Fabric:创建应用通道
搭建自定义网络可以参考文章:
https://blog.csdn.net/yeshang_lady/article/details/134113296
1 创建通道
网络搭建完成之后,就可以开始创建通道了。Fabric V2.5.4中可以在不创建系统通道的情况下直接创建应用通道。
1.1 修改配置文件
先创建配置文件configtx.yaml
。可以直接将fabric-samples/test-network/configtx/configtx.yaml
文件复制到目录finance_network
下,然后在这个文件上进行修改即可。
修改后的configtx.yaml
文件内容如下(主要修改MSP和TLS相关的内容):
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
#注意修改
MSPDir: ./organizations/ordererOrganizations/finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
OrdererEndpoints:
- orderer.finance.com:7050
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: ./organizations/peerOrganizations/org1.finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org1MSP.peer')"
- &Org2
Name: Org2MSP
ID: Org2MSP
MSPDir: ./organizations/peerOrganizations/org2.finance.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Org2MSP.peer')"
Capabilities:
Channel: &ChannelCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Application: &ApplicationCapabilities
V2_5: true
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
Addresses:
- orderer.finance.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
ChannelUsingRaft:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.finance.com
Port: 7050
ClientTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
ServerTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
Organizations:
- *OrdererOrg
Capabilities: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities: *ApplicationCapabilities
1.2 创建应用通道
使用如下命令创建应用通道。
#先回到finance_network目录下
configtxgen -profile ChannelUsingRaft -outputBlock ./channel-artifacts/channel1.block -channelID channel1
执行结果如下:
Tips:在执行这条命令的时候要保证环境变量FABRIC_CFG_PATH为空值,若不为空,需要使用-configPath参数指定configtx.yaml
文件的地址。
2 添加节点
通道创建完成后,需要将orderer节点和peer节点加入都通道中。
2.1 添加orderer节点
可以使用osnadmin
命令将orderer节点添加到通道上,具体如下:
#先跳转到finance_network目录下
#设置变量
export ORDERER_CA=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.key
#添加节点
osnadmin channel join --channelID channel1 --config-block ./channel-artifacts/channel1.block -o localhost:7053 --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"
命令执行成功则提示:
如果在执行osnadmin join
命令是提示:listen tcp:lookup localhost:7053 on 127.0.0.11:53 no such host,一般是因为CCP没有设置或CCP文件中有错误。
2.2 添加peer节点
这里一共有3个peer节点要添加到通道上,这里仅以peer0.org1.finance.com
为例进行说明。具体如下:
#先跳转到finance_network目录下
#将peer命令绑到peer0.org1.finance.com节点上
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/Admin@org1.finance.com/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
#执行添加命令
peer channel join -b ./channel-artifacts/channel1.block
执行成功时结果如下:
3 设置锚节点
Fabric网络中的锚节点(Anchor Peer)是网络中的一个特殊节点,其作用如下:
- 组织连接:锚节点用于建立和维护该组织与其他组织之间的连接。其他组织可以通过与锚节点通信来了解该组织的组织配置。
- 路由策略:锚节点负责维护和分发组织的路由策略。路由策略定义了网络中各个组织的Peer节点和Orderer节点的位置信息,以便其他组织可以正确地将交易请求发送给目标节点。
- 组织配置更新:当该组织的组织配置发生更改时,锚节点会更新最新的组织配置块,并将其广播给其他节点。这确保了网络中的所有节点都能够得到最新的组织配置,并保持同步。
在通道配置信息中包含了每个组织的锚节点信息,每个通道都可以通过使用configtxlator
工具来更新通道的方式来给每个组织设置锚节点。这里仅以Org1
为例进行说明。这里将peer0.org1.finance.com
节点设置为组织Org1
的锚节点。
- 先将
peer CLI
关联到peer0.org1.finance.com
节点上,设置如下环境变量:
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/Admin@org1.finance.com/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
- 获取通道原始配置信息(这里要注意检查
ORDERER_CA
的值还在不在)
peer channel fetch config channel-artifacts/config_block.pb -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com -c channel1 --tls --cafile "$ORDERER_CA"
代码执行结果如下:
- 将通道配置信息转化成json串,并使用
jq
工具将json串转化为流式串
#先进入channel-artifacts目录
configtxlator proto_decode --input config_block.pb --type common.Block --output config_block.json
jq '.data.data[0].payload.data.config' config_block.json > config.json
- 使用
jq
工具将Org1
组织的锚节点信息添加到modified_config.json
cp config.json config_copy.json
jq '.channel_group.groups.Application.groups.Org1MSP.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "peer0.org1.example.com","port": 7051}]},"version": "0"}}' config_copy.json > modified_config.json
- 将
config.json
和modified_config.json
转化成pb文件,并计算两者之间的差异。
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
configtxlator compute_update --channel_id channel1 --original config.pb --updated modified_config.pb --output config_update.pb
- 更新通道配置
configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate --output config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"channel1", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_in_envelope.json
configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope --output config_update_in_envelope.pb
cd ..
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c channel1 -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem"
4 其他
从2.1
和2.2
两部分需要频繁的设置环境变量,尤其是当需要添加的peer节点越多时,整个过程比较繁琐并且容易出错。并且给组织添加锚节点的时候也需要执行很多命令。这里参考fabric-sample/test-network
中的方法,使用bash
文件来完成节点的添加及锚节点的设置。
添加orderer节点
在fabric_network
目录下创建scripts/OrdererEnv.sh
文件,其内容如下:
channel_name=$1
host_name=$2
orderer_port=$3
export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.crt
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.key
osnadmin channel join --channelID ${channel_name} --config-block ./channel-artifacts/${channel_name}.block -o localhost:$(expr $orderer_port) --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"
其命令执行结果如下:
添加peer节点
在fabric_network
目录下创建scripts/PeerEnv.sh
文件,其内容如下:
channel_name=$1
host_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6
export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)
其执行结果如下:
Tips:但要注意这种方法设置的环境变量仅在执行语句时有效,所以语句执行结束后不能运行peer channel list
命令。
设置锚节点
在fabric_network
目录下创建scripts/SetAnchorPeer.sh
文件,其内容如下:
channel_name=$1
host_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6
orderer_port=$7
export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)
peer channel fetch config channel-artifacts/config_block.pb -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com -c ${channel_name} --tls --cafile "$ORDERER_CA"
configtxlator proto_decode --input channel-artifacts/config_block.pb --type common.Block --output channel-artifacts/config_block.json
jq '.data.data[0].payload.data.config' channel-artifacts/config_block.json > channel-artifacts/config.json
cp channel-artifacts/config.json channel-artifacts/config_copy.json
jq '.channel_group.groups.Application.groups.'${org_msp}'.values += {"AnchorPeers":{"mod_policy":"Admins","value":{"anchor_peers":[{"host":"peer'${peer_num}'.org'${org_num}'.'${host_name}'.com","port":'${peer_port}'}]},"version":"0"}}' channel-artifacts/config_copy.json > channel-artifacts/modified_config.json
configtxlator proto_encode --input channel-artifacts/config.json --type common.Config --output channel-artifacts/config.pb
configtxlator proto_encode --input channel-artifacts/modified_config.json --type common.Config --output channel-artifacts/modified_config.pb
configtxlator compute_update --channel_id ${channel_name} --original channel-artifacts/config.pb --updated channel-artifacts/modified_config.pb --output channel-artifacts/config_update.pb
configtxlator proto_decode --input channel-artifacts/config_update.pb --type common.ConfigUpdate --output channel-artifacts/config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"'${channel_name}'","type":2}},"data":{"config_update":'$(cat channel-artifacts/config_update.json)'}}}' | jq . > channel-artifacts/config_update_in_envelope.json
configtxlator proto_encode --input channel-artifacts/config_update_in_envelope.json --type common.Envelope --output channel-artifacts/config_update_in_envelope.pb
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c ${channel_name} -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com --tls --cafile "$ORDERER_CA"
其结果如下:
参考
- https://hyperledger-fabric.readthedocs.io/en/release-2.5/create_channel/create_channel_test_net.html