER_LOCALMSPID="OrdererMSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/[email protected]/msp/

export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

3. 创建操作目录

mkdir Modify_mode_raft_${CHANNEL_NAME} && cd Modify_mode_raft_${CHANNEL_NAME}

4. 拉取新块配置

peer channel fetch config config_block.pb -o orderer0.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

5. pb转json

configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json

6. 复制

cp config.json config_mod.json

7. 需要参与raft orderer节点的base64证书

base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/server.crt -w0 && echo ""

base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer1.example.com/tls/server.crt -w0 && echo ""

base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt -w0 && echo ""
修改config_mod.json文件  上面获取base64证书对应替换 client_tls_cert和server_tls_cert 这两个是一样的
"ConsensusType": {
            "mod_policy": "Admins",
            "value": {
              "metadata": {
                "consenters":[
                      {
                                "client_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNXekNDQWdLZ0F3SUJBZ0lRRnkvSEV4K0l6U05KR3M3bG1wZy95REFLQmdncWhrak9QUVFEQWpCc01Rc3cKQ1FZRFZRUUdFd0pWVXpFVE1CRUdBMVVFQ0JNS1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ4TU5VMkZ1SUVaeQpZVzVqYVhOamJ6RVVNQklHQTFVRUNoTUxaWGhoYlhCc1pTNWpiMjB4R2pBWUJnTlZCQU1URVhSc2MyTmhMbVY0CllXMXdiR1V1WTI5dE1CNFhEVEl3TURJeE1qQTBNVGN3TUZvWERUTXdNREl3T1RBME1UY3dNRm93V1RFTE1Ba0cKQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdUQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjVERWTmhiaUJHY21GdQpZMmx6WTI4eEhUQWJCZ05WQkFNVEZHOXlaR1Z5WlhJd0xtVjRZVzF3YkdVdVkyOXRNRmt3RXdZSEtvWkl6ajBDCkFRWUlLb1pJemowREFRY0RRZ0FFZDI4aEJac3NUV3N6SFcxNzFaNXloYTZNWXY0TWttTFFIR2xGMnQ4SllMZ00KYytuUy8zUTJJL1VoTklNaU8rYUpBUHZxQTRGdm4vL1FHNDNtMEdMUnRhT0JtRENCbFRBT0JnTlZIUThCQWY4RQpCQU1DQmFBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDCk1BQXdLd1lEVlIwakJDUXdJb0FncWorR1RMTzlzOXQ4SWNKMWo3ZTRObklSSDlrN2xieUl6TVpGV2pmdmhid3cKS1FZRFZSMFJCQ0l3SUlJVWIzSmtaWEpsY2pBdVpYaGhiWEJzWlM1amIyMkNDRzl5WkdWeVpYSXdNQW9HQ0NxRwpTTTQ5QkFNQ0EwY0FNRVFDSUhQYlFPVTRidTZCNkxDVHFhT2R0bDNsVEh5b3JvcUtXRFpYei9yM2pHRU5BaUJ5ClVNMEk0ZVdMM2duTGVFRnM2V0ROSUw1Q3oxVHgraU43eWhaMXRsR2R6Zz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
                                "host": "orderer0.example.com",
                                "port": 7050,
                                "server_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNXekNDQWdLZ0F3SUJBZ0lRRnkvSEV4K0l6U05KR3M3bG1wZy95REFLQmdncWhrak9QUVFEQWpCc01Rc3cKQ1FZRFZRUUdFd0pWVXpFVE1CRUdBMVVFQ0JNS1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ4TU5VMkZ1SUVaeQpZVzVqYVhOamJ6RVVNQklHQTFVRUNoTUxaWGhoYlhCc1pTNWpiMjB4R2pBWUJnTlZCQU1URVhSc2MyTmhMbVY0CllXMXdiR1V1WTI5dE1CNFhEVEl3TURJeE1qQTBNVGN3TUZvWERUTXdNREl3T1RBME1UY3dNRm93V1RFTE1Ba0cKQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdUQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjVERWTmhiaUJHY21GdQpZMmx6WTI4eEhUQWJCZ05WQkFNVEZHOXlaR1Z5WlhJd0xtVjRZVzF3YkdVdVkyOXRNRmt3RXdZSEtvWkl6ajBDCkFRWUlLb1pJemowREFRY0RRZ0FFZDI4aEJac3NUV3N6SFcxNzFaNXloYTZNWXY0TWttTFFIR2xGMnQ4SllMZ00KYytuUy8zUTJJL1VoTklNaU8rYUpBUHZxQTRGdm4vL1FHNDNtMEdMUnRhT0JtRENCbFRBT0JnTlZIUThCQWY4RQpCQU1DQmFBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDCk1BQXdLd1lEVlIwakJDUXdJb0FncWorR1RMTzlzOXQ4SWNKMWo3ZTRObklSSDlrN2xieUl6TVpGV2pmdmhid3cKS1FZRFZSMFJCQ0l3SUlJVWIzSmtaWEpsY2pBdVpYaGhiWEJzWlM1amIyMkNDRzl5WkdWeVpYSXdNQW9HQ0NxRwpTTTQ5QkFNQ0EwY0FNRVFDSUhQYlFPVTRidTZCNkxDVHFhT2R0bDNsVEh5b3JvcUtXRFpYei9yM2pHRU5BaUJ5ClVNMEk0ZVdMM2duTGVFRnM2V0ROSUw1Q3oxVHgraU43eWhaMXRsR2R6Zz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
                      },
{
                                "client_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNYRENDQWdLZ0F3SUJBZ0lRYkpGZTZhVGt5bDFXb2JuV1Fmd28zakFLQmdncWhrak9QUVFEQWpCc01Rc3cKQ1FZRFZRUUdFd0pWVXpFVE1CRUdBMVVFQ0JNS1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ4TU5VMkZ1SUVaeQpZVzVqYVhOamJ6RVVNQklHQTFVRUNoTUxaWGhoYlhCc1pTNWpiMjB4R2pBWUJnTlZCQU1URVhSc2MyTmhMbVY0CllXMXdiR1V1WTI5dE1CNFhEVEl3TURJeE1qQTBNVGN3TUZvWERUTXdNREl3T1RBME1UY3dNRm93V1RFTE1Ba0cKQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdUQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjVERWTmhiaUJHY21GdQpZMmx6WTI4eEhUQWJCZ05WQkFNVEZHOXlaR1Z5WlhJeExtVjRZVzF3YkdVdVkyOXRNRmt3RXdZSEtvWkl6ajBDCkFRWUlLb1pJemowREFRY0RRZ0FFeGlSRXlNdlhYcGNyZzRGSitWMHlOUFZXc2FxbTVUbEVLVnVlUVpTYzYybisKZnF1MmFwN3E3SWFyZDd4Vjd0Z1JPRFFVeDMxck5JK1c0bzZ2T2FEeGVxT0JtRENCbFRBT0JnTlZIUThCQWY4RQpCQU1DQmFBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDCk1BQXdLd1lEVlIwakJDUXdJb0FncWorR1RMTzlzOXQ4SWNKMWo3ZTRObklSSDlrN2xieUl6TVpGV2pmdmhid3cKS1FZRFZSMFJCQ0l3SUlJVWIzSmtaWEpsY2pFdVpYaGhiWEJzWlM1amIyMkNDRzl5WkdWeVpYSXhNQW9HQ0NxRwpTTTQ5QkFNQ0EwZ0FNRVVDSVFDbmtXVnl0UFZOMDFnUnhTZDNQcHdEQUQwS2NFYjJwbjZJTldnZ1RYZmNtQUlnClgrSHlQczFXVWZMUTJIRFI1NzhTSUZweXFVYWhZc2QrTTNKZjlENXZTRmM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
                                "host": "orderer1.example.com",
                                "port": 7150,
                    "server_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNYRENDQWdLZ0F3SUJBZ0lRYkpGZTZhVGt5bDFXb2JuV1Fmd28zakFLQmdncWhrak9QUVFEQWpCc01Rc3cKQ1FZRFZRUUdFd0pWVXpFVE1CRUdBMVVFQ0JNS1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ4TU5VMkZ1SUVaeQpZVzVqYVhOamJ6RVVNQklHQTFVRUNoTUxaWGhoYlhCc1pTNWpiMjB4R2pBWUJnTlZCQU1URVhSc2MyTmhMbVY0CllXMXdiR1V1WTI5dE1CNFhEVEl3TURJeE1qQTBNVGN3TUZvWERUTXdNREl3T1RBME1UY3dNRm93V1RFTE1Ba0cKQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdUQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjVERWTmhiaUJHY21GdQpZMmx6WTI4eEhUQWJCZ05WQkFNVEZHOXlaR1Z5WlhJeExtVjRZVzF3YkdVdVkyOXRNRmt3RXdZSEtvWkl6ajBDCkFRWUlLb1pJemowREFRY0RRZ0FFeGlSRXlNdlhYcGNyZzRGSitWMHlOUFZXc2FxbTVUbEVLVnVlUVpTYzYybisKZnF1MmFwN3E3SWFyZDd4Vjd0Z1JPRFFVeDMxck5JK1c0bzZ2T2FEeGVxT0JtRENCbFRBT0JnTlZIUThCQWY4RQpCQU1DQmFBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDCk1BQXdLd1lEVlIwakJDUXdJb0FncWorR1RMTzlzOXQ4SWNKMWo3ZTRObklSSDlrN2xieUl6TVpGV2pmdmhid3cKS1FZRFZSMFJCQ0l3SUlJVWIzSmtaWEpsY2pFdVpYaGhiWEJzWlM1amIyMkNDRzl5WkdWeVpYSXhNQW9HQ0NxRwpTTTQ5QkFNQ0EwZ0FNRVVDSVFDbmtXVnl0UFZOMDFnUnhTZDNQcHdEQUQwS2NFYjJwbjZJTldnZ1RYZmNtQUlnClgrSHlQczFXVWZMUTJIRFI1NzhTSUZweXFVYWhZc2QrTTNKZjlENXZTRmM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
              },
{
                           "client_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNYVENDQWdPZ0F3SUJBZ0lSQUxCdGNSRlN6QUd2eVB5WE50VmVNVVV3Q2dZSUtvWkl6ajBFQXdJd2JERUwKTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnVENrTmhiR2xtYjNKdWFXRXhGakFVQmdOVkJBY1REVk5oYmlCRwpjbUZ1WTJselkyOHhGREFTQmdOVkJBb1RDMlY0WVcxd2JHVXVZMjl0TVJvd0dBWURWUVFERXhGMGJITmpZUzVsCmVHRnRjR3hsTG1OdmJUQWVGdzB5TURBeU1USXdOREUzTURCYUZ3MHpNREF5TURrd05ERTNNREJhTUZreEN6QUoKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJRXdwRFlXeHBabTl5Ym1saE1SWXdGQVlEVlFRSEV3MVRZVzRnUm5KaApibU5wYzJOdk1SMHdHd1lEVlFRREV4UnZjbVJsY21WeU1pNWxlR0Z0Y0d4bExtTnZiVEJaTUJNR0J5cUdTTTQ5CkFnRUdDQ3FHU000OUF3RUhBMElBQkpyVFM0ZlNCQlRmMUtXTnJpcWtEVXkrSEtmREhhR0dUL2s4b0VvRC8xRm0KZ2wvQWExSnlIZGkvbS9vY3NFN3owMDZpMGJJbVFZKy9xeW5pMzJQd0QxV2pnWmd3Z1pVd0RnWURWUjBQQVFILwpCQVFEQWdXZ01CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRkJ3TUJCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUJBZjhFCkFqQUFNQ3NHQTFVZEl3UWtNQ0tBSUtvL2hreXp2YlBiZkNIQ2RZKzN1RFp5RVIvWk81VzhpTXpHUlZvMzc0VzgKTUNrR0ExVWRFUVFpTUNDQ0ZHOXlaR1Z5WlhJeUxtVjRZVzF3YkdVdVkyOXRnZ2h2Y21SbGNtVnlNakFLQmdncQpoa2pPUFFRREFnTklBREJGQWlFQTR0MVFhWmNHdzlyeklDWGR4MGNXTDVaaHF6V3UvckJVckt3VkxadTJPNzhDCklGbWFyZmY3UGJsMXY1Z1ZnYjlIZ2pybzBiUk1zbnZkUmpaNjVNbkNDbkx4Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
                           "host": "orderer2.example.com",
                           "port": 7250,
                           "server_tls_cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNYVENDQWdPZ0F3SUJBZ0lSQUxCdGNSRlN6QUd2eVB5WE50VmVNVVV3Q2dZSUtvWkl6ajBFQXdJd2JERUwKTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnVENrTmhiR2xtYjNKdWFXRXhGakFVQmdOVkJBY1REVk5oYmlCRwpjbUZ1WTJselkyOHhGREFTQmdOVkJBb1RDMlY0WVcxd2JHVXVZMjl0TVJvd0dBWURWUVFERXhGMGJITmpZUzVsCmVHRnRjR3hsTG1OdmJUQWVGdzB5TURBeU1USXdOREUzTURCYUZ3MHpNREF5TURrd05ERTNNREJhTUZreEN6QUoKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJRXdwRFlXeHBabTl5Ym1saE1SWXdGQVlEVlFRSEV3MVRZVzRnUm5KaApibU5wYzJOdk1SMHdHd1lEVlFRREV4UnZjbVJsY21WeU1pNWxlR0Z0Y0d4bExtTnZiVEJaTUJNR0J5cUdTTTQ5CkFnRUdDQ3FHU000OUF3RUhBMElBQkpyVFM0ZlNCQlRmMUtXTnJpcWtEVXkrSEtmREhhR0dUL2s4b0VvRC8xRm0KZ2wvQWExSnlIZGkvbS9vY3NFN3owMDZpMGJJbVFZKy9xeW5pMzJQd0QxV2pnWmd3Z1pVd0RnWURWUjBQQVFILwpCQVFEQWdXZ01CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRkJ3TUJCZ2dyQmdFRkJRY0RBakFNQmdOVkhSTUJBZjhFCkFqQUFNQ3NHQTFVZEl3UWtNQ0tBSUtvL2hreXp2YlBiZkNIQ2RZKzN1RFp5RVIvWk81VzhpTXpHUlZvMzc0VzgKTUNrR0ExVWRFUVFpTUNDQ0ZHOXlaR1Z5WlhJeUxtVjRZVzF3YkdVdVkyOXRnZ2h2Y21SbGNtVnlNakFLQmdncQpoa2pPUFFRREFnTklBREJGQWlFQTR0MVFhWmNHdzlyeklDWGR4MGNXTDVaaHF6V3UvckJVckt3VkxadTJPNzhDCklGbWFyZmY3UGJsMXY1Z1ZnYjlIZ2pybzBiUk1zbnZkUmpaNjVNbkNDbkx4Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
                      }
],
                        "options": {
                           "election_tick": 10,
                           "heartbeat_tick": 1,
                           "max_inflight_blocks": 5,
                           "snapshot_interval_size": 20971520,
                           "tick_interval": "500ms"
                        }
              },
              "state": "STATE_MAINTENANCE",
              "type": "etcdraft"
            },
            "version": "1"
          },

8. 把修改之后组成信封

(1). configtxlator proto_encode --input config.json --type common.Config --output config.pb

(2). configtxlator proto_encode --input config_mod.json --type common.Config --output modified_config.pb

(3). configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output config_update.pb

(4). configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate | jq . > config_update.json


(5). echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_envelope.json   //注意不同通道修改channek_id

(6). configtxlator proto_encode --input config_update_envelope.json --type common.Envelope --output config_update_in_envelope.pb

9. 签名

peer channel signconfigtx -f config_update_in_envelope.pb

10. 提交

export CORE_PEER_LOCALMSPID="OrdererMSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/[email protected]/msp/

export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
peer channel update -f config_update_in_envelope.pb -c $CHANNEL_NAME -o orderer0.example.com:7050 --tls --cafile $ORDERER_CA

11. 向所有orderer 容器添加变量

export ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key

export ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt

export ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]

12. 重启系统

注意此处启动的时候 只启动orderer  以为此时已不需要kafka 参与
停止顺序: orderer0 orderer1 orderer2 .. kafak0 kafak 1 ..  zookeeper0 ..zookeeper1
启动:   orderer0 orderer1 orderer2 
## 这是我操作 系统通道byfn-sys-channel和 mychanel返回的结果

2020-02-13 10:21:38.486 UTC [orderer.consensus.etcdraft] send -> INFO 0d5 Successfully sent StepRequest to 3 after failed attempt(s) channel=mychannel node=1
2020-02-13 10:21:38.494 UTC [orderer.consensus.etcdraft] send -> INFO 0d6 Successfully sent StepRequest to 3 after failed attempt(s) channel=byfn-sys-channel node=1
    

Step5. 更新所有通道配置为正常模式

1. 环境准备 (此操作再cli容器)


export CORE_PEER_LOCALMSPID="OrdererMSP"

export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/[email protected]/msp/

export CORE_PEER_ADDRESS=peer0.org1.example.com:7051 

export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

export CHANNEL_NAME=mychannel
##创建操作目录
mkdir maintenance_off_$CHANNEL_NAME && cd maintenance_off_$CHANNEL_NAME

2. 获取通道配置改为正常模式

(有几个通道需要执行第一、二步几遍) 其中别忘设置通道名称环境变量
注意 : 千万不要忘记系统通道 byfn-sys-channel也需要改配置(包含共识) 
1. 获取区块命令
peer channel fetch config config_block.pb -o orderer0.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

2. pb文件转json
 configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json

3. 复制
 cp config.json config_mod.json
 
4. 修改config_mod.json中的模式为维护模式
sed -i 's/MAINTENANCE/NORMAL/g' config_mod.json
 
5. 组装更新pb
(1). configtxlator proto_encode --input config.json --type common.Config --output config.pb

(2). configtxlator proto_encode --input config_mod.json --type common.Config --output modified_config.pb

(3). configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output config_update.pb

(4). configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate | jq . > config_update.json

(5). echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_envelope.json     //注意不同通道修改channel_id

(6). configtxlator proto_encode --input config_update_envelope.json --type common.Envelope --output config_update_in_envelope.pb

6. 对要更新的签名
 peer channel signconfigtx -f config_update_in_envelope.pb
 
7. 环境变量
export CORE_PEER_LOCALMSPID="OrdererMSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/[email protected]/msp/
export CORE_PEER_ADDRESS=peer0.org1.example.com:7051

8. 此处提交时用orderer的 admin的证书 (因此需要保证部署生成的orderer证书里面包含example.com/msp/admincerts/[email protected] )

peer channel update -f config_update_in_envelope.pb -c $CHANNEL_NAME -o orderer0.example.com:7050 --tls --cafile $ORDERER_CA

3 .重启系统

重启 orderer peer 

Step6. 验证是否可以交易

export CHANNEL_NAME=mychannel

peer chaincode invoke -o orderer0.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:9051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"Args":["invoke","a","b","10"]}'

peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'

最后

这是我今年二月份 在家参照官方文档 其中也有参考网上方案 测试过程,最后整理一下

你可能感兴趣的:(fabric1.4版本共识由kafka转换raft方法)