Hyperledegr Fabric BYFN 5: 三机部署
- fabric版本: 1.4.0
- 使用fabric-samples的commit tag: ed0f1cc9ea6c63b8143e974f0cb9f49a3978467e
节点部署
主机 | IP地址 | 节点标识 | 节点域名 | 组织 |
---|---|---|---|---|
VM1 | 101.132.125.102 | ORDERER | orderer.example.com | ORDERER |
VM2 | 101.132.180.5 | peer1 | peer0.org1.example.com | ORG1 |
VM2 | 101.132.180.5 | peer2 | peer1.org1.example.com | ORG1 |
VM3 | 106.14.126.23 | peer3 | peer0.org2.example.com | ORG2 |
VM3 | 106.14.126.23 | peer4 | peer1.org2.example.com | ORG2 |
总流程
byfn.sh up
单点分别执行成功- 在三台主机间建立ssh信任,方便文件分发
- 三主机分别修改
docker-compose-cli.yaml
、scripts/script.sh
- VM1节点生成加密和通道材料分发到VM2\VM3
- VM2
- 创建通道
- 节点加入通道
- 升级锚节点
- 安装链码
- VM2回传通道区块
channel.block
到VM1,VM1将其分发到VM3节点 - VM3
- 节点加入通道
- 升级锚节点
- 安装链码
- VM1
- 实例化链码
- 链码查询
- 链码激活
- 链码查询激活结果
代码文件修改
为了方便操作,我们需要将byfn.sh
中的确认程序askProceed
docker-compose-cli.yaml
-
VM1
docker-compose-cli.yaml
- VM1只需部署orderer节点,其他均注释掉。
version: '2' volumes: orderer.example.com: networks: byfn: services: orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com networks: - byfn
-
VM2
docker-compose-cli.yaml
- 配置
extra_hosts
来定位orderer节点 - 挂载
peer
来暴露通道区块
version: '2' volumes: peer0.org1.example.com: peer1.org1.example.com: networks: byfn: services: peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: base/docker-compose-base.yaml service: peer0.org1.example.com networks: - byfn extra_hosts: - "order.example.com:101.132.125.102" peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: base/docker-compose-base.yaml service: peer1.org1.example.com networks: - byfn cli: container_name: cli image: hyperledger/fabric-tools:$IMAGE_TAG tty: true stdin_open: true environment: - GODEBUG=netdns=go - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock #- FABRIC_LOGGING_SPEC=DEBUG - FABRIC_LOGGING_SPEC=INFO - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: /bin/bash volumes: - /var/run/:/host/var/run/ - ./../chaincode/:/opt/gopath/src/github.com/hyperledger/fabric-samples/chaincode - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts - ./peer/:/opt/gopath/src/github.com/hyperledger/fabric/peer/ depends_on: - peer0.org1.example.com - peer1.org1.example.com networks: - byfn extra_hosts: - "order.example.com:101.132.125.102"
- 配置
-
VM3
- 配置
extra_hosts
来定位orderer节点 - 挂载
peer
来接收通道区块
version: '2' volumes: peer0.org2.example.com: peer1.org2.example.com: networks: byfn: services: peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: base/docker-compose-base.yaml service: peer0.org2.example.com networks: - byfn extra_hosts: - "orderer.example.com:101.132.125.102" peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: base/docker-compose-base.yaml service: peer1.org2.example.com networks: - byfn cli: container_name: cli image: hyperledger/fabric-tools:$IMAGE_TAG tty: true stdin_open: true - GODEBUG=netdns=go - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock #- FABRIC_LOGGING_SPEC=DEBUG - FABRIC_LOGGING_SPEC=INFO - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org2.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: /bin/bash volumes: - /var/run/:/host/var/run/ - ./../chaincode/:/opt/gopath/src/github.com/hyperledger/fabric-samples/chaincode - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts - ./peer/:/opt/gopath/src/github.com/hyperledger/fabric/peer/ - /etc/hosts:/etc/hosts depends_on: - peer0.org2.example.com - peer1.org2.example.com networks: - byfn extra_hosts: - "order.example.com:101.132.125.102"
- 配置
byfn.sh
-
VM1
- ssh对VM2、3传输命令
- scp传输文件
- 作为orderer不需要再执行
scripts/script.sh
