一、环境安装
环境安装和前边基本没有什么不同。仍然采用默认的配置文件,但配置文件在这里只能当做一个蓝本来使用,需要根据实际情况进行不少相关的增减和删除。
最大的不同的在于,测试的目标,前面都是从Docker镜像上下载安装在自己的机器上,而这次是别人已经安装好的Fabric环境。对方提供了相关的证书、IP和端口以及相关的信息。
在这里仍然使用Raft的相关配置默认基础,其它诸如Solo等配置文件的修改与其基本一致,只是修改相关的不同的细节而已。
测试的配置文件为config.yaml(benchmarks),网络文件为network下的fabric-go-tls.yaml,第一个测试的配置文件配置方法和前面的方面相似,根据情况修改测试达到最优即可,不同的主要是第二个文件。
二、配置文件
首先看一下,一个配置好的fabric-go-tls.yaml文件内容:
name: Fabric
version: "1.0"
mutual-tls: true
caliper:
blockchain: fabric
#command:
#start: export FABRIC_VERSION=1.4.1;docker-compose -f networks/fabric/docker-compose/2org1peergoleveldb_raft/docker-compose-tls.yaml up -d;sleep 3s
#end: docker-compose -f networks/fabric/docker-compose/2org1peergoleveldb_raft/docker-compose-tls.yaml down;(test -z \"$(docker ps -aq)\") || docker rm $(docker ps -aq);(test -z \"$(docker images dev* -q)\") || docker rmi $(docker images dev* -q);rm -rf /tmp/hfc-*
info:
Version: 1.4.1
Size: 2 Orgs with 3 Peer
Orderer: Raft
Distribution: Single Host
StateDB: GoLevelDB
clients:
client1.org1.example.com:
client:
organization: Org1
credentialStore:
#path: /tmp/tfio-sdk-store #/tmp/hfc-kvs/org1
path: /tmp/hfc-kvs/org1
cryptoStore:
#path: /tmp/tfio-sdk-msp #/tmp/hfc-cvs/org1
path: /tmp/hfc-cvs/org1
clientPrivateKey:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/keystore/key.pen
path: myself/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/keystore/893b47c561687a3309bf2c77d6c5ae04ba5cc23ce84ded6b47ddfc934f741e8d_sk
#path: myself/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/server.key
clientSignedCert:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/signcerts/User1@org1.example.com-cert.pem
path: myself/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/signcerts/User1@org1.example.com-cert.pem
#path: myself/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls/ca.crt
client2.org2.example.com:
client:
organization: Org2
credentialStore:
path: /tmp/hfc-kvs/org2
cryptoStore:
path: /tmp/hfc-cvs/org2
clientPrivateKey:
# path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/keystore/key.pem
path: myself/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/keystore/edf044cd7f133161504fce4a5eff106ac826cdd14d58873a353fceaa1ce96662_sk
clientSignedCert:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/signcerts/User1@org2.example.com-cert.pem
path: myself/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/signcerts/User1@org2.example.com-cert.pem
channels:
#mychannel:
txchannel:
#configBinary: myself/txchannel.block
created: true
orderers:
- orderer.example.com
#- orderer3.example.com
#- orderer4.example.com
#- orderer5.example.com
peers:
peer1.org1.example.com:
eventSource: true
peer0.org2.example.com:
eventSource: true
chaincodes:
- id: marbles
version: v0
language: golang
path: fabric/samples/marbles/go
metadataPath: src/fabric/samples/marbles/go/metadata
- id: drm
version: v0
language: golang
path: fabric/scenario/drm/go
- id: simple
version: v0
language: golang
path: fabric/scenario/simple/go
- id: smallbank
version: v0
language: golang
path: fabric/scenario/smallbank/go
organizations:
Org1:
mspid: Org1MSP
peers:
- peer1.org1.example.com
# certificateAuthorities:
# - ca.org1.example.com
adminPrivateKey:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/key.pem
path: myself/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/61ff994a9d67047f9ef259839b0726d5191ad434268e095616e92a99aa6e5666_sk
signedCert:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/Admin@org1.example.com-cert.pem
path: myself/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/Admin@org1.example.com-cert.pem
Org2:
mspid: Org2MSP
peers:
- peer0.org2.example.com
- peer1.org2.example.com
# certificateAuthorities:
# - ca.org2.example.com
adminPrivateKey:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/keystore/key.pem
path: myself/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/keystore/c7e742bd8254c79008e7a5cb463336dcc1ae812bfa41ebf819fa15ca1128e32b_sk
signedCert:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/signcerts/Admin@org2.example.com-cert.pem
path: myself/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/signcerts/Admin@org2.example.com-cert.pem
orderers:
orderer.example.com:
url: grpcs://120.29.28.123:7050
#url: orderer.example.com:7050
grpcOptions:
ssl-target-name-override: orderer.example.com
tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
path: myself/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
#orderer3.example.com:
# url: grpcs://120.29.21.106:7050
#grpcOptions:
# ssl-target-name-override: orderer3.example.com
#tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# path: myself/ordererOrganizations/example.com/orderers/orderer3.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
#orderer4.example.com:
# url: grpcs://120.29.21.195:7050
#grpcOptions:
# ssl-target-name-override: orderer4.example.com
#tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# path: myself/ordererOrganizations/example.com/orderers/orderer4.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
#orderer5.example.com:
# url: grpcs://120.29.21.203:7050
# grpcOptions:
# ssl-target-name-override: orderer5.example.com
# tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# path: myself/ordererOrganizations/example.com/orderers/orderer4.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peers:
peer0.org2.example.com:
url: grpcs://120.29.21.187:9051
grpcOptions:
ssl-target-name-override: peer0.org2.example.com
grpc.keepalive_time_ms: 600000
tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/tlscacerts/tlsca.org2.example.com-cert.pem
path: myself/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/tlscacerts/tlsca.org2.example.com-cert.pem
peer1.org1.example.com:
url: grpcs://120.29.21.193:8051
grpcOptions:
ssl-target-name-override: peer1.org1.example.com
grpc.keepalive_time_ms: 600000
tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem
path: myself/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem
peer1.org2.example.com:
url: grpcs://120.29.21.196:10051
grpcOptions:
ssl-target-name-override: peer1.org2.example.com
grpc.keepalive_time_ms: 600000
tlsCACerts:
#path: networks/fabric/config_raft/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/tlscacerts/tlsca.org2.example.com-cert.pem
path: myself/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/tlscacerts/tlsca.org2.example.com-cert.pem
写代码的人老是说,最好的注释就是代码本身,代码咱写不出那么高的水平来,不过配置文件可以,这里蓝本的配置都注释而没有删除,可以用的都是未注释的,这里有一点需要注意,注释换行后可以没有明白显示出来是注释,不过上下文一看就明白了。
这里有几点需要重点说明一下:
1、相关的证书文件
把实际使用的证书相关文件整体拷贝到指定的目录下,这里为myself,放到了和network目录同级,目的是为了保证文件配置的一目了然。不容易出问题。
2、密钥的问题
在网上不少的资料里,私钥是以pem文件的形式提供的,其实现在是使用*sk文件的,这里直接把相关的私钥文件地址和名称替换即可。
其它相关的证书文件也需要指定实际环境的路径(即拷贝过来的myself为基础的路径)
3、command问题
caliper中的command在此处可以注释掉,当然如果不注释掉,会额外下载一大堆镜像,占用资源。
4、配置名称问题
保证配置文件中的组织,通道及相关的名称与实际Fabric网络一致,比如他的通道名称为A,如果你不想全新创建,而是使用这个通道的话,则必须保持一致。
5、配置的前后一致性
比如在Channel中配置了三个Order节点,则后面的配置中也必须有三个Order节点。
6、CA节点
如果实际网络中没有此节点,可以将其注释掉。不影响正常使用。
7、Order节点问题
保持名字和IP的一致性,不一定非要全部连接,如果只连接一个,名字可以使用上述配置,只要连接某一个Order即可。
8、Channel问题
有两个问题,一个是使用网络中已有通道,则create选项一定为false,如果自己全新创建,则使用新名字,create默认为True,但是创建成功后,如果不是再创建新的通道,则仍然修改为False。
9、临时文件问题
如果在测试中发现有证书问题,但配置都是正确时,可以删除Client中指定的两个临时路径,重新再测试即可。或者修改一下客户端的名字,重新生成缓存都可以。
10、配置文件的排序
在info中可以看到是Raft,这个一定要保证致,不要把大方向弄错。
三、总结
在完成上述的配置后,基本的测试就可以通过了。但是目前仍然有一些问题,最主要的是在测试高并发时出现“ MVCC_READ_CONFLICT”,这个问题目前初步有了解决方案,但仍然在验证中。一种是修改测试框架的源码,一种是修改合约。
使用不同的私钥来操作不同的交易理论上是可以避免这种现象的。但目前仍然需要测试和继续深入看Caliper的框架源码。