环境说明
os: debian9
docker: 18.09.7
docker-compose: 1.17.1
golang: go1.13.5 linux/amd64
获取Fabric二进制文件
到该页面获取最新版本: https://github.com/hyperledger/fabric/releases
操作指南
生成MSP文件
配置文件
# crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: mid.org
Specs:
- Hostname: order0
- Hostname: order1
- Hostname: order2
PeerOrgs:
- Name: Mcorp
Domain: m.com
EnableNodeOUs: true
Specs:
- Hostname: peer0
- Hostname: peer1
Users:
Count: 1
- Name: RateCorp
Domain: rate.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
- Name: DbCorp
Domain: db.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
命令
cryptogen generate --config=./crypto-config.yaml --output="organizations"
# --config: 指定配置文件路径
# --output: 指定生成文件存放的目录
创建基础网络
配置文件
# configtx.yaml
Organizations:
- &MidOrg
Name: MidMSP
ID: MidMSP
MSPDir: organizations/ordererOrganizations/mid.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('MidMSP.member')"
Writers:
Type: Signature
Rule: "OR('MidMSP.member')"
Admins:
Type: Signature
Rule: "OR('MidMSP.admin')"
- &Mcorp
Name: McorpMSP
ID: McorpMSP
MSPDir: organizations/peerOrganizations/m.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('McorpMSP.admin', 'McorpMSP.peer', 'McorpMSP.client')"
Writers:
Type: Signature
Rule: "OR('McorpMSP.admin', 'McorpMSP.client')"
Admins:
Type: Signature
Rule: "OR('McorpMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('McorpMSP.peer')"
AnchorPeers:
- Host: peer0.m.com
Port: 7051
- &Rate
Name: RateMSP
ID: RateMSP
MSPDir: organizations/peerOrganizations/rate.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('RateMSP.admin', 'RateMSP.peer', 'RateMSP.client')"
Writers:
Type: Signature
Rule: "OR('RateMSP.admin', 'RateMSP.client')"
Admins:
Type: Signature
Rule: "OR('RateMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('RateMSP.peer')"
AnchorPeers:
- Host: peer0.rate.com
Port: 7051
- &DbCorp
Name: DbCorpMSP
ID: DbCorpMSP
MSPDir: organizations/peerOrganizations/db.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('DbCorpMSP.admin', 'DbCorpMSP.peer', 'DbCorpMSP.client')"
Writers:
Type: Signature
Rule: "OR('DbCorpMSP.admin', 'DbCorpMSP.client')"
Admins:
Type: Signature
Rule: "OR('DbCorpMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('DbCorpMSP.peer')"
AnchorPeers:
- Host: peer0.db.com
Port: 7051
Capabilities:
Channel: &ChannelCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Application: &ApplicationCapabilities
V2_0: true
Application: &ApplicationDefaults
ACLs:
_lifecycle/CheckCommitReadiness: "/Channel/Application/Writers"
_lifecycle/CommitChaincodeDefinition: "/Channel/Application/Writers"
_lifecycle/QueryChaincodeDefinition: "/Channel/Application/Readers"
_lifecycle/QueryChaincodeDefinitions: "/Channel/Application/Readers"
lscc/ChaincodeExists: "/Channel/Application/Readers"
lscc/GetDeploymentSpec: "/Channel/Application/Readers"
lscc/GetChaincodeData: "/Channel/Application/Readers"
lscc/GetInstantiatedChaincodes: "/Channel/Application/Readers"
qscc/GetChainInfo: "/Channel/Application/Readers"
qscc/GetBlockByNumber: "/Channel/Application/Readers"
qscc/GetBlockByHash: "/Channel/Application/Readers"
qscc/GetTransactionByID: "/Channel/Application/Readers"
qscc/GetBlockByTxID: "/Channel/Application/Readers"
cscc/GetConfigBlock: "/Channel/Application/Readers"
cscc/GetConfigTree: "/Channel/Application/Readers"
cscc/SimulateConfigTreeUpdate: "/Channel/Application/Readers"
peer/Propose: "/Channel/Application/Writers"
peer/ChaincodeToChaincode: "/Channel/Application/Readers"
event/Block: "/Channel/Application/Readers"
event/FilteredBlock: "/Channel/Application/Readers"
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses:
- orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
ForCreateChannel:
Consortium: BondNetConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Mcorp
- *Rate
- *DbCorp
Capabilities:
<<: *ApplicationCapabilities
ForGenesisBlock:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: order0.mid.org
Port: 7050
ClientTLSCert: organizations/ordererOrganizations/mid.org/orderers/order0.mid.org/tls/server.crt
ServerTLSCert: organizations/ordererOrganizations/mid.org/orderers/order0.mid.org/tls/server.crt
- Host: order1.mid.org
Port: 7050
ClientTLSCert: organizations/ordererOrganizations/mid.org/orderers/order1.mid.org/tls/server.crt
ServerTLSCert: organizations/ordererOrganizations/mid.org/orderers/order1.mid.org/tls/server.crt
- Host: order2.mid.org
Port: 7050
ClientTLSCert: organizations/ordererOrganizations/mid.org/orderers/order2.mid.org/tls/server.crt
ServerTLSCert: organizations/ordererOrganizations/mid.org/orderers/order2.mid.org/tls/server.crt
Addresses:
- order0.mid.org:7050
- order1.mid.org:7051
- order2.mid.org:7052
Organizations:
- *MidOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *MidOrg
Consortiums:
BondNetConsortium:
Organizations:
- *Mcorp
- *Rate
- *DbCorp
生成创世块
configtxgen -profile ForGenesisBlock -channelID system-channel -outputBlock ./system-genesis-block/genesis.block
# 程序默认会读取当前路径下的configtx.yaml作为配置文件。
# 如果配置文件不在当前目录下,可通过FABRIC_CFG_PATH环境变量指定目录路径。
# profile: 指定要使用配置文件中的哪个Profiles下的配置。
# channelID: 指定Channel名称,这次要创建的是系统通道。
# outputBlock: 指定生成的创世块文件路径。
生成创建通道交易文件
configtxgen -profile ForCreateChannel -outputCreateChannelTx ./channel-artifacts/bondnet.tx -channelID bondnet
# -profile 指定使用配置文件中Profiles的哪段配置
# -outputCreateChannelTx 指定生成交易信息的文件名称
# -channelID 指定通道名称
生成设置锚节点交易文件
configtxgen -profile ForCreateChannel -outputAnchorPeersUpdate ./channel-artifacts/McorpMSPanchors.tx -channelID bondnet -asOrg McorpMSP
# -profile 指定使用配置文件中Profiles的哪段配置
# -outputAnchorPeersUpdate 指定生成配置锚节点交易的文件名称
# -channelID 指定通道名称
# -asOrg 每个组织需要单独配置,该参数指定组织的MSP名称(非MSP ID)。
启动orderer节点
orderer配置文件
https://github.com/hyperledger/fabric/blob/release-2.0/sampleconfig/orderer.yaml
命令
orderer
启动peer节点
peer配置文件
https://github.com/hyperledger/fabric/blob/release-2.0/sampleconfig/core.yaml
命令
peer node start
创建通道
环境变量
export CORE_PEER_LOCALMSPID=McorpMSP
# 使用M公司的MSP
export CORE_PEER_TLS_ENABLED=true
# 启用TLS
export CORE_PEER_MSPCONFIGPATH=/tmp/Admin@m.com/msp
# 指定admin的msp目录
命令
peer channel create -o order0.mid.org:7050 -c bondnet -f /tmp/bondnet.tx --outputBlock /tmp/bondnet.block --tls true --cafile /tmp/order0.mid.org/tls/ca.crt
# -o: 指定order服务地址,如果采用IP地址,可以使用--ordererTLSHostnameOverride 指定order证书中设置的域名。
# -c: 指定channel名称。
# -f: 指定创建Channel的交易文件路径。
# --tls: 是否开启tls,如果Order开启了tls,则设置为true。
# --cafile: 指定order证书的根ca。
# --outputBlock:指定生成块文件的路径。
将peer加入Channel
环境变量
export CORE_PEER_MSPCONFIGPATH=/tmp/Admin@m.com/msp
命令
peer channel join -b /tmp/bondnet.block
docker命令
docker run -ti --rm -v $PWD/channel-artifacts/bondnet.block:/tmp/bondnet.block -v $PWD/organizations/peerOrganizations/m.com:/tmp/m.com -e CORE_PEER_LOCALMSPID=McorpMSP -e CORE_PEER_TLS_ENABLED=true -e CORE_PEER_MSPCONFIGPATH=/tmp/m.com/users/Admin@m.com/msp -e CORE_PEER_TLS_ROOTCERT_FILE=/tmp/m.com/peers/peer0.m.com/tls/ca.crt -e CORE_PEER_ADDRESS=peer1.m.com:7051 --network docker_mcorp hyperledger/fabric-peer peer channel join -b /tmp/bondnet.block
启用锚节点
环境变量
export CORE_PEER_LOCALMSPID=McorpMSP
# 使用M公司的MSP
export CORE_PEER_TLS_ENABLED=true
# 启用TLS
export CORE_PEER_MSPCONFIGPATH=/tmp/Admin@m.com/msp
# 指定admin的msp目录
命令
peer channel update -o order0.mid.org:7050 -c bondnet -f /tmp/Org1MSPanchors.tx --tls true --cafile /tmp/order0.mid.org/tls/ca.crt
# -o: 指定order服务地址,如果采用IP地址,可以使用--ordererTLSHostnameOverride 指定order证书中设置的域名。
# -c: 指定channel名称。
# -f: 指定修改锚节点的交易文件路径。
# --tls: 是否开启tls,如果Order开启了tls,则设置为true。
# --cafile: 指定order证书的根ca。
本文使用 mdnice 排版
