To build a custom network, you can refer to the article:
https://blog.csdn.net/yeshang_lady/article/details/134113296
1 Create channel
After the network is set up, you can start creating channels. In Fabric V2.5.4, application channels can be created directly without creating system channels.
1.1 Modify configuration file
Create the configuration file firstconfigtx.yaml
. You can directly copy the fabric-samples/test-network/configtx/configtx.yaml
file to the directory finance_network
and then make modifications to this file.
The modified configtx.yaml
file content is as follows (mainly modifying MSP and TLS related content):
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
#注意修改
MSPDir: ./organizations/ordererOrganizations/finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
OrdererEndpoints:
- orderer.finance.com:7050
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: ./organizations/peerOrganizations/org1.finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.peer')"
- &Org2
Name: Org2MSP
ID: Org2MSP
MSPDir: ./organizations/peerOrganizations/org2.finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org2MSP.peer')"
Capabilities:
Channel: &ChannelCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Application: &ApplicationCapabilities
V2_5: true
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
Addresses:
- orderer.finance.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
ChannelUsingRaft:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.finance.com
Port: 7050
ClientTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
ServerTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
Organizations:
- *OrdererOrg
Capabilities: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities: *ApplicationCapabilities
1.2 Create application channel
Use the following command to create an application channel.
#先回到finance_network目录下
configtxgen -profile ChannelUsingRaft -outputBlock ./channel-artifacts/channel1.block -channelID channel1
The execution results are as follows:
Tips: When executing this command, make sure that the environment variable FABRIC_CFG_PATH is empty. If it is not empty, you need to use the -configPath parameter to specify itconfigtx.yaml
The address of the file.
2 Add node
After the channel is created, the orderer node and peer node need to be added to both channels.
2.1 Add orderer node
You can use theosnadmin
command to add the orderer node to the channel, as follows:
#先跳转到finance_network目录下
#设置变量
export ORDERER_CA=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.key
#添加节点
osnadmin channel join --channelID channel1 --config-block ./channel-artifacts/channel1.block -o localhost:7053 --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"
If the command is successfully executed, the prompt is:
If the osnadmin join
command is executed, the prompt is: listen tcp:lookup localhost :7053 on 127.0.0.11:53 no such host, usually because CCP is not set or there is an error in the CCP file.
2.2 Add peer node
Before adding the peer node, copy thefabric-samples/config
directory to the current directory. The command is as follows:
#当前目录为finance_network
cp ~/go/src/github.com/hyperledger/fabric/scripts/fabric-samples/config config
Next, add peer nodes to the channel. There are a total of 3 peer nodes to be added to the channel. Here we only take peer0.org1.finance.com
as an example for explanation. The details are as follows:
#先跳转到finance_network目录下
#将peer命令绑到peer0.org1.finance.com节点上
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
#执行添加命令
peer channel join -b ./channel-artifacts/channel1.block
When the execution is successful, the result is as follows:
3 Set anchor nodes
The Anchor Peer in the Fabric network is a special node in the network. Its functions are as follows:
- Organization connection: Anchor nodes are used to establish and maintain connections between the organization and other organizations. Other organizations can learn about the organization's organizational configuration by communicating with the anchor node.
- Routing policy: Anchor nodes are responsible for maintaining and distributing the organization's routing policy. The routing strategy defines the location information of the Peer nodes and Orderer nodes of each organization in the network so that other organizations can correctly send transaction requests to the target nodes.
- Organization configuration update: When the organization configuration of the organization changes, the anchor node updates the latest organization configuration block and broadcasts it to other nodes. This ensures that all nodes in the network have the latest organizational configuration and stay in sync.
The channel configuration information contains the anchor node information of each organization. Each channel can set anchor nodes for each organization by using the configtxlator
tool to update the channel. . Here we only take Org1
as an example for explanation. Here, the peer0.org1.finance.com
node is set as the anchor node of the organization Org1
.
