手動(dòng)部署hyperledger fabric單機(jī)多節(jié)點(diǎn)網(wǎng)絡(luò)

0 導(dǎo)言

? ? ?? 之前的文章《在Ubuntu 18.04上搭建HyperLedger Fabric 1.2.0 環(huán)境》,我們通過(guò)官方給定的腳本bootstrap.sh,可以快速安裝好fabric的運(yùn)行環(huán)境,又通過(guò)官方給定的first-network示例,運(yùn)行byfn.sh腳本可以快速的構(gòu)建和啟動(dòng)節(jié)點(diǎn)網(wǎng)絡(luò),并測(cè)試了智能合約(鏈碼)??梢哉f(shuō)官方寫(xiě)的這兩個(gè)腳本實(shí)在是太完美了,太自動(dòng)化了。但為了理解清楚里面的邏輯順序,我們還是決定來(lái)手動(dòng)部署一次。

1 本示例的組織和節(jié)點(diǎn)架構(gòu)

? ? ?? 本示例采用單機(jī)多組織,每個(gè)組織又包含若干個(gè)節(jié)點(diǎn),每個(gè)組織有若干個(gè)用戶。如圖:


image.png

2 準(zhǔn)備好bin目錄和可執(zhí)行文件

2.1 創(chuàng)建solo-single-demo目錄

$ mkdir solo-single-demo

2.2 復(fù)制bin目錄

? ? ??進(jìn)入solo-single-demo目錄,并將編譯好的二進(jìn)制可執(zhí)行文件所在的bin目錄整個(gè)復(fù)制到當(dāng)前目錄下。如果不知道怎么編譯,請(qǐng)參考《如何編譯fabric和fabric-ca源碼生成二進(jìn)制可執(zhí)行文件》

$ cd solo-single-demo
$ cp -r $GOPATH/src/github.com/hyperledger/fabric/release/linux-amd64/bin ./

3 準(zhǔn)備crypto-config.yaml配置文件

? ? ??該配置文件用來(lái)生成證書(shū)文件

$ ./bin/cryptogen showtemplate > crypto-config.yaml

? ? ??用文本編輯器或vi打開(kāi),去掉#注釋?zhuān)⑿薷某扇缦?/p> 

OrdererOrgs:
  - Name: Orderer
    Domain: example.com
    Specs:
      - Hostname: orderer

PeerOrgs:
  - Name: Org1
    Domain: org1.example.com
    EnableNodeOUs: false
    Template:
      Count: 2
    Users:
      Count: 3
  - Name: Org2
    Domain: org2.example.com
    EnableNodeOUs: false
    Template:
      Count: 2
    Users:
      Count: 2

4 生成證書(shū)文件

$ ./bin/cryptogen generate --config=./crypto-config.yaml
org1.example.com
org2.example.com

? ? ??上面命令會(huì)生成crypto-config文件夾,可以通過(guò)tree查看目錄的層次結(jié)構(gòu)

$ tree -L 3
.
├── bin
│   ├── configtxgen
│   ├── configtxlator
│   ├── cryptogen
│   ├── discover
│   ├── get-docker-images.sh
│   ├── idemixgen
│   ├── orderer
│   └── peer
├── crypto-config
│   ├── ordererOrganizations
│   │   └── example.com
│   └── peerOrganizations
│       ├── org1.example.com
│       └── org2.example.com
└── crypto-config.yaml

5 準(zhǔn)備configtx.yaml

? ? ??復(fù)制configtx.yaml到當(dāng)前文件夾

$ cp -r $GOPATH/src/github.com/hyperledger/fabric/sampleconfig/configtx.yaml ./

? ? ??復(fù)制后修改configtx.yaml(注:一定要親自去修改一遍,這樣你才能對(duì)這個(gè)配置文件更加了解)

Organizations:

    - &OrdererOrg

        Name: OrdererOrg
        ID: OrdererMSP
        MSPDir: crypto-config/ordererOrganizations/example.com/msp
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Writers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Admins:
                Type: Signature
                Rule: "OR('OrdererMSP.admin')"

    - &Org1
        Name: Org1MSP        
        ID: Org1MSP
        MSPDir: crypto-config/peerOrganizations/org1.example.com/msp

       
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
            Writers:
                Type: Signature
                Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
            Admins:
                Type: Signature
                Rule: "OR('Org1MSP.admin')"

        AnchorPeers:
            
