首先,我們在安裝前,要考慮一個問題
Hyperledger Fabric,通過指定的節點進行背書授權,才能完成交易的存儲
延伸開來,就是為了實現容錯、高並發、易擴展,需要zookeeper來選擇排序引擎處理記賬的唯一性
我們這里選擇kafka排序引擎並通過Kafka集群和zookeeper集群保證數據的一致性,實現排序功能
同時,為了排序服務器的穩定,采取多Orderer集群實現容錯空間,
為此,我們采用了最基礎的配置方案:兩個組織,四個節點
兩個CA服務器,三個Zookeeper服務器,四個Kafka服務器,3個Orderer服務器,4個Peer服務器
大家一看到這么多服務器,可能會嚇一跳,那我們就把這些服務器優化一下,變成如下:
192.168.10.10:
ca.org1.chaincode.yourdomain,zookeeper0,kafka0,orderer0.chaincode.yourdomain,peer0.org1.chaincode.yourdomain
192.168.10.11:
ca.org2.chaincode.yourdomain,zookeeper1,kafka1,orderer1.chaincode.yourdomain,peer0.org2.chaincode.yourdomain
192.168.10.12:
zookeeper2,kafka2,orderer2.chaincode.yourdomain,peer1.org1.chaincode.yourdomain
192.168.10.13:
kafka3,peer1.org2.chaincode.yourdomain
這樣就只要4台服務器了
其中分成兩個組織,主要目的是告訴你,這個東西是可以把群體進行划分的,就像三層交換機里的vlan一樣,
另外兩個ca服務器主要是為了把組織的訪問權限分離出來控制
還有就是把賬本節點分別設置為peer0.org1,peer1.org1屬於組織1,peer0.org2,peer1.org2屬於組織2
如果比較難理解,那就把公司里的電腦當做peer,org當做不同部門,只要權限有,peer0.org1,peer0.org2,peer1.org1,peer1.org2是互通的(當然在業務范圍內,這里只是舉個例子),同時大家都可以保存同一個文件,
這里有一個細節,那就是要指定背書節點,否則公司里電腦太多了,你要每台電腦都去判斷一下某一個文件有沒有被修改,是不太合理的。這里我們會指定peer0.org1,peer0.org2作為背書節點,其他的自動同步新的更新(如果是跨公司有同一個業務,也可以指定各自公司的背書節點,防止一方對數據進行篡改)。
說了整體的框架,那么下面我們就來部署吧:
一、基礎資料安裝
首先我的服務器是Centos7.0,所以大家相關的命令自己調整哦
因為該服務器有兩個磁盤,分別用於區塊鏈和工作代碼
掛載數據盤
fdisk -l 查看磁盤狀態
fdisk /dev/vdb 格式化第一個數據盤
根據提示,輸入n,p,1,回車,回車,wq
緊接着輸入命令mkfs.ext3 /dev/vdb1,格式化磁盤,耐心等待即可
掛載數據盤到指定目錄
mkdir /chaincode,然后輸入mount /dev/vdb1 /chaincode
然后寫入分區表:echo '/dev/vdb1 /chaincode ext3 defaults 0 0'>>/etc/fstab
磁盤掛載成功
fdisk -l 查看磁盤狀態
fdisk /dev/vdb 格式化第一個數據盤
根據提示,輸入n,p,1,回車,回車,wq
緊接着輸入命令mkfs.ext3 /dev/vdb1,格式化磁盤,耐心等待即可
掛載數據盤到指定目錄
mkdir /chaincode,然后輸入mount /dev/vdb1 /chaincode
然后寫入分區表:echo '/dev/vdb1 /chaincode ext3 defaults 0 0'>>/etc/fstab
磁盤掛載成功
fdisk /dev/vdc 格式化第一個數據盤
根據提示,輸入n,p,1,回車,回車,wq
緊接着輸入命令mkfs.ext3 /dev/vdc1,格式化磁盤,耐心等待即可
掛載數據盤到指定目錄
mkdir /workspace,然后輸入mount /dev/vdc1 /workspace
然后寫入分區表:echo '/dev/vdc1 /workspace ext3 defaults 0 0'>>/etc/fstab
磁盤掛載成功
根據提示,輸入n,p,1,回車,回車,wq
緊接着輸入命令mkfs.ext3 /dev/vdc1,格式化磁盤,耐心等待即可
掛載數據盤到指定目錄
mkdir /workspace,然后輸入mount /dev/vdc1 /workspace
然后寫入分區表:echo '/dev/vdc1 /workspace ext3 defaults 0 0'>>/etc/fstab
磁盤掛載成功
步驟1:關閉防火牆
#systemctl stop firewalld.service
#systemctl disable firewalld.service
#systemctl stop firewalld.service
#systemctl disable firewalld.service
設置安全
vi /etc/selinux/config
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
# SELINUXTYPE=targeted
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
# SELINUXTYPE=targeted
步驟2:更新系統
yum update
步驟2:刪除舊版本的docker
yum remove docker docker-common docker-selinux docker-engine
步驟3:安裝需要的軟件包, yum-util 提供yum-config-manager功能,另外兩個是devicemapper驅動依賴的
yum install -y yum-utils device-mapper-persistent-data lvm2 wget unzip
安裝上傳下載工具
yum install lrzsz
步驟4:設置yum源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
步驟5:查看所有倉庫中所有DOCKER版本
yum list docker-ce --showduplicates | sort -r
步驟6:安裝最新版本DOCKER社區版本
yum install docker-ce -y
yum update
步驟2:刪除舊版本的docker
yum remove docker docker-common docker-selinux docker-engine
步驟3:安裝需要的軟件包, yum-util 提供yum-config-manager功能,另外兩個是devicemapper驅動依賴的
yum install -y yum-utils device-mapper-persistent-data lvm2 wget unzip
安裝上傳下載工具
yum install lrzsz
步驟4:設置yum源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
步驟5:查看所有倉庫中所有DOCKER版本
yum list docker-ce --showduplicates | sort -r