- First associate
peer CLI
to thepeer0.org1.finance.com
node and set the following environment variables:
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
- Get the original configuration information of the channel (pay attention here to check whether the value of
ORDERER_CA
is still there)
peer channel fetch config channel-artifacts/config_block.pb -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com -c channel1 --tls --cafile "$ORDERER_CA"
The code execution results are as follows:
- Convert the channel configuration information into a json string, and use
jq
tool to convert the json string into a streaming string
#先进入channel-artifacts目录
configtxlator proto_decode --input config_block.pb --type common.Block --output config_block.json
jq '.data.data[0].payload.data.config' config_block.json > config.json
- Use
jq
tool to addOrg1
the organization's anchor node information tomodified_config.json
cp config.json config_copy.json
jq '.channel_group.groups.Application.groups.Org1MSP.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "peer0.org1.example.com","port": 7051}]},"version": "0"}}' config_copy.json > modified_config.json
- Convert
config.json
andmodified_config.json
into pb files, and calculate the difference between the two.
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
configtxlator compute_update --channel_id channel1 --original config.pb --updated modified_config.pb --output config_update.pb
- Update channel configuration
configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate --output config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"channel1", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_in_envelope.json
configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope --output config_update_in_envelope.pb
cd ..
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c channel1 -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem"
4 others
The two parts of 2.1
and 2.2
require frequent setting of environment variables, especially when more peer nodes need to be added, the whole process is cumbersome and Error-prone. And when adding anchor nodes to an organization, you also need to execute many commands. Here, refer to the method in fabric-sample/test-network
and use the bash
file to complete the addition of nodes and the setting of anchor nodes.
Add orderer node
Create file in the fabric_network
directory with the following content: < /span>scripts/OrdererEnv.sh
channel_name=$1
domain_name=$2
orderer_port=$3
export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.crt
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.key
osnadmin channel join --channelID ${channel_name} --config-block ./channel-artifacts/${channel_name}.block -o localhost:$(expr $orderer_port) --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"
The command execution results are as follows:
Add peer node
Created in the fabric_network
directory< a i=4> file with the following contents:scripts/PeerEnv.sh
channel_name=$1
domain_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6
export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)
The execution result is as follows:
Tips: But please note that the environment variables set by this method are only valid when executing the statement, so it cannot be run after the statement is executed< a i=2> command. peer channel list
Set anchor node
Create file in the fabric_network
directory with the following content: < /span>scripts/SetAnchorPeer.sh
channel_name=$1
domain_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6
orderer_port=$7
export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)
peer channel fetch config channel-artifacts/config_block.pb -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com -c ${channel_name} --tls --cafile "$ORDERER_CA"
configtxlator proto_decode --input channel-artifacts/config_block.pb --type common.Block --output channel-artifacts/config_block.json
jq '.data.data[0].payload.data.config' channel-artifacts/config_block.json > channel-artifacts/config.json
cp channel-artifacts/config.json channel-artifacts/config_copy.json
jq '.channel_group.groups.Application.groups.'${org_msp}'.values += {"AnchorPeers":{"mod_policy":"Admins","value":{"anchor_peers":[{"host":"peer'${peer_num}'.org'${org_num}'.'${host_name}'.com","port":'${peer_port}'}]},"version":"0"}}' channel-artifacts/config_copy.json > channel-artifacts/modified_config.json
configtxlator proto_encode --input channel-artifacts/config.json --type common.Config --output channel-artifacts/config.pb
configtxlator proto_encode --input channel-artifacts/modified_config.json --type common.Config --output channel-artifacts/modified_config.pb
configtxlator compute_update --channel_id ${channel_name} --original channel-artifacts/config.pb --updated channel-artifacts/modified_config.pb --output channel-artifacts/config_update.pb
configtxlator proto_decode --input channel-artifacts/config_update.pb --type common.ConfigUpdate --output channel-artifacts/config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"'${channel_name}'","type":2}},"data":{"config_update":'$(cat channel-artifacts/config_update.json)'}}}' | jq . > channel-artifacts/config_update_in_envelope.json
configtxlator proto_encode --input channel-artifacts/config_update_in_envelope.json --type common.Envelope --output channel-artifacts/config_update_in_envelope.pb
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c ${channel_name} -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com --tls --cafile "$ORDERER_CA"
The result is as follows: