Bloggers before the article is to teach you how to quickly build a fabric environment, but a lot of work has been hidden in the official script, it is not convenient for us to understand the process in depth, so bloggers here will be the process of one step by step decomposition, to facilitate everyone.
In front of the preparation I don't have to say, that is, the installation of various software and development environment, after installation, we git clone down the latest code, and switch to v1.0.0, and download the Docker image we need to use, that is, to step 6, and then we're going to parse the next step, which is really the process of building the fabric. 1. Generate Public private keys and certificates
There are two types of public keys and certificates in fabric, one is the TLS certificate that is prepared for communication before the node, and the other is User certificate for user login and permission control. These certificates were supposed to be issued by a CA, but we are here to test the environment and the CA node is not enabled, so fabric helps us to provide a tool: Cryptogen. 1.1 compilation Generation Cryptogen
Now that we have the source code for fabric, we can easily compile the required programs using the Make command. Fabric Official provides a specially compiled Cryptogen portal, we only need to run the following command:
CD ~/go/src/github.com/hyperledger/fabric make
Cryptogen
After the run system returns results:
Build/bin/cryptogen
cgo_cflags= "" Gobin=/home/studyzy/go/src/github.com/hyperledger/fabric/build/bin go Install-tags ""-ldflags "-X github.com/hyperledger/fabric/common/tools/cryptogen/metadata. version=1.0.0 "Github.com/hyperledger/fabric/common/tools/cryptogen
Binary available as Build/bin/cryptogen
In other words, we can see the compiled Cryptogen program under the Build/bin folder. 1.2 Configuration Crypto-config.yaml
Examples/e2e_cli/crypto-config.yaml has provided a configuration of Orderer org and two peer org, and the fields are also commented on in the template. We can take Org2 to analyze:
-Name:org2
Domain:org2.example.com
Template:
count:2
Users:
count:1
Name and domain are the names and domains of the organization, which are used primarily to generate certificates, and that information is included in the certificate. And template count=2 is said that we want to generate 2 sets of public private key and certificate, a set is PEER0.ORG2, also has a peer1.org2. Last users. Count=1 is saying that there are a few ordinary users under each template (Note that admin is admin, not included in this count), where 1 is configured, which means that we only need a common user User1@org2.example.com We can adjust this configuration file according to the actual need, adding and deleting org users. 1.3 Generating public private keys and certificates
After we have configured the Crypto-config.yaml file, we can use Cryptogen to read the file and generate the corresponding public key and certificate:
CD examples/e2e_cli/
... /.. /build/bin/cryptogen Generate--config=./crypto-config.yaml
The generated files are saved to the Crypto-config folder, and we can go to the folder to see which files were generated:
Tree Crypto-config
2. Generate Genesis blocks and channel configuration blocks
2.1 Compilation Generation Configtxgen
Similar to the previous 1.1, we can generate Configtxgen programs with the Make command:
CD ~/go/src/github.com/hyperledger/fabric make
Configtxgen
The results after the run are:
Build/bin/configtxgen
cgo_cflags= "" Gobin=/home/studyzy/go/src/github.com/hyperledger/fabric/build/bin go Install-tags "NOPKCS11"-ldflags "-X github.com/hyperledger/fabric/common/configtx/tool/configtxgen/metadata. version=1.0.0 "Github.com/hyperledger/fabric/common/configtx/tool/configtxgen
Binary available as build/bin/ Configtxgen
2.2 Configuration Configtx.yaml
Officially provided by the examples/e2e_cli/ Configtx.yaml This file is configured with a Orderer consensus configuration twoorgsorderergenesis with 2 org, as well as a channel configuration involving 2 org: Twoorgschannel. Orderer can set the consensus algorithm is solo or Kafka, as well as the consensus time zone block size, timeout time, etc., we use the default value can not change. The configuration of the peer node includes the configuration of MSP and the configuration of the anchor node. If we have more org, or if we have more channel, then we can make the corresponding modifications according to the template. 2.3 Creating the Genesis block
When the configuration is modified, we use Configtxgen to generate the Genesis block. and save the block to the local channel-artifacts folder:
CD examples/e2e_cli/
... /.. /build/bin/configtxgen-profile Twoorgsorderergenesis-outputblock./channel-artifacts/genesis.block
2.4 Generating channel configuration block
.. /.. /build/bin/configtxgen-profile Twoorgschannel-outputcreatechanneltx./channel-artifacts/channel.tx-channelid MyChannel
In addition to the update of anchor nodes, we also need to use this program to generate files:
.. /.. /build/bin/configtxgen-profile twoorgschannel-outputanchorpeersupdate./channel-artifacts/org1mspanchors.tx- Channelid mychannel-asorg Org1msp
. /.. /build/bin/configtxgen-profile twoorgschannel-outputanchorpeersupdate./channel-artifacts/org2mspanchors.tx- Channelid mychannel-asorg Org2msp
In the end, we should be able to see 4 files in the Channel-artifacts folder.
channel-artifacts/
├──channel.tx
├──genesis.block
├──org1mspanchors.tx
└──org2mspanchors.tx 3. docker-compose file for Fabric environment configuration
Before the node and the user's public key and the certificate, and the creation of the block are generated, then we can configure Docker-compose Yaml file, start fabric docker environment. 3.1 Configuration Orderer
The Orderer configuration is inside the Base/docker-compose-base.yaml and we look at the contents:
orderer.example.com:container_name:orderer.example.com image:hyperledger/fabric-orderer Environment:-OR Derer_general_loglevel=debug-orderer_general_listenaddress=0.0.0.0-orderer_general_genesismethod=file- Orderer_general_genesisfile=/var/hyperledger/orderer/orderer.genesis.block-orderer_general_localmspid= ORDERERMSP-ORDERER_GENERAL_LOCALMSPDIR=/VAR/HYPERLEDGER/ORDERER/MSP # Enabled TLS-ORDERER_GENERAL_TLS _enabled=true-orderer_general_tls_privatekey=/var/hyperledger/orderer/tls/server.key-orderer_general_tls_cer tificate=/var/hyperledger/orderer/tls/server.crt-orderer_general_tls_rootcas=[/var/hyperledger/orderer/tls/ CA.CRT] Working_dir:/opt/gopath/src/github.com/hyperledger/fabric command:orderer volumes:-. /channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block-... /crypto-config/ordererorganizations/example.com/orderers/orderer.example.com/msp:/var/hyperlEdger/orderer/msp-...
/crypto-config/ordererorganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls Ports:-7,050:7,050
The main concern here is that orderer_general_genesisfile=/var/hyperledger/orderer/ Orderer.genesis.block, and this Genesis block is the Genesis block we created before, and here is the map of host to Docker:
- .. /channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
The other configuration is mainly tl,log and so on, finally exposes the service port 7050. 3.2 Configuration Peer
Peer's configuration is in Base/docker-compose-base.yaml and Peer-base.yaml, we pick the PEER0.ORG1 to see what's in it:
Peer-base:image:hyperledger/fabric-peer Environment:-Core_vm_endpoint=unix:///host/var/run/docker.sock # The following setting starts Chaincode containers on the same # Bridge network as the peers # Https://docs.do
cker.com/compose/networking/-Core_vm_docker_hostconfig_networkmode=e2ecli_default #-CORE_LOGGING_LEVEL=ERROR -Core_logging_level=debug-core_peer_tls_enabled=true-core_peer_gossip_useleaderelection=true-co Re_peer_gossip_orgleader=false-core_peer_profile_enabled=true-core_peer_tls_cert_file=/etc/hyperledger/fabri c/tls/server.crt-core_peer_tls_key_file=/etc/hyperledger/fabric/tls/server.key-core_peer_tls_rootcert_file=/ ETC/HYPERLEDGER/FABRIC/TLS/CA.CRT Working_dir:/opt/gopath/src/github.com/hyperledger/fabric/peer command:peer nod E Start peer0.org1.example.com:container_name:peer0.org1.example.com Extends:file:peer-base.yaml serv Ice:peer-base environment:-Core_peer_id=peer0.org1.example.com-core_peer_address=peer0.org1.example.com:7051-core_peer_cha
incodelistenaddress=peer0.org1.example.com:7052-core_peer_gossip_externalendpoint=peer0.org1.example.com:7051 -Core_peer_localmspid=org1msp Volumes:-/var/run/:/host/var/run/-...
/crypto-config/peerorganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp - ..
/crypto-config/peerorganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls Ports:-7051:7051-7052:7052-7053:7053
In the peer configuration, it is primarily for peer to allocate the addresses of various services, as well as TLS and MSP information. 3.3 Configuring CLI
The CLI plays the role of a client throughout the fabric network, and we can use the CLI instead of the SDK to perform the actions that various SDKs can perform while developing tests. The CLI is connected to the peer and sends instructions to the corresponding peer for execution. Configuration of the CLI in Docker-compose-cli.yaml, let's look at the contents:
CLI:CONTAINER_NAME:CLI image:hyperledger/fabric-tools tty:true Environment:-Gopath=/opt/gopath -Core_vm_endpoint=unix:///host/var/run/docker.sock-core_logging_level=debug-core_peer_id=cli-core_p Eer_address=peer0.org1.example.com:7051-core_peer_localmspid=org1msp-core_peer_tls_enabled=true-core_ peer_tls_cert_file=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerorganizations/ Org1.example.com/peers/peer0.org1.example.com/tls/server.crt-core_peer_tls_key_file=/opt/gopath/src/github.com
/hyperledger/fabric/peer/crypto/peerorganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key -core_peer_tls_rootcert_file=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerorganizations/ org1.example.com/peers/peer0.org1.example.com/tls/ca.crt-core_peer_mspconfigpath=/opt/gopath/src/github.com/ Hyperledger/fabric/peer/crypto/peerorganizations/org1.example.com/users/admin@org1.exAmple.com/msp working_dir:/opt/gopath/src/github.com/hyperledger/fabric/peer command:/bin/bash-c './scripts/scrip T.sh ${channel_name}; Sleep $TIMEOUT ' volumes:-/var/run/:/host/var/run/-... /chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go-/crypto-config:/opt/gopath /src/github.com/hyperledger/fabric/peer/crypto/-/scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/
scripts/-/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on:
-Orderer.example.com-peer0.org1.example.com-peer1.org1.example.com-peer0.org2.example.com -Peer1.org2.example.com