Article Directory
Obviously, the difference between single-machine and multi-machine deployment is network configuration, that is, how to communicate between docker containers, so the key to multi-machine deployment is actually docker network communication.
Install HLF
Five servers, the system is Ubuntu16.04, ssh certificate has been configured to log in, assuming that the IP is respectively
10.22.1.12 # orderer.example.com, cli
10.22.1.13 # peer0.org1.example.com
10.22.1.14 # peer1.org1.example.com
10.22.1.15 # peer0.org2.example.com
10.22.1.16 # peer1.org2.example.com
If there is no special instructions, the following commands are carried out in 10.22.1.12
the /home/myuser/
directory on the machine .
Create a host.txt
file to facilitate dynamic modification and deployment to other machines:
vim hosts.txt
10.22.1.12 # orderer.example.com, cli
10.22.1.13 # peer0.org1.example.com
10.22.1.14 # peer1.org1.example.com
10.22.1.15 # peer0.org2.example.com
10.22.1.16 # peer1.org2.example.com
Install the script of curl, docker, docker-composer, HLF image (version 1.3, if you need to replace the version number in the script by other versions) install.sh
, you need the user password as the first parameter:
#!/bin/bash
if [ $# -eq 0 ]; then
echo "please input password..."
exit 1
fi
cat hosts.txt | while read host
do
echo ' '
echo ' '
echo ' '
echo '################################'
echo '##########' $host '##########'
echo '################################'
echo ' '
echo ' '
echo ' '
ssh myuser@$host << end
echo $1 | sudo apt install curl -y
sudo -S apt-get remove docker docker-engine docker.io containerd runc -y
docker -v
sudo apt-get update -y
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common -y
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \
stable"
sudo apt-get update -y
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
docker run hello-world
docker -v
if [ $? -ne 0 ]; then
echo "##################################################"
echo "some wrong when install docker!"
echo "##################################################"
exit 1
fi
echo $1 | sudo -S curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo rm /usr/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose -v
if [ $? -ne 0 ]; then
echo "##################################################"
echo "some wrong when install docker-compose!"
echo "##################################################"
exit 1
fi
curl -sSL http://bit.ly/2ysbOFE | bash -s 1.3.0
if [ $? -ne 0 ]; then
echo "##################################################"
echo "some wrong when pull the images"
echo "##################################################"
exit 1
fi
end
done
echo done!
If there is no accident here, even if it is configured, you can go to the /home/myuser/fabric-samples/first-network/
directory to test whether the installation is successful:
start the network:
./byfn.sh up
If you see the following output, the installation was successful:
90
===================== Query successful on peer1.org2 on channel 'mychannel' =====================
========= All GOOD, BYFN execution completed ===========
_____ _ _ ____
| ____| | \ | | | _ \
| _| | \| | | | | |
| |___ | |\ | | |_| |
|_____| |_| \_| |____/
Shut down and clean up the network (remember to clean up before restarting the network, otherwise an error will be reported):
./byfn.sh down
Configure docker network
It is said that it can
host
be deployed using the mode, which is much simpler, but when I use the host mode, I always report an error when instantiating the chaincode. I did not find a solution, so I used theoverlay
mode.
docker swarm init --advertise-addr=10.22.1.12 # 在10.22.1.12上初始化swarm
docker swarm join-token manager # 这里会输出一个命令docker swarm join --token ... ,复制下来,去其他机器上执行
ssh [email protected]
docker swarm join --token ...
ssh [email protected]
docker swarm join --token ...
ssh [email protected]
docker swarm join --token ...
ssh [email protected]
docker swarm join --token ...
# 回到10.22.1.12
docker network create --attachable --driver overlay HLF # 创建一个overlay网络
At this time, check the docker network docker network ls
, it will be like this:
NETWORK ID NAME DRIVER SCOPE
ntubodu3k0fp HLF overlay swarm
31158df52877 bridge bridge local
54ad61772123 docker_gwbridge bridge local
d8b38ea6fbed host host local
rlzokyfpla8r ingress overlay swarm
e97a070185d2 none null local
The same is true on other machines, they are created automatically.
Create a startup file
/home/myuser/fabric-samples/first-network
There is a docker-compose-cli.yaml
file in the directory , which is mainly modified according to this file.
Divide this file into five, one contains orderer and cli, and the other four are four peers.
.
├── base
│ ├── docker-compose-base.yaml
│ └── peer-base.yaml
├── docker-compose-cli.yaml
├── orderer_cli.yaml
├── peer01.yaml
├── peer02.yaml
├── peer11.yaml
└── peer12.yaml
The main modification is to modify the network to the network HLF we created earlier, but you need to pay attention to specifying external as true, otherwise docker will automatically recreate a network. Here are all the files:
orderer_cli.yaml:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
networks:
HLF:
external: true ## important!!!!!
services:
orderer.example.com:
extends:
file: base/docker-compose-base.yaml
service: orderer.example.com
container_name: orderer.example.com
#network_mode: overlay
networks:
- HLF
# extra_hosts:
# - "orderer.example.com:10.22.1.12"
# - "peer0.org1.example.com:10.22.1.13"
# - "peer1.org1.example.com:10.22.1.14"
# - "peer0.org2.example.com:10.22.1.15"
# - "peer1.org2.example.com:10.22.1.16"
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- CORE_LOGGING_LEVEL=DEBUG
- CORE_LOGGING_LEVEL=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
networks:
- HLF
# extra_hosts:
# - "orderer.example.com:10.22.1.12"
# - "peer0.org1.example.com:10.22.1.13"
# - "peer1.org1.example.com:10.22.1.14"
# - "peer0.org2.example.com:10.22.1.15"
# - "peer1.org2.example.com:10.22.1.16"
peer01.yaml:
# Copyright IBM Corp. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
peer0.org1.example.com:
networks:
HLF:
external: true
services:
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
#network_mode: overlay
#networks:
# - byfn
networks:
- HLF
peer02.yaml:
# Copyright IBM Corp. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
peer0.org1.example.com:
networks:
HLF:
external: true
services:
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
#network_mode: overlay
#networks:
# - byfn
networks:
- HLF
peer11.yaml:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
peer0.org2.example.com:
networks:
HLF:
external: true
services:
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
#network_mode: overlay
#networks:
# - byfn
networks:
- HLF
# extra_hosts:
# - "orderer.example.com:10.22.1.12"
# - "peer0.org1.example.com:10.22.1.13"
# - "peer1.org1.example.com:10.22.1.14"
# - "peer0.org2.example.com:10.22.1.15"
# - "peer1.org2.example.com:10.22.1.16"
peer12.yaml:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
version: '2'
volumes:
peer1.org2.example.com:
networks:
HLF:
external: true
services:
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org2.example.com
#network_mode: overlay
# networks:
# - byfn
networks:
- HLF
# extra_hosts:
# - "orderer.example.com:10.22.1.12"
# - "peer0.org1.example.com:10.22.1.13"
# - "peer1.org1.example.com:10.22.1.14"
# - "peer0.org2.example.com:10.22.1.15"
# - "peer1.org2.example.com:10.22.1.16"
In addition /home/myuser/fabric-samples/first-network
, two files in the directory need to be modified :
base
├── docker-compose-base.yaml
└── peer-base.yaml
The - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
modification in peer-base.yaml is - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=HLF
.
Port mapping part in docker-compose-base.yaml:
- 7051:7051
- 7053:7053
- 8051:7051
- 8053:7053
- 9051:7051
- 9053:7053
- 10051:7051
- 10053:7053
change into
- 7051:7051
- 7053:7053
- 7051:7051
- 7053:7053
- 7051:7051
- 7053:7053
- 7051:7051
- 7053:7053
This modification is complete.
At this time, you can refer to the official website command to generate the certificate file and channel configuration file. The script is as follows:
#!/bin/zsh
cd /home/myuser/fabric-samples/first-network
# clear the old X.509
rm -rf crypto-config
rm -rf channel-artifacts/*
# generate X.509 using the default configuration
cryptogen generate --config=crypto-config.yaml
# tell the tool where to look for the configtx.yaml
export FABRIC_CFG_PATH=$PWD
export CHANNEL_NAME=mychannel
# create the orderer genesisi block
configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block #-channelID $CHANNEL_NAME
# create a channel configuration transaction
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
# define the anchor peer for Org1
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
# define the anchor peer for Org2
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
Transfer the modified 7 yaml files and certificates crypto-config
to the corresponding machine through scp to the corresponding location.
run
Start script:./run.sh
#!/bin/bash
peer01=10.22.1.13
peer11=10.22.1.14
peer02=10.22.1.15
peer12=10.22.1.16
cd ~/fabric-samples/first-network
docker-compose -f orderer.yaml up -d
ssh myuser@$peer01 "cd fabric-samples/first-network; docker-compose -f peer01.yml up -d"
ssh myuser@$peer11 "cd fabric-samples/first-network; docker-compose -f peer11.yml up -d"
ssh myuser@$peer02 "cd fabric-samples/first-network; docker-compose -f peer02.yml up -d"
ssh myuser@$peer12 "cd fabric-samples/first-network; docker-compose -f peer12.yml up -d"
Enter cli容器
:docker exec -it cli bash
In cli容器
tests performed in the script: bash scripts/script.sh
see the following output shows a success:
90
===================== Query successful on peer1.org2 on channel 'mychannel' =====================
========= All GOOD, BYFN execution completed ===========
_____ _ _ ____
| ____| | \ | | | _ \
| _| | \| | | | | |
| |___ | |\ | | |_| |
|_____| |_| \_| |____/
Possible errors
- When pulling the mirror, you may report
curl: (56) recv failure: connection reset by peer
: willinstall.sh
thecurl -sSL http://bit.ly/2ysbOFE | bash -s 1.3.0
changecurl -sSL https://bit.ly/2ysbOFE | bash -s 1.3.0
to - There
cli容器
may be various situations when the script is executed in the test. At this time, first check whether the network is connected, and then check the certificate file for problems, ...