当前位置: 首页 > article >正文

Fabric:创建应用通道

搭建自定义网络可以参考文章:
https://blog.csdn.net/yeshang_lady/article/details/134113296

1 创建通道

网络搭建完成之后,就可以开始创建通道了。Fabric V2.5.4中可以在不创建系统通道的情况下直接创建应用通道

1.1 修改配置文件

先创建配置文件configtx.yaml。可以直接将fabric-samples/test-network/configtx/configtx.yaml文件复制到目录finance_network下,然后在这个文件上进行修改即可。
修改后的configtx.yaml文件内容如下(主要修改MSP和TLS相关的内容):

Organizations:
  - &OrdererOrg
    Name: OrdererOrg
    ID: OrdererMSP
    #注意修改
    MSPDir: ./organizations/ordererOrganizations/finance.com/msp
    Policies:
      Readers:
        Type: Signature
        Rule: "OR('OrdererMSP.member')"
      Writers:
        Type: Signature
        Rule: "OR('OrdererMSP.member')"
      Admins:
        Type: Signature
        Rule: "OR('OrdererMSP.admin')"
    OrdererEndpoints:
      - orderer.finance.com:7050
  - &Org1
    Name: Org1MSP
    ID: Org1MSP
    MSPDir: ./organizations/peerOrganizations/org1.finance.com/msp
    Policies:
      Readers:
        Type: Signature
        Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
      Writers:
        Type: Signature
        Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
      Admins:
        Type: Signature
        Rule: "OR('Org1MSP.admin')"
      Endorsement:
        Type: Signature
        Rule: "OR('Org1MSP.peer')"
  - &Org2
    Name: Org2MSP
    ID: Org2MSP
    MSPDir: ./organizations/peerOrganizations/org2.finance.com/msp
    Policies:
      Readers:
        Type: Signature
        Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
      Writers:
        Type: Signature
        Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
      Admins:
        Type: Signature
        Rule: "OR('Org2MSP.admin')"
      Endorsement:
        Type: Signature
        Rule: "OR('Org2MSP.peer')"

Capabilities:
  Channel: &ChannelCapabilities
    V2_0: true
  Orderer: &OrdererCapabilities
    V2_0: true
  Application: &ApplicationCapabilities
    V2_5: true

Application: &ApplicationDefaults
  Organizations:
  Policies:
    Readers:
      Type: ImplicitMeta
      Rule: "ANY Readers"
    Writers:
      Type: ImplicitMeta
      Rule: "ANY Writers"
    Admins:
      Type: ImplicitMeta
      Rule: "MAJORITY Admins"
    LifecycleEndorsement:
      Type: ImplicitMeta
      Rule: "MAJORITY Endorsement"
    Endorsement:
      Type: ImplicitMeta
      Rule: "MAJORITY Endorsement"
  Capabilities:
    <<: *ApplicationCapabilities

Orderer: &OrdererDefaults
  Addresses:
    - orderer.finance.com:7050
  BatchTimeout: 2s
  BatchSize:
    MaxMessageCount: 10
    AbsoluteMaxBytes: 99 MB
    PreferredMaxBytes: 512 KB
  Organizations:
  Policies:
    Readers:
      Type: ImplicitMeta
      Rule: "ANY Readers"
    Writers:
      Type: ImplicitMeta
      Rule: "ANY Writers"
    Admins:
      Type: ImplicitMeta
      Rule: "MAJORITY Admins"
    BlockValidation:
      Type: ImplicitMeta
      Rule: "ANY Writers"

Channel: &ChannelDefaults
  Policies:
    Readers:
      Type: ImplicitMeta
      Rule: "ANY Readers"
    Writers:
      Type: ImplicitMeta
      Rule: "ANY Writers"
    Admins:
      Type: ImplicitMeta
      Rule: "MAJORITY Admins"
  Capabilities:
    <<: *ChannelCapabilities
Profiles:
  ChannelUsingRaft:
    <<: *ChannelDefaults
    Orderer:
      <<: *OrdererDefaults
      OrdererType: etcdraft
      EtcdRaft:
        Consenters:
          - Host: orderer.finance.com
            Port: 7050
            ClientTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
            ServerTLSCert: ./organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
      Organizations:
        - *OrdererOrg
      Capabilities: *OrdererCapabilities
    Application:
      <<: *ApplicationDefaults
      Organizations:
        - *Org1
        - *Org2
      Capabilities: *ApplicationCapabilities

1.2 创建应用通道

使用如下命令创建应用通道。

#先回到finance_network目录下
configtxgen -profile ChannelUsingRaft -outputBlock ./channel-artifacts/channel1.block -channelID channel1

执行结果如下:
在这里插入图片描述
Tips:在执行这条命令的时候要保证环境变量FABRIC_CFG_PATH为空值,若不为空,需要使用-configPath参数指定configtx.yaml文件的地址。

