多个 fabric 区块链网络: docker swarm
环境说明
- 测试环境,1台机器
- 操作系统:ubutun 16 4c 64G
- docker 版本
- 实现功能:开发(java程序)接收参数NETWORKNAME(网络名称)、ORGNAME(组织名称)、HOSTNAME(域名),根据模板yaml文件,实例化不同组织的yaml 文件,结合shell脚本启动实例化的网络。
- 注意:在yaml的版本2中能使用peer1.org2.example.com ,在版本3中只能使用peer1_org2_example_com。在yaml版本2中能使用extends,yaml版本3中不能。后面有做详细转换说明。
# docker version
Client:
Version: 18.09.7
API version: 1.39
Go version: go1.10.4
Git commit: 2d0083d
Built: Fri Aug 16 14:19:38 2019
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.09.7
API version: 1.39 (minimum version 1.12)
Go version: go1.10.4
Git commit: 2d0083d
Built: Thu Aug 15 15:12:41 2019
OS/Arch: linux/amd64
Experimental: false
docker swarm
# docker swarm init
fabric 的配置
配置是根据官网的源码进行改造。
下载fabric-samples源码
# mkdir -p /opt/fabric
# cd /opt/fabric
# git clone -b master https://github.com/hyperledger/fabric-samples.git
查看源码中的配置
参考:docker-compose-ca.yaml、docker-compose-cli.yaml 、docker-compose-couch.yaml、docker-compose-etcdraft2.yaml配置文件进行改造。
改造后的文件:
stack-ca.yaml
version: '3'
#参数说明:NETWORKNAME(网络名称)、ORGNAME(组织名称)、HOSTNAME(域名)。使用shell脚本,加上3个参数生成对应的不同的组织的ca启动文件,然后进行启动。
networks:
fabric-${NETWORKNAME}:
external: true
services:
ca_${ORGNAME}:
image: hyperledger/fabric-ca
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-${ORGNAME}
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.${ORGNAME}.${HOSTNAME}-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY}
- FABRIC_CA_SERVER_PORT=10013
ports:#注意端口不要冲突
# - "10013:10013"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.${ORGNAME}.${HOSTNAME}-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/${BYFN_CA1_PRIVATE_KEY} -b admin:adminpw -d'
volumes:
- /home/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${HOSTNAME}/ca/:/etc/hyperledger/fabric-ca-server-config/
# hostname是这个ca容器的主机名称
hostname: ca_peer${ORGNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- ca_peer${ORGNAME}
stack-cli.yaml (peer 和 cli,可以分开两个文件。一般多个fabric网络中只需要有一个cli即可。 )
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
volumes:
peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:
peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:
services:
peer0_${ORGNAME}_${NETWORKNAME}:
image: hyperledger/fabric-peer:2.1.1
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
# 源码中的docker-compose是版本2的,支持extends。我们现在用的是yaml 版本3,不支持extends。需要将原来依赖的配置全部写完整
######下面是源码中的配置
#peer1.org2.example.com:
#container_name: peer1.org2.example.com
#extends:
#file: base/docker-compose-base.yaml
#service: peer1.org2.example.com
#networks:
#####需要找到对应base/docker-compose-base.yaml的peer1.org2.example.com那段配置
#####下面是base/docker-compose-base.yaml的peer1.org2.example.com配置(base/docker-compose-base.yaml中有多个服务)
#peer1.org2.example.com:
# container_name: peer1.org2.example.com
# extends:
# file: peer-base.yaml 这个位置还依赖了文件peer-base.yaml的peer-base,这个依赖文件也需要。
# service: peer-base
# environment:
# - CORE_PEER_ID=peer1.org2.example.com
# - CORE_PEER_ADDRESS=peer1.org2.example.com:10051
# - CORE_PEER_LISTENADDRESS=0.0.0.0:10051
# - CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:10052
# - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:10052
# - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:10051
# - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:9051
# - CORE_PEER_LOCALMSPID=Org2MSP
# volumes:
# - /var/run/:/host/var/run/
# - ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
# - ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
# - peer1.org2.example.com:/var/hyperledger/production
# ports:
# - 10051:10051
#######以上是base/docker-compose-base.yaml的peer1.org2.example.com配置,里面有依赖peer-base.yaml的peer-base,将这段配置放在stack-cli.yaml 文件#######相应位置
#以下配置来自base/peer-base.yaml的peer-base
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric-${NETWORKNAME}
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
# Allow more time for chaincode container to build on install.
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
#以上配置来自base/peer-base.yaml的peer-base
#以下配置来自base/docker-compose-base.yaml的peer1.org2.example.com
- CORE_PEER_ID=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- CORE_PEER_ADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LISTENADDRESS=0.0.0.0:20
- CORE_PEER_CHAINCODEADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:21
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:21
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
#以上配置来自base/docker-compose-base.yaml的peer1.org2.example.com
#注意,增加了数据库的配置。数据库端口号是固定的,会根据不同数据库服务名称访问到不同数据库。请不要修改端口号。
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer0_${ORGNAME}_couchdb:5984
# The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
# provide the credentials for ledger to connect to CouchDB. The username and password must
# match the username and password set for the associated CouchDB.
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=
#下面配置来自base/peer-base.yaml的peer-base
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
#以上配置来自base/peer-base.yaml的peer-base
hostname: peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/test.nettest.b.com/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp:/etc/hyperledger/fabric/msp
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls:/etc/hyperledger/fabric/tls
- /home/vbaas/fabric/networks/${NETWORKNAME}/mount/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:
# - 20:20
networks:
fabric-${NETWORKNAME}:
aliases:
- peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
#peer1的参考peer0即可。
peer1_${ORGNAME}_${NETWORKNAME}:
image: hyperledger/fabric-peer:2.1.1
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric-${NETWORKNAME}
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_PEER_ID=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- CORE_PEER_ADDRESS=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_LISTENADDRESS=0.0.0.0:1020
- CORE_PEER_CHAINCODEADDRESS=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1021
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:1021
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:1020
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=peer1_${ORGNAME}_couchdb:5984
# The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
# provide the credentials for ledger to connect to CouchDB. The username and password must
# match the username and password set for the associated CouchDB.
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=
# Allow more time for chaincode container to build on install.
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
hostname: peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp:/etc/hyperledger/fabric/msp
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config/peerOrganizations/test.nettest.b.com/peers/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls:/etc/hyperledger/fabric/tls
- /home/vbaas/fabric/networks/${NETWORKNAME}/mount/peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:#注意端口不要冲突
- 1020:1020
networks:
fabric-${NETWORKNAME}:
aliases:
- peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
cli:
image: hyperledger/fabric-tools:2.1.1
tty: true
stdin_open: true
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}:20
- CORE_PEER_LOCALMSPID=${ORGNAME}MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/peers/peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/users/Admin@${ORGNAME}.${NETWORKNAME}.${HOSTNAME}/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- /home/vbaas/fabric/networks/${NETWORKNAME}/chaincode/:/opt/gopath/src/github.com/hyperledger/fabric-samples/chaincode
- /home/vbaas/fabric/networks/${NETWORKNAME}/crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- /home/vbaas/fabric/networks/${NETWORKNAME}/scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- /home/vbaas/fabric/networks/${NETWORKNAME}/channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
networks:
- fabric-nettest
depends_on:
- peer0.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
- peer1.${ORGNAME}.${NETWORKNAME}.${HOSTNAME}
stack-couch.yaml
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
services:
peer0_${ORGNAME}_couchdb:
hostname: peer0_${ORGNAME}_couchdb
image: couchdb:2.3
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- COUCHDB_USER=
- COUCHDB_PASSWORD=
networks:
fabric-${NETWORKNAME}:
aliases:
- peer0_${ORGNAME}_couchdb
peer1_${ORGNAME}_couchdb:
hostname: peer1_${ORGNAME}_couchdb
image: couchdb:2.3
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- COUCHDB_USER=
- COUCHDB_PASSWORD=
networks:
fabric-${NETWORKNAME}:
aliases:
- peer1_${ORGNAME}_couchdb
stack-etcdraft2.yaml
version: '3'
networks:
fabric-${NETWORKNAME}:
external: true
services:
orderer_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=10009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production
ports:#注意端口不要冲突
- 10009:10009
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer.${HOSTNAME}
orderer2_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=11009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer2.${HOSTNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer2.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer2.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer2.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer2.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production/orderer
ports:#注意端口不要冲突
- 11009:11009
orderer3_${ORGNAME}:
image: hyperledger/fabric-orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
environment:
- ORDERER_GENERAL_LISTENPORT=12009
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
hostname: orderer3.${HOSTNAME}
networks:
fabric-${NETWORKNAME}:
aliases:
- orderer3.${HOSTNAME}
volumes:
- /home/fabric/networks/${NETWORKNAME}/channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer3.${HOSTNAME}/msp:/var/hyperledger/orderer/msp
- /home/fabric/networks/${NETWORKNAME}/crypto-config/ordererOrganizations/${HOSTNAME}/orderers/orderer3.${HOSTNAME}/tls/:/var/hyperledger/orderer/tls
- /home/fabric/networks/${NETWORKNAME}/mount/orderer3.${HOSTNAME}/var/hyperledger/production:/var/hyperledger/production/orderer
ports:
#注意端口不要冲突
- 12009:12009
以上是改造完的yaml模板文件。
配合下面的shell脚本可以进行fabric网络初始化。
# cat initNetWork-stack.sh
#!/bin/bash
#接收传参,ORGNAME参数多个时,请用逗号隔开
NETWORKNAME=$1
ORGNAMES=$2
HOSTNAME=$3
NETWORKPATH=$4
i=0
FILEPATH=${NETWORKPATH}/${NETWORKNAME}
ORGNAMELIST=`echo ${ORGNAMES}|sed -r 's/,/ /g'`
if [ ! -d "${NETWORKPATH}/${NETWORKNAME}" ]; then
echo "network have no config"
exit 1
fi
#mkdir -p ${NETWORKPATH}/${NETWORKNAME}/chaincode
#mkdir -p ${NETWORKPATH}/${NETWORKNAME}/scripts
#设置环境变量
echo "==========设置环境变量FABRIC_CFG_PATH:"
export FABRIC_CFG_PATH=${NETWORKPATH}/${NETWORKNAME}/
echo
echo
cd ${NETWORKPATH}/${NETWORKNAME}/
echo
echo
#证书生成
echo "==========证书生成:"
#cryptogen generate --config=${NETWORKPATH}/${NETWORKNAME}/crypto-config.yaml
echo
echo
#生成创世区块
echo "=======生成创世区块:"
#configtxgen -profile SampleMultiNodeEtcdRaft -channelID byfn-sys-channel -outputBlock ${FILEPATH}/channel-artifacts/genesis.block
echo
echo
#根据不同组织启动
for ORGNAME in ${ORGNAMELIST};
do
#配置环境变量,CA节点必需
echo "===========配置CA节点环境变量:"
i=$(( i+1 ))
export BYFN_CA${i}_PRIVATE_KEY=$(cd ${NETWORKPATH}/${NETWORKNAME}/crypto-config/peerOrganizations/${ORGNAME}.${HOSTNAME}/ca && ls *_sk)
echo
echo
done
#启动服务
docker network create --driver overlay fabric-${NETWORKNAME}
echo "==========启动服务:"
docker stack deploy -c ${FILEPATH}/stack-ca.yaml ${NETWORKNAME}-ca
docker stack deploy -c ${FILEPATH}/stack-cli.yaml ${NETWORKNAME}-cli
docker stack deploy -c ${FILEPATH}/stack-couch.yaml ${NETWORKNAME}-couch
docker stack deploy -c ${FILEPATH}/stack-etcdraft2.yaml ${NETWORKNAME}-etcdraft2
实例化的配置和启动的fabric网络:
