A thorough understanding of the detailed process of fabric environment setup

Bloggers before the article is to teach you how to quickly build a fabric environment, but a lot of work has been hidden in the official script, it is not convenient for us to understand the process in depth, so bloggers here will be the process of one step by step decomposition, to facilitate everyone.

In front of the preparation I don't have to say, that is, the installation of various software and development environment, after installation, we git clone down the latest code, and switch to v1.0.0, and download the Docker image we need to use, that is, to step 6, and then we're going to parse the next step, which is really the process of building the fabric. 1. Generate Public private keys and certificates

There are two types of public keys and certificates in fabric, one is the TLS certificate that is prepared for communication before the node, and the other is User certificate for user login and permission control. These certificates were supposed to be issued by a CA, but we are here to test the environment and the CA node is not enabled, so fabric helps us to provide a tool: Cryptogen. 1.1 compilation Generation Cryptogen

Now that we have the source code for fabric, we can easily compile the required programs using the Make command. Fabric Official provides a specially compiled Cryptogen portal, we only need to run the following command:

CD ~/go/src/github.com/hyperledger/fabric make
Cryptogen

After the run system returns results:

Build/bin/cryptogen 
cgo_cflags= "" Gobin=/home/studyzy/go/src/github.com/hyperledger/fabric/build/bin go Install-tags ""-ldflags "-X github.com/hyperledger/fabric/common/tools/cryptogen/metadata. version=1.0.0 "Github.com/hyperledger/fabric/common/tools/cryptogen 
Binary available as Build/bin/cryptogen

In other words, we can see the compiled Cryptogen program under the Build/bin folder. 1.2 Configuration Crypto-config.yaml

Examples/e2e_cli/crypto-config.yaml has provided a configuration of Orderer org and two peer org, and the fields are also commented on in the template. We can take Org2 to analyze:

-Name:org2 
  Domain:org2.example.com 
  Template: 
    count:2 
  Users: 
    count:1

Name and domain are the names and domains of the organization, which are used primarily to generate certificates, and that information is included in the certificate. And template count=2 is said that we want to generate 2 sets of public private key and certificate, a set is PEER0.ORG2, also has a peer1.org2. Last users. Count=1 is saying that there are a few ordinary users under each template (Note that admin is admin, not included in this count), where 1 is configured, which means that we only need a common user User1@org2.example.com We can adjust this configuration file according to the actual need, adding and deleting org users. 1.3 Generating public private keys and certificates

After we have configured the Crypto-config.yaml file, we can use Cryptogen to read the file and generate the corresponding public key and certificate:

CD examples/e2e_cli/
... /.. /build/bin/cryptogen Generate--config=./crypto-config.yaml

The generated files are saved to the Crypto-config folder, and we can go to the folder to see which files were generated:

Tree Crypto-config

2. Generate Genesis blocks and channel configuration blocks 2.1 Compilation Generation Configtxgen

Similar to the previous 1.1, we can generate Configtxgen programs with the Make command:

CD ~/go/src/github.com/hyperledger/fabric make

Configtxgen

The results after the run are:

Build/bin/configtxgen 
cgo_cflags= "" Gobin=/home/studyzy/go/src/github.com/hyperledger/fabric/build/bin go Install-tags "NOPKCS11"-ldflags "-X github.com/hyperledger/fabric/common/configtx/tool/configtxgen/metadata. version=1.0.0 "Github.com/hyperledger/fabric/common/configtx/tool/configtxgen 
Binary available as build/bin/ Configtxgen

2.2 Configuration Configtx.yaml

Officially provided by the examples/e2e_cli/ Configtx.yaml This file is configured with a Orderer consensus configuration twoorgsorderergenesis with 2 org, as well as a channel configuration involving 2 org: Twoorgschannel. Orderer can set the consensus algorithm is solo or Kafka, as well as the consensus time zone block size, timeout time, etc., we use the default value can not change. The configuration of the peer node includes the configuration of MSP and the configuration of the anchor node. If we have more org, or if we have more channel, then we can make the corresponding modifications according to the template. 2.3 Creating the Genesis block

When the configuration is modified, we use Configtxgen to generate the Genesis block. and save the block to the local channel-artifacts folder:

CD examples/e2e_cli/

... /.. /build/bin/configtxgen-profile Twoorgsorderergenesis-outputblock./channel-artifacts/genesis.block

2.4 Generating channel configuration block

.. /.. /build/bin/configtxgen-profile Twoorgschannel-outputcreatechanneltx./channel-artifacts/channel.tx-channelid MyChannel

In addition to the update of anchor nodes, we also need to use this program to generate files:

.. /.. /build/bin/configtxgen-profile twoorgschannel-outputanchorpeersupdate./channel-artifacts/org1mspanchors.tx- Channelid mychannel-asorg Org1msp

. /.. /build/bin/configtxgen-profile twoorgschannel-outputanchorpeersupdate./channel-artifacts/org2mspanchors.tx- Channelid mychannel-asorg Org2msp

In the end, we should be able to see 4 files in the Channel-artifacts folder.

channel-artifacts/
├──channel.tx
├──genesis.block
├──org1mspanchors.tx
└──org2mspanchors.tx 3. docker-compose file for Fabric environment configuration

Before the node and the user's public key and the certificate, and the creation of the block are generated, then we can configure Docker-compose Yaml file, start fabric docker environment. 3.1 Configuration Orderer