function networkUp() { checkPrereqs # generate artifacts if they don't exist if [ ! -d "crypto-config" ]; then generateCerts replacePrivateKey generateChannelArtifacts fi if [ "${IF_COUCHDB}" == "couchdb" ]; then if [ "$CONSENSUS_TYPE" == "kafka" ]; then IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_KAFKA -f $COMPOSE_FILE_COUCH up -d 2>&1 elif [ "$CONSENSUS_TYPE" == "etcdraft" ]; then IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_RAFT2 -f $COMPOSE_FILE_COUCH up -d 2>&1 else IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_COUCH up -d 2>&1 fi else if [ "$CONSENSUS_TYPE" == "kafka" ]; then IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_KAFKA up -d 2>&1 elif [ "$CONSENSUS_TYPE" == "etcdraft" ]; then IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_RAFT2 up -d 2>&1 else IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE up -d 2>&1 fi fi if [ $? -ne 0 ]; then echo "ERROR !!!! Unable to start network" exit 1 fi if [ "$CONSENSUS_TYPE" == "kafka" ]; then sleep 1 echo "Sleeping 10s to allow $CONSENSUS_TYPE cluster to complete booting" sleep 9 fi if [ "$CONSENSUS_TYPE" == "etcdraft" ]; then sleep 1 echo "Sleeping 15s to allow $CONSENSUS_TYPE cluster to complete booting" sleep 14 fi # now run the end to end script #docker exec cli scripts/script.sh $CHANNEL_NAME $CLI_DELAY $LANGUAGE $CLI_TIMEOUT $VERBOSE if [ $? -ne 0 ]; then echo "ERROR !!!! Test failed" exit 1 fi #删除远端材料并复制到子主机 set -x ssh root@vm2 "cd ~/fabric-samples/panta-test/ && ./byfn.sh down && rm -rf channel-artifacts/* crypto-config/* peer/*" ssh root@vm3 "cd ~/fabric-samples/panta-test/ && ./byfn.sh down && rm -rf channel-artifacts/* crypto-config/* peer/*" set +x scp -rq ./crypto-config root@vm2:~/fabric-samples/panta-test scp -rq ./crypto-config root@vm3:~/fabric-samples/panta-test scp -rq ./channel-artifacts root@vm2:~/fabric-samples/panta-test scp -rq ./channel-artifacts root@vm3:~/fabric-samples/panta-test set -x ssh root@vm2 "cd ~/fabric-samples/panta-test/ && ./byfn.sh up -c $CHANNEL_NAME" scp ./peer/*.block root@vm3:~/fabric-samples/panta-test/peer ssh root@vm3 "cd ~/fabric-samples/panta-test/ && ./byfn.sh up -c $CHANNEL_NAME" ssh root@vm2 "cd ~/fabric-samples/panta-test/ && docker exec cli scripts/invoke.sh $CHANNEL_NAME $CLI_DELAY $LANGUAGE $CLI_TIMEOUT $VERBOSE" #ssh root@vm3 "cd ~/fabric-samples/panta-test/ && docker exec cli scripts/invoke.sh $CHANNEL_NAME $CLI_DELAY $LANGUAGE $CLI_TIMEOUT $VERBOSE" set +x
-
VM2
- 在
networkUp
添加回传通道区块步骤
# now run the end to end script docker exec cli scripts/script.sh $CHANNEL_NAME $CLI_DELAY $LANGUAGE $CLI_TIMEOUT $VERBOSE if [ $? -ne 0 ]; then echo "ERROR !!!! Test failed" exit 1 fi scp ./peer/*.block root@vm1:~/fabric-samples/panta-test/peer
- 在
scripts/script.sh
-
VM2
- 对相关函数进行修改
joinChannel () { for org in 1 ; do for peer in 0 1; do joinChannelWithRetry $peer $org echo "===================== peer${peer}.org${org} joined channel '$CHANNEL_NAME' ===================== " sleep $DELAY echo done done } ## Create channel echo "Creating channel..." createChannel ## Join all the peers to the channel echo "Having all peers join the channel..." joinChannel ## Set the anchor peers for each org in the channel echo "Updating anchor peers for org1..." updateAnchorPeers 0 1 #echo "Updating anchor peers for org2..." #updateAnchorPeers 0 2 ## Install chaincode on peer0.org1 and peer0.org2 echo "Installing chaincode on peer0.org1..." installChaincode 0 1 echo "Install chaincode on peer1.org1..." installChaincode 1 1
-
VM3作相同修改
对VM2添加invoke.sh
- 激活函数需要设定相关证书,如果想激活peer1org1和peer1org2,需要在
scripts/utils.sh
修改CA - 请注意背书策略是需要组织1和组织2中任意节点同意,所以必须确保两个组织至少各有一个节点
instantiateChaincode 0 1
### Query chaincode on peer0.org1
##echo "Querying chaincode on peer0.org1..."
chaincodeQuery 0 1 100
#
## Invoke chaincode on peer0.org1 and peer0.org2
echo "Sending invoke transaction on peer0.org1...peer0.org2..."
chaincodeInvoke 0 1 0 2
## Query on chaincode on peer1.org2, check if the result is 90
echo "Querying chaincode on peer1.org2..."
chaincodeQuery 1 2 90