kubernetes上部署hyperledger-fabric 2.4.3
1、环境依赖:
- Git 客户端
- Golang 1.17.5以上版本
- Docker 18.03以上版本
- Kubernetes 1.19.x以上版本
注意:kubernetes版本需要大于1.19.x,不然执行yaml文件时会报错。
2、拉取源码
1)在 GOPATH 目录下创建 Fabric 的文件夹
mkdir -p $GOPATH/src/github.com/hyperledger
2)gitee拉取最新版本fabric-samples代码
git clone -main https://gitee.com/hyperledger/fabric-samples.git
注意:需要直接拉取主分支代码,稳定版本暂时没有test-network-k8s脚本;
由于服务器github被墙了所以从gitee拉取代码,如果服务器可以访问github的话,可以直接从github拉取最新版本代码。
3、下载依赖文件
1)安装kind
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64 chmod +x ./kind mv ./kind /usr/local/bin/kind
2) github下载并解压fabric2.4.3二进制文件
cd $GOPATH/src/github.com/hyperledger/fabric-samples/test-network-k8s wget https://github.com/hyperledger/fabric/releases/download/v2.4.3/hyperledger-fabric-linux-amd64-2.4.3.tar.gz tar -zxvf hyperledger-fabric-linux-amd64-2.4.3.tar.gz
解压hyperledger-fabric-linux-amd64-2.4.3.tar.gz得到bin目录
[root@zmc-member-uat-108 test-network-k8s]# ls bin/ configtxgen configtxlator cryptogen discover fabric-ca-client fabric-ca-server ledgerutil orderer osnadmin peer
注意:这里需要提前把hyperledger-fabric-linux-amd64-2.4.3.tar.gz在test-network-k8s目录解压,不然后续安装fabric的每一步都会卡在从github下载hyperledger-fabric-linux-amd64-2.4.3.tar.gz文件上。
4、fabric网络安装
1)安装文件修改
检查test-network-k8s/kube目录下所有的yaml,将image提前下载下来并传到公司镜像仓库,注意有些镜像国内下载不下载,可以去hub.docker.com找对应替代镜像。
修改pvc-fabric-org0.yaml、pvc-fabric-org1.yaml、pvc-fabric-org2.yaml中的storageClassName的值,换成当前k8s集群可用的sc。
2) 集群初始化
./network cluster init
此步骤会在k8s集群master节点创建ingress和cert-manager,需要保证以下pod正常运行
3)创建集群网络
./network up
如果命令执行没问题会打印下面日志:
[root@zmc-member-uat-108 test-network-k8s]# ./network up Launching network "test-network": ✅ - Creating namespace "test-network" ... ✅ - Provisioning volume storage ... ✅ - Creating fabric config maps ... ✅ - Initializing TLS certificate Issuers ... ✅ - Launching Fabric CAs ... ✅ - Enrolling bootstrap ECert CA users ... ✅ - Creating local node MSP ... ✅ - Launching orderers ... ✅ - Launching peers ... 🏁 - Network is ready.
网络创建命令执行完会对应在test-network-k8s目录下创建build目录
[root@zmc-member-uat-108 test-network-k8s]# ls build/ cas channel-msp enrollments genesis_block.pb
对应k8s集群会创建以下Pod和ingress
[root@zmc-member-uat-108 test-network-k8s]# kubectl get pods -n=test-network NAME READY STATUS RESTARTS AGE org0-ca-5884bf655f-tm7km 1/1 Running 0 11h org0-orderer1-7d7678848d-bqqwn 1/1 Running 0 11h org0-orderer2-65f466f67f-zkk6l 1/1 Running 0 11h org0-orderer3-7b96f6b5d6-q4c9p 1/1 Running 0 11h org1-ca-6b5c6c7478-tkj5b 1/1 Running 0 11h org1-peer1-868b57cd5d-x9qjc 2/2 Running 0 11h org1-peer2-5bbd85f95-4vhvt 2/2 Running 0 11h org2-ca-74c9c6544f-t6nsb 1/1 Running 0 11h org2-peer1-67d574b6f8-nktch 2/2 Running 0 11h org2-peer2-6ff64987-kg2pc 2/2 Running 0 11h [root@zmc-member-uat-108 test-network-k8s]# kubectl get ingress -n=test-network NAME CLASS HOSTS ADDRESS PORTS AGE org0-ca nginx org0-ca.vcap.me localhost 80, 443 11h org0-orderer1 nginx org0-orderer1.vcap.me,org0-orderer1-admin.vcap.me localhost 80, 443 11h org0-orderer2 nginx org0-orderer2.vcap.me,org0-orderer2-admin.vcap.me localhost 80, 443 11h org0-orderer3 nginx org0-orderer3.vcap.me,org0-orderer3-admin.vcap.me localhost 80, 443 11h org1-ca nginx org1-ca.vcap.me localhost 80, 443 11h org1-peer1 nginx org1-peer1.vcap.me,org1-peer-gateway-svc.vcap.me localhost 80, 443 11h org1-peer2 nginx org1-peer2.vcap.me localhost 80, 443 11h org2-ca nginx org2-ca.vcap.me localhost 80, 443 11h org2-peer1 nginx org2-peer1.vcap.me,org2-peer-gateway-svc.vcap.me localhost 80, 443 11h org2-peer2 nginx org2-peer2.vcap.me localhost 80, 443 11h
ingress使用宿主机的80和443端口,由于此域名是假的,需要修改集群所有节点/etc/hosts文件做ip域名映射,其中ip为ingress-controller所在master节点的主机ip,本k8s环境master节点ip为10.20.31.108
10.20.31.108 org0-ca.vcap.me 10.20.31.108 org1-ca.vcap.me 10.20.31.108 org2-ca.vcap.me 10.20.31.108 org0-orderer1.vcap.me 10.20.31.108 org0-orderer2.vcap.me 10.20.31.108 org0-orderer3.vcap.me 10.20.31.108 org1-peer1.vcap.me 10.20.31.108 org1-peer2.vcap.me 10.20.31.108 org2-peer1.vcap.me 10.20.31.108 org2-peer2.vcap.me 10.20.31.108 org0-orderer1-admin.vcap.me 10.20.31.108 org0-orderer2-admin.vcap.me 10.20.31.108 org0-orderer3-admin.vcap.me
注意:网络创建完就需要做ip域名映射不然后面创建通道节点加入通道时peer节点和orderer节点没法通信。
4) 创建通道
./network channel create
如果命令执行没问题会打印下面日志:
[root@zmc-member-uat-108 test-network-k8s]# ./network channel create Creating channel "mychannel": ✅ - Registering org Admin users ... ✅ - Enrolling org Admin users ... ✅ - Creating channel MSP ... ✅ - Creating channel genesis block ... - Joining orderers to channel mychannel ... - org0-orderer1-admin.vcap.me:443 ... - org0-orderer2-admin.vcap.me:443 ... - org0-orderer3-admin.vcap.m✅:443 ... ✅ - Joining org1 peers to channel mychannel ... ✅ - Joining org2 peers to channel mychannel ... 🏁 - Channel is ready. [root@zmc-member-uat-10
至此,fabric网络搭建成功。
5)环境卸载
./network down
需要手动删除test-network-k8s目录下的build目录,不然下次安装时会报错。
5、安装总结
每个安装步骤都会产生network-debug.log日志文件,如果安装报错,里面详细了执行脚本的哪一行报错,需要对应修改脚本进行错误解决。