The Orderer configuration is inside the Base/docker-compose-base.yaml and we look at the contents:

orderer.example.com:container_name:orderer.example.com image:hyperledger/fabric-orderer Environment:-OR  Derer_general_loglevel=debug-orderer_general_listenaddress=0.0.0.0-orderer_general_genesismethod=file- Orderer_general_genesisfile=/var/hyperledger/orderer/orderer.genesis.block-orderer_general_localmspid= ORDERERMSP-ORDERER_GENERAL_LOCALMSPDIR=/VAR/HYPERLEDGER/ORDERER/MSP # Enabled TLS-ORDERER_GENERAL_TLS _enabled=true-orderer_general_tls_privatekey=/var/hyperledger/orderer/tls/server.key-orderer_general_tls_cer tificate=/var/hyperledger/orderer/tls/server.crt-orderer_general_tls_rootcas=[/var/hyperledger/orderer/tls/ CA.CRT] Working_dir:/opt/gopath/src/github.com/hyperledger/fabric command:orderer volumes:-. /channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block-... /crypto-config/ordererorganizations/example.com/orderers/orderer.example.com/msp:/var/hyperlEdger/orderer/msp-... 
  /crypto-config/ordererorganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls Ports:-7,050:7,050

The main concern here is that orderer_general_genesisfile=/var/hyperledger/orderer/ Orderer.genesis.block, and this Genesis block is the Genesis block we created before, and here is the map of host to Docker:

- .. /channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block

The other configuration is mainly tl,log and so on, finally exposes the service port 7050. 3.2 Configuration Peer

Peer's configuration is in Base/docker-compose-base.yaml and Peer-base.yaml, we pick the PEER0.ORG1 to see what's in it:

Peer-base:image:hyperledger/fabric-peer Environment:-Core_vm_endpoint=unix:///host/var/run/docker.sock # The following setting starts Chaincode containers on the same # Bridge network as the peers # Https://docs.do 
    cker.com/compose/networking/-Core_vm_docker_hostconfig_networkmode=e2ecli_default #-CORE_LOGGING_LEVEL=ERROR -Core_logging_level=debug-core_peer_tls_enabled=true-core_peer_gossip_useleaderelection=true-co Re_peer_gossip_orgleader=false-core_peer_profile_enabled=true-core_peer_tls_cert_file=/etc/hyperledger/fabri c/tls/server.crt-core_peer_tls_key_file=/etc/hyperledger/fabric/tls/server.key-core_peer_tls_rootcert_file=/ ETC/HYPERLEDGER/FABRIC/TLS/CA.CRT Working_dir:/opt/gopath/src/github.com/hyperledger/fabric/peer command:peer nod E Start peer0.org1.example.com:container_name:peer0.org1.example.com Extends:file:peer-base.yaml serv Ice:peer-base environment:-Core_peer_id=peer0.org1.example.com-core_peer_address=peer0.org1.example.com:7051-core_peer_cha 
    incodelistenaddress=peer0.org1.example.com:7052-core_peer_gossip_externalendpoint=peer0.org1.example.com:7051 -Core_peer_localmspid=org1msp Volumes:-/var/run/:/host/var/run/-... 
      /crypto-config/peerorganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp - .. 
  /crypto-config/peerorganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls Ports:-7051:7051-7052:7052-7053:7053

In the peer configuration, it is primarily for peer to allocate the addresses of various services, as well as TLS and MSP information. 3.3 Configuring CLI

The CLI plays the role of a client throughout the fabric network, and we can use the CLI instead of the SDK to perform the actions that various SDKs can perform while developing tests. The CLI is connected to the peer and sends instructions to the corresponding peer for execution. Configuration of the CLI in Docker-compose-cli.yaml, let's look at the contents:

CLI:CONTAINER_NAME:CLI image:hyperledger/fabric-tools tty:true Environment:-Gopath=/opt/gopath -Core_vm_endpoint=unix:///host/var/run/docker.sock-core_logging_level=debug-core_peer_id=cli-core_p Eer_address=peer0.org1.example.com:7051-core_peer_localmspid=org1msp-core_peer_tls_enabled=true-core_ peer_tls_cert_file=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerorganizations/ Org1.example.com/peers/peer0.org1.example.com/tls/server.crt-core_peer_tls_key_file=/opt/gopath/src/github.com 
    /hyperledger/fabric/peer/crypto/peerorganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key -core_peer_tls_rootcert_file=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerorganizations/ org1.example.com/peers/peer0.org1.example.com/tls/ca.crt-core_peer_mspconfigpath=/opt/gopath/src/github.com/ Hyperledger/fabric/peer/crypto/peerorganizations/org1.example.com/users/admin@org1.exAmple.com/msp working_dir:/opt/gopath/src/github.com/hyperledger/fabric/peer command:/bin/bash-c './scripts/scrip T.sh ${channel_name}; Sleep $TIMEOUT ' volumes:-/var/run/:/host/var/run/-... /chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go-/crypto-config:/opt/gopath /src/github.com/hyperledger/fabric/peer/crypto/-/scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/ 
    scripts/-/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: 
    -Orderer.example.com-peer0.org1.example.com-peer1.org1.example.com-peer0.org2.example.com  -Peer1.org2.example.com