            - Host: peer0.org1.example.com
              Port: 7051

    - &Org2
        
        Name: Org2MSP   
        ID: Org2MSP
        MSPDir: crypto-config/peerOrganizations/org2.example.com/msp

        Policies:
            Readers:
                Type: Signature
                Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
            Writers:
                Type: Signature
                Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
            Admins:
                Type: Signature
                Rule: "OR('Org2MSP.admin')"

        AnchorPeers:
            
            - Host: peer0.org2.example.com
              Port: 7051


Capabilities:

    Global: &ChannelCapabilities
        V1_1: true

    Orderer: &OrdererCapabilities
        V1_1: true

    Application: &ApplicationCapabilities
        V1_2: true


Application: &ApplicationDefaults

    Organizations:
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"

    Capabilities:
        <<: *ApplicationCapabilities

Orderer: &OrdererDefaults
    OrdererType: solo

    Addresses:
        - orderer.example.com:7050

    BatchTimeout: 2s
    BatchSize:
        MaxMessageCount: 10
        AbsoluteMaxBytes: 98 MB
        PreferredMaxBytes: 512 KB

    Kafka:
        Brokers:
            - kafka0:9092
            - kafka1:9092
            - kafka2:9092
            - kafka3:9092

    Organizations:

    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"
        BlockValidation:
            Type: ImplicitMeta
            Rule: "ANY Writers"

    Capabilities:
        <<: *OrdererCapabilities


Channel: &ChannelDefaults
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"

    Capabilities:
        <<: *ChannelCapabilities


Profiles:

    TwoOrgsOrdererGenesis:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            Organizations:
                - *OrdererOrg
        Consortiums:
            SampleConsortium:
                Organizations:
                    - *Org1
                    - *Org2
    TwoOrgsChannel:
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *Org1
                - *Org2

6 生成創(chuàng)世區(qū)塊

$ mkdir channel-artifacts
$ ./bin/configtxgen -profile TwoOrgsOrdererGenesis -channelID mychannel -outputBlock ./channel-artifacts/genesis.block
$ ls channel-artifacts/
genesis.block

7 生成通道文件channel.txt

? ? ??通道名稱(chēng)叫mychannel

$ ./bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID mychannel
$ ls channel-artifacts/
channel.tx  genesis.block

8 生成錨點(diǎn)文件

? ? ??生成組織1的錨點(diǎn)文件

./bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP
ls channel-artifacts/
channel.tx  genesis.block  Org1MSPanchors.tx

? ? ??生成組織2的錨點(diǎn)文件

$ ./bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP
$ ls channel-artifacts/
channel.tx  genesis.block  Org1MSPanchors.tx  Org2MSPanchors.tx

9 準(zhǔn)備docker容器用到的配置文件

? ? ??創(chuàng)建docker-compose-cli.yaml文件(文件名不必一定要叫docker-compose-cli.yaml)

$ touch docker-compose-cli.yaml

? ? ??用記事本或vi編輯docker-compose-cli.yaml,填入如下內(nèi)容

# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# ssn - solo-single-net SOLO單機(jī)網(wǎng)絡(luò)
#

version: '2'

volumes:
  orderer.example.com:
  peer0.org1.example.com:
  peer1.org1.example.com:
  peer0.org2.example.com:
  peer1.org2.example.com:

networks:
  ssn:

services:

  orderer.example.com:
    container_name: orderer.example.com
    image: hyperledger/fabric-orderer:$IMAGE_TAG
    environment:
      - ORDERER_GENERAL_LOGLEVEL=INFO
      - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
      - ORDERER_GENERAL_GENESISMETHOD=file
      - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
      - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
      - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
      # enabled TLS
      - ORDERER_GENERAL_TLS_ENABLED=true
      - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: orderer
    volumes:
    - ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
    - ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
    - ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
    - orderer.example.com:/var/hyperledger/production/orderer
    ports:
      - 7050:7050
    networks:
      - ssn

  peer0.org1.example.com:
    container_name: peer0.org1.example.com
   image: hyperledger/fabric-peer:$IMAGE_TAG
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
      - CORE_LOGGING_LEVEL=INFO
      #- CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_PEER_ID=peer0.org1.example.com
      - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:7051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
        - /var/run/:/host/var/run/
        - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
        - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
        - peer0.org1.example.com:/var/hyperledger/production
    ports:
      - 7051:7051
      - 7053:7053
    networks:
      - ssn

