aws cmake .._如何将Hyperledger Fabric 1.4部署到AWS

aws cmake ..

The documentation of Hyperledger Fabric describes the creation of a blockchain network on one machine using Docker, where each member of the network is a separate container. But the process of setting up a network on several physical or virtual machines is not well described. Therefore, we decided to discuss this in the article.

Hyperledger Fabric的文档描述了使用Docker在一台机器上创建区块链网络的过程，其中网络的每个成员都是一个单独的容器。 但是，没有很好地描述在多个物理或虚拟机上建立网络的过程。 因此，我们决定在本文中对此进行讨论。

Our blockchain application is a service for storing the medical data of school and preschool children. The data must remain unchanged. It will be presented in the form of information on vaccination and on the patient's agreement with a particular doctor. The members of the network include Parents (an organization that represents the interests of parents), Hospital (a hospital which represents pediatricians with whom parents can enter into an agreement to care for their children) and Kindergarten (a kindergarten that can request health and vaccinations reports of a child from the hospital).

我们的区块链应用程序是一项用于存储学校和学龄前儿童医疗数据的服务。 数据必须保持不变。 它将以疫苗接种信息以及患者与特定医生的协议信息的形式呈现。 该网络的成员包括父母(代表父母利益的组织)，医院(代表儿科医生的医院，父母可以与父母签订协议照顾他们的孩子)和幼儿园(可以要求健康和接种疫苗的幼儿园)医院里有小孩的报告)。

亚马逊托管区块链 (Amazon Managed Blockchain )

AWS has an Amazon Managed Blockchain service. It allows deploying blockchain networks using the AWS console user interfaces. But, having gained some experience with Amazon Managed Blockchain, we had to abandon the idea of using the service in commercial projects. There were several reasons for this. The main ones include:

AWS提供了Amazon Managed Blockchain服务。 它允许使用AWS控制台用户界面部署区块链网络。 但是，在获得了Amazon Managed Blockchain的经验之后，我们不得不放弃在商业项目中使用该服务的想法。 有几个原因。 主要包括：

1. The only available version of Hyperledger Fabric in the Amazon Managed Blockchain was Hyperledger Fabric 1.2, and when this article is released, the version 1.4 is available to build enterprise blockchain networks. However, this version does not allow the use of modern versions of the Node.js SDK tools too.
   Hyperledger Fabric 1.2在Amazon Managed Blockchain中唯一可用的版本是Hyperledger Fabric 1.2，发布本文时，版本1.4可用于构建企业区块链网络。 但是，此版本也不允许使用现代版本的Node.js SDK工具。
2. Amazon Managed Blockchain does not support the CouchDB database, making it difficult to create applications in which the stored data is being indexed.
   Amazon Managed Blockchain不支持CouchDB数据库，因此很难创建在其中对存储的数据建立索引的应用程序。

Therefore, in our opinion, it is better to use virtual or physical servers to build networks using the Hyperledger Fabric framework.

因此，我们认为，最好使用虚拟或物理服务器通过Hyperledger Fabric框架构建网络。

在App频道上 (On the App Channels)

Hyperledger Fabric operates with the concept of «channel.» A channel is a subnet for conducting sensitive transactions. Our application has two channels:

Hyperledger Fabric的经营理念是“渠道”。 通道是进行敏感交易的子网。 我们的应用程序有两个渠道：

• «Parentshospital» designed for transactions between members of the Parents and Hospital organizations: creating and changing medical records, making an agreement with a pediatrician, and signing it.

  «Parentshospital»专为家长成员和医院组织之间的交易：创建和修改病历，制作了儿科医生的协议，并在上面签名。

• «Parentshospitalkindergarten» In this channel, members of Parents and Hospital groups interact with members of Kindergarten. Also, reports based on data from medical records are generated.

  «Parentshospitalkindergarten»在这个频道中，家长和医院小组的成员与幼儿园的成员进行互动。 此外，还会基于医疗记录中的数据生成报告。

工作环境 (Working environment)

We deploy our blockchain network using Docker Swarm — this is the native Docker system for deploying a host cluster. If you've never worked with Docker, first check out this product and how to orchestrate containers using Docker Swarm. The documentation precisely describes the basics of working with these tools.

我们使用Docker Swarm部署我们的区块链网络-这是用于部署主机集群的本地Docker系统。 如果您从未使用过Docker，请首先查看此产品以及如何使用Docker Swarm编排容器。 该文档准确地描述了使用这些工具的基础知识。

Our entire network is located on AWS EC2 servers. Information within the blockchain network is stored in CouchDB. Hyperledger Fabric also supports the LevelDB database. CouchDB allows you to search in a collection of documents by any criteria. LevelDB, in turn, does not have this feature. We also use Fabric Certificate Authority — this is a modular component for managing network identifiers of all organizations and their users. It provides registration of network participants and the issuance of certificates.

我们的整个网络都位于AWS EC2服务器上。 区块链网络中的信息存储在CouchDB中。 Hyperledger Fabric还支持LevelDB数据库。 CouchDB允许您按任何条件搜索文档集合。 而LevelDB没有此功能。 我们还使用Fabric证书颁发机构-这是用于管理所有组织及其用户的网络标识符的模块化组件。 它提供网络参与者的注册和证书的颁发。

We have four EC2 servers:

我们有四个EC2服务器：

1. Orderer, MySQL DB (for storing information)
   订购者，MySQL DB(用于存储信息)
2. Parents organization (Peer0, Peer1), CouchDB, Fabric-CA, CLI
   家长组织(Peer0，Peer1)，CouchDB，Fabric-CA，CLI
3. Hospital organization (Peer0, Peer1), CouchDB, Fabric-CA
   医院组织(Peer0，Peer1)，CouchDB，Fabric-CA
4. Kindergarten organization (Peer0, Peer1), CouchDB, Fabric-CA
   幼儿园组织(Peer0，Peer1)，CouchDB，Fabric-CA

在AWS上创建EC2服务器 (Creating EC2 Servers on AWS)

To begin with, we need t2.medium services for this work. This type of EC2 server has sufficient computing power to install all the necessary software and work with the Hyperledger Fabric tool. In the Configure Security Group, we set All traffic, and Source — 0.0.0.0/0, :: / 0.

首先，我们需要t2.medium服务来完成这项工作。 这种EC2服务器具有足够的计算能力，可以安装所有必需的软件并与Hyperledger Fabric工具一起使用。 在“配置安全组”中，我们设置“所有流量”，并将“源”设置为0.0.0.0/0，:: / 0。

Fig. 1. Setting Security Group in the AWS panel. 图1.在AWS面板中设置安全组。

As a result, we got 4 EC2 servers:

结果，我们得到了4个EC2服务器：

1. ec2-18-232-164-119.compute-1.amazonaws.com
   ec2-18-232-164-119.compute-1.amazonaws.com
2. ec2-54-145-203-186.compute-1.amazonaws.com
   ec2-54-145-203-186.compute-1.amazonaws.com
3. ec2-54-80-241-117.compute-1.amazonaws.com
   ec2-54-80-241-117.compute-1.amazonaws.com
4. ec2-52-87-193-235.compute-1.amazonaws.com
   ec2-52-87-193-235.compute-1.amazonaws.com

Of course, you will have your own paths to EC2 servers.

当然，您将拥有自己的EC2服务器路径。

Fig. 2. EC2 servers prepared for work. 图2.准备工作的EC2服务器。

在EC2服务器上安装软件 (Installing software on EC2 servers)

Now we need to install Docker and Git on each EC2 server. For convenience, open four tabs in the terminal. Let's go to each EC2 service via SSH:

现在，我们需要在每台EC2服务器上安装Docker和Git。 为了方便起见，请在终端中打开四个选项卡。 让我们通过SSH进入每个EC2服务：

Тerminal 1:

标记1：

HOST1=ec2-18-232-164-119.compute-1.amazonaws.com
ssh ec2-user@$HOST1 -i ./key-poc.pem

Тerminal 2:

标记2：

HOST2=ec2-54-145-203-186.compute-1.amazonaws.com
ssh ec2-user@$HOST2 -i ./key-poc.pem

Тerminal 3:

标记3：

HOST3=ec2-54-80-241-117.compute-1.amazonaws.com
ssh ec2-user@$HOST3 -i ./key-poc.pem

Тerminal 4:

标记4：

HOST4=ec2-52-87-193-235.compute-1.amazonaws.com
ssh ec2-user@$HOST4 -i ./key-poc.pem

In each terminal, execute the following commands:

在每个终端中，执行以下命令：

sudo yum update -y
sudo yum install -y docker
sudo service docker start
sudo docker info
sudo yum install git
sudo usermod -a -G docker ec2-user
newgrp docker

Now we have Docker and Git installed.

