基础环境安装与配置
- 关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
- 设置安全
vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
# SELINUXTYPE=targeted
- 安装必需的包
yum install -y yum-utils device-mapper-persistent-data lvm2 wget unzip lrzsz
- 设置yum源并安装docker
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce -y
- 安装docker-compose
yum -y install epel-release
yum install python-pip -y
pip install --upgrade pip
pip install docker-compose
ystemctl start docker
systemctl enable docker
- 安装git-2.3.0和Golang (用于 fabric cli 服务的调用, ca 服务证书生成 )
mkdir /opt/soft
cd /opt/soft
yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker
wget https://github.com/git/git/archive/v2.3.0.zip
unzip v2.3.0.zip
cd git-2.3.0/
make prefix=/usr/local/git all
make prefix=/usr/local/git install
mkdir -p /opt/soft/golang
cd /opt/soft/golang
wget https://studygolang.com/dl/golang/go1.11.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.11.linux-amd64.tar.gz
- 配置git和Golang的环境变量
vim /etc/profile 添加以下env
export PATH=/usr/local/git/bin:$PATH
export PATH=$PATH:/usr/local/go/bin
export GOROOT=/usr/local/go
export GOPATH=/workspace/golang
export PATH=/usr/local/git/bin:$PATH
source /etc/profile 重新生效
好了,基础区块链机器环境都装完了,后续的机器可以直接克隆了
网络规划
2个CA服务器,3个Zookeeper服务器,3个Kafka服务器,3个Orderer服务器,3个Peer服务器
192.168.137.245:
ca.org1.alinkeji.com,zookeeper0,kafka0,orderer0.alinkeji.com,peer0.org1.alinkeji.com zookeeper0
192.168.137.210:
ca.org2.alinkeji.com,zookeeper1,kafka1,orderer1.alinkeji.com,peer0.org2.alinkeji.com zookeeper1
192.168.137.143:
zookeeper2,kafka2,orderer2.alinkeji.com,peer1.org1.alinkeji.com zookeeper2
- 配置hosts的域名解析:vim /etc/hosts
192.168.137.245 ca.org1.alinkeji.com orderer0.alinkeji.com peer0.org1.alinkeji.com
192.168.137.210 ca.org2.alinkeji.com orderer1.alinkeji.com peer0.org2.alinkeji.com
192.168.137.143 orderer2.alinkeji.com peer1.org1.alinkeji.com
- 创建目录并下载fabric1.3的源码
mkdir -p /workspace/golang/src/github.com/hyperledger
cd /workspace/golang/src/github.com/hyperledger
git clone https://github.com/hyperledger/fabric.git
cd fabric/
git checkout v1.3.0
- 修改download-dockerimages.sh脚本dockerFabricPull部分:vim download-dockerimages.sh
dockerFabricPull() {
echo "==> FABRIC IMAGE: peer"
echo
docker pull hyperledger/fabric-peer:amd64-1.3.0
docker tag hyperledger/fabric-peer:amd64-1.3.0 hyperledger/fabric-peer
echo "==> FABRIC IMAGE: orderer"
echo
docker pull hyperledger/fabric-orderer:amd64-1.3.0
docker tag hyperledger/fabric-orderer:amd64-1.3.0 hyperledger/fabric-orderer
echo "==> FABRIC IMAGE: couchdb"
echo
docker pull hyperledger/fabric-couchdb:amd64-0.4.14
docker tag hyperledger/fabric-couchdb:amd64-0.4.14 hyperledger/fabric-couchdb
echo "==> FABRIC IMAGE: ccenv"
echo
docker pull hyperledger/fabric-ccenv:amd64-1.3.0
docker tag hyperledger/fabric-ccenv:amd64-1.3.0 hyperledger/fabric-ccenv
echo "==> FABRIC IMAGE: javaenv"
echo
docker pull hyperledger/fabric-javaenv:amd64-1.3.0
docker tag hyperledger/fabric-javaenv:amd64-1.3.0 hyperledger/fabric-javaenv
echo "==> FABRIC IMAGE: kafka"
echo
docker pull hyperledger/fabric-kafka:amd64-0.4.14
docker tag hyperledger/fabric-kafka:amd64-0.4.14 hyperledger/fabric-kafka
echo "==> FABRIC IMAGE: tools"
echo
docker pull hyperledger/fabric-tools:amd64-1.3.0
docker tag hyperledger/fabric-tools:amd64-1.3.0 hyperledger/fabric-tools
echo "==> FABRIC IMAGE: zookeeper"
echo
docker pull hyperledger/fabric-zookeeper:amd64-0.4.14
docker tag hyperledger/fabric-zookeeper:amd64-0.4.14 hyperledger/fabric-zookeeper
}
- 拷贝修改的配置到其他机器上并下载镜像
scp download-dockerimages.sh root@192.168.137.245:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli
scp download-dockerimages.sh root@192.168.137.210:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli
source download-dockerimages.sh -c latest -f latest
- 修过crypto-config.yaml和configtx.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: alinkeji.com
CA:
Country: CN
Province: Sichuan
Locality: Chengdu
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer0
- Hostname: orderer1
- Hostname: orderer2
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.alinkeji.com
EnableNodeOUs: true
CA:
Country: CN
Province: Sichuan
Locality: Chengdu
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 2
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2
Domain: org2.alinkeji.com
EnableNodeOUs: true
CA:
Country: CN
Province: Sichuan
Locality: Chengdu
Template:
Count: 1
Users:
Count: 2
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.alinkeji.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.alinkeji.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.alinkeji.com
Port: 7051
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the application level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: kafka
Addresses:
- orderer0.alinkeji.com:7050
- orderer1.alinkeji.com:7050
- orderer2.alinkeji.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 98 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects. Edit
# this list to identify the brokers of the ordering service.
# NOTE: Use IP:port notation.
Brokers:
- kafka0:9092
- kafka1:9092
- kafka2:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
# Capabilities describes the orderer level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *OrdererCapabilities
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
- 修改 generateArtifacts.sh脚本文件的example.com为alinkeji.com并生成证书和通道相关的文件并拷贝到其他两台机器
sed -i "s/example.com/alinkeji\.com/g" generateArtifacts.sh
source generateArtifacts.sh xinghun
scp -r crypto-config/ channel-artifacts/ root@192.168.137.210:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli
scp -r crypto-config/ channel-artifacts/ root@192.168.137.143:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli
- 网络规划中(192.168.137.245)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper:
image: hyperledger/fabric-zookeeper
restart: always
ports:
- 2181:2181
- 2888:2888
- 3888:3888
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.137"
kafka:
image: hyperledger/fabric-kafka
restart: always
environment:
- KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false
ports:
- 9092:9092
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
orderer0.alinkeji.com:
container_name: orderer0.alinkeji.com
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.137.245"
- "orderer1:192.168.137.210"
- "orderer2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
peer0.org1.alinkeji.com:
container_name: peer0.org1.alinkeji.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.alinkeji.com
- CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.alinkeji.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.alinkeji.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.alinkeji.com:192.168.137.245"
- "orderer1.alinkeji.com:192.168.137.210"
- "orderer2.alinkeji.com:192.168.137.143"
services:
ca-org1:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org1
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.alinkeji.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/f7676f60df1087257f26092f8a599699374b8f669f31ba614743a713ad3fe610_sk
ports:
- "7054:7054"
volumes:
- ./crypto-config/peerOrganizations/org1.alinkeji.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerOrg1
zookeeper0:
container_name: zookeeper0
hostname: zookeeper0
extends:
file: base/docker-compose-base.yaml
service: zookeeper
environment:
- ZOO_MY_ID=1
- ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888
kafka0:
container_name: kafka0
hostname: kafka0
extends:
file: base/docker-compose-base.yaml
service: kafka
environment:
- KAFKA_BROKER_ID=1
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181
depends_on:
- zookeeper0
orderer0.alinkeji.com:
extends:
file: base/docker-compose-base.yaml
service: orderer0.alinkeji.com
container_name: orderer0.alinkeji.com
depends_on:
- zookeeper0
- kafka0
peer0.org1.alinkeji.com:
container_name: peer0.org1.alinkeji.com
hostname: peer0.org1.alinkeji.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.alinkeji.com
depends_on:
- zookeeper0
- kafka0
- orderer0.alinkeji.com
- 网络规划中(192.168.137.210)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper:
image: hyperledger/fabric-zookeeper
restart: always
ports:
- 2181:2181
- 2888:2888
- 3888:3888
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.137"
kafka:
image: hyperledger/fabric-kafka
restart: always
environment:
- KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false
ports:
- 9092:9092
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
orderer1.alinkeji.com:
container_name: orderer1.alinkeji.com
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.137.245"
- "orderer1:192.168.137.210"
- "orderer2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
peer0.org2.alinkeji.com:
container_name: peer0.org2.alinkeji.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.alinkeji.com
- CORE_PEER_ADDRESS=peer0.org2.alinkeji.com:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.alinkeji.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.alinkeji.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.alinkeji.com/peers/peer0.org2.alinkeji.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.alinkeji.com/peers/peer0.org2.alinkeji.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.alinkeji.com:192.168.137.245"
- "orderer1.alinkeji.com:192.168.137.210"
- "orderer2.alinkeji.com:192.168.137.143"
version: '2'
services:
ca-org2:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org2
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org2.alinkeji.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/a3d20f2e4abbb53ecdf4e61ad2491805772e1f426da687d87c6640ecaa77a5b9_sk
ports:
- "7054:7054"
volumes:
- ./crypto-config/peerOrganizations/org2.alinkeji.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerOrg2
zookeeper1:
container_name: zookeeper1
hostname: zookeeper1
extends:
file: base/docker-compose-base.yaml
service: zookeeper
environment:
- ZOO_MY_ID=2
- ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888
kafka1:
container_name: kafka1
hostname: kafka1
extends:
file: base/docker-compose-base.yaml
service: kafka
environment:
- KAFKA_BROKER_ID=2
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181
depends_on:
- zookeeper1
orderer1.alinkeji.com:
extends:
file: base/docker-compose-base.yaml
service: orderer1.alinkeji.com
container_name: orderer1.alinkeji.com
depends_on:
- zookeeper1
- kafka1
peer0.org2.alinkeji.com:
container_name: peer0.org2.alinkeji.com
hostname: peer0.org2.alinkeji.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.alinkeji.com
depends_on:
- zookeeper1
- kafka1
- orderer1.alinkeji.com
- 网络规划中(192.168.137.143)的docker-compose-base.yaml和docker-compose-run.yaml的配置展示
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
zookeeper:
image: hyperledger/fabric-zookeeper
restart: always
ports:
- 2181:2181
- 2888:2888
- 3888:3888
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.137"
kafka:
image: hyperledger/fabric-kafka
restart: always
environment:
- KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false
ports:
- 9092:9092
extra_hosts:
- "zookeeper0:192.168.137.245"
- "zookeeper1:192.168.137.210"
- "zookeeper2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
orderer2.alinkeji.com:
container_name: orderer2.alinkeji.com
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_LONGINTERVAL=10s
- ORDERER_KAFKA_RETRY_LONGTOTAL=100s
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
working_dir: /workspace/golang/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "orderer0:192.168.137.245"
- "orderer1:192.168.137.210"
- "orderer2:192.168.137.143"
- "kafka0:192.168.137.245"
- "kafka1:192.168.137.210"
- "kafka2:192.168.137.143"
peer1.org1.alinkeji.com:
container_name: peer1.org1.alinkeji.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org1.alinkeji.com
- CORE_PEER_ADDRESS=peer1.org1.alinkeji.com:7051
- CORE_PEER_CHAINCODEADDRESS=peer1.org1.alinkeji.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.alinkeji.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.alinkeji.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer1.org1.alinkeji.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.alinkeji.com/peers/peer1.org1.alinkeji.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.alinkeji.com:192.168.137.245"
- "orderer1.alinkeji.com:192.168.137.210"
- "orderer2.alinkeji.com:192.168.137.143"
version: '2'
services:
zookeeper2:
container_name: zookeeper2
hostname: zookeeper2
extends:
file: base/docker-compose-base.yaml
service: zookeeper
environment:
- ZOO_MY_ID=3
- ZOO_SERVERS=server.1=zookeeper0:2888:3888 server.2=zookeeper1:2888:3888 server.3=zookeeper2:2888:3888
kafka2:
container_name: kafka2
hostname: kafka2
extends:
file: base/docker-compose-base.yaml
service: kafka
environment:
- KAFKA_BROKER_ID=3
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:2181,zookeeper2:2181
depends_on:
- zookeeper2
orderer2.alinkeji.com:
extends:
file: base/docker-compose-base.yaml
service: orderer2.alinkeji.com
container_name: orderer2.alinkeji.com
depends_on:
- zookeeper2
- kafka2
peer1.org1.alinkeji.com:
container_name: peer1.org1.alinkeji.com
hostname: peer1.org1.alinkeji.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org1.alinkeji.com
depends_on:
- zookeeper2
- kafka2
- orderer2.alinkeji.com
- 分别在三台机器上启动容器,网络部署完成
CHANNEL_NAME=xinghun TIMEOUT=10000 docker-compose -f docker-compose-run.yaml up
- 配置docker-compose-cli.yaml执行docker exec -it cli bash命令进入容器
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
# 每一台Peer的以下配置不相同
# 主要体现在 CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/workspace/golang
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.alinkeji.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_LOCALMSPTYPE=bccsp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/peers/peer0.org1.alinkeji.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.alinkeji.com/users/Admin@org1.alinkeji.com/msp
working_dir: /workspace/golang/src/github.com/hyperledger/fabric/peer
#command: /bin/bash -c './scripts/script.sh ${CHANNEL_NAME}; sleep $TIMEOUT'
volumes:
- /var/run/:/host/var/run/
- ../chaincode/go/:/workspace/golang/src/github.com/hyperledger/fabric/examples/chaincode/go
- ./crypto-config:/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/workspace/golang/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/workspace/golang/src/github.com/hyperledger/fabric/peer/channel-artifacts
extra_hosts:
- "orderer0.alinkeji.com:192.168.137.245"
- "orderer1.alinkeji.com:192.168.137.110"
- "orderer2.alinkeji.com:192.168.137.143"
- "peer0.org1.alinkeji.com:192.168.137.245"
- "peer0.org2.alinkeji.com:192.168.137.210"
- "peer1.org1.alinkeji.com:192.168.137.143"
- 创建通道并将peer加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer0.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem
export CHANNEL_NAME=xinghun
peer channel create -o orderer0.alinkeji.com:7050 -c xinghun -f ./channel-artifacts/channel.tx --tls --cafile $ORDERER_CA
mv xinghun.block channel-artifacts/
peer channel join -b channel-artifacts/xinghun.block
- 退出cli容器拷贝xinghun.block到另外两台机器
scp xinghun.block root@192.168.137.210:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts
scp xinghun.block root@192.168.137.143:/workspace/golang/src/github.com/hyperledger/fabric/examples/e2e_cli/channel-artifacts
- 同上配置docker-compose-cli.yaml后进入192.168.137.210机器的cli容器将peer节点加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer1.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem
export CHANNEL_NAME=xinghun
peer channel join -b channel-artifacts/xinghun.block
- 同上配置docker-compose-cli.yaml后进入192.168.137.143机器的cli容器将peer节点加入通道
export ORDERER_CA=/workspace/golang/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/alinkeji.com/orderers/orderer2.alinkeji.com/msp/tlscacerts/tlsca.alinkeji.com-cert.pem
export CHANNEL_NAME=xinghun
peer channel join -b channel-artifacts/xinghun.block
- 安装智能合约(在每台服务器上都安装智能合约)
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/example02/cmd
- 实例化智能合约(只需要在一台机器上执行就可以了)
peer chaincode instantiate -o orderer0.alinkeji.com:7050 --tls --cafile $ORDERER_CA -C xinghun -n mycc -v 1.0 -c '{"Args":["init","a","100","b","100"]}' -P "AND ('Org1MSP.peer','Org2MSP.peer')"
- 在任意peer容器上即可执行查询,转账等操作
peer chaincode query -C xinghun -n mycc -c '{"Args":["query","a"]}'
- 动态Peer节点配置持续更新
- 动态Org配置持续更新
有疑问加站长微信联系(非本文作者)