Detailed explanation of bash source code of test network startup process of hyperledger fabric

Time:2022-5-26

preface

In the simple case of building hyperledger fabric 2.4 development environment and running based on Debian, we have completed the environment building and running of fabric 2.4fabric-samples/test-networkOperation of official cases. without doubttest-networkIt is an excellent entry project. Let’s build a commonly used fabric alliance chain network with just a few lines of commands, but I believe many people use it for the first time./network.sh upWhen I successfully started the alliance chain network, I was as ignorant as me: How did the network start? What does it do behind its back? Which nodes does the network contain? What features are included? What’s the use of it? In order to solve these problems, this papertest-networkSeveral inBashScript source code, starting from multiple entry functions such as starting process, creating channel and deploying chain code, analyzes the script execution process in detail, and provides a reference for customizing your own fabric network in the future. The source code analyzed in this paper mainly includes four aspects: starting the default network, starting the CA network, creating a channel and deploying the chain code. Each section is divided into official call and process explanation: the official call uses the official bash script to realize the corresponding functions, and the process explanation is the actual implementation process of the script. According to the code in the process explanation, a fully usable network can be built.

prepare

Before starting, we need to prepare the development environment of fabric. For specific environment construction and software version, please refer to the simple case of building hyperledger fabric 2.4 development environment and operation based on Debian. After willfabric-samples1Lowertest-networkThe directory is copied locally, which is too encapsulated in the official example, so it is difficult to use it alonetest-networkModify the project, and the modification contents include but are not limited to the following aspects (it is recommended to directly modify the project under fabriclearn in this case warehouse)0_TestNetworkExplainDirectory (copy to local run):

  1. modifycompose-test-net.yamlcompose-ca.yamldocker/docker-compose-test-net.yamldocker/docker-compose-ca.yamlMirror version in file:

    hyperledger/fabric-tools:latest    ->  hyperledger/fabric-tools:2.4
    hyperledger/fabric-peer:latest     ->  fabric-peer:2.4
    hyperledger/fabric-orderer:latest  ->  fabric-orderer:2.4
    hyperledger/fabric-ca:latest       ->  fabric-ca:1.5
  2. We will build a hyperledger fabric 2.4 development environment based on Debian and run the software in a simple case/usr/local/fabric/configCopy directory totest-networkUnder the root directory. Environment variable unless otherwise specifiedFABRIC_CFG_PATHAlways default totest-network/configcatalogue
  3. modifydocker-compose-test-net.yaml, will${DOCKER_SOCK}Change to/var/run/docker.sock
  4. modifycreateChannel.shdeployCC.sh, willFABRIC_CFG_PATH=$PWD/../config/Change toFABRIC_CFG_PATH=$PWD/config/
  5. Unless otherwise specified, all commands in this document are run intest-networkUnder the root directory.

Start default network

Official call

staytest-networkContains a default simplest network, which contains only twopeerNode, oneordererNode and onecliNode, where the certificate of each node usescryptogenTool static generation. You can directly run the following command to start the default simplest network:

./network.sh up

Detailed explanation of bash source code of test network startup process of hyperledger fabric

Process explanation

  1. Check dependencies:
  2. inspectpeeredition
  3. inspect./configDoes the configuration directory exist
  4. inspectpeerVersion anddocker imageDoes the version match
  5. inspectfabric-caWhether the environment is normal. It is used by defaultcryptogen
    Detailed explanation of bash source code of test network startup process of hyperledger fabric
  6. Create organization certificate:

    cryptogen generate --config=./organizations/cryptogen/crypto-config-org1.yaml --output="organizations"
    cryptogen generate --config=./organizations/cryptogen/crypto-config-org2.yaml --output="organizations"
    cryptogen generate --config=./organizations/cryptogen/crypto-config-orderer.yaml --output="organizations"
  7. docker-composeStart all containers:

    docker-compose -f compose/compose-test-net.yaml -f compose/docker/docker-compose-test-net.yaml up -d

    Detailed explanation of bash source code of test network startup process of hyperledger fabric
    amongcompose-test-net.yamlIncluding basic image configuration,docker-compose-test-net.yamlIncluding basic general variables, both of which are indispensable. After the above commands are completed, the and./network.sh upThe same effect can be used before the next experiment./network.sh downTurn off this network.

Start CA network

Official call

In the test network, you can start the network through fabric ca. the network uses fabric CA to manage the identity certificates of all nodes, including three CA nodes, two peer nodes, an orderer node and a cli node. You can directly run the following command to start the CA network(All the later experiments are based on this network):

./network.sh up -ca

Detailed explanation of bash source code of test network startup process of hyperledger fabric

Process explanation

  1. Check software and version dependency:
    Detailed explanation of bash source code of test network startup process of hyperledger fabric
  2. Start the fabric CA container:

    docker-compose -f compose/compose-ca.yaml -f compose/docker/docker-compose-ca.yaml up -d
  3. Create org1 certificate Directory:

    #Create organization certificate root directory
    mkdir -p organizations/peerOrganizations/org1.example.com/
  4. enrollAdministrator account:

