環境說明
- 測試環境,1台機器
- 操作系統:ubutun 16 4c 64G
- docker 版本
- 實現功能:開發(java程序)接收參數NETWORKNAME(網絡名稱)、ORGNAME(組織名稱)、HOSTNAME(域名),根據模板yaml文件,實例化不同組織的yaml 文件,結合shell腳本啟動實例化的網絡。
- 注意:在yaml的版本2中能使用peer1.org2.example.com ,在版本3中只能使用peer1_org2_example_com。在yaml版本2中能使用extends,yaml版本3中不能。后面有做詳細轉換說明。
# docker version
Client:
Version: 18.09.7
API version: 1.39
Go version: go1.10.4
Git commit: 2d0083d
Built: Fri Aug 16 14:19:38 2019
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.09.7
API version: 1.39 (minimum version 1.12)
Go version: go1.10.4
Git commit: 2d0083d
Built: Thu Aug 15 15:12:41 2019
OS/Arch: linux/amd64
Experimental: false
docker swarm
# docker swarm init
fabric 的配置
配置是根據官網的源碼進行改造。
下載fabric-samples源碼
# mkdir -p /opt/fabric
# cd /opt/fabric
# git clone -b master https://github.com/hyperledger/fabric-samples.git
查看源碼中的配置
參考:docker-compose-ca.yaml、docker-compose-cli.yaml 、docker-compose-couch.yaml、docker-compose-etcdraft2.yaml配置文件進行改造。
改造后的文件:
stack-ca.yaml
version: '3'
#參數說明:NETWORKNAME(網絡名稱)、ORGNAME(組織名稱)、HOSTNAME(域名)。使用shell腳本,加上3個參數生成對應的不同的組織的ca啟動文件,然后進行啟動。
networks:
fabric-${NETWORKNAME}:
external: true
services:
ca_${ORGNAME}:
image: hyperledger/fabric-ca
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-${ORGNAME}
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.${ORGNAME}.${HOSTNAME}-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY}
- FABRIC_CA_SERVER_PORT=10013
ports:#注意端口不要沖突
# - "10013:10013"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.${ORGNAME}.${HOSTNAME}-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY} -b admin:adminpw -d'
volumes:
- /home/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${HOSTNAME}/ca/:/etc/hyperledger/fabric-ca-server-config/
# hostname是這個ca容器的主機名稱
hostname: ca_peer${ORGNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- ca_peer${ORGNAME}
stack-cli.yaml (peer 和 cli,可以分開兩個文件。一般多個fabric網絡中只需要有一個cli即可。 )
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
volumes:
peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:
peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:
services:
peer0_${ORGNAME}_${NETWORKNAME}:
image: hyperledger/fabric-peer:2.1.1
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
# 源碼中的docker-compose是版本2的,支持extends。我們現在用的是yaml 版本3,不支持extends。需要將原來依賴的配置全部寫完整
######下面是源碼中的配置
#peer1.org2.example.com:
#container_name: peer1.org2.example.com
#extends:
#file: base/docker-compose-base.yaml
#service: peer1.org2.example.com
#networks:
#####需要找到對應base/docker-compose-base.yaml的peer1.org2.example.com那段配置
#####下面是base/docker-compose-base.yaml的peer1.org2.example.com配置(base/docker-compose-base.yaml中有多個服務)
#peer1.org2.example.com:
# container_name: peer1.org2.example.com
# extends:
# file: peer-base.yaml 這個位置還依賴了文件peer-base.yaml的peer-base,這個依賴文件也需要。
# service: peer-base
# environment:
# - CORE_PEER_ID=peer1.org2.example.com
# - CORE_PEER_ADDRESS=peer1.org2.example.com:10051
# - CORE_PEER_LISTENADDRESS=0.0.0.0:10051
# - CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:10052
# - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:10052
# - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:10051
# - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:9051
# - CORE_PEER_LOCALMSPID=Org2MSP
# volumes:
# - /var/run/:/host/var/run/
# - ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
# - ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
# - peer1.org2.example.com:/var/hyperledger/production
# ports:
# - 10051:10051
#######以上是base/docker-compose-base.yaml的peer1.org2.example.com配置,里面有依賴peer-base.yaml的peer-base,將這段配置放在stack-cli.yaml 文件#######相應位置
#以下配置來自base/peer-base.yaml的peer-base
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric-${NETWORKNAME}
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
# Allow more time for chaincode container to build on install.
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
#以上配置來自base/peer-base.yaml的peer-base
#以下配置來自base/docker-compose-base.yaml的peer1.org2.example.com
- CORE_PEER_ID=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- CORE_PEER_ADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LISTENADDRESS=0.0.0.0:20
