【fabric實戰指南二】Fabric v1.0 部署過程原理詳解
阿新 • • 發佈:2018-04-19
fabric區塊鏈兄弟社區,區塊鏈技術專業問答先行者,中國區塊鏈技術愛好者聚集地
作者:吳壽鶴
來源:區塊鏈兄弟
原文鏈接:http://www.blockchainbrother.com/article/18
著權歸作者所有。商業轉載請聯系作者獲得授權,非商業轉載請註明出處。
編譯fabric tools
我們會編譯以下幾個工具:
github.com/hyperledger/fabric/common/configtx/tool/configtxgen
github.com/hyperledger/fabric/common/tools/cryptogen
github.com/hyperledger/fabric/common/tools/configtxlator
github.com/hyperledger/fabric/peer
以上每個工具都需要讀取一個yaml文件配置,在配置文件中我們指明網絡的拓撲結構,證書地址等。
cd $GOPATH/src/github.com/hyperledger/fabric make release ls -rtl release/linux-amd64/bin -rwxrwxr-x 1 shouhewu shouhewu 15124356 Jul 17 13:58 configtxgen -rwxrwxr-x 1 shouhewu shouhewu 7315638 Jul 17 13:58 cryptogen -rwxrwxr-x 1 shouhewu shouhewu 16141847 Jul 17 13:58 configtxlator -rwxrwxr-x 1 shouhewu shouhewu 22949903 Jul 17 13:58 peer -rwxrwxr-x 1 shouhewu shouhewu 19942880 Jul 17 13:59 orderer -rwxrwxr-x 1 shouhewu shouhewu 774 Jul 17 13:59 get-docker-images.sh -rwxrwxr-x 1 shouhewu shouhewu 458 Jul 17 13:59 get-byfn.sh
Cryptogen Tool(cryptogen)
我們會使用crptogen tool 為網絡中的節點,用戶生成密碼證書(x509 certs)。
怎麽運行的?
Cryptogen 讀取 crypto-config.yaml 文件,yaml文件中包含網絡拓撲結構,這個yaml文件可以幫我們為每個組織和組織中的成員生成證書庫。每個組織分配一個根證書(ca-cert),這個根證書會綁定一些peers和orders到這個組織。fabric中的交易和通信都會被一個參與者的私鑰(keystore)簽名,並會被公鑰(signcerts)驗證.yaml配置文件中有一個"count"變量,我們用這個變量表示一個組織中會有多少個節點。在我們的文檔的例子中每個組織會有兩個節點。
crypto-config.yaml :
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0#
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer# ---------------------------------------------------------------------------
- Name: OrdererDomain: example.com# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1Domain: org1.example.com# ---------------------------------------------------------------------------
# "Specs"# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with# name collisions
# ---------------------------------------------------------------------------
Template:Count: 2# Start: 5# Hostname: {{.Prefix}}{{.Index}} # default# ---------------------------------------------------------------------------
# "Users"# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:Count: 1# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2Domain: org2.example.comTemplate:Count: 2Users:Count: 1執行結果
執行完cryptogen命令後,生成的證書會放在 crypto-config 文件夾中 。
ll crypto-configdrwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 ./ drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../ drwxr-xr-x 3 shouhewu shouhewu 4096 Jul 17 15:15 ordererOrganizations/ drwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 peerOrganizations/
Configuration Transaction Generator(configtxgen)
configtxgen tool 用來生成四個artifacts:orderer bootstrap block,fabric channel configuration transaction,two anchor peer transactions(每個組織一個)
orderer block 是ordering service 的創世區塊,在channel創建的時候channel transaction 文件會廣播給orderer。anchor peer transaction表示每個組織在channel中的anchor 節點。
怎麽工作的?
configtxgen會讀取 configtx.yaml 配置文件。這個yaml 文件包含網絡的定義,網絡中有三個成員 一個orderer(OrdererOrg),兩個peer(Org1,Org2),yaml文件中還包含一個由兩個組織構成的聯盟(SampleConsortium)。 在yaml文件最上方 “Profile”段落中,有兩個header,一個是orderer genesis block - TwoOrgsOrdererGenesis ,另一個是channel - TwoOrgsChannel。這兩個header十分重要,我們創建artifacts是我們會把他們作為參數傳入。yaml文件中還包含另外兩個東西:1.每個peer 組中的anchor peer(peer0.org1.example.com & peer0.org2.example.com) 。2. 每個成員的MSP 目錄位置,它允許我們把每個組織的根證書會存在orderer genesis block中。
configtx.yaml
---
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2TwoOrgsChannel:Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environmentName: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environmentName: Org1MSP
# ID to load the MSP definition as
ID: Org1MSPMSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.comPort: 7051- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environmentName: Org2MSP
# ID to load the MSP definition as
ID: Org2MSPMSPDir: crypto-config/peerOrganizations/org2.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.comPort: 7051################################################################################
#
# SECTION: Orderer#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"OrdererType: solo
Addresses:
- orderer.example.com:7050# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batchMaxMessageCount: 10# Absolute Max Bytes: The absolute maximum number of bytes allowed for# the serialized messages in a batch.
AbsoluteMaxBytes: 98 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:執行結果
configtxgen 會把每個成員的證書打包,輸出一個orderer genesis block 和三個channel transaction artifacts。
ll channel-artifacts/ drwxr-xr-x 2 shouhewu shouhewu 4096 Jul 17 15:15 ./ drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../ -rw-r--r-- 1 shouhewu shouhewu 369 Jul 17 15:21 channel.tx-rw-r--r-- 1 shouhewu shouhewu 9076 Jul 17 15:21 genesis.block -rw-rw-r-- 1 shouhewu shouhewu 0 Jul 17 15:14 .gitkeep -rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org1MSPanchors.tx-rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org2MSPanchors.tx
文章發布只為分享區塊鏈技術內容,版權歸原作者所有,觀點僅代表作者本人,絕不代表區塊鏈兄弟贊同其觀點或證實其描述
【fabric實戰指南二】Fabric v1.0 部署過程原理詳解