Ubuntu deploys Hyperledger Fabric from scratch and uses a test network

ubuntu 20.04，Fabric 2.0.0

HyperledgeHyperledger Fabric

An open source, enterprise-grade, permissioned Distributed Ledger Technology (DLT) platform designed for use in enterprise environments. Hyperledger Fabric is specifically designed as a modular architecture. Whether it’s pluggable consensus, pluggable identity management protocols like LDAP or OpenID Connect, key management protocols or cryptographic libraries, the platform is designed at its core to meet the diversity of enterprise business needs.

Fabric consists of the following modular components:

• A pluggable ordering service establishes consensus on transaction order and then broadcasts blocks to nodes;
• A pluggable membership service provider is responsible for associating entities in the network with cryptographic identities;
• Optional P2P gossip service sends blocks to other nodes through an ordering service;
• Smart contracts ("chaincode") run in isolation within a container environment (such as Docker). They can be written in standard programming languages ​​but do not have direct access to ledger state;
• The ledger can be configured to support multiple DBMSs;
• Pluggable endorsement and verification strategies that can be configured independently for each application.

Preparation Phase

1. Install git

# 安装 git
sudo apt-get install -y git
# 配置 git
git config --global user.name master
git config --global user.email [email protected]
git config --list

2. Install cURL

sudo apt install curl -y

3. Install docker and docker-compose

# 安装 docker
curl -fsSL https://test.docker.com -o test-docker.sh
sudo sh test-docker.sh
# 确保 docker daemon 是在运行着的
sudo systemctl start docker
将你的用户添加到 docker 组
sudo usermod -a -G docker <username>
# docker 开机自启动
systemctl enable docker.service

# 安装docker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/v2.6.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

4. Install go

# 下载 go 压缩包并解压
wget -c https://dl.google.com/go/go1.20.6.linux-amd64.tar.gz -O - | sudo tar -xz -C /usr/local
# 调整环境变量
sudo vim /etc/profile
# 将以下内容追加到文件末尾
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export GOBIN=$GOPATH/bin
export PATH=$GOPATH:$GOBIN:$GOROOT/bin:$PATH
# 环境变量生效
source /etc/profile
# 防止重启后失效，追加到根目录环境持久生效
cd ~
sudo vim .bashrc
# 追加到文件末尾
source /etc/profile
# 开启GO111MOUDLE和更改GOPROXY
go env -w GOPROXY="https://goproxy.cn"
go env -w GO111MODULE=on

5. Install SoftHSM

sudo apt install libsofthsm2

6. Install jq

sudo apt-get install jq

Install Fabric samples, Docker images, and binaries

1. Create working directory

mkdir -p $HOME/go/src/github.com/
cd $HOME/go/src/github.com/

2. Get fabric-sample source code

# 下载 fabric-samples
git clone -b release-2.2 https://github.com/hyperledger/fabric-samples.git
# 切换到 fabric 目录
cd fabric-samples

3. Get the fabric-sample and fabric-ca executable binaries

# 下载fabric-samples 和 fabric-ca 可执行二进制文件
wget https://github.com/hyperledger/fabric/releases/download/v2.0.0/hyperledger-fabric-linux-amd64-2.0.0.tar.gz
wget https://github.com/hyperledger/fabric-ca/releases/download/v1.4.6/hyperledger-fabric-ca-linux-amd64-1.4.6.tar.gz
# 下载的 hyperledger-fabric-linux-amd64-2.0.0.tar 压缩包内有 bin 和 config 两个文件夹，hyperledger-fabric-ca-linux-amd64-1.4.6.tar 压缩包内有 bin 文件夹，将两个 bin 文件夹内的二进制文件汇总在一个 bin 文件夹内。 最后将 bin 和 config 文件夹复制到 fabric-samples 文件夹内

# 其中参数说明如下：
2.0.0：表示 Hyperledger Fabric 的版本号
1.4.6：表示Fabric CA的版本号

4. Download docker image

# 下载bootstrap.sh脚本并授予执行权限
wget https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh
sudo chmod +x bootstrap.sh


# 下载docker镜像
# 在上面下载了二进制可执行文件和fabric-samples，再次执行bootstrap.sh脚本，这里-b参数表示不下载二进制文件，-s参数表示不下载fabric-samples，只拉取docker镜像
./bootstrap.sh 2.0.0 1.4.6 -s -b

5. Add environment variables

# 添加到 PATH 环境变量中，以便在不需要指定每个二进制文件的绝对路径的情况下获取命令
sudo vim ./bashrc
# 加到末尾
export PATH=<path to download location>/bin:$PATH
# 生效
source .bashrc

6. Check the installation results

orderer version

Test network using Fabric

1. Start test network

cd fabric-samples/test-network
# 应该始终重新启动网络。 可以使用以下命令删除先前运行的工件，加密材料，容器，卷和链码镜像：
./network.sh down
# 如果您不删除旧的容器，镜像和卷，将看到报错

# 此命令创建一个由两个对等节点和一个排序节点组成的Fabric网络
./network.sh up

# 测试网络的组成成分
docker ps -a

2. create a channel

# 可以使用network.sh脚本在Org1和Org2之间创建通道并加入他们的对等节点。 运行以下命令以创建一个默认名称为“ mychannel”的通道：
./network.sh createChannel
# 命令执行成功会出现
========= Channel successfully joined ===========

# 作为一个例子，以下命令将创建一个名为channel1的通道
./network.sh createChannel -c channel1
# 一步建立网络并创建频道，则可以使用up和createChannel模式一起
./network.sh up createChannel

3. Start a chaincode on the channel

# 使用network.sh创建频道后，您可以使用以下命令在通道上启动链码：
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go

Encountered problem 1:

The possible reason is that the fabric-sample version is incorrect.

solve:

# 查看分支
cd ../
git branch
# 命令执行成功发现是
* (HEAD detached at v2.0.0)
  main
  release-2.2
# 切换分支到2.2
git checkout release-2.2

Encountered problem 2:

The reason is that the msp environment variable is not configured to interact with a node of an organization in the network

solve:

export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp

export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt

export CORE_PEER_LOCALMSPID="Org1MSP"

# 再次执行通道启动链码操作
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go
# 执行成功如下图：

4. Interact with the network

# 使用以下命令将这些二进制文件添加到您的CLI路径：
export PATH=${
    
    PWD}/../bin:$PATH

# 将fabric-samples代码库中的FABRIC_CFG_PATH设置为指向其中的core.yaml文件
export FABRIC_CFG_PATH=$PWD/../config/

# 设置环境变量，以允许您作为Org1操作peer CLI（和上边解决 msp 环境变量的操作类似）
# Environment variables for Org1

export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051

# CORE_PEER_TLS_ROOTCERT_FILE和CORE_PEER_MSPCONFIGPATH环境变量
# 指向Org1的organizations文件夹中的的加密材料

# 运行以下命令用一些资产来初始化账本
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${
    
    PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${
    
    PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"InitLedger","Args":[]}'
# 命令执行成功会输出这些：
2023-07-12 12:43:30.209 CST [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

# 可以用CLI 工具来查询账本。运行以下指令来获取添加到通道账本的资产列表
peer chaincode query -C mychannel -n basic -c '{"Args":["GetAllAssets"]}'
# 执行成功结果如下：
[{
    
    "ID":"asset1","color":"blue","size":5,"owner":"Tomoko","appraisedValue":300},{
    
    "ID":"asset2","color":"red","size":5,"owner":"Brad","appraisedValue":400},{
    
    "ID":"asset3","color":"green","size":10,"owner":"Jin Soo","appraisedValue":500},{
    
    "ID":"asset4","color":"yellow","size":10,"owner":"Max","appraisedValue":600},{
    
    "ID":"asset5","color":"black","size":15,"owner":"Adriana","appraisedValue":700},{
    
    "ID":"asset6","color":"white","size":15,"owner":"Michel","appraisedValue":800}]

# 当一个网络成员希望在账本上转一些或者改变一些资产，链码会被调用。
# 使用以下的指令来通过调用 asset-transfer (basic) 链码改变账本上的资产所有者：
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${
    
    PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${
    
    PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"TransferAsset","Args":["asset6","Christopher"]}'
# 执行成功结果如下：
2023-07-12 13:47:30.379 CST [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

# 因为 asset-transfer (basic) 链码的背书策略需要交易同时被 Org1 和 Org2 签名，
# 链码调用指令需要使用 --peerAddresses 标签来指向 peer0.org1.example.com 和 peer0.org2.example.com。
# 因为网络的 TLS 被开启，指令也需要用 --tlsRootCertFiles 标签指向每个 peer 节点的 TLS 证书。

# 调用链码之后，我们可以使用另一个查询来查看调用如何改变了区块链账本的资产。
# 因为我们已经查询了 Org1 的 peer，我们可以把这个查询链码的机会通过 Org2 的 peer 来运行。
# 设置以下的环境变量来操作 Org2：

# Environment variables for Org2
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org2MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:9051

# 可以用以下命令查询运行在 peer0.org2.example.com asset-transfer (basic) 链码：
peer chaincode query -C mychannel -n basic -c '{"Args":["ReadAsset","asset6"]}'
# 执行结果如下，结果显示 "asset6" 转给了 Christopher：
{
    
    "ID":"asset6","color":"white","size":15,"owner":"Christopher","appraisedValue":800}

5. Shut down the network

# 使用完测试网络后，您可以使用以下命令关闭网络：
./network.sh down
# 该命令将停止并删除节点和链码容器，删除组织加密材料，并从Docker Registry移除链码镜像。 
# 该命令还删除之前运行的通道项目和docker卷。
# 如果您遇到任何问题，还允许您再次运行
./ network.sh up