2 添加节点

通道创建完成后,需要将orderer节点和peer节点加入都通道中。

2.1 添加orderer节点

可以使用osnadmin命令将orderer节点添加到通道上,具体如下:

#先跳转到finance_network目录下
#设置变量
export ORDERER_CA=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.crt
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/tls/server.key
#添加节点
osnadmin channel join --channelID channel1 --config-block ./channel-artifacts/channel1.block -o localhost:7053 --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"

命令执行成功则提示:
在这里插入图片描述
如果在执行osnadmin join命令是提示:listen tcp:lookup localhost:7053 on 127.0.0.11:53 no such host,一般是因为CCP没有设置或CCP文件中有错误。

2.2 添加peer节点

这里一共有3个peer节点要添加到通道上,这里仅以peer0.org1.finance.com为例进行说明。具体如下:

#先跳转到finance_network目录下
#将peer命令绑到peer0.org1.finance.com节点上
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/Admin@org1.finance.com/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
#执行添加命令
peer channel join -b ./channel-artifacts/channel1.block

执行成功时结果如下:
在这里插入图片描述

3 设置锚节点

Fabric网络中的锚节点(Anchor Peer)是网络中的一个特殊节点,其作用如下:

  • 组织连接:锚节点用于建立和维护该组织与其他组织之间的连接。其他组织可以通过与锚节点通信来了解该组织的组织配置。
  • 路由策略:锚节点负责维护和分发组织的路由策略。路由策略定义了网络中各个组织的Peer节点和Orderer节点的位置信息,以便其他组织可以正确地将交易请求发送给目标节点。
  • 组织配置更新:当该组织的组织配置发生更改时,锚节点会更新最新的组织配置块,并将其广播给其他节点。这确保了网络中的所有节点都能够得到最新的组织配置,并保持同步。

在通道配置信息中包含了每个组织的锚节点信息,每个通道都可以通过使用configtxlator工具来更新通道的方式来给每个组织设置锚节点。这里仅以Org1为例进行说明。这里将peer0.org1.finance.com节点设置为组织Org1的锚节点。

  • 先将peer CLI关联到peer0.org1.finance.com节点上,设置如下环境变量:
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org1.finance.com/peers/peer0.org1.finance.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org1.finance.com/users/Admin@org1.finance.com/msp
export CORE_PEER_ADDRESS=localhost:7051
export FABRIC_CFG_PATH=$PWD/config
  • 获取通道原始配置信息(这里要注意检查ORDERER_CA的值还在不在)
peer channel fetch config channel-artifacts/config_block.pb -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com -c channel1 --tls --cafile "$ORDERER_CA"

代码执行结果如下:
在这里插入图片描述

  • 将通道配置信息转化成json串,并使用jq工具将json串转化为流式串
#先进入channel-artifacts目录
configtxlator proto_decode --input config_block.pb --type common.Block --output config_block.json
jq '.data.data[0].payload.data.config' config_block.json > config.json
  • 使用jq工具将Org1组织的锚节点信息添加到modified_config.json
cp config.json config_copy.json
jq '.channel_group.groups.Application.groups.Org1MSP.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "peer0.org1.example.com","port": 7051}]},"version": "0"}}' config_copy.json > modified_config.json
  • config.jsonmodified_config.json转化成pb文件,并计算两者之间的差异。
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
configtxlator compute_update --channel_id channel1 --original config.pb --updated modified_config.pb --output config_update.pb
  • 更新通道配置
configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate --output config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"channel1", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_in_envelope.json
configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope --output config_update_in_envelope.pb
cd ..
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c channel1 -o localhost:7050  --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$PWD/organizations/ordererOrganizations/finance.com/orderers/orderer.finance.com/msp/tlscacerts/tlsca.finance.com-cert.pem"

4 其他

2.12.2两部分需要频繁的设置环境变量,尤其是当需要添加的peer节点越多时,整个过程比较繁琐并且容易出错。并且给组织添加锚节点的时候也需要执行很多命令。这里参考fabric-sample/test-network中的方法,使用bash文件来完成节点的添加及锚节点的设置。
添加orderer节点
fabric_network目录下创建scripts/OrdererEnv.sh文件,其内容如下:

channel_name=$1
host_name=$2
orderer_port=$3

export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export ORDERER_ADMIN_TLS_SIGN_CERT=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.crt 
export ORDERER_ADMIN_TLS_PRIVATE_KEY=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/tls/server.key

osnadmin channel join --channelID ${channel_name} --config-block ./channel-artifacts/${channel_name}.block -o localhost:$(expr $orderer_port) --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"

其命令执行结果如下:
在这里插入图片描述
添加peer节点
fabric_network目录下创建scripts/PeerEnv.sh文件,其内容如下:

channel_name=$1
host_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6

export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)

其执行结果如下:
在这里插入图片描述
Tips:但要注意这种方法设置的环境变量仅在执行语句时有效,所以语句执行结束后不能运行peer channel list命令。
设置锚节点
fabric_network目录下创建scripts/SetAnchorPeer.sh文件,其内容如下:

channel_name=$1
host_name=$2
peer_port=$3
peer_num=$4
org_num=$5
org_msp=$6
orderer_port=$7

export ORDERER_CA=$PWD/organizations/ordererOrganizations/${host_name}.com/orderers/orderer.${host_name}.com/msp/tlscacerts/tlsca.${host_name}.com-cert.pem
export FABRIC_CFG_PATH=$PWD/config
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="${org_msp}"
export CORE_PEER_TLS_ROOTCERT_FILE=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/peers/peer${peer_num}.org${org_num}.${host_name}.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=$PWD/organizations/peerOrganizations/org${org_num}.${host_name}.com/users/Admin@org${org_num}.${host_name}.com/msp
export CORE_PEER_ADDRESS=localhost:$(expr $peer_port)

peer channel fetch config channel-artifacts/config_block.pb -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com -c ${channel_name} --tls --cafile "$ORDERER_CA"  
configtxlator proto_decode --input channel-artifacts/config_block.pb --type common.Block --output channel-artifacts/config_block.json
jq '.data.data[0].payload.data.config' channel-artifacts/config_block.json > channel-artifacts/config.json
cp channel-artifacts/config.json channel-artifacts/config_copy.json
jq '.channel_group.groups.Application.groups.'${org_msp}'.values += {"AnchorPeers":{"mod_policy":"Admins","value":{"anchor_peers":[{"host":"peer'${peer_num}'.org'${org_num}'.'${host_name}'.com","port":'${peer_port}'}]},"version":"0"}}' channel-artifacts/config_copy.json > channel-artifacts/modified_config.json
configtxlator proto_encode --input channel-artifacts/config.json --type common.Config --output channel-artifacts/config.pb
configtxlator proto_encode --input channel-artifacts/modified_config.json --type common.Config --output channel-artifacts/modified_config.pb
configtxlator compute_update --channel_id ${channel_name} --original channel-artifacts/config.pb --updated channel-artifacts/modified_config.pb --output channel-artifacts/config_update.pb
configtxlator proto_decode --input channel-artifacts/config_update.pb --type common.ConfigUpdate --output channel-artifacts/config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"'${channel_name}'","type":2}},"data":{"config_update":'$(cat channel-artifacts/config_update.json)'}}}' | jq . > channel-artifacts/config_update_in_envelope.json
configtxlator proto_encode --input channel-artifacts/config_update_in_envelope.json --type common.Envelope --output channel-artifacts/config_update_in_envelope.pb
peer channel update -f channel-artifacts/config_update_in_envelope.pb -c ${channel_name} -o localhost:$(expr $orderer_port) --ordererTLSHostnameOverride orderer.${host_name}.com --tls --cafile "$ORDERER_CA"               

其结果如下:
在这里插入图片描述

参考

  1. https://hyperledger-fabric.readthedocs.io/en/release-2.5/create_channel/create_channel_test_net.html

http://www.kler.cn/a/160149.html

相关文章:

  • 第四十五章 Vue之Vuex模块化创建(module)
  • Vue3.js - 一文看懂Vuex
  • 【Excel】身份证号最后一位“X”怎么计算
  • 蓝队知识浅谈(上)
  • Elasticsearch 8.16:适用于生产的混合对话搜索和创新的向量数据量化,其性能优于乘积量化 (PQ)
  • Mac intel 安装IDEA激活时遇到问题 jetbrains.vmoptions.plist: Permission denied
  • 图的建立与实现(使用邻接矩阵)(附赠Kruskal算法)
  • 『亚马逊云科技产品测评』活动征文| 基于etcd实现服务发现
  • Hello World!
  • TCP连接为什么是三次握手,而不是两次和四次
  • rabbitmq技术
  • 浅析计算机网络安全的的防范与措施
  • java开发中Dao层和Mapper层的关系
  • 微信玩具小程序商城开发技巧
  • 网络安全威胁——跨站脚本攻击
  • 【tower-boot 系列】redis集成
  • docker安装及配置mysql
  • HarmonyOS 修改App的默认加载的界面(ArkTS版本)(十七)
  • [Electron] 将应用打包成供Ubuntu、Debian平台下安装的deb包
  • DAPP开发【11】IPFS星际文件管理系统
  • spark的安装与使用:一键自动安装
  • TCP与UDP的区别
  • HashMap系列-放入元素的流程
  • 面试官问:怎么判断对象已死?
  • 近期复习四
  • 《微信小程序开发从入门到实战》学习四十二