[toc]
Hyperledger Fabric 1.0部署与使用
1.环境构建与测试
本文中用到的宿主环境是CentOS,版本为CentOS.x86_64(7.4);
通过Dcoker容器来运行Fabric的节点,版本为v1.0;
因此,启动Fabric网络的节点需要先安装 Docker、Docker-compose和Go语言环境;
然后在网上摘取相关的Docker镜像,再能过配置compose文件来启动各个节点;
1.1: CentOS yum源的配置
公司内网,可以让服务器以桥接方式接入网络;
a、备份原有的yum源配置
# 注:若系统环境是初始化安装的,最好先安装以下软件包 # yum -y install wget screen vim # cd /etc/yum.repos.d/ && mkdir bak # mv *repo bak
b、设置阿里yum源
# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
c、清理缓存并生成新的缓存
# yum clean all # yum makecache
d、更新yum库
# yum update
此操作的目的是为更新所有的内置库到最新版;
因为docker最新版的安装需要所对应的依赖都是最新版;
为了避免安装时软件包依赖的坑,故如此操作;
1.2: Docker安装
a、GetDocker—> CentOS —> Get CE 社区版 —> Get Docker CE on CentOS —> Install Docker CE on CentOS.
b、若服务器上存在旧的docker版本,需要先执行以下操作:
# yum -y remove docker docker-common docker-selinux docker-engine
c、随后开始安装Docker CE
目前Docker官方最新版为docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm;
可以在docker rpm包中下载并安装
# mkdir -p /tmp/rpm/docker # cd /tmp/rpm/docker # wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-17.12.1.ce-1.el7.centos.x86_64.rpm # yum -y install *docker*rpm
d、检查docker是否安装成功
# docker --version Docker version 17.12.1-ce, build 7390fc6
e、启动docker服务
# systemctl start docker
f、设置docker为开机自启
# systemctl enable docker
1.3: Docker-Compose安装
Docker-Compose的离线安装相对于curl安装比较麻烦;
需要在官网提供的github中下载最新的docker-compose;
将其clone /tmp/rpm/docker/下;
a、执行以下命令后完成安装
# curl -L https://github.com/docker/compose/releases/download/1.20.0-rc1/docker-compose-`uname -s`-`uname -m` -o /tmp/rpm/docker/docker-compose
b、移植docker-compose到PATH变量环境中
# chmod +x docker-compose # cp -a docker-compose /usr/bin/
c、移植后查看安装的版本信息
# docker-compose --version docker-compose version 1.20.0-rc1, build 86428af
到此docker环境已准备完毕
1.4 Go环境准备
a、参照go官网,下载最新的Go语言包;
b、直接通过链接下载 Go官网连接
# mkdir -p /tmp/rpm/go && cd /tmp/rpm/go # wget https://test-inner.transfereasy.com/go1.8.3.linux-amd64.tar.gz # 注: 目前这个包已经置于内网环境中 # 注: 可以通过ssjinyao网站下载 # wget https://rjyy.ssjinyao.com/go1.8.3.linux-amd64.tar.gz
c、解压二进制程序到/usr/local目录下;
# tar -xvf go1.8.3.linux-amd64.tar.gz -C /usr/local/ # ll /usr/local/go/ 总用量 136 drwxr-xr-x. 2 root root 205 5月 25 2017 api -rw-r--r--. 1 root root 33243 5月 25 2017 AUTHORS drwxr-xr-x. 2 root root 42 5月 25 2017 bin drwxr-xr-x. 4 root root 37 5月 25 2017 blog -rw-r--r--. 1 root root 1366 5月 25 2017 CONTRIBUTING.md -rw-r--r--. 1 root root 45710 5月 25 2017 CONTRIBUTORS drwxr-xr-x. 8 root root 4096 5月 25 2017 doc -rw-r--r--. 1 root root 5686 5月 25 2017 favicon.ico drwxr-xr-x. 3 root root 18 5月 25 2017 lib -rw-r--r--. 1 root root 1479 5月 25 2017 LICENSE drwxr-xr-x. 14 root root 190 5月 25 2017 misc -rw-r--r--. 1 root root 1303 5月 25 2017 PATENTS drwxr-xr-x. 7 root root 87 5月 25 2017 pkg -rw-r--r--. 1 root root 1399 5月 25 2017 README.md -rw-r--r--. 1 root root 26 5月 25 2017 robots.txt drwxr-xr-x. 46 root root 4096 5月 25 2017 src drwxr-xr-x. 17 root root 8192 5月 25 2017 test -rw-r--r--. 1 root root 7 5月 25 2017 VERSION
d、配置go环境变量
# echo "export PATH=$PATH:/usr/local/go/bin" > /etc/profile.d/go.sh # echo "export GOPATH=/opt/gopath" >> /etc/profile.d/go.sh # chmod +x /etc/profile.d/go.sh # source /etc/profile.d/go.sh # echo $PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/srv/jdk1.8.0_66/bin:/root/bin:/usr/local/go/bin # go version go version go1.8.3 linux/amd64
至此go环境变量已经配置完毕
2.Fabric源码及镜像文件处理
2.1下载Fabric源码
下载Fabric源是因为要用到源码中提到的例子和工具;
工具编译需要用到go语言环境;
因此需要把源码目录放到$GOPATH环境变量下;
通过1.4中的安装配置 $GOPATH设置为/opt/gopath;
这里,我们可以使用git clone源码也可以使用go get 命令
# go get github.com/hyperledger/fabric 或者是 # mkdir -p /opt/gopath/src/github.com/hyperledger/ # cd /opt/gopath/src/github.com/hyperledger/ && git clone https://github.com/hyperledger/fabric.git # cd /opt/gopath/src/github.com/hyperledger/fabric && git checkout -b v1.0.0
# 最后的工程结构如下 # cd /opt/gopath/src/github.com/hyperledger # tree -L 1 fabric/ fabric/ ├── bccsp ├── bddtests ├── CHANGELOG.md ├── ci.properties ├── common ├── CONTRIBUTING.md ├── core ├── devenv ├── docker-env.mk ├── docs ├── events ├── examples ├── gossip ├── gotools ├── images ├── LICENSE ├── Makefile ├── mkdocs.yml ├── msp ├── orderer ├── peer ├── proposals ├── protos ├── README.md ├── release ├── release_notes ├── sampleconfig ├── scripts ├── settings.gradle ├── test ├── unit-test └── vendor 23 directories, 9 files
2.2下载Fabric相关镜像文件
该操作有多种方式进行,如果是测试Fabric集群方案;
直接进入fabric/examples/e2e_cli目录下,运行./dowload-dockerimages.sh;
即可下载该工程必要的镜像文件;
一般情况下,为了保证镜像与下载到hyperledger中的源码demo版本号相对应;
该处方法属于较为妥当的方案;
检索 HyperLedger,以hyperledger/fabric-peer为例,进入下载页面;
官方给出的下载方式如下:
# docker pull hyperledger/fabric-peer
但由于docker镜像下载在没有给出tag的情况下会默认使用latest;
所以该方案最终可能会下载失败,因此需在fabric-peer下载页选中其tags标签;
查看当前fabric-peer最新版本号,根据我们所使用的操作系统情况,选择x86_64-1.0.0版本;
故最终执行的docker下载命令如下:
# docker pull hyperledger/fabric-peer:x86_64-1.0.0 x86_64-1.0.0: Pulling from hyperledger/fabric-peer aafe6b5e13de: Pull complete 0a2b43a72660: Pull complete 18bdd1e546d2: Pull complete 8198342c3e05: Pull complete f56970a44fd4: Pull complete e32b597e7839: Pull complete a6e362fc71c4: Pull complete f107ea6d90f4: Pull complete 72c8e84de237: Pull complete 776cc74c9f73: Pull complete Digest: sha256:b7c1c2a6b356996c3dbe2b9554055cd2b63194cd7a492a83de2dbabf7f7e3c65 Status: Downloaded newer image for hyperledger/fabric-peer:x86_64-1.0.0
根据上述方案,可以将这些必要的镜像由docker服务全部下载至本地;
并最终使用docker-compose来启动对应的镜像服务;
为了方便docker-compose的配置,将甩的镜像tag都改为latest,执行如下格式;
# docker tag IMAGEID(镜像id) REPOSITORY:TAG(仓库:标签)
# cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/ # bash download-dockerimages.sh 注:也可以用后面所提到shell建立 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE hyperledger/fabric-peer x86_64-1.0.0 6830dcd7b9b5 8 months ago 182MB hyperledger/fabric-tools latest ae6b0f53cb70 9 months ago 1.32GB hyperledger/fabric-tools x86_64-1.0.0-beta ae6b0f53cb70 9 months ago 1.32GB hyperledger/fabric-couchdb latest 31bbbec3d853 9 months ago 1.48GB hyperledger/fabric-couchdb x86_64-1.0.0-beta 31bbbec3d853 