现在我们已经安装了Docker和Git。

网络 (Network)

We need to clone elements of our network from the repository. To do so, execute the following command in each terminal:

我们需要从存储库中克隆网络的元素。 为此，请在每个终端中执行以下命令：

git clone https://gitlab.nixdev.co/poc-blockchain/network.git

We also need to clone smart contracts from the repository that will regulate the relationships between network participants. Smart contracts are written in Go.

我们还需要从存储库中克隆智能合约，以管理网络参与者之间的关系。 智能合约用Go编写。

Then perform these steps on each of the four servers:

然后在四个服务器中的每个服务器上执行以下步骤：

cd network && mkdir chaincode && cd chaincode
git clone https://gitlab.nixdev.co/poc-blockchain/medical-contract.git
git clone https://gitlab.nixdev.co/poc-blockchain/kindergarten-contract.git

In the first terminal, we need to generate channel configuration files and certificates for connecting organizations to the network:

在第一个终端中，我们需要生成通道配置文件和证书以将组织连接到网络：

cd network/poc-network
./1_generate_connection_files.sh
./2_generating_channel_configuration.sh

Now copy the channel-artifacts and crypto-config folders to the other three hosts in the poc-network folder of the network's parent directory. Please note: when copying organizations to the EC2 server, you need to remove third-party certificates from the crypto-config / peerOrganizations folder that relate to the work of other organizations. For example, when copying to the Parents host, we need to leave the parents.poc-network.com folder in this folder but delete hospital.poc-network.com and kindergarten.poc-network.com.

现在，将channel-artifacts和crypto-config文件夹复制到网络父目录的poc-network文件夹中的其他三台主机。 请注意：将组织复制到EC2服务器时，您需要从crypto-config / peerOrganizations文件夹中删除与其他组织的工作有关的第三方证书。 例如，当复制到“家长”主机时，我们需要将Parents.poc-network.com文件夹保留在该文件夹中，但是删除hospital.poc-network.com和幼儿园.poc-network.com。

创建一个Docker Swarm堆栈 (Creating a Docker Swarm Stack)

In order for containers that belong to different organizations and are located on different EC2 servers to access each other, we need to combine them into a stack. Let's look at our file network / poc-network / docker-compose-general.yaml. It contains the configuration of services, indicates which hosts a particular service will deploy (key node.hostname), and defines aliases (key aliases).

为了使属于不同组织且位于不同EC2服务器上的容器能够相互访问，我们需要将它们组合成一个堆栈。 我们来看一下文件网络/ poc-network / docker-compose-general.yaml。 它包含服务的配置，指示特定服务将部署的主机(关键node.hostname)，并定义别名(关键别名)。

We need to initialize the swarm in the first terminal:

我们需要在第一个终端中初始化群组：

docker swarm init
docker swarm join-token manager

There will appear a token for attachment of another EC2 server to the stack. It is something like: docker swarm join --token SWMTKN-1-42ml0ohnnbidg8kflgp8xp9dkkus6mn1lslqc15hrxj4tk9e3q-5h4vbzbfk8p90n83oe08gbltf 172.31.46.214:2377.

将出现一个令牌，用于将另一个EC2服务器连接到堆栈。 类似于： docker swarm join --token SWMTKN-1-42ml0ohnnbidg8kflgp8xp9dkkus6mn1lslqc15hrxj4tk9e3q-5h4vbzbfk8p90n83oe08gbltf 172.31.46.214:2377 。

Now we can execute the same in the remaining terminals:

现在，我们可以在其余终端中执行相同的操作：

docker swarm join --token SWMTKN-1-2xzco7t7txohnzd09318eczpbgmm8woex80byxptpt1jl5i2ar-bsg37h40xze1gaabg80i96gw2 172.31.38.245:2377

The console should demonstrate a message:

控制台应显示一条消息：

This node joined a swarm as a manager.

After all three hosts are connected to Swarm, we can see them in the terminal of the first host by running the command:

将所有三台主机都连接到Swarm之后，我们可以通过运行以下命令在第一台主机的终端中看到它们：

docker node ls

Fig. 3. List of servers in Docker Swarm. 图3. Docker Swarm中的服务器列表。

In the network / poc-network folder there is a .env.template file, in which you need to register hostname for each of the hosts:

在network / poc-network文件夹中，有一个.env.template文件，您需要在其中注册每个主机的主机名：

ORDERER=ip-172-31-38-245
PARENTS=ip-172-31-43-64
HOSPITAL=ip-172-31-38-130
KINDERGARTEN=ip-172-31-40-157

To generate an .env file, run the ./3_env_gen.sh file.

要生成.env文件，请运行./3_env_gen.sh文件。

Now create a network with the overlay driver:

现在使用覆盖驱动程序创建一个网络：

docker network create --driver overlay --attachable stage_byfn

Run Swarm to create a stack based on the docker-compose-general.yaml file:

运行Swarm以基于docker-compose-general.yaml文件创建堆栈：

env $(cat .env | grep ^[A-Z] | xargs) docker stack deploy -c docker-compose-general.yaml stage 2>&1

With this command, we also set environment variables, which are described in the .env file and are necessary for the network to work correctly.

使用此命令，我们还设置了环境变量，这些变量在.env文件中进行了描述，对于网络正常工作是必需的。

You can run the docker service ls command in the first terminal. You will see a list of all the services that are running on all our EC2.

您可以在第一个终端中运行docker service ls命令。 您将看到在我们所有EC2上运行的所有服务的列表。

Fig. 4. List of services that were running on all EC2 servers. 图4.在所有EC2服务器上运行的服务列表。

If your terminal shows the same as this screenshot, everything is fine. Now run the network. In the second terminal, enter the CLI container (after all, this container is deployed on the second host):

如果您的终端显示与此屏幕截图相同，则一切正常。 现在运行网络。 在第二个终端中，输入CLI容器(毕竟，此容器已部署在第二个主机上)：

docker exec -ti stage_cli.1.owni217t53m53efjtikb5oa2f /bin/bash

The container name can be seen by executing the docker ps command in the terminal.

可以通过在终端中执行docker ps command来查看容器名称。

In the container, we execute all our commands from the 4_create_channels.sh file, copying them one by one to the terminal. In the bin folder, we have the binaries for creating the network:

在容器中，我们执行4_create_channels.sh文件中的所有命令，并将它们一个接一个地复制到终端。 在bin文件夹中，我们具有用于创建网络的二进制文件：

• peer channel create — create channels;
  对等渠道创建-创建渠道；
• peer channel join — joining a peer to a channel;
  对等频道加入-将对等加入频道；
• peer channel update — update configurations;
  对等频道更新-更新配置；
• peer chaincode install — install the codecode;
  对等chaincode安装—安装代码；
• peer chaincode instantiate — deploy the specified chain code to the network.
  对等链码实例化-将指定的链码部署到网络。

Now you can leave the container by running the exit command.

现在，您可以通过运行exit命令离开容器。

返回组织«父母»的申请 (Back Application for Organization «Parents»)

Install the application on the second host:

在第二台主机上安装应用程序：

cd ~
git clone https://github.com/nixsolutions/blockchain-poc-backend.git

You also need to install nodejs and gcc-c ++ (compiler):

您还需要安装nodejs和gcc-c ++(编译器)：

curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install nodejs
cd back
sudo yum install gcc-c++ -y
npm install

You can also enter our database through adminer with the following authorization data:

您也可以通过adminer输入以下授权数据来输入我们的数据库：

<HOST_1>:3306 (where <HOST_1> - this is the first EC2 server, where the data base is stored)
dev
devpass
poc_database

It is also necessary to connect our API application to the database:

还需要将我们的API应用程序连接到数据库：

vim ~/back/config/config.json

Assign the correct value to the ‘host’ key.

将正确的值分配给“主机”键。

Our back-application has prepared migrations and seeds. You need to run them:

我们的反向应用程序已准备好迁移和种子。 您需要运行它们：

npx sequelize-cli db:migrate
npx sequelize-cli db:seed:all

Tables should appear in the database. In the table of organizations we will see three rows with our organizations — Parents, Hospital, Kindergarten.

表应该出现在数据库中。 在组织表中，我们将在组织中看到三行-家长，医院，幼儿园。

Generating certificates, we created files for each organization on the first host to connect to the network. Copy the connection-parents.json file from the first host to the second. To do so, open another terminal from the folder where our key is and run the commands:

生成证书后，我们为第一台主机上的每个组织创建了文件以连接到网络。 将connection-parents.json文件从第一台主机复制到第二台主机。 为此，请从我们的钥匙所在的文件夹中打开另一个终端，然后运行以下命令：

HOST1=ec2-18-232-164-119.compute-1.amazonaws.com
HOST2=ec2-54-145-203-186.compute-1.amazonaws.com
scp -i ./key-poc.pem -r ec2-user@$HOST1:~/network/poc-network/connection-parents.json ~
scp -i ./key-poc.pem ~/connection-parents.json ec2-user@$HOST2:~/network/poc-network

Edit exports.hostName in constants.js (value for the current host):

在constants.js(当前主机的值)中编辑exports.hostName：

vim ~/back/constants.js

Launch the app in the second terminal:

在第二个终端中启动应用程序：

npm start

Set the correct value in the userGenerator.sh file to the HOST_2 variable:

将userGenerator.sh文件中的正确值设置为HOST_2变量：

vim ~/back/generators/userGenerator.sh

Next, we need to run a script that will create users of the Parents organization

接下来，我们需要运行一个脚本，该脚本将创建Parents组织的用户

./back/generators/userGenerator.sh parents

Run the script to generate medical records:

运行脚本以生成医疗记录：

node ~/back/generators/setCards.js

Two cards will be created in the blockchain, which will also be written to the sql database in the cards table.

将在区块链中创建两张卡，这些卡还将写入卡表中的sql数据库中。

返回组织«医院»的申请 (Back Application for Organization «Hospital»)

Via analogy with the previous back-application, we need to place a file to connect to the network on the third host. To do this, in the fifth terminal, execute the following:

与以前的后台应用程序类似，我们需要在第三台主机上放置一个文件以连接到网络。 为此，在第五个终端中，执行以下操作：

scp -i ./key-poc.pem -r ec2-user@$HOST1:~/network/poc-network/connection-hospital.json ~
scp -i ./key-poc.pem ~/connection-hospital.json ec2-user@$HOST3:~/network/poc-network

Install the app on the third post:

在第三篇文章中安装应用程序：

cd ~
git clone https://github.com/nixsolutions/blockchain-poc-backend.git

You also need to install nodejs and gcc-c ++ (compiler):

您还需要安装nodejs和gcc-c ++(编译器)：

curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install nodejs
cd back
sudo yum install gcc-c++ -y
npm install

Edit exports.hostName in constants.js (value for the current host):

在constants.js(当前主机的值)中编辑exports.hostName：

vim ~/back/constants.js

Launch the app in the third terminal:

在第三个终端中启动应用程序：

npm start

Set the correct value in the userGenerator.sh file to the HOST_3 variable:

将userGenerator.sh文件中的正确值设置为HOST_3变量：

vim ~/back/generators/userGenerator.s

Next, we need to run a script that will create users of the Hospital organization

接下来，我们需要运行一个脚本，该脚本将创建Hospital组织的用户

./back/generators/userGenerator.sh hospital

We now have a second user in the Users table in the database.

现在，数据库的“用户”表中还有第二个用户。

返回组织机构“幼儿园”的申请 (Back Application for Organization «Kindergarten»)

By analogy with the previous back-application, we need to place a file to connect to the network on the third host. To do this, in the fifth terminal, execute the following:

与先前的后台应用程序类似，我们需要在第三台主机上放置一个文件以连接到网络。 为此，在第五个终端中，执行以下操作：

scp -i ./key-poc.pem -r ec2-user@$HOST1:~/network/poc-network/connection-kindergarten.json ~
scp -i ./key-poc.pem ~/connection-kindergarten.json ec2-user@$HOST4:~/network/poc-network

Install the app on the third host:

在第三台主机上安装应用程序：

cd ~
git clone https://github.com/nixsolutions/blockchain-poc-backend.git

You also need to install nodejs and gcc-c ++ (compiler):

您还需要安装nodejs和gcc-c ++(编译器)：

curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install nodejs
cd back
sudo yum install gcc-c++ -y
npm install

Edit exports.hostName in constants.js (value for the current host):

在constants.js(当前主机的值)中编辑exports.hostName：

vim ~/back/constants.js

Launch the app in the third terminal:

在第三个终端中启动应用程序：

npm start

Set the correct value in the userGenerator.sh file to the HOST_4 variable:

将userGenerator.sh文件中的正确值设置为HOST_4变量：

vim ~/back/generators/userGenerator.sh

Next, we need to run a script that will create users of the Kindergarten organization

接下来，我们需要运行一个脚本，该脚本将创建幼儿园组织的用户

./back/generators/userGenerator.sh kindergarten

We now have a third user in the Users table in the database.

现在，数据库的“用户”表中有第三个用户。

在2、3和4 EC2服务器上安装wkhtmltopdf (Installation of wkhtmltopdf on 2, 3, and 4 EC2 servers)

An important point. The back-application uses the wkhtmltopdf library to generate a PDF report on the child’s health status.

重要的一点。 后台应用程序使用wkhtmltopdf库生成有关孩子健康状况的PDF报告。

We need to install libpng — the official library for working with raster graphics in PNG format. The library is platform-independent and consists of functions written in C language. So let's get started.

我们需要安装libpng-用于处理PNG格式的光栅图形的官方库。 该库与平台无关，由用C语言编写的函数组成。 因此，让我们开始吧。

The first command to install wkhtmltox is the open source LGPLv3 library for rendering HTML to PDF and various image formats using the QtWebKit rendering engine:

安装wkhtmltox的第一个命令是开源LGPLv3库，用于使用QtWebKit渲染引擎将HTML渲染为PDF和各种图像格式：

wget https://downloads.wkhtmltopdf.org/0.12/0.12.5/wkhtmltox-0.12.5-1.centos7.x86_64.rpm
sudo yum install -y wkhtmltox-0.12.5-1.centos7.x86_64.rpm

The second block of commands will download and deploy the libpng15 library:

第二个命令块将下载并部署libpng15库：

wget https://sourceforge.net/projects/libpng/files/libpng15/older-releases/1.5.15/libpng-1.5.15.tar.gz/download -O libpng-1.5.15.tar.gz
tar -zxvf libpng-1.5.15.tar.gz
cd libpng-1.5.15

The third block of commands is needed to install the compiler:

安装编译器需要第三条命令：

sudo yum groupinstall -y "Development Tools"
./configure --prefix=/usr
sudo make install

You also need to install LibTIFF:

您还需要安装LibTIFF：

sudo yum install -y libtiff

Now we can test:

现在我们可以测试：

wkhtmltopdf https://majestic.cloud majestic.pdf

Now you can generate PDF files.

现在您可以生成PDF文件。

On Node SDK (On Node SDK)

Node js tools for working with the Hyperledger Fabric network are presented in the form of «fabric-ca-client -v 1.4.0» and «fabric-network» v 1.4.0 «packages. All back-end services, which interact with the network through the Node SDK, located in the Services folder, at the root of the project.

使用“ fabric-ca-client -v 1.4.0”和“ fabric-network” v 1.4.0“软件包”的形式介绍了用于Hyperledger Fabric网络的Node js工具。 所有后端服务，这些服务通过位于项目根目录下Services文件夹中的Node SDK与网络交互。

You can read more about these tools and their methods in the official documentation.

您可以在官方文档中了解有关这些工具及其方法的更多信息。

流程应用 (Flow applications)

It’s worth talking now about how network members interact with each other in this application. All processes are described in a UML diagram. Let us dwell on each of them in more detail.

现在值得讨论一下网络成员如何在此应用程序中进行交互。 所有过程都在UML图中描述。 让我们更详细地讨论它们中的每一个。

Fig. 5. Graphical description of business processes in the application 图5.应用程序中业务流程的图形描述

As we have already indicated there are several organizations present in the network: Parents, Hospital and Kindergarten.

正如我们已经指出的，网络中存在多个组织：家长，医院和幼儿园。

A member of the ‘Parents’ organization creates electronic health records for two of his children. This data will be stored (and supplemented) in the blockchain network. Next, the parent sends a request for an agreement with the pediatrician, who will observe his children until they reach adulthood (in the diagram — request for an agreement with a doctor).

“父母”组织的成员为他的两个孩子创建了电子健康记录。 该数据将存储(并补充)在区块链网络中。 接下来，父母发送请求与儿科医生达成协议，儿科医生将观察他的孩子，直到他们成年为止(在图中-请求与医生达成协议)。

A member of the Hospital organization signs this agreement (in the diagram — doctor signs an agreement).

医院组织的成员签署此协议(在图中-医生签署协议)。

Next, the parent sends a request to kindergarten with a request to enroll his child (in the diagram — request for kindergarten to receive a child).

接下来，父母向幼儿园发送请求，并要求其注册孩子(在图中-要求幼儿园收养孩子)。

Fig. 6. Page with a list of available educational institutions in the parent's personal account 图6.带有父母个人账户中可用教育机构列表的页面

Kindergarten sees the request in the list of new requests:

幼儿园在新请求列表中看到该请求：

Fig. 7. Page with a list of applications for admission in the personal account of the educational institution 图7.带有教育机构个人帐户的入学申请清单的页面

In turn, Kindergarten before deciding whether to enroll a child must ensure that he is in a satisfactory state of health. To do so, the kindergarten sends a request to the clinic in which this child is observed (in the diagram — child health report request). The request to the pediatrician is executed automatically after the request for admission to the garden is moved to the «Accepted» tab.

反过来，幼儿园在决定是否招收儿童之前，必须确保他的健康状况令人满意。 为此，幼儿园将请求发送到观察该孩子的诊所(在图中-儿童健康报告请求)。 将进入花园的请求移至“已接受”选项卡后，会自动执行对儿科医生的请求。

Fig. 8. A page with a list of approved applications for admission to the personal account of the educational institution 图8.包含批准的教育机构个人帐户入学申请清单的页面

The pediatrician sees the request and generates a report that stores data on the child’s health (in the diagram — child health report created).

儿科医生看到该请求并生成一个报告，该报告存储有关儿童健康的数据(在图中-创建的儿童健康报告)。

Fig. 9. A page with a list of applications for creating a report on the state of the child’s health in the personal account of the hospital 图9.带有应用程序列表的页面，用于在医院的个人账户中创建有关儿童健康状况的报告

A parent sees a pediatrician’s report.

父母会看到儿科医生的报告。

Fig. 10. A page in the parent’s personal account, which displays the status of reports on the child’s health 图10.父母个人帐户中的页面，显示有关孩子健康状况的报告状态

and makes a decision to provide access to the preschool educational institution to view and download the report (in the diagram — give permission to view the report).

并决定提供访问学前教育机构的权限，以查看和下载该报告(在图中-允许查看该报告)。

Fig. 11. A pop-up window for choosing an educational institution that can view the generated medical report 图11.一个弹出窗口，用于选择可以查看生成的医疗报告的教育机构

and confirms sending the report.

并确认发送报告。

Fig. 12. Notification that the selected educational institution has received permission to view a medical report 图12.所选教育机构已获准查看医疗报告的通知

Information that the report has been generated and is available for viewing and downloading in PDF format appears in the list of reports in the application of the educational institution.

该报告的信息已经生成，并且可以以PDF格式查看和下载，该信息出现在教育机构的应用程序的报告列表中。

Fig. 13. Link to download the report in PDF format 图13.链接以PDF格式下载报告

Here is a report you will see in a new tab of your computer.

这是一份报告，您将在计算机的新选项卡中看到该报告。

Fig. 14. A report on the state of the child’s health formed by the hospital employee 图14.医院工作人员形成的儿童健康状况报告

与儿科医生一起创建病历和协议，并签署协议 (Creation of medical records and agreements with the pediatrician, signing of the agreement)

Since this application is designed specifically to demonstrate the deployment of the network on separate EC2 servers, we will execute some commands from prepared scripts.

由于此应用程序是专门为演示网络在单独的EC2服务器上的部署而设计的，因此我们将从准备好的脚本中执行一些命令。

First EC2 Server:

第一台EC2服务器：

node ~/back/generators/setCards.js

We previously connected to the database. After executing this command, you will see two entries in the Cards table. Also, information about the medical data of these two children was recorded on the blockchain.

我们先前已连接到数据库。 执行此命令后，您将在Cards表中看到两个条目。 此外，有关这两个孩子的医疗数据的信息也记录在区块链上。

Also from this EC2 server we need to create an agreement with a pediatrician who will observe these children. Let's do that:

同样，从此EC2服务器，我们需要与将观察这些孩子的儿科医生达成协议。 让我们这样做：

node ~/back/generators/createAgreement.js

Now this agreement must be signed by the user which we created for the organization Hospital. We execute the command from the second host:

现在，此协议必须由我们为医院组织创建的用户签署。 我们从第二个主机执行命令：

node ~/back/generators/signAgreement.js

The agreement is signed by the doctor and we can continue to work on our application. Next, we need to install the frontend application on 2, 3 and 4 EC2 servers.

该协议由医生签署，我们可以继续进行申请。 接下来，我们需要在2、3和4 EC2服务器上安装前端应用程序。

P.S .: You can find all the commands for generating users, cards, agreements and signing agreements in the ~ / back / generators folder.

PS。：您可以在〜/ back / generators文件夹中找到用于生成用户，卡，协议和签署协议的所有命令。

“家长”组织的前端申请 (Front Application for the ‘Parents’ organization)

Run the following command on the second host (where the Parents organization is located):

在第二台主机(Parents组织所在的主机)上运行以下命令：

cd ~
git clone https://github.com/nixsolutions/blockchain-poc-frontend.git

Then correct the host name on which the front-end application will be located:

然后更正前端应用程序所在的主机名：

VUE_APP_API_BASE_URL='http://ec2-107-22-75-46.compute-1.amazonaws.com:3006/'

You also need to install the dependencies:

您还需要安装依赖项：

cd front
npm install

It is also necessary to build the application and run it on the port 8080:

还需要构建应用程序并在端口8080上运行它：

docker build . -t my-app
docker run -d -p 8080:80 my-app

The application will be available at: http: // <HOST_2>: 8080, where <HOST_2> is the address of the second EC2 server on which this application is located.

该应用程序位于：http：// <HOST_2>：8080，其中<HOST_2>是此应用程序所在的第二台EC2服务器的地址。

Login: parents. Login Password: password

登录：父母。 登录密码：密码

This is what the front-end will look like. Here you will see information about the medical cards that we created from the terminal.

这就是前端的外观。 在这里，您将看到有关我们从终端创建的医疗卡的信息。

Fig. 15. Information on the children’s medical records in the personal account of the parent 图15.父母个人账户中有关儿童病历的信息

申请“医院”组织 (Front Application for the ‘Hospital’ Organization)

Run the following command on the second host (where the Hospital organization is located):

在第二台主机(医院组织所在的主机)上运行以下命令：

cd ~
git clone https://github.com/nixsolutions/blockchain-poc-frontend.git

Then correct the host name on which the front-end application will be located:

然后更正前端应用程序所在的主机名：

VUE_APP_API_BASE_URL='http://ec2-3-91-238-161.compute-1.amazonaws.com:3006/'

You also need to install the dependencies:

您还需要安装依赖项：

cd front
npm install

It is also necessary to build the application and run it on port 8080:

还需要构建应用程序并在端口8080上运行它：

docker build . -t my-app
docker run -d -p 8080:80 my-app

The application will be available at: http: // <HOST_3>: 8080, where <HOST_3> is the address of the second EC2 server on which this application is located.

该应用程序位于：http：// <HOST_3>：8080，其中<HOST_3>是此应用程序所在的第二台EC2服务器的地址。

Login: hospital. Login Password: password

登录：医院。 登录密码：密码

This is what the front-end will look like. Here you will see information about the medical cards that we created from the terminal.

这就是前端的外观。 在这里，您将看到有关我们从终端创建的医疗卡的信息。

“幼儿园”组织的前端申请 (Front Application for the ‘Kindergarten’ Organization)

Run the following command on the second host (where the Kindergarten organization is located):

在第二个主机(幼儿园组织所在的主机)上运行以下命令：

Then correct the host name on which the front-end application will be located:

然后更正前端应用程序所在的主机名：

VUE_APP_API_BASE_URL='http://ec2-107-22-12-137.compute-1.amazonaws.com:3006/'

You also need to install the dependencies:

您还需要安装依赖项：

cd front
npm install

It is also necessary to build the application and run it on port 8080:

还需要构建应用程序并在端口8080上运行它：

docker build . -t my-app
docker run -d -p 8080:80 my-app

The application will be available at: http: // <HOST_4>: 8080, where <HOST_4> is the address of the second EC2 server on which this application is located.

该应用程序位于：http：// <HOST_4>：8080，其中<HOST_4>是此应用程序所在的第二台EC2服务器的地址。

Login: kindergarten. Login Password: password

登录：幼儿园。 登录密码：密码

结论 (Conclusion)

This article shows how to deploy a blockchain application network on multiple virtual or physical servers. You will like the article if you are familiar with the basics of blockchain technology, know what smart contracts are, and at least a bit familiar with the Hyperledger Fabric framework and its standard fabric-samples application.

本文展示了如何在多个虚拟或物理服务器上部署区块链应用程序网络。 如果您熟悉区块链技术的基础知识，知道什么是智能合约，并且至少有点熟悉Hyperledger Fabric框架及其标准Fabric-samples应用程序，则将喜欢这篇文章。

翻译自: https://habr.com/en/company/nix/blog/500876/

aws cmake ..