- CORE_PEER_CHAINCODEADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:21
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:21
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
#以上配置來自base/docker-compose-base.yaml的peer1.org2.example.com
#注意,增加了數據庫的配置。數據庫端口號是固定的,會根據不同數據庫服務名稱訪問到不同數據庫。請不要修改端口號。
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0_${ORGNAME}_couchdb:5984
# The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
# provide the credentials for ledger to connect to CouchDB. The username and password must
# match the username and password set for the associated CouchDB.
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=
#下面配置來自base/peer-base.yaml的peer-base
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
#以上配置來自base/peer-base.yaml的peer-base
hostname: peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/test.nettest.b.com/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp:/etc/hyperledger/fabric/msp
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls:/etc/hyperledger/fabric/tls
- /home/vbaas/fabric/networks/${NETWORKNAME}/mount/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:
# - 20:20
networks:
fabric-${NETWORKNAME}:
aliases:
- peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
#peer1的參考peer0即可。
peer1_${ORGNAME}_${NETWORKNAME}:
image: hyperledger/fabric-peer:2.1.1
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric-${NETWORKNAME}
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_PEER_ID=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- CORE_PEER_ADDRESS=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_LISTENADDRESS=0.0.0.0:1020
- CORE_PEER_CHAINCODEADDRESS=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1021
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:1021
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer1_${ORGNAME}_couchdb:5984
# The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
# provide the credentials for ledger to connect to CouchDB. The username and password must
# match the username and password set for the associated CouchDB.
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=
# Allow more time for chaincode container to build on install.
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
hostname: peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp:/etc/hyperledger/fabric/msp
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/test.nettest.b.com/peers/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls:/etc/hyperledger/fabric/tls
- /home/vbaas/fabric/networks/${NETWORKNAME}/mount/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:#注意端口不要沖突
- 1020:1020
networks:
fabric-${NETWORKNAME}:
aliases:
- peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
cli:
image: hyperledger/fabric-tools:2.1.1
tty: true
stdin_open: true
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/users/Admin@${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/chaincode/:/opt/gopath/src/github.com/hyperledger/fabric-samples/chaincode
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- /home/vbaas/fabric/networks/${NETWORKNAME}/scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- /home/vbaas/fabric/networks/${NETWORKNAME}/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
networks:
- fabric-nettest
depends_on:
- peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
stack-couch.yaml
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
services:
peer0_${ORGNAME}_couchdb:
hostname: peer0_${ORGNAME}_couchdb
image: couchdb:2.3
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- COUCHDB_USER=
- COUCHDB_PASSWORD=
networks:
fabric-${NETWORKNAME}:
aliases:
- peer0_${ORGNAME}_couchdb
peer1_${ORGNAME}_couchdb:
hostname: peer1_${ORGNAME}_couchdb
image: couchdb:2.3
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- COUCHDB_USER=
- COUCHDB_PASSWORD=
networks:
fabric-${NETWORKNAME}:
aliases:
- peer1_${ORGNAME}_couchdb
stack-etcdraft2.yaml
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
services:
orderer_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=10009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:#注意端口不要沖突
- 10009:10009
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer.${HOSTNAME}
orderer2_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=11009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer2.${HOSTNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer2.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer2.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer2.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer2.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production/orderer
ports:#注意端口不要沖突
- 11009:11009
orderer3_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=12009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer3.${HOSTNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer3.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer3.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer3.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer3.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production/orderer
ports:
#注意端口不要沖突
- 12009:12009
以上是改造完的yaml模板文件。
配合下面的shell腳本可以進行fabric網絡初始化。
# cat initNetWork-stack.sh
#!/bin/bash
#接收傳參,ORGNAME參數多個時,請用逗號隔開
NETWORKNAME=$1
ORGNAMES=$2
HOSTNAME=$3
NETWORKPATH=$4
i=0
FILEPATH=${NETWORKPATH}/${NETWORKNAME}
ORGNAMELIST=`echo ${ORGNAMES}|sed -r 's/,/ /g'`
if [ ! -d "${NETWORKPATH}/${NETWORKNAME}" ]; then
echo "network have no config"
exit 1
fi
#mkdir -p ${NETWORKPATH}/${NETWORKNAME}/chaincode
#mkdir -p ${NETWORKPATH}/${NETWORKNAME}/scripts
#設置環境變量
echo "==========設置環境變量FABRIC_CFG_PATH:"
export FABRIC_CFG_PATH=${NETWORKPATH}/${NETWORKNAME}/
echo
echo
cd ${NETWORKPATH}/${NETWORKNAME}/
echo
echo
#證書生成
echo "==========證書生成:"
#cryptogen generate --config=${NETWORKPATH}/${NETWORKNAME}/crypto-config.yaml
echo
echo
#生成創世區塊
echo "=======生成創世區塊:"
#configtxgen -profile SampleMultiNodeEtcdRaft -channelID byfn-sys-channel -outputBlock ${FILEPATH}/channel-artifacts/genesis.block
echo
echo
#根據不同組織啟動
for ORGNAME in ${ORGNAMELIST};
do
#配置環境變量,CA節點必需
echo "===========配置CA節點環境變量:"
i=$(( i+1 ))
export BYFN_CA${i}_PRIVATE_KEY=$(cd ${NETWORKPATH}/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${HOSTNAME}/ca && ls *_sk)
echo
echo
done
#啟動服務
docker network create --driver overlay fabric-${NETWORKNAME}
echo "==========啟動服務:"
docker stack deploy -c ${FILEPATH}/stack-ca.yaml ${NETWORKNAME}-ca
docker stack deploy -c ${FILEPATH}/stack-cli.yaml ${NETWORKNAME}-cli
docker stack deploy -c ${FILEPATH}/stack-couch.yaml ${NETWORKNAME}-couch
docker stack deploy -c ${FILEPATH}/stack-etcdraft2.yaml ${NETWORKNAME}-etcdraft2
實例化的配置和啟動的fabric網絡:
