一、fabric環境准備
1. 軟件環境
docker、docker-compose、golang
2. docker鏡像拉取
docker pull hyperledger/fabric-peer:x86_64-1.0.0 docker pull hyperledger/fabric-orderer:x86_64-1.0.0 docker pull hyperledger/fabric-baseos:x86_64-0.3.1 docker pull hyperledger/fabric-tools:x86_64-1.0.0
二、 fabric源碼拉取
1. 拉取fabric源碼
源碼庫版本切換到 release-1.0(剛接觸,先按教程學習,減少彎路)
拉取目的是編譯 cryptogen、 configtxgen兩個工具
cryptogen:主要目的是生成相關的證書
configtxgen:主要目的是生成創世區塊和通道配置相關的內容
拉取fabric源碼
go get方式
go get -u -v github.com/hyperledger/fabric
git方式
mkdir -p $GOPATH/src/github.com/hyperledger cd -p $GOPATH/src/github.com/hyperledger git clone https://github.com/hyperledger/fabric.git
切換到release-1.0版本
git checkout release-1.0
2. 安裝cryptogen:
進入fabric目錄
cd common/configtx/tool/configtxgen/
go install #安裝
碰到錯誤,我用vmwre創建的centos7虛擬機,沒有安裝gcc,錯誤如下:exec: "gcc": executable file not found in $PATH
安裝gcc編譯器
yum -y install gcc gcc-c++ kernel-devel
然后go install又出現錯誤:
# github.com/hyperledger/fabric/vendor/github.com/miekg/pkcs11 ../../../../vendor/github.com/miekg/pkcs11/pkcs11.go:29:18: fatal error: ltdl.h: No such file or directory #include <ltdl.h> ^ compilation terminated.
解決辦法,安裝libtool
yum -y install libtool-ltdl-devel
再次執行 go install 成功安裝
3. 安裝configtxgen
進入/fabric/common/tools/cryptogen
執行go install命令
PS:mac下可能報錯 ....github.com/miekg/pkcs11....., 可以使用 go install --tags=nopkcs11 忽略
兩個工具都被安裝到GOPATH的bin目錄下
下面進入fabric-samples項目搭建第一個網絡
三、 fabric-samples項目
這個項目里面,官方提供了一些例子,幫助我們快速的建立一個fabric網絡,在官方提供的例子里,建立我們的第一個網絡是非常簡單的
1. 源碼拉取及切換到release-1.0分支
git checkout release-1.0
里面有很多例子,首先看first-network
drwxr-xr-x. 5 root root 253 Apr 14 23:03 . drwxr-xr-x. 11 root root 257 Apr 14 23:03 .. drwxr-xr-x. 2 root root 60 Apr 14 23:03 base -rwxr-xr-x. 1 root root 15108 Apr 14 23:03 byfn.sh drwxr-xr-x. 2 root root 22 Apr 14 20:20 channel-artifacts -rw-r--r--. 1 root root 5013 Apr 14 23:03 configtx.yaml -rw-r--r--. 1 root root 3858 Apr 14 23:03 crypto-config.yaml -rw-r--r--. 1 root root 3015 Apr 14 23:03 docker-compose-cli.yaml -rw-r--r--. 1 root root 4604 Apr 14 23:03 docker-compose-couch.yaml -rw-r--r--. 1 root root 2883 Apr 14 20:20 docker-compose-e2e-template.yaml -rw-r--r--. 1 root root 42 Apr 14 20:20 .env -rw-r--r--. 1 root root 335 Apr 14 20:20 README.md drwxr-xr-x. 2 root root 23 Apr 14 23:03 scripts
注釋:
base # 目錄下是多個compose的公共服務 byfn.sh # 啟動腳本 channel-artifacts configtx.yaml # 根據之前生成的兩個工具生成相應的配置文件,放入到channel-artifacts crypto-config.yaml # 根據之前生成的兩個工具生成相應的配置文件,放到哪兒??? docker-compose-cli.yaml # 啟動網絡 docker-compose-couch.yaml # 啟動網絡 docker-compose-e2e-template.yaml # 啟動網絡 .env # 存儲的環境變量 README.md scripts # 目錄下存儲的是測試腳本,例如創建通道、加入通道、安裝鏈碼、實例化鏈碼、和鏈碼做一些交互的工作
2. byfn.sh腳本命令參數
./byfn.sh -h # 查看幫助
[root@chow first-network]# ./byfn.sh -h Usage: byfn.sh -m up|down|restart|generate [-c <channel name>] [-t <timeout>] [-d <delay>] [-f <docker-compose-file>] [-s <dbtype>] [-i <imagetag>] byfn.sh -h|--help (print this message) -m <mode> - one of 'up', 'down', 'restart' or 'generate' - 'up' - bring up the network with docker-compose up - 'down' - clear the network with docker-compose down - 'restart' - restart the network - 'generate' - generate required certificates and genesis block -c <channel name> - channel name to use (defaults to "mychannel") -t <timeout> - CLI timeout duration in microseconds (defaults to 10000) -d <delay> - delay duration in seconds (defaults to 3) -f <docker-compose-file> - specify which docker-compose file use (defaults to docker-compose-cli.yaml) -s <dbtype> - the database backend to use: goleveldb (default) or couchdb -i <imagetag> - pass the image tag to launch the network using the tag: 1.0.1, 1.0.2, 1.0.3, 1.0.4 (defaults to latest) Typically, one would first generate the required certificates and genesis block, then bring up the network. e.g.: byfn.sh -m generate -c mychannel byfn.sh -m up -c mychannel -s couchdb byfn.sh -m up -c mychannel -s couchdb -i 1.0.6 byfn.sh -m down -c mychannel Taking all defaults: byfn.sh -m generate byfn.sh -m up byfn.sh -m down
說明:
up、 down 、 restart:是提供的docker-compose啟動、停止、重啟命令選項
generate:根據之前編譯的兩個工具,生成相應的證書以及創世區塊
-c:channel通道的名字
-t:客戶端超時時間,默認10s
-s:數據庫引擎的選擇,默認goleveldb
創建網絡流程
1. 構建配置文件:byfn.sh -m generate (根據前面提到的configtx.yaml和crypto-config.yaml生成peer節點以及oderer節點相關的MSP證書以及創世區塊等配置)
2. 啟動網絡:byfn.sh -m up
3. 停止網絡:byfn.sh -m down
3. 執行 ./byfn.sh -m generate -c testchannel,腳本做了哪些操作
proceeding ... /root/go/bin/cryptogen # 首先根據cryptogen工具生成了參與主體的MSP證書,下面有兩個主體:組織一和組織二 ########################################################## ##### Generate certificates using cryptogen tool ######### ########################################################## org1.example.com # 組織一 org2.example.com # 組織二 /root/go/bin/configtxgen # 根據 configtxgen生成創世區塊以及通道的配置文件,最后生成了兩個組織的錨節點,錨節點是每個組織對外的一個節點, ########################################################## ######### Generating Orderer Genesis block ############## ########################################################## 創世區塊 2020-04-14 23:53:06.015 CST [common/configtx/tool] main -> INFO 001 Loading configuration 2020-04-14 23:53:06.037 CST [common/configtx/tool] doOutputBlock -> INFO 002 Generating genesis block 2020-04-14 23:53:06.038 CST [common/configtx/tool] doOutputBlock -> INFO 003 Writing genesis block ################################################################# ### Generating channel configuration transaction 'channel.tx' ### ################################################################# 通道配置文件 2020-04-14 23:53:06.048 CST [common/configtx/tool] main -> INFO 001 Loading configuration 2020-04-14 23:53:06.052 CST [common/configtx/tool] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx 2020-04-14 23:53:06.052 CST [common/configtx/tool] doOutputChannelCreateTx -> INFO 003 Writing new channel tx ################################################################# ####### Generating anchor peer update for Org1MSP ########## ################################################################# 組織一錨節點 2020-04-14 23:53:06.061 CST [common/configtx/tool] main -> INFO 001 Loading configuration 2020-04-14 23:53:06.065 CST [common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 002 Generating anchor peer update 2020-04-14 23:53:06.066 CST [common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 003 Writing anchor peer update ################################################################# ####### Generating anchor peer update for Org2MSP ########## ################################################################# 組織二錨節點 2020-04-14 23:53:06.075 CST [common/configtx/tool] main -> INFO 001 Loading configuration 2020-04-14 23:53:06.079 CST [common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 002 Generating anchor peer update 2020-04-14 23:53:06.079 CST [common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 003 Writing anchor peer update
4.crypto-config.yaml配置文件是如何設置的
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # # --------------------------------------------------------------------------- # "OrdererOrgs" - Definition of organizations managing orderer nodes # --------------------------------------------------------------------------- OrdererOrgs: # 首先設置了orderer的一些信息 # --------------------------------------------------------------------------- # Orderer # --------------------------------------------------------------------------- - Name: Orderer # orderer名字 Domain: example.com # orderer根域名 # --------------------------------------------------------------------------- # "Specs" - See PeerOrgs below for complete description # --------------------------------------------------------------------------- Specs: - Hostname: orderer # 這里的配置代表只有一個orderer # --------------------------------------------------------------------------- # "PeerOrgs" - Definition of organizations managing peer nodes # --------------------------------------------------------------------------- PeerOrgs: # peer組織的信息 # --------------------------------------------------------------------------- # Org1 # --------------------------------------------------------------------------- - Name: Org1 Domain: org1.example.com # --------------------------------------------------------------------------- # "Specs" # --------------------------------------------------------------------------- # Uncomment this section to enable the explicit definition of hosts in your # configuration. Most users will want to use Template, below # # Specs is an array of Spec entries. Each Spec entry consists of two fields: # - Hostname: (Required) The desired hostname, sans the domain. # - CommonName: (Optional) Specifies the template or explicit override for # the CN. By default, this is the template: # # "{{.Hostname}}.{{.Domain}}" # # which obtains its values from the Spec.Hostname and # Org.Domain, respectively. # --------------------------------------------------------------------------- # Specs: # - Hostname: foo # implicitly "foo.org1.example.com" # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above # - Hostname: bar # - Hostname: baz # --------------------------------------------------------------------------- # "Template" # --------------------------------------------------------------------------- # Allows for the definition of 1 or more hosts that are created sequentially # from a template. By default, this looks like "peer%d" from 0 to Count-1. # You may override the number of nodes (Count), the starting index (Start) # or the template used to construct the name (Hostname). # # Note: Template and Specs are not mutually exclusive. You may define both # sections and the aggregate nodes will be created for you. Take care with # name collisions # --------------------------------------------------------------------------- Template: Count: 2 # 代表有兩個peer # Start: 5 # Hostname: {{.Prefix}}{{.Index}} # default # --------------------------------------------------------------------------- # "Users" # --------------------------------------------------------------------------- # Count: The number of user accounts _in addition_ to Admin # --------------------------------------------------------------------------- Users: Count: 1 # 一個用戶 # --------------------------------------------------------------------------- # Org2: See "Org1" for full specification # --------------------------------------------------------------------------- - Name: Org2 Domain: org2.example.com Template: Count: 2 Users: Count: 1
5.所生成的配置文件所放到的位置
fabric-samples/first-network/crypto-config
drwxr-xr-x. 3 root root 25 Apr 14 23:53 ordererOrganizations drwxr-xr-x. 4 root root 54 Apr 14 23:53 peerOrganizations
首先將orderer以及peer分離,內部的路徑基本差不多
[root@chow crypto-config]# cd peerOrganizations/ [root@chow peerOrganizations]# ll total 0 drwxr-xr-x. 7 root root 66 Apr 14 23:53 org1.example.com drwxr-xr-x. 7 root root 66 Apr 14 23:53 org2.example.com
peer里按照主體進行分割
[root@chow peerOrganizations]# cd org1.example.com/ [root@chow org1.example.com]# ll total 0 drwxr-xr-x. 2 root root 117 Apr 14 23:53 ca # 存儲的是根ca的證書和私鑰 drwxr-xr-x. 5 root root 57 Apr 14 23:53 msp # 存儲的是根管理員證書和中間證書 drwxr-xr-x. 4 root root 66 Apr 14 23:53 peers # 存儲的是每一個peer相關的證書 drwxr-xr-x. 2 root root 120 Apr 14 23:53 tlsca drwxr-xr-x. 4 root root 66 Apr 14 23:53 users # 針對這個組織的每一個用戶也有相關的證書,一般情況下包含一個管理員和一個普通用戶(之前的配置文件寫的是一個用戶,這里有倆,包含一個admin用戶)
6.channel-artifacts生成哪些配置文件
[root@chow first-network]# cd channel-artifacts/ [root@chow channel-artifacts]# ls -al total 28 drwxr-xr-x. 2 root root 111 Apr 14 23:53 . drwxr-xr-x. 6 root root 4096 Apr 14 23:53 .. -rw-r--r--. 1 root root 394 Apr 14 23:53 channel.tx # 創建的通道初始配置 -rw-r--r--. 1 root root 9089 Apr 14 23:53 genesis.block # 整個網絡中的創世區塊 -rw-r--r--. 1 root root 0 Apr 14 20:20 .gitkeep -rw-r--r--. 1 root root 284 Apr 14 23:53 Org1MSPanchors.tx # 主體一的錨節點配置 -rw-r--r--. 1 root root 284 Apr 14 23:53 Org2MSPanchors.tx # 主體二的錨節點配置
7.configtx.yaml配置項
分成三塊:Profile、Organizations、Application
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # --- ################################################################################ # # Profile # 定義了整個網絡啟動的時候,里面包含了哪些組織 # # - Different configuration profiles may be encoded here to be specified # as parameters to the configtxgen tool # ################################################################################ Profiles: TwoOrgsOrdererGenesis: Orderer: <<: *OrdererDefaults Organizations: - *OrdererOrg Consortiums: SampleConsortium: Organizations: - *Org1 - *Org2 TwoOrgsChannel: Consortium: SampleConsortium Application: <<: *ApplicationDefaults Organizations: - *Org1 - *Org2 ################################################################################ # # Section: Organizations # # - This section defines the different organizational identities which will # be referenced later in the configuration. # ################################################################################ Organizations: # SampleOrg defines an MSP using the sampleconfig. It should never be used # in production but may be used as a template for other definitions - &OrdererOrg # orderer組織 # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: OrdererOrg # 組織名字 # ID to load the MSP definition as ID: OrdererMSP # 組織ID # MSPDir is the filesystem path which contains the MSP configuration MSPDir: crypto-config/ordererOrganizations/example.com/msp # MSP證書位置 - &Org1 # 組織一 # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: Org1MSP # ID to load the MSP definition as ID: Org1MSP MSPDir: crypto-config/peerOrganizations/org1.example.com/msp AnchorPeers: # 錨節點配置 # AnchorPeers defines the location of peers which can be used # for cross org gossip communication. Note, this value is only # encoded in the genesis block in the Application section context - Host: peer0.org1.example.com Port: 7051 - &Org2 # 組織二 # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: Org2MSP # ID to load the MSP definition as ID: Org2MSP MSPDir: crypto-config/peerOrganizations/org2.example.com/msp AnchorPeers: # AnchorPeers defines the location of peers which can be used # for cross org gossip communication. Note, this value is only # encoded in the genesis block in the Application section context - Host: peer0.org2.example.com Port: 7051 ################################################################################ # # SECTION: Orderer # # - This section defines the values to encode into a config transaction or # genesis block for orderer related parameters # ################################################################################ Orderer: &OrdererDefaults # 對orderer一個單獨的配置 # Orderer Type: The orderer implementation to start # Available types are "solo" and "kafka" OrdererType: solo # orderer類型,整個網絡中有兩種類型:solo和kafka Addresses: - orderer.example.com:7050 # Batch Timeout: The amount of time to wait before creating a batch BatchTimeout: 2s # Batch Size: Controls the number of messages batched into a block BatchSize: # Max Message Count: The maximum number of messages to permit in a batch MaxMessageCount: 10 # Absolute Max Bytes: The absolute maximum number of bytes allowed for # the serialized messages in a batch. AbsoluteMaxBytes: 99 MB # Preferred Max Bytes: The preferred maximum number of bytes allowed for # the serialized messages in a batch. A message larger than the preferred # max bytes will result in a batch larger than preferred max bytes. PreferredMaxBytes: 512 KB Kafka: # Brokers: A list of Kafka brokers to which the orderer connects # NOTE: Use IP:port notation Brokers: - 127.0.0.1:9092 # Organizations is the list of orgs which are defined as participants on # the orderer side of the network Organizations: ################################################################################ # # SECTION: Application # # - This section defines the values to encode into a config transaction or # genesis block for application related parameters # ################################################################################ Application: &ApplicationDefaults # Organizations is the list of orgs which are defined as participants on # the application side of the network Organizations: