菜鸟系列Fabric——Fabric 1.2 多机部署(3)
多机部署fabric kafka共识
1. 角色分配
主机1 | 主机 2 |
---|---|
Org1 peer0 1 | Org2 peer 0 1 |
Orderer 0 1 | Orderer 2 |
kafka 0 1 | kafka 2 3 |
zookeeper 0 1 | zookeeper 2 |
2. 配置文件生成及准备yaml文件
2.1 修改配置文件
configtx-kafka.yaml
Addresses:
- orderer0.example.com:7050
- orderer1.example.com:8050
- orderer2.example.com:7050
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects. Edit
# this list to identify the brokers of the ordering service.
# NOTE: Use IP:port notation.
Brokers:
- kafka0:9092
- kafka1:10092
- kafka2:9092
- kafka3:10092
crypto-config-kafka.yaml
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
CA:
Country: US
Province: California
Locality: San Francisco
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer0
- Hostname: orderer1
- Hostname: orderer2
2.2 生成配置文件
./generateArtifacts.sh mychannel kafka
分步执行操作如下:
1、生成公私钥和证书
[centos@jiliguo e2e_cli]$ ../../release/linux-amd64/bin/cryptogen generate --config=./crypto-config-kafka.yaml
2、生成创世区块
cp configtx-raft.yaml configtx.yaml
../../release/linux-amd64/bin/configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
3、生成Channel配置区块
CONFIGTXGEN=../../release/linux-amd64/bin/configtxgen
CHANNEL_NAME=mychannel
$CONFIGTXGEN -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
4、更新锚节点
$CONFIGTXGEN -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
$CONFIGTXGEN -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
2.3 zookeeper、kafka等yaml文件生成
其中 ZOO_MY_ID 表示 ZK 服务的 id, 它是1-255 之间的整数, 必须在集群中唯一. ZOO_SERVERS 是ZK 集群的主机列表.
1、2181:对client端提供服务
2、3888:选举leader使用
3、2888:集群内机器通讯使用(Leader监听此端口)
zookeeper
version: '2'
services:
zookeeper0:
container_name: zookeeper0
image: hyperledger/fabric-zookeeper
restart: always
ports:
- 2181:2181
- 2888:2888
- 3888:3888
environment:
- ZOO_MY_ID=1
- ZOO_SERVERS=server.1=0.0.0.0:2888:3888 server.2=zookeeper1:5888:4888 server.3=zookeeper2:2888:3888
extra_hosts:
- "zookeeper0:0.0.0.0"
- "zookeeper1:192.168.9.110"
- "zookeeper2:192.168.9.96"
- "kafka0:192.168.9.110"
- "kafka1:192.168.9.110"
- "kafka2:192.168.9.96"
- "kafka3:192.168.9.96"
注意:ZOO_SERVERS中本机的地址一律写出0.0.0.0:2888:3888;端口号是2888:3888,不是映射到host的端口号,其他写映射的ip和端口
kafka
version: '2'
services:
kafka0:
container_name: kafka0
image: hyperledger/fabric-kafka
restart: always
environment:
- KAFKA_BROKER_ID=0
- KAFKA_MIN_INSYNC_REPLICAS=2
- KAFKA_DEFAULT_REPLICATION_FACTOR=3
- KAFKA_ZOOKEEPER_CONNECT=zookeeper0:2181,zookeeper1:3181,zookeeper2:2181
- KAFKA_MESSAGE_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_REPLICA_FETCH_MAX_BYTES=103809024 # 99 * 1024 * 1024 B
- KAFKA_UNCLEAN_LEADER_ELECTION_ENABLE=false
- KAFKA_ADVERTISED_HOST_NAME=192.168.9.110
- KAFKA_ADVERTISED_PORT=9092
ports:
- 9092:9092
extra_hosts:
- "zookeeper0:192.168.9.110"
- "zookeeper1:192.168.9.110"
- "zookeeper2:192.168.9.96"
- "kafka0:192.168.9.110"
- "kafka1:192.168.9.110"
- "kafka2:192.168.9.96"
- "kafka3:192.168.9.96"
注意:一定要配KAFKA_ADVERTISED_HOST_NAME和KAFKA_ADVERTISED_PORT,为host的IP和映射到host的端口
orderer
version: '2'
services:
orderer2.example.com:
container_name: orderer2.example.com
image: hyperledger/fabric-orderer
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_RETRY_SHORTINTERVAL=1s
- ORDERER_KAFKA_RETRY_SHORTTOTAL=30s
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_KAFKA_BROKERS=[192.168.9.110:9092,192.168.9.110:10092,192.168.9.96:9092,192.168.9.96:10092]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
extra_hosts:
- "zookeeper0:192.168.9.110"
- "zookeeper1:192.168.9.110"
- "zookeeper2:192.168.9.96"
- "kafka0:192.168.9.110"
- "kafka1:192.168.9.110"
- "kafka2:192.168.9.96"
- "kafka3:192.168.9.96"
peer及cli
version: '2'
services:
peer0.org2.example.com:
container_name: peer0.org2.example.com
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=e2e_cli_default
- CORE_LOGGING_LEVEL=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
ports:
- 7051:7051
- 7052:7052
- 7053:7053
extra_hosts:
- "orderer0.example.com:192.168.9.110"
- "orderer1.example.com:192.168.9.110"
- "orderer2.example.com:192.168.9.96"
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org2.example.com:7051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_LOCALMSPTYPE=bccsp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
volumes:
- /var/run/:/host/var/run/
- ../../chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric/examples/chaincode/go
- ../crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ../scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ../channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org2.example.com
extra_hosts:
- "orderer0.example.com:192.168.9.110"
- "orderer1.example.com:192.168.9.110"
- "orderer2.example.com:192.168.9.96"
- "peer0.org1.example.com:192.168.9.110"
- "peer1.org1.example.com:192.168.9.110"
- "peer0.org2.example.com:192.168.9.96"
- "peer1.org2.example.com:192.168.9.96"
注意:CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=e2e_cli_default 需将这些yaml文件目录修改为e2e_cli
3. zookeeper集群启动
docker-compose -f docker-compose-zookeeper.yaml up -d
4. kafka集群启动
docker-compose -f docker-compose-kafka.yaml up -d
5. 启动排序节点
docker-compose -f docker-compose-orderer.yaml up -d
6. 启动peer节点
docker-compose -f docker-compose-peer.yaml up -d
7. 启动fabric网络
7.1 创建通道
ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer0.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peer channel create -o orderer0.example.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls --cafile $ORDERER_CA
7.2 加入通道
peer channel join -b mychannel.block
7.3 安装及实例化链码
peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/example02/cmd
peer chaincode instantiate -o orderer0.example.com:7050 --tls --cafile $ORDERER_CA -C mychannel -n mycc -v 1.0 -c '{"Args":["init","a","1000000000","b","2000000000"]}' -P "OR ('Org1MSP.member','Org2MSP.member')"
7.4 查询及调用链码
peer chaincode query -C mychannel -n mycc -c '{"Args":["query","a"]}'
peer chaincode invoke -o orderer0.example.com:7050 --tls --cafile $ORDERER_CA -C mychannel -n mycc -c '{"Args":["invoke","a","b","10"]}'
note: 通过修改环境变量指向其他peer
CORE_PEER_ADDRESS=peer0.org2.example.com:9051
CORE_PEER_ID=peer0.org2.example.com
CORE_PEER_LOCALMSPID=Org2MSP
CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
如果你觉得写的不错,请移步www.itkezhan.top或者关注公众号IT程序员客栈