  peer1.org1.example.com:
    container_name: peer1.org1.example.com
   image: hyperledger/fabric-peer:$IMAGE_TAG
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
      - CORE_LOGGING_LEVEL=INFO
      #- CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_PEER_ID=peer1.org1.example.com
      - CORE_PEER_ADDRESS=peer1.org1.example.com:7051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
        - /var/run/:/host/var/run/
        - ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
        - ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
        - peer1.org1.example.com:/var/hyperledger/production

    ports:
      - 8051:7051
      - 8053:7053
    networks:
      - ssn

  peer0.org2.example.com:
    container_name: peer0.org2.example.com
   image: hyperledger/fabric-peer:$IMAGE_TAG
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
      - CORE_LOGGING_LEVEL=INFO
      #- CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_PEER_ID=peer0.org2.example.com
      - CORE_PEER_ADDRESS=peer0.org2.example.com:7051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:7051
      - CORE_PEER_LOCALMSPID=Org2MSP
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
        - /var/run/:/host/var/run/
        - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
        - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
        - peer0.org2.example.com:/var/hyperledger/production
    ports:
      - 9051:7051
      - 9053:7053
    networks:
      - ssn

  peer1.org2.example.com:
    container_name: peer1.org2.example.com
   image: hyperledger/fabric-peer:$IMAGE_TAG
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
      - CORE_LOGGING_LEVEL=INFO
      #- CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_PEER_ID=peer1.org2.example.com
      - CORE_PEER_ADDRESS=peer1.org2.example.com:7051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:7051
      - CORE_PEER_LOCALMSPID=Org2MSP
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
        - /var/run/:/host/var/run/
        - ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
        - ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
        - peer1.org2.example.com:/var/hyperledger/production
    ports:
      - 10051:7051
      - 10053:7053
    networks:
      - ssn

  cli:
    container_name: cli
    image: hyperledger/fabric-tools:$IMAGE_TAG
    tty: true
    stdin_open: true
    environment:
      - GOPATH=/opt/gopath
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      #- CORE_LOGGING_LEVEL=DEBUG
      - CORE_LOGGING_LEVEL=INFO
      - CORE_PEER_ID=cli
      - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
      - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: /bin/bash
    volumes:
        - /var/run/:/host/var/run/
        - ./chaincode/:/opt/gopath/src/github.com/chaincode
        - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
        - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
        - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
    depends_on:
      - orderer.example.com
      - peer0.org1.example.com
      - peer1.org1.example.com
      - peer0.org2.example.com
      - peer1.org2.example.com
    networks:
      - ssn

10 啟動(dòng)網(wǎng)絡(luò)

? ? ??執(zhí)行下列命令啟動(dòng)

$ export IMAGE_TAG="latest"
$ docker-compose -f docker-compose-cli.yaml up -d

? ? ??執(zhí)行時(shí)遇到如下錯(cuò)誤

WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string.
Creating peer1.org2.example.com ... 
Creating peer1.org1.example.com ... 
Creating peer0.org2.example.com ... error
Creating peer0.org1.example.com ... 
Creating peer1.org2.example.com ... error

ERROR: for peer0.org2.example.com  Cannot create container for service peer0.org2.example.com: b'Conflict. The container name "/peer0.org2.example.com" is already in use by container "892fc7a85421b97fdab029ff6e6e69e8ff9a73100be75e25bfce99f32e0e4a72". You have to remove (or rename) that container to be able to reuse that name.'

? ? ??上面錯(cuò)誤的原因是因?yàn)橹耙呀?jīng)啟動(dòng)過(guò)相同名稱(chēng)的容器,可通過(guò)docker ps -a查看到

$ docker ps -a
CONTAINER ID        IMAGE                               COMMAND                  CREATED             STATUS                    PORTS               NAMES
7af2444f822f        hyperledger/fabric-tools:latest     "/bin/bash"              2 months ago        Exited (0) 2 months ago                       cli
87bae3603f9f        hyperledger/fabric-peer:latest      "peer node start"        2 months ago        Exited (0) 2 months ago                       peer1.org2.example.com
892fc7a85421        hyperledger/fabric-peer:latest      "peer node start"        2 months ago        Exited (0) 2 months ago                       peer0.org2.example.com
29dffe82eead        hyperledger/fabric-peer:latest      "peer node start"        2 months ago        Exited (0) 2 months ago                       peer1.org1.example.com
9ddb369570ce        hyperledger/fabric-orderer:latest   "orderer"                2 months ago        Exited (2) 2 months ago                       orderer.example.com
545dea72868d        hyperledger/fabric-peer:latest      "peer node start"        2 months ago        Exited (0) 2 months ago                       peer0.org1.example.com
477806c85707        b8faaf2a4b88                        "chaincode -peer.add…"   2 months ago        Exited (2) 2 months ago                       dev-peer1.org2.example.com-mycc-1.0
0d5b302f3fd9        acef1e7f815a                        "chaincode -peer.add…"   2 months ago        Exited (2) 2 months ago                       dev-peer0.org1.example.com-mycc-1.0
e67f61b03dc5        d6b1e60ff1cc                        "chaincode -peer.add…"   2 months ago        Exited (0) 2 months ago                       dev-peer0.org2.example.com-mycc-1.0
aae5c8e02390        hello-world                         "/hello"                 2 months ago        Exited (0) 2 months ago                       nervous_mahavira
0390cab69235        hello-world                         "/hello"                 2 months ago        Exited (0) 2 months ago                       wizardly_goldberg

? ? ??刪除這些啟動(dòng)過(guò)的容器(這是測(cè)試環(huán)境可以隨意刪,真實(shí)生產(chǎn)環(huán)境切記要小心)

$ sudo docker rm -f $(docker ps -a | grep "hyperledger/*" | awk "{print \$1}")

? ? ??刪除之后重新執(zhí)行,啟動(dòng)成功

$ export IMAGE_TAG="latest"
$ docker-compose -f docker-compose-cli.yaml up -d
WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string.
Creating peer1.org1.example.com ... done
Creating peer0.org2.example.com ... done
Creating peer0.org1.example.com ... done
Creating peer1.org2.example.com ... done
Creating orderer.example.com    ... done
Creating cli                    ... done

11 進(jìn)入docker客戶端

$ docker exec -it cli bash

12 創(chuàng)建通道m(xù)ychannel

# export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
# peer channel create -o orderer.example.com:7050 -c mychannel -t 50s -f ./channel-artifacts/channel.tx --tls --cafile $ORDERER_CA

? ? ??上面沒(méi)有啟動(dòng)成功,可能會(huì)遇到的錯(cuò)誤(以及解決方案),錯(cuò)誤提示如下:
cli錯(cuò)誤提示:

Error: Got unexpected status: BAD_REQUEST -- Error authorizing update: Error validating DeltaSet: Policy for [Groups] /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining

或者:
Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied

容器內(nèi)部提示:

UTC [cauthdsl] deduplicate -> ERRO 014 Principal deserialization failure (the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.org1.example.com")) for identity

? ? ??錯(cuò)誤原因:由于啟動(dòng)過(guò)網(wǎng)絡(luò)并且更新了證書(shū),在沒(méi)有刪除干凈的環(huán)境中啟動(dòng)復(fù)用的之前的volume,所以導(dǎo)致證書(shū)認(rèn)證失敗。

解決方案:執(zhí)行如下命令刪除卷

docker-compose -f docker-compose-cli.yaml down --volumes --remove-orphans
sudo docker rm -f $(docker ps -a | grep "hyperledger/*" | awk "{print \$1}")
sudo  docker volume prune

12 加入通道

# peer channel join -b mychannel.block

13 總結(jié)

? ? ?? 至此,我們已經(jīng)完成了channel的創(chuàng)建并成功加入了該channel。通過(guò)手動(dòng)去修改配置文件,以及運(yùn)行相應(yīng)的命令,讓我們更了解部署的過(guò)程?,F(xiàn)在回過(guò)頭去捋一捋byfn.sh這個(gè)腳本文件,你就不至于茫然了。

14 參考資料

1.https://hyperledger-fabric.readthedocs.io/en/release-1.2/index.html
2.《深度探索區(qū)塊鏈:Hyperledger技術(shù)與應(yīng)用》作者:張?jiān)鲵E,董寧,朱軒彤,陳劍雄 著 出版社:機(jī)械工業(yè)出版社
3.《區(qū)塊鏈開(kāi)發(fā)實(shí)戰(zhàn):Hyperledger Fabric關(guān)鍵技術(shù)與案例分析》作者:馮翔,劉濤,吳壽鶴,周廣益 著 出版社:機(jī)械工業(yè)出版社

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容