9 months ago 1.48GB hyperledger/fabric-kafka latest c4ac1c9a4797 9 months ago 1.3GB hyperledger/fabric-kafka x86_64-1.0.0-beta c4ac1c9a4797 9 months ago 1.3GB hyperledger/fabric-zookeeper latest 2c4ebacb6f00 9 months ago 1.31GB hyperledger/fabric-zookeeper x86_64-1.0.0-beta 2c4ebacb6f00 9 months ago 1.31GB hyperledger/fabric-orderer latest 11ff350dd297 9 months ago 179MB hyperledger/fabric-orderer x86_64-1.0.0-beta 11ff350dd297 9 months ago 179MB hyperledger/fabric-peer latest e01c2b645f11 9 months ago 182MB hyperledger/fabric-peer x86_64-1.0.0-beta e01c2b645f11 9 months ago 182MB hyperledger/fabric-javaenv latest 61c188dca542 9 months ago 1.42GB hyperledger/fabric-javaenv x86_64-1.0.0-beta 61c188dca542 9 months ago 1.42GB hyperledger/fabric-ccenv latest 7034cca1918d 9 months ago 1.29GB hyperledger/fabric-ccenv x86_64-1.0.0-beta 7034cca1918d 9 months ago 1.29GB hyperledger/fabric-ca latest e549e8c53c2e 9 months ago 238MB hyperledger/fabric-ca x86_64-1.0.0-beta e549e8c53c2e 9 months ago 238MB
2.3补充镜像备份和迁移
上述HperLedger/Fabric 镜像数量较多且容量需求大,一套基本的服务镜像可达10G左右;
如果在多台服务器上部署,会耽误很多时间。因此,对于上述已下载的镜像;
我们需要使用docker save命令来备份,并通过scp命令来把这些文件拷贝至其它服务器;
# cat dk_image_bak.sh #!/bin/bash ## 开始自动备份镜像 im=`docker images | grep latest | wc -l` for i in `seq $im` ;do id=` docker images | grep latest | grep fabric | awk '{print $3}' | sed -n $i\p` fn=` docker images | grep latest | grep fabric | awk -F "/" '{print $2}' | awk '{print $1}' | sed -n $i\p ` dir=` docker images | grep latest | grep fabric | awk -F "/" '{print $1}'` mkdir -p /tmp/images/docker/$dir/ docker save $id > /tmp/images/docker/$dir/$fn.gz done ## 至此id已经保存镜像完毕 ## 开始远程同步与迁移 ssh root@10.180.55.126 "mkdir -p /tmp/images/docker/$dir/" scp /tmp/images/docker/$fn/*gz root@10.180.55.126:/tmp/images/docker/$dir/
当远端服务器接收到所有的镜像之后,可以执行如下命令来加载这些镜像文件
# docker load < /tmp/images/docker/hyperledger/fabric-ccenv.gz
以上2.3镜像的备份和迁移是可选方案;
3.运行测试e2e
3.1 运行fabric-sample的问题
一般情况下,我们会参照官网来完成第一个网络测试;
在该在线文档中会让我们去下载一个fabric-sample;
下载地址在github上;
我们需要将其下载至本地是一个fabric-sample-release的文件,将其更名为fabric-samples
随后将其移到opt/gopath/src目录下;
按照官网提示执行的命令是无法运行起first-network这个项目;
该demo需要先下载Platform-specific Binaries(特定的二进制文件);
按照官文档中的描述,需要执行如下命令;
官方提供bash脚本如下
# cd /root/ && vim dk_bin.sh 加入以下执行程序 #!/bin/bash # # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # # current version of fabric released export VERSION=${1:-1.0.4} # current version of fabric-ca released export CA_VERSION=${2:-$VERSION} # current version of thirdparty images (couchdb, kafka and zookeeper) released export THIRDPARTY_IMAGE_VERSION=0.4.6 export ARCH=$(echo "$(uname -s|tr '[:upper:]' '[:lower:]'|sed 's/mingw64_nt.*/windows/')-$(uname -m | sed 's/x86_64/amd64/g')" | awk '{print tolower($0)}') #Set MARCH variable i.e ppc64le,s390x,x86_64,i386 MARCH=`uname -m` dockerFabricPull() { local FABRIC_TAG=$1 for IMAGES in peer orderer ccenv javaenv tools; do echo "==> FABRIC IMAGE: $IMAGES" echo docker pull hyperledger/fabric-$IMAGES:$FABRIC_TAG docker tag hyperledger/fabric-$IMAGES:$FABRIC_TAG hyperledger/fabric-$IMAGES done } dockerThirdPartyImagesPull() { local THIRDPARTY_TAG=$1 for IMAGES in couchdb kafka zookeeper; do echo "==> THIRDPARTY DOCKER IMAGE: $IMAGES" echo docker pull hyperledger/fabric-$IMAGES:$THIRDPARTY_TAG docker tag hyperledger/fabric-$IMAGES:$THIRDPARTY_TAG hyperledger/fabric-$IMAGES done } dockerCaPull() { local CA_TAG=$1 echo "==> FABRIC CA IMAGE" echo docker pull hyperledger/fabric-ca:$CA_TAG docker tag hyperledger/fabric-ca:$CA_TAG hyperledger/fabric-ca } : ${CA_TAG:="$MARCH-$CA_VERSION"} : ${FABRIC_TAG:="$MARCH-$VERSION"} : ${THIRDPARTY_TAG:="$MARCH-$THIRDPARTY_IMAGE_VERSION"} echo "===> Downloading platform specific fabric binaries" curl https://nexus.hyperledger.org/content/repositories/releases/org/hyperledger/fabric/hyperledger-fabric/${ARCH}-${VERSION}/hyperledger-fabric-${ARCH}-${VERSION}.tar.gz | tar xz echo "===> Downloading platform specific fabric-ca-client binary" curl https://nexus.hyperledger.org/content/repositories/releases/org/hyperledger/fabric-ca/hyperledger-fabric-ca/${ARCH}-${VERSION}/hyperledger-fabric-ca-${ARCH}-${VERSION}.tar.gz | tar xz if [ $? != 0 ]; then echo echo "------> $VERSION fabric-ca-client binary is not available to download (Avaialble from 1.1.0-rc1) <----" echo fi echo "===> Pulling fabric Images" dockerFabricPull ${FABRIC_TAG} echo "===> Pulling fabric ca Image" dockerCaPull ${CA_TAG} echo "===> Pulling thirdparty docker images" dockerThirdPartyImagesPull ${THIRDPARTY_TAG} echo echo "===> List out hyperledger docker images" docker images | grep hyperledger* # chmod + x /root/dk_bin.sh # bash /root/dk_bin.sh
运行时效果如下; 注:若是内网环境,则可能执行时间较长;
# bash /root/dk_bin.sh ===> Downloading platform specific fabric binaries % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 18 22.6M 18 4312k 0 0 6860 0 0:57:45 0:10:43 0:47:02 5364
3.2运行e2e_cli项目
进入到/opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/目录;
a、目录结构如下图;
# tree ../e2e_cli/ ../e2e_cli/ ├── base │ ├── docker-compose-base.yaml │ └── peer-base.yaml ├── channel-artifacts ├── configtx.yaml ├── crypto-config.yaml ├── docker-compose-cli.yaml ├── docker-compose-couch.yaml ├── docker-compose-e2e-template.yaml ├── docker-compose-e2e.yaml ├── download-dockerimages.sh ├── end-to-end.rst ├── examples │ └── chaincode │ └── go │ └── chaincode_example02 │ └── chaincode_example02.go ├── generateArtifacts.sh ├── network_setup.sh └── scripts └── script.sh 7 directories, 14 files
network_setup.sh是一个测试脚本,该脚本启动5个docker容器;
其中4个容器运行peer节点和1个容器运行orderer节点,它组成一个fabric集群;
另外还有一个cli容器用于创建channle、加入channel、安装和执行chaincode等操作;
测试用的chaincode定义了两个变量,在实例化的时候会给这两个变量赋予了初始值;
并能过invoke操作可以使用两个变量的值发生变化;
b、通过以下命令进行测试;
# cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/ # bash network_setup.sh up
c、当出现以下界面时,说明已经测试通了