步驟6:安裝最新版本DOCKER社區版本
yum install docker-ce -y
2.安裝docker-compose(一個部署多個容器的簡單但是非常必要的工具, (用於 docker 容器服務統一管理 編排))
步驟1:確認是否已經python-pip
pip -V
步驟2:安裝python-pip
yum -y install epel-release
yum install python-pip -y
pip install --upgrade pip
步驟1:確認是否已經python-pip
pip -V
步驟2:安裝python-pip
yum -y install epel-release
yum install python-pip -y
pip install --upgrade pip
步驟3:安裝docker-compose
[root@localhost ~]#pip install docker-compose
[root@localhost ~]# docker-compose -version
docker-compose version 1.22.0, build f46880f
[root@localhost ~]#systemctl start docker
[root@peer0org1 ~]# systemctl enable docker
[root@localhost ~]#pip install docker-compose
[root@localhost ~]# docker-compose -version
docker-compose version 1.22.0, build f46880f
[root@localhost ~]#systemctl start docker
[root@peer0org1 ~]# systemctl enable docker
3.安裝git-2.3.0
mkdir /opt/soft
cd /opt/soft
# yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker
# wget https://github.com/git/git/archive/v2.3.0.zip
# unzip v2.3.0.zip
# cd git-2.3.0/
# make prefix=/usr/local/git all
# make prefix=/usr/local/git install
# vi /etc/profile
然后在文件的最后一行,添加下面的內容,然后保存退出。
export PATH=/usr/local/git/bin:$PATH
# source /etc/profile
# git version
git version 2.3.0
mkdir /opt/soft
cd /opt/soft
# yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker
# wget https://github.com/git/git/archive/v2.3.0.zip
# unzip v2.3.0.zip
# cd git-2.3.0/
# make prefix=/usr/local/git all
# make prefix=/usr/local/git install
# vi /etc/profile
然后在文件的最后一行,添加下面的內容,然后保存退出。
export PATH=/usr/local/git/bin:$PATH
# source /etc/profile
# git version
git version 2.3.0
4.Golang (用於 fabric cli 服務的調用, ca 服務證書生成 )
[root@localhost ~]# mkdir -p /opt/soft/golang
[root@localhost golang]# wget https://studygolang.com/dl/golang/go1.11.linux-amd64.tar.gz
[root@localhost golang]# tar -C /usr/local -xzf go1.11.linux-amd64.tar.gz
[root@localhost golang]# wget https://studygolang.com/dl/golang/go1.11.linux-amd64.tar.gz
[root@localhost golang]# tar -C /usr/local -xzf go1.11.linux-amd64.tar.gz
[root@localhost ~]# vi /etc/profile
添加如下
# golang env
export PATH=$PATH:/usr/local/go/bin
export GOROOT=/usr/local/go
export GOPATH=/workspace/golang
export PATH=/usr/local/git/bin:$PATH
export PATH=$PATH:/usr/local/go/bin
export GOROOT=/usr/local/go
export GOPATH=/workspace/golang
export PATH=/usr/local/git/bin:$PATH
[root@localhost ~]# source /etc/profile
[root@localhost ~]# go version
go version go1.10 linux/amd64
[root@localhost ~]# go version
go version go1.10 linux/amd64
接下來配置各個服務器的域名解析:
vi /etc/hosts
寫入以下內容:
192.168.10.10 ca.org1.chaincode.yourdomain orderer0.chaincode.yourdomain peer0.org1.chaincode.yourdomain
192.168.10.11 ca.org2.chaincode.yourdomain orderer1.chaincode.yourdomain peer0.org2.chaincode.yourdomain
192.168.10.12 orderer2.chaincode.yourdomain peer1.org1.chaincode.yourdomain
192.168.10.13 peer1.org2.chaincode.yourdomain
紅色部分改成你自己的域名哦
/etc/init.d/network restart
5.下載fabric源碼
[root@localhost ~]# mkdir -p /workspace/golang/src/github.com/hyperledger
[root@localhost ~]# cd /workspace/golang/src/github.com/hyperledger
[root@localhost hyperledger]# git clone https://github.com/hyperledger/fabric.git
[root@localhost hyperledger]# cd fabric/
[root@localhost fabric]# git checkout v1.3.0
顯示如下:
Note: checking out 'v1.3.0'.
[root@localhost ~]# mkdir -p /workspace/golang/src/github.com/hyperledger
[root@localhost ~]# cd /workspace/golang/src/github.com/hyperledger
[root@localhost hyperledger]# git clone https://github.com/hyperledger/fabric.git
[root@localhost hyperledger]# cd fabric/
[root@localhost fabric]# git checkout v1.3.0
顯示如下:
Note: checking out 'v1.3.0'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD 目前位於 5017e4d... FAB-12206 Hyperledger Fabric 1.3.0 release
6.鏡像下載
步驟1:啟動docker服務
[root@localhost hyperledger_cli]# systemctl restart docker
# systemctl enable docker
步驟1:啟動docker服務
[root@localhost hyperledger_cli]# systemctl restart docker
# systemctl enable docker
步驟2:下載鏡像
因為下載的Fabric源碼里的download-dockerimages.sh里的版本是老的,所以改成下面我寫的
我們開始使用fabric,要下載指定版本的源碼以及配套的指定版本的鏡像文件。
首先打開網址 https://hub.docker.com/r/hyperledger/
例如,可以看到所有的hyperledger的鏡像,點擊fabric-peer,跳轉到
https://hub.docker.com/r/hyperledger/fabric-peer/
點擊頁面中的tag,可以看到歷史的tag 紀錄
我們取最新的tag amd64-1.3.0
在docker環境中執行 docker pull hyperledger/fabric-peer:amd64-1.3.10
即可下載指定tag的鏡像文件了。
[root@localhost fabric]# cd examples/e2e_cli/
[root@localhost e2e_cli]# source download-dockerimages.sh -c latest -f latest
因為直接執行download-dockerimages.sh腳本會在下載fabric-javaenv:latest這個鏡像時會卡住,
這是因為目前hyperledger的鏡像倉庫里的fabric-javaenv鏡像還沒有latest的tag,
可以自行在docker.hub下搜索fabric-javaenv下最新的tag,
我已經把所有要下載的鏡像都重新定義了:
dockerFabricPull() {
echo "==> FABRIC IMAGE: peer"
echo
docker pull hyperledger/fabric-peer:amd64-1.3.0
docker tag hyperledger/fabric-peer:amd64-1.3.0 hyperledger/fabric-peer
echo
docker pull hyperledger/fabric-peer:amd64-1.3.0
docker tag hyperledger/fabric-peer:amd64-1.3.0 hyperledger/fabric-peer
echo "==> FABRIC IMAGE: orderer"
echo
docker pull hyperledger/fabric-orderer:amd64-1.3.0
docker tag hyperledger/fabric-orderer:amd64-1.3.0 hyperledger/fabric-orderer
echo
docker pull hyperledger/fabric-orderer:amd64-1.3.0
docker tag hyperledger/fabric-orderer:amd64-1.3.0 hyperledger/fabric-orderer
echo "==> FABRIC IMAGE: couchdb"
echo
docker pull hyperledger/fabric-couchdb:amd64-0.4.14
docker tag hyperledger/fabric-couchdb:amd64-0.4.14 hyperledger/fabric-couchdb
echo
docker pull hyperledger/fabric-couchdb:amd64-0.4.14
docker tag hyperledger/fabric-couchdb:amd64-0.4.14 hyperledger/fabric-couchdb
echo "==> FABRIC IMAGE: ccenv"
echo
docker pull hyperledger/fabric-ccenv:amd64-1.3.0
docker tag hyperledger/fabric-ccenv:amd64-1.3.0 hyperledger/fabric-ccenv
echo
docker pull hyperledger/fabric-ccenv:amd64-1.3.0
docker tag hyperledger/fabric-ccenv:amd64-1.3.0 hyperledger/fabric-ccenv
echo "==> FABRIC IMAGE: javaenv"
echo
docker pull hyperledger/fabric-javaenv:amd64-1.3.0
docker tag hyperledger/fabric-javaenv:amd64-1.3.0 hyperledger/fabric-javaenv
echo "==> FABRIC IMAGE: kafka"
echo
docker pull hyperledger/fabric-kafka:amd64-0.4.14
docker tag hyperledger/fabric-kafka:amd64-0.4.14 hyperledger/fabric-kafka
echo "==> FABRIC IMAGE: tools"
echo
docker pull hyperledger/fabric-tools:amd64-1.3.0
docker tag hyperledger/fabric-tools:amd64-1.3.0 hyperledger/fabric-tools
echo "==> FABRIC IMAGE: zookeeper"
echo
docker pull hyperledger/fabric-zookeeper:amd64-0.4.14
docker tag hyperledger/fabric-zookeeper:amd64-0.4.14 hyperledger/fabric-zookeeper
}
替換后,然后重新執行就可以拉取到所需的全部鏡像
echo
docker pull hyperledger/fabric-javaenv:amd64-1.3.0
docker tag hyperledger/fabric-javaenv:amd64-1.3.0 hyperledger/fabric-javaenv
echo "==> FABRIC IMAGE: kafka"
echo
docker pull hyperledger/fabric-kafka:amd64-0.4.14
docker tag hyperledger/fabric-kafka:amd64-0.4.14 hyperledger/fabric-kafka
echo "==> FABRIC IMAGE: tools"
echo
docker pull hyperledger/fabric-tools:amd64-1.3.0
docker tag hyperledger/fabric-tools:amd64-1.3.0 hyperledger/fabric-tools
echo "==> FABRIC IMAGE: zookeeper"
echo
docker pull hyperledger/fabric-zookeeper:amd64-0.4.14
docker tag hyperledger/fabric-zookeeper:amd64-0.4.14 hyperledger/fabric-zookeeper
}
替換后,然后重新執行就可以拉取到所需的全部鏡像
如果要刪除鏡像,可以執行以下命令:
[root@localhost e2e_cli]# docker rmi -f $(docker images -q)
[root@localhost e2e_cli]# docker rmi -f $(docker images -q)
7. 打包並壓縮鏡像
每台機器上都要下載這些鏡像,因為不同的機器按照我們的規划,要部署不同的服務上去,偷懶一點就所有的都復制過去吧
[root@localhost e2e_cli]# docker save $(docker images | grep latest |awk {'print $1'} ) -o images
8. 傳送給其他服務器(peer0.org2,peer1.org1,peer1.org2)
[root@localhost e2e_cli]# scp images root@192.168.10.11:/root/
[root@localhost e2e_cli]# scp images root@192.168.10.12:/root/
[root@localhost e2e_cli]# scp images root@192.168.10.13:/root/
在各自服務器上執行
docker load -i images
就可以加載所有鏡像了,不過這個images的路徑根據你自己執行的位置進行改動吧
9. 接下來,我們就要創建公私鑰、證書、創世區塊等
目錄結構說明:
base
存放配置提煉的公有部分,有兩個文件,分別為docker-compose-base.yaml和peer-base.yaml
channel-artifacts
存放生成的通道和創世紀塊等文件,包括有channel.tx、genesis.block、Org1MSPanchors.tx和Org2MSPanchors.tx
crypto-config
存放生成的公私鑰和證書等文件
scripts
只有一個script.sh文件,該文件是案例的運行功能的集合,運行后會自動執行全部功能,直到完成
configtx.yaml
通道配置文件
crypto-config.yaml
生成的公私鑰和證書的配置文件
docker-compose-cli.yaml
Fabric網絡Docker運行配置文件
download-dockerimages.sh
下載Fabric鏡像執行文件
generateArtifacts.sh
生成公私鑰和證書的執行文件
network_setup.sh
案例運行的入口文件
這些看懂了就好,
在orderer0.chaincode.jzyb2b.com節點上,執行以下命令:
[root@orderer e2e_cli]# source generateArtifacts.sh xinhong.test
將會生成channel-artifacts文件夾,里面包含了mychannel這個通道相關的文件,另外還有一個crypto-config文件夾,里面包含了各個節點的公私鑰和證書的信息。
[root@orderer e2e_cli]# source generateArtifacts.sh xinhong.test
將會生成channel-artifacts文件夾,里面包含了mychannel這個通道相關的文件,另外還有一個crypto-config文件夾,里面包含了各個節點的公私鑰和證書的信息。
Generate certificates using cryptogen tool
org1.chaincode.jzyb2b.com
org2.chaincode.jzyb2b.com
org1.chaincode.jzyb2b.com
org2.chaincode.jzyb2b.com
Generate idemix crypto material using idemixgen tool
Generating Orderer Genesis block
Generating channel configuration transaction 'channel.tx'
Generating anchor peer update for Org1MSP
Generating anchor peer update for Org2MSP
Generating Orderer Genesis block
Generating channel configuration transaction 'channel.tx'
Generating anchor peer update for Org1MSP
Generating anchor peer update for Org2MSP
它是如何工作的?
Cryptogen使用crypto-config.yaml,並允許我們為組織和屬於這些組織的組件生成一組證書和密鑰。
每個組織都配置了唯一的根證書(ca-cert),它將特定組件(peers和orders)綁定到該組織。
通過為每一個組織分配唯一的CA證書,我們正在模仿一個典型的網絡,這個網絡中的成員將使用自己的證書頒發機構。
Hyperledger Fabric中的交易和通信是通過存儲在keystore中的實體的私鑰簽名,然后通過公鑰手段進行驗證(signcerts)。
你將注意到在這個文件里有一個count變量。我們將使用它來指定每個組織中peer的數量;在我們的例子中,每個組織有兩個peer。
Cryptogen使用crypto-config.yaml,並允許我們為組織和屬於這些組織的組件生成一組證書和密鑰。
每個組織都配置了唯一的根證書(ca-cert),它將特定組件(peers和orders)綁定到該組織。
通過為每一個組織分配唯一的CA證書,我們正在模仿一個典型的網絡,這個網絡中的成員將使用自己的證書頒發機構。
Hyperledger Fabric中的交易和通信是通過存儲在keystore中的實體的私鑰簽名,然后通過公鑰手段進行驗證(signcerts)。
你將注意到在這個文件里有一個count變量。我們將使用它來指定每個組織中peer的數量;在我們的例子中,每個組織有兩個peer。
這里貼一下相關配置信息,免得你們忘了,最后執行不成功:
crypto-config.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: chaincode.yourdomain
CA:
Country: CN
Province: Zhejiang
Locality: Yiwu
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer0
- Hostname: orderer1
- Hostname: orderer2
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.chaincode.yourdomain
EnableNodeOUs: true
CA:
Country: CN
Province: Zhejiang
Locality: Yiwu
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 2
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2
Domain: org2.chaincode.yourdomain
EnableNodeOUs: true
CA:
Country: CN
Province: Zhejiang
Locality: Yiwu
Template:
Count: 2
Users:
Count: 2
configtx.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/chaincode.jzyb2b.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.chaincode.jzyb2b.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.chaincode.jzyb2b.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.chaincode.jzyb2b.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.chaincode.jzyb2b.com
Port: 7051
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the application level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: kafka
Addresses:
- orderer0.chaincode.yourdomain:7050
- orderer1.chaincode.yourdomain:7050
- orderer2.chaincode.yourdomain:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 98 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects. Edit
# this list to identify the brokers of the ordering service.
# NOTE: Use IP:port notation.
Brokers:
- kafka0:9092
- kafka1:9092
- kafka2:9092
- kafka3:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
# Capabilities describes the orderer level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *OrdererCapabilities
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
base/docker-compose-base.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper:
image: hyperledger/fabric-zookeeper
restart: always
ports:
- 2181:2181
- 2888:2888
- 3888:3888
extra_hosts:
- "zookeeper0:192.168.10.10"
- "zookeeper1:192.168.10.11"
- "zookeeper2:192.168.10.12"
- "kafka0:192.168.10.10"
- "kafka1:192.168.10.11"
- "kafka2:192.168.10.12"
- "kafka3:192.168.10.13"
kafka:
image: hyperledger/fabric-kafka
restart: always
environment:
- KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false
ports:
- 9092:9092
extra_hosts:
- "zookeeper0:192.168.10.10"
- "zookeeper1:192.168.10.11"
- "zookeeper2:192.168.10.12"
- "kafka0:192.168.10.10"
- "kafka1:192.168.10.11"
- "kafka2:192.168.10.12"
- "kafka3:192.168.10.13"
orderer0.chaincode.yourdomain:
container_name: orderer0.chaincode.yourdomain
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer0.chaincode.yourdomain/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer0.chaincode.yourdomain/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.10.10"
- "orderer1:192.168.10.11"
- "orderer2:192.168.10.12"
- "kafka0:192.168.10.10"
- "kafka1:192.168.10.11"
- "kafka2:192.168.10.12"
- "kafka3:192.168.10.13"
orderer1.chaincode.yourdomain:
container_name: orderer1.chaincode.yourdomain
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer1.chaincode.yourdomain/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer1.chaincode.yourdomain/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.10.10"
- "orderer1:192.168.10.11"
- "orderer2:192.168.10.12"
- "kafka0:192.168.10.10"
- "kafka1:192.168.10.11"
- "kafka2:192.168.10.12"
- "kafka3:192.168.10.13"
orderer2.chaincode.yourdomain:
container_name: orderer2.chaincode.yourdomain
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer2.chaincode.yourdomain/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/chaincode.yourdomain/orderers/orderer2.chaincode.yourdomain/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.10.10"
- "orderer1:192.168.10.11"
- "orderer2:192.168.10.12"
- "kafka0:192.168.10.10"
- "kafka1:192.168.10.11"
- "kafka2:192.168.10.12"
- "kafka3:192.168.10.13"
peer0.org1.chaincode.yourdomain:
container_name: peer0.org1.chaincode.yourdomain
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.chaincode.yourdomain
- CORE_PEER_ADDRESS=peer0.org1.chaincode.yourdomain:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.chaincode.yourdomain:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
peer1.org1.chaincode.yourdomain:
container_name: peer1.org1.chaincode.yourdomain
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org1.chaincode.yourdomain
- CORE_PEER_ADDRESS=peer1.org1.chaincode.yourdomain:7051
- CORE_PEER_CHAINCODEADDRESS=peer1.org1.chaincode.yourdomain:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.chaincode.yourdomain:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.chaincode.yourdomain/peers/peer1.org1.chaincode.yourdomain/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.chaincode.yourdomain/peers/peer1.org1.chaincode.yourdomain/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
peer0.org2.chaincode.yourdomain:
container_name: peer0.org2.chaincode.yourdomain
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.chaincode.yourdomain
- CORE_PEER_ADDRESS=peer0.org2.chaincode.yourdomain:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.chaincode.yourdomain:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
peer1.org2.chaincode.yourdomain:
container_name: peer1.org2.chaincode.yourdomain
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org2.chaincode.yourdomain
- CORE_PEER_ADDRESS=peer1.org2.chaincode.yourdomain:7051
- CORE_PEER_CHAINCODEADDRESS=peer1.org2.chaincode.yourdomain:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.chaincode.yourdomain:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.chaincode.yourdomain/peers/peer1.org2.chaincode.yourdomain/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.chaincode.yourdomain/peers/peer1.org2.chaincode.yourdomain/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
以上這個docker-compose-base.yaml文件需要在每台服務器上的base目錄下替換成同一個,否則后面執行會失敗哦
重要的事情:把192.168.10.10服務器的hyperledger/fabric/examples/e2e_cli目錄下channel_artifacts/*,crypto-config/*拷貝到其他三台服務器的同一個目錄下
在192.168.10.10服務器上先配置docker-compose-ca.yaml
先查看是否已經有鏡像運行在那里,如果有,則需要先停止,然后移除,最后在執行下面的步驟
CHANNEL_NAME= xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-ca.yaml stop
CHANNEL_NAME= xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-ca.yaml rm
CHANNEL_NAME= xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-ca.yaml stop
CHANNEL_NAME= xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-ca.yaml rm
CHANNEL_NAME= xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-ca.yaml up -d 2>&1
以上紅色部分是通道名稱,隨便你自己改吧,好像不能是大寫哦。最好中規中矩一點,不要另類
如果這個命令執行時錯誤了,試試下面幾個命令:
報警告:
RequestsDependencyWarning: urllib3 (1.22) or chardet (2.2.1) doesn't match a supported version!
RequestsDependencyWarning: urllib3 (1.22) or chardet (2.2.1) doesn't match a supported version!
執行如下三個命令:
pip uninstall urllib3
pip uninstall chardet
pip install requests
pip uninstall urllib3
pip uninstall chardet
pip install requests
這樣,我們的ca服務器就啟動起來了,同時把docker-compose-ca.yaml里的環境變量也組裝到了docker容器里
可能有人會問,docker-compose-ca.yaml從哪里來?
我們在上一步操作生產證書時,已經把docker-compose-e2e.yaml里的證書部分內容替換過了,只需要把里面的ca0服務拷貝出來,復制到192.168.10.10上
192.168.10.10服務器上的docker-compose-ca.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
ca0:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org1
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.chaincode.jzyb2b.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/67ae2160f54652ddb1c0cfffe1efef2dsfsdfsdfsds5d0591084c55d37a39a21a_sk
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org1.chaincode.jzyb2b.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/67ae2160f54652ddb1c0cfffe1efef2fghfhfghfh0591084c55d37a39a21a_sk -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org1.chaincode.jzyb2b.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerOrg1
注意:你的和我的,是不一樣的,別拷貝我這份,拷貝了也沒有用,因為我的證書不會給你啊
接下來配置Zookeeper,因為超級賬本的啟動順序是zookeeper,kafka,orderer,peer
在192.168.199.184服務器上先配置docker-compose-zookeeper.yaml
在配置docker-compose-zookeeper時,要注意一個地方,那就是容器自身會有一個ip(比如:127.0.0.1),與實際的宿主服務器不是同一個(比如192.168.0.1)
所以需要為服務添加hostname,以及extra_hosts,來映射相互的關系
所以需要為服務添加hostname,以及extra_hosts,來映射相互的關系
/*
有必要的話執行如下操作
systemctl stop firewalld # 關閉centos7自帶防火牆
yum install iptables-services # 安裝iptables-services軟件包
systemctl enable iptables # 開機自啟動iptables服務
systemctl start iptables # 開啟iptables服務
這樣就可以使用service iptables save/stop/restart/start 功能管理iptables配置了
*/
有必要的話執行如下操作
systemctl stop firewalld # 關閉centos7自帶防火牆
yum install iptables-services # 安裝iptables-services軟件包
systemctl enable iptables # 開機自啟動iptables服務
systemctl start iptables # 開啟iptables服務
這樣就可以使用service iptables save/stop/restart/start 功能管理iptables配置了
*/
iptables -A INPUT -p tcp --dport 2181 -j ACCEPT
iptables -A INPUT -p tcp --dport 2888 -j ACCEPT
iptables -A INPUT -p tcp --dport 3888 -j ACCEPT
iptables -A INPUT -p tcp --dport 9092 -j ACCEPT
iptables -A INPUT -p tcp --dport 7050 -j ACCEPT
iptables -A INPUT -p tcp --dport 9093 -j ACCEPT
iptables -A INPUT -p tcp --dport 7051 -j ACCEPT
iptables -A INPUT -p tcp --dport 7052 -j ACCEPT
iptables -A INPUT -p tcp --dport 7053 -j ACCEPT
iptables -A INPUT -p tcp --dport 6060 -j ACCEPT
iptables -A INPUT -p tcp --dport 2888 -j ACCEPT
iptables -A INPUT -p tcp --dport 3888 -j ACCEPT
iptables -A INPUT -p tcp --dport 9092 -j ACCEPT
iptables -A INPUT -p tcp --dport 7050 -j ACCEPT
iptables -A INPUT -p tcp --dport 9093 -j ACCEPT
iptables -A INPUT -p tcp --dport 7051 -j ACCEPT
iptables -A INPUT -p tcp --dport 7052 -j ACCEPT
iptables -A INPUT -p tcp --dport 7053 -j ACCEPT
iptables -A INPUT -p tcp --dport 6060 -j ACCEPT
因為在啟動zookeeper,kafka,orderer時,會自動訪問其他三台服務器的,不配置可能會造成訪問拒絕
同時,如果是在阿里雲上部署的,那么安全策略那里也需要把各個端口加上去哦,如下:
CHANNEL_NAME=xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-zookeeper.yaml up -d 2>&1
這里有一個小技巧,如果你想看看執行的過程,可以把上面這個命令的-d 2>&1去掉,就可以看到整個的調試過程
如果看完了,再ctrl+z結束掉,重新執行一遍也沒有問題的
這時,你可以通過docker ps命令查看服務是否啟動
docker-compose-zookeeper.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper0:
container_name: zookeeper0
hostname: zookeeper0
extends:
file: base/docker-compose-base.yaml
service: zookeeper
environment:
- ZOO_MY_ID=1
- ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888
注意:每台機器的hostname,container_name,zoo_my_id是不一樣的,別搞錯了
接下來
再配置docker-compose-kafka.yaml
CHANNEL_NAME=xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-kafka.yaml up -d 2>&1
docker-compose-kafka.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
kafka0:
container_name: kafka0
hostname: kafka0
extends:
file: base/docker-compose-base.yaml
service: kafka
environment:
- KAFKA_BROKER_ID=1
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181
注意:每台機器的hostname,container_name,kafka_broker_id是不一樣的,別搞錯了
接下來,再配置docker-compose-orderer.yaml
CHANNEL_NAME=xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-orderer.yaml up -d 2>&1
這時會報fatal error: unexpected signal during runtime execution
只需要修改 /etc/resolv.conf 配置,將 options timeout:2 attempts:3 rotate single-request-reopen 內容注釋掉
http://www.dongcoder.com/detail-1046674.html
http://www.iyeele.com/731.html
只需要修改 /etc/resolv.conf 配置,將 options timeout:2 attempts:3 rotate single-request-reopen 內容注釋掉
http://www.dongcoder.com/detail-1046674.html
http://www.iyeele.com/731.html
docker-compose-orderer.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
orderer0.chaincode.yourdomain:
extends:
file: base/docker-compose-base.yaml
service: orderer0.chaincode.yourdomain
container_name: orderer0.chaincode.yourdomain
再配置docker-compose-peer.yaml
CHANNEL_NAME=xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-peer.yaml up -d 2>&1
docker-compose-peer.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
peer0.org1.chaincode.yourdomain:
container_name: peer0.org1.chaincode.yourdomain
hostname: peer0.org1.chaincode.yourdomain
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.chaincode.yourdomain
再給每個終端建立服務Cli
CHANNEL_NAME=xinhong.test TIMEOUT=10000 docker-compose -f docker-compose-cli.yaml up -d 2>&1
注意,配置文件里的command都需要先注釋掉,下一步等的zo每台機器的okeeper,kafka,orderer,peer都部署好了,然后在第一台機器上進入cli需要創建channel,其他的都只需要把創建的xinhong.test.block復制過去就進行了,然后所有peer加入channel后,再安裝智能合約以及實例化
docker-compose-cli.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
# 每一台Peer的以下配置不相同
# 主要體現在 CORE_PEER_ADDRESS=peer0.org1.chaincode.yourdomain:7051
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/workspace/golang
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_LOCALMSPTYPE=bccsp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/users/Admin@org1.chaincode.yourdomain/msp
working_dir: /workspace/golang/src/github.com/hyperledger/fabric/peer
#command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT'
volumes:
- /var/run/:/host/var/run/
- ../chaincode/go/:/workspace/golang/src/github.com/hyperledger/fabric/examples/chaincode/go
- ./crypto-config:/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/workspace/golang/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/workspace/golang/src/github.com/hyperledger/fabric/peer/channel-artifacts
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
- "peer0.org1.chaincode.yourdomain:192.168.10.10"
- "peer0.org2.chaincode.yourdomain:192.168.10.11"
- "peer1.org1.chaincode.yourdomain:192.168.10.12"
- "peer1.org2.chaincode.yourdomain:192.168.10.13"
然后按照一樣的方式把192.168.10.11,192.168.10.12,192.168.10.13都重新部署一遍
192.168.10.11:
docker-compose-ca.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
ca1:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org2
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org2.chaincode.jzyb2b.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/19846ce7eab8886312dceeadd4564564576aede848e158610ea2a50089_sk
ports:
- "8054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.org2.chaincode.jzyb2b.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/19846ce7eab8886312dceeyjumj77cf6b9e6aede848e158610ea2a50089_sk -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org2.chaincode.yourdomain/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerOrg2
docker-compose-zookeeper.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper1:
container_name: zookeeper1
hostname: zookeeper1
extends:
file: base/docker-compose-base.yaml
service: zookeeper
environment:
- ZOO_MY_ID=2
- ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888
docker-compose-kafka.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
kafka1:
container_name: kafka1
hostname: kafka1
extends:
file: base/docker-compose-base.yaml
service: kafka
environment:
- KAFKA_BROKER_ID=2
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181
docker-compose-orderer.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
orderer1.chaincode.yourdomain:
extends:
file: base/docker-compose-base.yaml
service: orderer1.chaincode.yourdomain
container_name: orderer1.chaincode.yourdomain
docker-compose-peer.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
peer0.org2.chaincode.yourdomain:
container_name: peer0.org2.chaincode.yourdomain
hostname: peer0.org2.chaincode.yourdomain
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.chaincode.yourdomain
docker-compose-cli.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
# 每一台Peer的以下配置不相同
# 主要體現在 CORE_PEER_ADDRESS=peer0.org2.chaincode.yourdomain:7051
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/workspace/golang
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org2.chaincode.yourdomain:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_LOCALMSPTYPE=bccsp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/users/Admin@org2.chaincode.yourdomain/msp
working_dir: /workspace/golang/src/github.com/hyperledger/fabric/peer
#command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT'
volumes:
- /var/run/:/host/var/run/
- ../chaincode/go/:/workspace/golang/src/github.com/hyperledger/fabric/examples/chaincode/go
- ./crypto-config:/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/workspace/golang/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/workspace/golang/src/github.com/hyperledger/fabric/peer/channel-artifacts
extra_hosts:
- "orderer0.chaincode.yourdomain:192.168.10.10"
- "orderer1.chaincode.yourdomain:192.168.10.11"
- "orderer2.chaincode.yourdomain:192.168.10.12"
- "peer0.org1.chaincode.yourdomain:192.168.10.10"
- "peer0.org2.chaincode.yourdomain:192.168.10.11"
- "peer1.org1.chaincode.yourdomain:192.168.10.12"
- "peer1.org2.chaincode.yourdomain:192.168.10.13"
192.168.10.12
部署zookeeper2,kafka2,orderer2,peer1.org1,cli
192.168.10.13
部署kafka3,peer1.org2,cli
以上服務都部署完畢后,我們再來創建區塊鏈信息
在192.168.10.10上
進入hyperledger/fabric/examples/e2e_cli目錄
執行,docker exec -it cli bash
進入cli的容器
創建通道
peer channel create -o orderer0.chaincode.yourdomain:7050 -c xinhong.test -f ./channel-artifacts/channel.tx --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer0.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomian-cert.pem >&log.txt
成功之后,把生成的xinhong.test.block拷貝到當前目錄的channel-artifacts里,等待傳遞到其他服務器
docker ps
通過docker ps命令找到fabric-tools的容器ID,然后執行復制操作
docker cp 52918b37014c:/workspace/golang/src/github.com/hyperledger/fabric/peer/xinhong.test.block /workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts/
通過docker ps命令找到fabric-tools的容器ID,然后執行復制操作
docker cp 52918b37014c:/workspace/golang/src/github.com/hyperledger/fabric/peer/xinhong.test.block /workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts/
執行peer0.org1,peer0.org2,peer1.org1,peer1.org2的join channel操作
peer channel join -b xinhong.test.block >&log.txt
peer channel join -b xinhong.test.block >&log.txt
上面紅色的字符替換成你自己的fabric-tools的容器ID
該操作如果上一步沒有把xinhong.test.block文件拷過來是執行不了的哦
安裝智能合約(在
每台服務器上都安裝一下智能合約吧)
# docker exec -it cli bash
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/example02/cmd >&log.txt
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/example02/cmd >&log.txt
實例化智能合約(在1921.68.10.10服務器上操作)
區塊初始化數據為a為100,b為200
peer chaincode instantiate -o orderer0.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer0.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "AND ('Org1MSP.peer','Org2MSP.peer')" >&log.txt
區塊初始化數據為a為100,b為200
peer chaincode instantiate -o orderer0.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer0.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "AND ('Org1MSP.peer','Org2MSP.peer')" >&log.txt
Peer上查詢a,顯示100
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","a"]}'
執行192.168.10.12的終端(別弄錯了,是peer1.org1,所以是10.12這台服務器),
Peer上進行a向b轉10交易
Peer上進行a向b轉10交易
這里需要兩個節點進行背書(peer0.org1,peer0.org2)
peer chaincode invoke -o orderer2.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer2.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc --peerAddresses peer0.org1.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/ca.crt --peerAddresses peer0.org2.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/ca.crt -c '{"Args":["invoke","a","b","10"]}' >&log.txt
peer chaincode invoke -o orderer2.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer2.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc --peerAddresses peer0.org1.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/ca.crt --peerAddresses peer0.org2.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/ca.crt -c '{"Args":["invoke","a","b","10"]}' >&log.txt
執行192.168.10.11的終端(peer0.org2),
Peer上查詢a,顯示90
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","a"]}'
Peer上查詢a,顯示90
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","a"]}'
Peer上進行a向b轉50交易
這里需要兩個節點進行背書
peer chaincode invoke -o orderer1.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer1.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc --peerAddresses peer0.org1.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/ca.crt --peerAddresses peer0.org2.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/ca.crt -c '{"Args":["invoke","a","b","50"]}' >&log.txt
peer chaincode invoke -o orderer1.chaincode.yourdomain:7050 --tls --cafile /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/chaincode.yourdomain/orderers/orderer1.chaincode.yourdomain/msp/tlscacerts/tlsca.chaincode.yourdomain-cert.pem -C xinhong.test -n mycc --peerAddresses peer0.org1.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.chaincode.yourdomain/peers/peer0.org1.chaincode.yourdomain/tls/ca.crt --peerAddresses peer0.org2.chaincode.yourdomain:7051 --tlsRootCertFiles /workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.chaincode.yourdomain/peers/peer0.org2.chaincode.yourdomain/tls/ca.crt -c '{"Args":["invoke","a","b","50"]}' >&log.txt
執行peer1.org2的終端(192.168.10.13),
Peer上查詢a,顯示40
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","a"]}'
Peer上查詢b,顯示260
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","b"]}'
Peer上查詢a,顯示40
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","a"]}'
Peer上查詢b,顯示260
# peer chaincode query -C xinhong.test -n mycc -c '{"Args":["query","b"]}'
以上操作,如果執行失敗,唯一的問題:
就是你自己配置文件沒有改對,不要來問我中間的錯誤,先核對這個哦!
QQ:1033536868