一、docker-compose管理容器
节点在docker容器中运行,docker-compose管理docker容器
examples/e2e_cli/docker-compose-cli.yaml
version: '2' #docker-compose的版本
services: #服务,orderer和peer组织的节点
orderer.example.com: # 服务名(排序节点和peer节点)
extends: # 继承了下面file路径下文件的一些属性
file: base/docker-compose-base.yaml # 不用改
service: orderer.example.com # 和前面的服务名保持一致
container_name: orderer.example.com # 容器名,和前面的服务名保持一致
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
cli: #客户端服务(java sdk,go sdk,shell)
container_name: cli # 容器名
image: hyperledger/fabric-tools:latest # fabric镜像路径,可以指定tag
tty: true # 启动容器的时候状态可能为:Exited (0) About a minute ago,需要设置tty为true
stdin_open: true # 标准输入,true或false
environment: # 环境变量相关设置
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer # 工作目录
command: /bin/bash # 启动docker后执行的命令
volumes: # 数据卷
# 挂载目录,默认就行
- /var/run/:/host/var/run/
# 链码存放路径(go或者node.js写的链代码)
- ./chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go
# 存放证书的路径
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
# 生成的创世块和管道以及更新的锚节点文件存放的路径(tx和block后缀的文件)
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
# 注意:./channel-artifacts这种是指路径,需要本地有这个路径,或者改成自己的路径
depends_on: # 启动顺序
- orderer.example.com
- peer0.org1.example.com
- peer0.org2.example.com
base的路径:examples/e2e_cli/base
启动容器的数量= depends_on(volumes)的数量 + cli的
二、fabric相关docker镜像
都在hyperleger路径下
fabric-peer: peer节点镜像
fabric-orderer: orderer节点镜像
fabric-tools: 工具镜像,cryptogen等工具都在这里面
fabric-ca: ca模块镜像,可以用来生成账号
fabric-ccenv: go语言链码运行环境镜像
fabric-kafka: kafka镜像
fabric-zookeeper: zookeeper镜像
fabric-couchdb: couchdb数据库镜像
三、docker-compose-base.yaml配置
路径:examples/e2e_cli/base/docker-compose-base.yaml
version: '2' #版本号
services: #服务,有排序节点、peer节点等
orderer.example.com: #服务名
container_name: orderer.example.com #容器名
image: hyperledger/fabric-orderer:latest #镜像路径:lastst
environment: #环境
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric #工作目录
command: orderer #启动后执行的命令
volumes: #挂载创世块,证书,通道的文件
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
ports: #端口映射
- 7050:7050
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_CHAINCODELISTENADDRESS=peer0.org1.example.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_CHAINCODELISTENADDRESS=peer0.org2.example.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
ports:
- 9051:7051
- 9052:7052
- 9053:7053
四、peer-base.yaml配置
version: '2' #版本号
services: #服务,有排序节点、peer节点等
orderer.example.com: #服务名
container_name: orderer.example.com #容器名
image: hyperledger/fabric-orderer:latest #镜像路径:lastst
environment: #环境
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric #工作目录
command: orderer #启动后执行的命令
volumes: #挂载创世块,证书,通道的文件
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
ports: #端口映射
- 7050:7050
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_CHAINCODELISTENADDRESS=peer0.org1.example.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_CHAINCODELISTENADDRESS=peer0.org2.example.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
ports:
- 9051:7051
- 9052:7052
- 9053:7053
五、环境变量
-
1.客户端cli环境变量:docker-compose-cli.yaml(- 为yaml的格式,表示数组)
-
# go的工作目录 - GOPATH=/opt/gopath # 守护进程的套接字,不用改 - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock # 日志級別 ,critical、error、warning、notice、info、debug - CORE_LOGGING_LEVEL=DEBUG # peer节点的id,自己指定一个就行,就是当前客户端节点的id - CORE_PEER_ID=cli # 要连接的peer节点 - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 # peer组织id - CORE_PEER_LOCALMSPID=Org1MSP # 是否使用tls加密,通信的时候 - CORE_PEER_TLS_ENABLED=true # tls证书文件 -CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt # tls私钥文件 - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key # 根证书文件 - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt # 指定客户端的身份,管理员身份目录 - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
-
2.排序节点orderer环境变量:docker-compose-base.yaml
-
# 日志級別 - ORDERER_GENERAL_LOGLEVEL=debug # 监听地址 - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 # 创世块来源,这里file指来源于文件 - ORDERER_GENERAL_GENESISMETHOD=file # 创世块对应的文件,不是指本地的,是docker中的,base.yaml中orderer的volume关联 - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block # orderer节点的id - ORDERER_GENERAL_LOCALMSPID=OrdererMSP # orderer节点的msp路径,不是指本地的,是docker中的,base.yaml中orderer的volume关联 - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS,是否使用tls加密 - ORDERER_GENERAL_TLS_ENABLED=true # 私钥,不是指本地的,是docker中的,base.yaml中orderer的volume关联 - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key # 证书,不是指本地的,是docker中的,base.yaml中orderer的volume关联 - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt # 根证书,不是指本地的,是docker中的,base.yaml中orderer的volume关联 - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
-
3.peer节点环境变量:docker-compose-base.yaml和peer-base.yaml
-
#当前peer节点的名字,可以改 CORE_PEER_ID=peer0.org1.example.com 访问地址 - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 chaincode #监听地址 CORE_PEER_CHAINCODELISTENADDRESS=peer0.org1.example.com:7052 #被组织外节点识别时的地址,以加入网络 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051 #peer节点的组织名 CORE_PEER_LOCALMSPID=Org1MSP #socket套接字 - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock #网络模式 - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=e2ecli_default #(这里要与其所在的项目根目录一致,这里为hyperledger_default) #日志級別 CORE_LOGGING_LEVEL=DEBUG #是否tls加密 - CORE_PEER_TLS_ENABLED=true #是否自动选举leader节点,建议设置为true,当一个leader挂掉后会自动产生leader - CORE_PEER_GOSSIP_USELEADERELECTION=true #当前节点是否是leader节点,建议设置为false,让自动选举产生leader即可 - CORE_PEER_GOSSIP_ORGLEADER=false # profile服务是否开启 - CORE_PEER_PROFILE_ENABLED=true #证书 - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt #私钥 - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key #根证书,ca证书 - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
六、leader节点
peer节点之间通信,peer和orderer节点通信的节点叫leader,通过选举产生,只有leader才可以和orderer节点进行通信
七、docker-compose启动
修改:
hyperleger目录下:
mkdir chaincode
mkdir channel-artifacts
mv genesis.block channel-artifacts/
mv channel.tx channel-artifacts/
rz 上传docker-compose-cli.yaml文件
mkdir base
base目录下
rz上传docker-compose-base.yaml 和 peer-base.yaml
1.启动
docker-compose -f docker-compose-cli.yaml up -d
-f
:指定配置文件,默认是docker-compose.yml或docker-compose.yaml
-d
:以守护进程运行(exit退出后不会退出容器)
2.查看启动状态
docker-compose ps
docker-compose -f docker-compose-cli.yaml ps
3.停止
docker-compose down -v
docker-compose -f docker-compose-cli.yaml down -v
-f
文件路径,默认文件名是docker-compose.yaml
-v
显示详细信息
4.查看所有容器
docker ps -a
5.删除容器
docker rm 687b66dd8e36
(容器id)
6.查看日志
docker logs 9a1a500bf720
(容器id)