2018-03-13 09:38:21.185 UTC [main] main -> INFO 008 Exiting..... ===================== Query on PEER3 on channel 'mychannel' is successful ===================== ===================== All GOOD, End-2-End execution completed ===================== _____ _ _ ____ _____ ____ _____ | ____| | \ | | | _ \ | ____| |___ \ | ____| | _| | \| | | | | | _____ | _| __) | | _| | |___ | |\ | | |_| | |_____| | |___ / __/ | |___ |_____| |_| \_| |____/ |_____| |_____| |_____|
d、如果上一步有报错,若没有部署其它应用,可以考虑将内核升级;
# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org # rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm # yum --disablerepo="*" --enablerepo="elrepo-kernel" list available # yum --enablerepo=elrepo-kernel install kernel-ml # vim /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=0 GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet" GRUB_DISABLE_RECOVERY="true" # grub2-mkconfig -o /boot/grub2/grub.cfg
4.创建Fabric多节点集群
4.1配置说明
首先可以根据官方Fabric自带的e2e_cli例子中的集群方案来生成集群;
与案例不同的是我们需要把容器分配到不同的服务器上;
各容器之间通过网络来进行通信,网络构建完成后进行相关的channel和chanincode操作;
目前用有五台服务器, 所有的服务器均是按照上述e2e_cli环境与测试步骤配置;
计划其中的四台服务器运行peer节点,另外一台服务器运行orderer节点;
为其它四个节点提供order服务;
| 名称 | ip | 节点标识 | 节点Hostname | Organization |
|---|---|---|---|---|
| Hyperledger | 10.180.55.123 | orderer | orderer.example.com | Orderer |
| Fabric1 | 10.180.55.124 | sp0 | peer0.org1.example.com | Org1 |
| Fabric2 | 10.180.55.125 | sp1 | peer1.org1.example.com | Org1 |
| Fabric3 | 10.180.55.126 | sp2 | peer0.org2.example.com | Org2 |
| Fabric4 | 10.180.55.128 | sp3 | peer0.org3.example.com | Org2 |
环境如下
4.2 生成公私钥、证书、创巨区块
公/私钥和证书是用于Server与Server之间的安全通信;
另外要创建channel并让其它节点加入channle就需要创世区块;
这些必要文件都可以通过一条命令生,并且官方已经给出脚本;
脚本在以下目录中;
# cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/ # ls generateArtifacts.sh
使generateArtifacts.sh生成证书和config.tx,具体执行命令如下;
# bash generateArtifacts.sh mychannel
这里创建了3台服务器,在任意一台服务器的该目录下执行此项命令即可;
将会生成两个目录,分别为channel-artifacs、crypto-config
channel-artifacts/ ├── channel.tx ├── genesis.block ├── Org1MSPanchors.tx └── Org2MSPanchors.tx 0 directories, 4 files
在上述目录里的文件用于orderer创建channle,它们根据configex.yaml的配置生成;
crypto-config ├── ordererOrganizations └── peerOrganizations 2 directories, 0 files
在上述目录里有orderer和peer的证书、私钥和用于通信的加密的tls证书文件;
它通过configex.yaml配置文件生成;
4.3 配置多服务器
根据4.2的方案,以及之前所述的gopath目录等配置方案;
我们假定所有的服务器都按照该文档的配置来操作;
所有服务器都有Fabric源码,且目录为
如4.2所述,该命令只需要在某一台服务器上运行一次即可,其它服务器无需再次运行;
在运行该命令的服务器/opt/gopath/src/github.com/hyperledger/fabric/example/e2e_cli;
该目录下会生成channel-artifacts和crypto-config目录;
需要把它们拷贝至其它服务器相同的e2e_cli目录下,如果在其它服务器中已经在该目录,则需要先把它删除;
当所有服务器都有同一个channel-artifacts和crypto-config目录后;
开始配置compose文件;
开始向其它两个服务器同步以上两个目录; # cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/ # tar -cvf ctfile.tar.gz channel-artifacts crypto-config # scp ctfile.tar.gz root@10.180.55.124:/opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli # scp ctfile.tar.gz root@10.180.55.125:/opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli # ssh root@10.180.55.124 "cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli && tar -xvf ctfile.tar.gz" # ssh root@10.180.55.125 "cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli && tar -xvf ctfile.tar.gz"
4.4 设置peer0.arg1.example.com节点的docker-compose文件
e2e_cli中提供了多个yaml文件,我们可以基于docker-compose-cli.yaml文件创建;
修改docker-compose-peer.yaml,去掉orderer的配置;
只保留一个peer和cli,因为需要多级部署,节点与节点之间又是通过主机名通讯;
所以需要修改容器中的host文件,也就是xtra_hosts设置;
修改后的peer配置如下;
同样的,cli也需要能够和各个节点通讯,所以cli下面也需要添加extra_hosts设置;
去掉无效的依赖,并且去掉command这一行,因为每个peer都会有个对应的客户端;
也是就是cli; 所以只需要去手动执行一次命令,而不是自动执行;
# cd base/ # cp docker-compose-base.yaml{,.bak} # vim base/docker-compose-base.yaml # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: base/docker-compose-base.yaml service: peer0.org1.example.com extra_hosts: - "orderer.example.com:10.180.55.123" cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - peer0.org1.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" - "peer1.org1.example.com:10.180.55.125" - "peer0.org2.example.com:10.180.55.126" - "peer1.org2.example.com:10.180.55.128"
在3.2示例单机模式下,4个peer支映射主机不同的端口;
但是在多机部署的时候不需要映射不同端口的;
所以需要修改base/docker-compose-base.yaml文件,将所有peer的端口映射都改为相同的;
# cd base/ # cp docker-compose-base.yaml{,.bak} # vim base/docker-compose-base.yaml ports: - 7051:7051 - 7052:7052 - 7053:7053
4.5、 设置peer1.org1.example.com节点的docker-compose文件
与peer0.org1.example.com节点compose文件配置一样;
不过压岁要将启动的容器改为peer1.org1.example.com;
并且添加peer0.org1.example.com的IP映射;
对应的cli中改成对peer1.org1.example.com的依赖;
修改如下
# cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli/ # cp docker-compose-cli.yaml docker-compose-peer.yaml # vim docker-compose-peer.yaml # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: base/docker-compose-base.yaml service: peer1.org1.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - peer1.org1.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" - "peer1.org1.example.com:10.180.55.125" - "peer0.org2.example.com:10.180.55.126" - "peer1.org2.example.com:10.180.55.128"
# cd base/ # cp docker-compose-base.yaml{,.bak} # vim base/docker-compose-base.yaml ports: - 7051:7051 - 7052:7052 - 7053:7053
org2的两个结点配置文件
# cat docker-compose-peer.yaml # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: base/docker-compose-base.yaml service: peer0.org2.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - peer0.org2.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" - "peer1.org1.example.com:10.180.55.125" - "peer0.org2.example.com:10.180.55.126" - "peer1.org2.example.com:10.180.55.128"
# cat docker-compose-peer.yaml # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: base/docker-compose-base.yaml service: peer1.org2.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock - CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.example.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer volumes: - /var/run/:/host/var/run/ - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - peer1.org2.example.com extra_hosts: - "orderer.example.com:10.180.55.123" - "peer0.org1.example.com:10.180.55.124" - "peer1.org1.example.com:10.180.55.125" - "peer0.org2.example.com:10.180.55.126" - "peer1.org2.example.com:10.180.55.128"
4.6 设置order节点的docker-compose文件
与创建peer的配置文件类似,需要复制一个yaml文件出来修改;
# cd /opt/gopath/src/github.com/hyperledger/fabric/examples/e2e_cli # cp docker-compose-cli.yaml docker-compose-orderer.yaml
orderer服务器上我们只需要保留order设置;
其他peer和cli设置都可以删除。order可以不设置extra_hosts;
orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com
#启动报错,单纯的报命令调用用法错误 docker rm -f $(docker ps -aq)
若部署环境在内网,则需要修改5台服务器的/etc/hosts文件;
确保服务器之间可以基于主机名互相通信;
# vim /etc/hosts 10.180.55.123 orderer.example.com 10.180.55.124 peer0.org1.example.com 10.180.55.125 peer1.org1.example.com 10.180.55.126 peer0.org2.example.com 10.180.55.128 peer1.org2.example.com
5.启动Fabric多节点集群
5.1启动orderere节点服务
操作完成后,此时节点的compose配置文件及证书难目录都已经准备完成;
可以开始尝试启动多机Fabric集群;
首先要启orderer节点,切换至orderer.example.com服务器;
即前文指定的10.180.55.123的服务器,执行如下命令进入启docker进程;
# docker-compose -f docker-compose-orderer.yaml up -d
运行完毕后我们可以使用docker ps看到运行了一个名字为orderer.example.com的节点;
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f188590553b7 hyperledger/fabric-orderer "orderer" 25 seconds ago Up 22 seconds 0.0.0.0:7050->7050/tcp orderer.example.com
5.2启动peer节点服务
切换到peer0.org1.example.com服务器,即前文指定的10.180.55.124服务器;
启动本服务器的peer节点和cli;
# docker-compose -f docker-compose-peer.yaml up -d
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2f49281a48c9 hyperledger/fabric-tools "/bin/bash" 38 minutes ago Up 38 minutes cli 8ef009a57457 hyperledger/fabric-peer "peer node start" 38 minutes ago Up 38 minutes 0.0.0.0:7051-7053->7051-7053/tcp peer0.org1.example.com
注: 其它三个peer结点与以上结点的启动/验证方式相同遇到的坑:在CentOS中要把iptables关闭;selinux为开机关闭确保5个结点间域名和端口都能telnet 通;
例telnet peer1.org2.example.com 7051;
现在整个Fabric4+1服务器网络已经成型;
5.3创建channle和运行chaincode
切换到peer0.org1.example.com服务器上;
使用该服务器的cli来运行创建Channel和运行ChainCode的操作;
# docker exec -it cli bash
进入容器后
root@078471f17d9a:/opt/gopath/src/github.com/hyperledger/fabric/peer# ./scripts/script.sh mychannel
该脚本会一步步的完成创建通道,将其他节点加入通道,更新锚节点;
创建ChainCode,初始化帐户,查询,转帐,再次查询等链上操作的自动化;
2018-03-19 03:00:03.146 UTC [main] main -> INFO 007 Exiting..... ===================== Query on PEER3 on channel 'mychannel' is successful ===================== ===================== All GOOD, End-2-End execution completed ===================== _____ _ _ ____ _____ ____ _____ | ____| | \ | | | _ \ | ____| |___ \ | ____| | _| | \| | | | | | _____ | _| __) | | _| | |___ | |\ | | |_| | |_____| | |___ / __/ | |___ |_____| |_| \_| |____/ |_____| |_____| |_____|
出现以上结果出明4+1的Fabric多级部署已经成功;
在peer0.org1.example.com的cli容器内;
之前的2个容器,已经因ChainCode创建了3个容器;
E2E 运行后查询与转帐测试
# 查询 # docker exec -it cli bash root@078471f17d9a:/opt/gopath/src/github.com/hyperledger/fabric/peer# peer chaincode query -C mychannel -n mycc -c '{"Args":["query","a"]}'
# 转帐20到b # peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n mycc -c '{"Args":["invoke","a","b","20"]}'
