使用aws搭建一个区块链（私有链）-- 搭建篇B

1 事先准备

• 准备一台1核2G的EC2

2 创建ec2

2.1 选择系统映像

2.2 选择实例类型和设置密钥

2.3 设置网络

2.4 设置存储

2.5 点击创建

好我们的ec2就创建完成了

3 设置客户端

• 我们的Hyperledger Fabric 客户端需要安装一些包和示例，我们这时候就使用ec2 + docker compose 和其他一些实用程序来搭建我们的Hyperledger Fabric 客户端

3.1 升级系统和安装相关组件

# 升级下linux系统
sudo yum update -y
# 安装必备组件
sudo yum install jq telnet emacs docker libtool libtool-ltdl-devel git -y
# 启动docker
sudo service docker start

3.2 设置docker的用户权限

sudo usermod -a -G docker ec2-user

3.3 安装docker compose

#安装docker
sudo curl -L \
https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname \
-s`-`uname -m` -o /usr/local/bin/docker-compose
# 设置权限
sudo chmod a+x /usr/local/bin/docker-compose

4 安装golang

• 是的我们的客户端需要用到golang 因为Hyperledger Fabric只提供了java 和go的sdk

# 拉取golang安装包
wget https://dl.google.com/go/go1.14.4.linux-amd64.tar.gz
# 解压
tar -xzf go1.14.4.linux-amd64.tar.gz
# 移动
sudo mv go /usr/local
sudo mv go /usr/local

4.1 创建 .base_profile

# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
    . ~/.bashrc
fi

# User specific environment and startup programs
PATH=$PATH:$HOME/.local/bin:$HOME/bin

# GOROOT is the location where Go package is installed on your system
export GOROOT=/usr/local/go

# GOPATH is the location of your work directory
export GOPATH=$HOME/go

# CASERVICEENDPOINT is the endpoint to reach your member's CA
# for example ca.m-K46ICRRXJRCGRNNS4ES4XUUS5A.n-MWY63ZJZU5HGNCMBQER7IN6OIU.managedblockchain.us-east-1.amazonaws.com:30002
export CASERVICEENDPOINT="Fabric 证书颁发机构终端节点"

# ORDERER is the endpoint to reach your network's orderer
# for example orderer.n-MWY63ZJZU5HGNCMBQER7IN6OIU.managedblockchain.amazonaws.com:30001
export ORDERER="排序服务终端节点"

# Update PATH so that you can access the go binary system wide
export PATH=$GOROOT/bin:$PATH
export PATH=$PATH:/home/ec2-user/go/src/github.com/hyperledger/fabric-ca/bin

该文件是在给linux 设置环境变量。

source ~/.bash_profile 

4.2 配置aws configure

# 通过下面命令在ec2上设置aws的账号
aws configure

4.3 通过aws cli 获取到ca端点

aws managedblockchain get-member \
--network-id n-MWY63ZJZU5HGNCMBQER7IN6OIU \
--member-id m-K46ICRRXJRCGRNNS4ES4XUUS5A

• 返回值

4.4 查看端点是否被解析

curl https://ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30002/cainfo -k

# 返回
{
    
    "result":{
    
    "CAName":"abcd1efghijkllmn5op3q52rst","CAChain":"LongStringOfCharacters","Version":"1.4.7-snapshot-"}
,"errors":[],"messages":[],"success":true}

• 返回值
  

4.5 通过telnet 来尝试连接ca

telnet ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com 30002

• 返回值
  

4.6 通一下命令配置ca 客户端

mkdir -p /home/ec2-user/go/src/github.com/hyperledger/fabric-ca
cd /home/ec2-user/go/src/github.com/hyperledger/fabric-ca
wget https://github.com/hyperledger/fabric-ca/releases/download/v1.4.7/hyperledger-fabric-ca-linux-amd64-1.4.7.tar.gz
tar -xzf hyperledger-fabric-ca-linux-amd64-1.4.7.tar.gz

5 clone存储库（账单）

cd /home/ec2-user
git clone --branch v2.2.3 https://github.com/hyperledger/fabric-samples.git

5.1 docker compose 启动 Hyperledger Fabric CLI

• docker compose 文件

version: '2'
services:
  cli:
    container_name: cli
    image: hyperledger/fabric-tools:2.2.3
    tty: true
    environment:
      - GOPATH=/opt/gopath
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      - FABRIC_LOGGING_SPEC=info # Set logging level to debug for more verbose logging
      - CORE_PEER_ID=cli
      - CORE_CHAINCODE_KEEPALIVE=10
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem
      - CORE_PEER_LOCALMSPID=m-QU2OU7564FCA5PVCGXQKXQRMXA
      - CORE_PEER_MSPCONFIGPATH=/opt/home/admin-msp
      - CORE_PEER_ADDRESS=nd-g5tqtfyrgreq5kh4z5aoardm44.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30003
    working_dir: /opt/home
    command: /bin/bash
    volumes:
        - /var/run/:/host/var/run/
        - /home/ec2-user/fabric-samples/chaincode:/opt/gopath/src/github.com/
        - /home/ec2-user:/opt/home

# 我们通过该命令来build Hyperledger Fabric iamge
docker-compose -f docker-compose.yaml up -d
# 如果报错请使用
sudo /usr/local/bin/docker-compose -f docker-compose-cli.yaml up -d

6 创建证书文件

aws s3 cp s3://us-east-1.managedblockchain/etc/managedblockchain-tls-chain.pem  /home/ec2-user/managedblockchain-tls-chain.pem

6.1 通过openssl 来验证pem

openssl x509 -noout -text -in /home/ec2-user/managedblockchain-tls-chain.pem

6.2 注册管理用户

fabric-ca-client enroll \
-u 'https://test:Testwj123@ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30002' \
--tls.certfiles /home/ec2-user/managedblockchain-tls-chain.pem -M /home/ec2-user/admin-msp

• 返回值

6.3 复制 MSP 的证书

cp -r /home/ec2-user/admin-msp/signcerts admin-msp/admincerts

到此我们的客户端设置已经全部完成