    #The default administrator account of the enroll organization. Its configuration corresponds to the command of compose / compose-ca.yaml. The enroll process will obtain all the certificates of the account and save them to fabric_ CA_ CLIENT_ Under home directory
    export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org1.example.com/
    fabric-ca-client enroll -u https://admin:[email protected]:7054 --caname ca-org1 --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
  5. Create org1 organizationOUProfile:

    #Create Ou profile for organization MSP
    echo 'NodeOUs:
      Enable: true
      ClientOUIdentifier:
     Certificate: cacerts/localhost-7054-ca-org1.pem
     OrganizationalUnitIdentifier: client
      PeerOUIdentifier:
     Certificate: cacerts/localhost-7054-ca-org1.pem
     OrganizationalUnitIdentifier: peer
      AdminOUIdentifier:
     Certificate: cacerts/localhost-7054-ca-org1.pem
     OrganizationalUnitIdentifier: admin
      OrdererOUIdentifier:
     Certificate: cacerts/localhost-7054-ca-org1.pem
     OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml"
  6. structuretlscacertsCertificate directory (for communication between different organizations):

    #Since the CA acts as both the organization Ca and tlsca, the organization root certificate generated when the CA is started is directly copied to the organization level Ca and TLS CA directory
    mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts"
    cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crt"
  7. structuretlscaCertificate directory (for client communication within the organization):

    mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca"
    cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem"
  8. structurecaCertificate directory (for client communication within the organization):

    mkdir -p "${PWD}/organizations/peerOrganizations/org1.example.com/ca"
    cp "${PWD}/organizations/fabric-ca/org1/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem"
  9. Register a new account for org1:

    fabric-ca-client register --caname ca-org1 --id.name peer0 --id.secret peer0pw --id.type peer --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    fabric-ca-client register --caname ca-org1 --id.name user1 --id.secret user1pw --id.type client --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    fabric-ca-client register --caname ca-org1 --id.name org1admin --id.secret org1adminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
  10. structurepeer0Directory of identity certificates:

    #Construct the MSP certificate directory of peer0, and the certificate file will be stored in the folder specified by - M
    fabric-ca-client enroll -u https://peer0:[email protected]:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp" --csr.hosts peer0.org1.example.com --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml"
    #Construct MSP TLS certificate directory of peer0
    fabric-ca-client enroll -u https://peer0:[email protected]:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls" --enrollment.profile tls --csr.hosts peer0.org1.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    #Construct the TLS certificate directory of peer0 and format the file name -- used to start the peer docker container
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt"
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt"
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/"* "${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key"
  11. Construct other user identity certificate Directory:

    #The MSP certificate directory of user1 is constructed. Since it is not used for inter organization communication, there is no need to configure TLS
    fabric-ca-client enroll -u https://user1:[email protected]:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp/config.yaml"
    
    #Construct the MSP certificate directory of org1admin
    fabric-ca-client enroll -u https://org1admin:[email protected]:7054 --caname ca-org1 -M "${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org1/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp/config.yaml"
  12. The key codes of org2 organization certificate are as follows (the meanings of each code are as follows):

    mkdir -p organizations/peerOrganizations/org2.example.com/
    export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/peerOrganizations/org2.example.com/
    
    fabric-ca-client enroll -u https://admin:[email protected]:8054 --caname ca-org2 --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    
    echo 'NodeOUs:
    Enable: true
    ClientOUIdentifier:
    Certificate: cacerts/localhost-8054-ca-org2.pem
    OrganizationalUnitIdentifier: client
    PeerOUIdentifier:
    Certificate: cacerts/localhost-8054-ca-org2.pem
    OrganizationalUnitIdentifier: peer
    AdminOUIdentifier:
    Certificate: cacerts/localhost-8054-ca-org2.pem
    OrganizationalUnitIdentifier: admin
    OrdererOUIdentifier:
    Certificate: cacerts/localhost-8054-ca-org2.pem
    OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml"
    
    mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts"
    cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/msp/tlscacerts/ca.crt"
    mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/tlsca"
    cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem"
    mkdir -p "${PWD}/organizations/peerOrganizations/org2.example.com/ca"
    cp "${PWD}/organizations/fabric-ca/org2/ca-cert.pem" "${PWD}/organizations/peerOrganizations/org2.example.com/ca/ca.org2.example.com-cert.pem"
    
    fabric-ca-client register --caname ca-org2 --id.name peer0 --id.secret peer0pw --id.type peer --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    fabric-ca-client register --caname ca-org2 --id.name user1 --id.secret user1pw --id.type client --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    fabric-ca-client register --caname ca-org2 --id.name org2admin --id.secret org2adminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    
    fabric-ca-client enroll -u https://peer0:[email protected]:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp" --csr.hosts peer0.org2.example.com --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/config.yaml"
    fabric-ca-client enroll -u https://peer0:[email protected]:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls" --enrollment.profile tls --csr.hosts peer0.org2.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/tlscacerts/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt"
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/signcerts/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt"
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/keystore/"* "${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key"
    
    fabric-ca-client enroll -u https://user1:[email protected]:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp/config.yaml"
    
    fabric-ca-client enroll -u https://org2admin:[email protected]:8054 --caname ca-org2 -M "${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/org2/ca-cert.pem"
    cp "${PWD}/organizations/peerOrganizations/org2.example.com/msp/config.yaml" "${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp/config.yaml"
  13. To construct the organization certificate of orderer, the key codes are as follows:

    mkdir -p organizations/ordererOrganizations/example.com
    export FABRIC_CA_CLIENT_HOME=${PWD}/organizations/ordererOrganizations/example.com
    
    fabric-ca-client enroll -u https://admin:[email protected]:9054 --caname ca-orderer --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    
    echo 'NodeOUs:
    Enable: true
    ClientOUIdentifier:
    Certificate: cacerts/localhost-9054-ca-orderer.pem
    OrganizationalUnitIdentifier: client
    PeerOUIdentifier:
    Certificate: cacerts/localhost-9054-ca-orderer.pem
    OrganizationalUnitIdentifier: peer
    AdminOUIdentifier:
    Certificate: cacerts/localhost-9054-ca-orderer.pem
    OrganizationalUnitIdentifier: admin
    OrdererOUIdentifier:
    Certificate: cacerts/localhost-9054-ca-orderer.pem
    OrganizationalUnitIdentifier: orderer' > "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml"
    
    mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts"
    cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem"
    mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/tlsca"
    cp "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem" "${PWD}/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem"
    
    fabric-ca-client register --caname ca-orderer --id.name orderer --id.secret ordererpw --id.type orderer --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    fabric-ca-client register --caname ca-orderer --id.name ordererAdmin --id.secret ordererAdminpw --id.type admin --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    fabric-ca-client enroll -u https://orderer:[email protected]:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp" --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    
    cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/config.yaml"
    
    fabric-ca-client enroll -u https://orderer:[email protected]:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls" --enrollment.profile tls --csr.hosts orderer.example.com --csr.hosts localhost --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    
    cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt"
    cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/signcerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt"
    cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/keystore/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key"
    mkdir -p "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts"
    cp "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/tlscacerts/"* "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"
    
    fabric-ca-client enroll -u https://ordererAdmin:[email protected]:9054 --caname ca-orderer -M "${PWD}/organizations/ordererOrganizations/example.com/users/[email protected]/msp" --tls.certfiles "${PWD}/organizations/fabric-ca/ordererOrg/ca-cert.pem"
    cp "${PWD}/organizations/ordererOrganizations/example.com/msp/config.yaml" "${PWD}/organizations/ordererOrganizations/example.com/users/[email protected]/msp/config.yaml"
  14. Start all containers

    docker-compose -f compose/compose-test-net.yaml -f compose/docker/docker-compose-test-net.yaml up -d

    After the above command is successful, it can be useddocker psCommand to see the running image:

    CONTAINER ID   IMAGE                            COMMAND                  CREATED          STATUS          PORTS                                                                    NAMES
    75e842d165ea   hyperledger/fabric-tools:2.4     "/bin/bash"              10 seconds ago   Up 8 seconds                                                                             cli
    576b578063c5   hyperledger/fabric-peer:2.4      "peer node start"        16 seconds ago   Up 10 seconds   0.0.0.0:9051->9051/tcp, 7051/tcp, 0.0.0.0:9445->9445/tcp                 peer0.org2.example.com
    512d7d98c8c4   hyperledger/fabric-orderer:2.4   "orderer"                16 seconds ago   Up 14 seconds   0.0.0.0:7050->7050/tcp, 0.0.0.0:7053->7053/tcp, 0.0.0.0:9443->9443/tcp   orderer.example.com
    276f463cc6a7   hyperledger/fabric-peer:2.4      "peer node start"        16 seconds ago   Up 12 seconds   0.0.0.0:7051->7051/tcp, 0.0.0.0:9444->9444/tcp                           peer0.org1.example.com
    8faaaaa7e17a   hyperledger/fabric-ca:1.5        "sh -c 'fabric-ca-se…"   21 seconds ago   Up 20 seconds   0.0.0.0:9054->9054/tcp, 7054/tcp, 0.0.0.0:19054->19054/tcp               ca_orderer
    c253d9b790be   hyperledger/fabric-ca:1.5        "sh -c 'fabric-ca-se…"   21 seconds ago   Up 20 seconds   0.0.0.0:7054->7054/tcp, 0.0.0.0:17054->17054/tcp                         ca_org1
    0aa90a2686a8   hyperledger/fabric-ca:1.5        "sh -c 'fabric-ca-se…"   21 seconds ago   Up 20 seconds   0.0.0.0:8054->8054/tcp, 7054/tcp, 0.0.0.0:18054->18054/tcp               ca_org2

    Create channel

    Official call

    This section starts the CA network based on the previous section,After the network section is started successfully, you can directly run the following command to create a channel:

    ./network.sh createChannel -c mychannel

    Detailed explanation of bash source code of test network startup process of hyperledger fabric

    The premise of creating a channel is to create the creation block of the channel. In the steps of the previous section, we started the whole network by means of no channel and no creation block. The creation channel in this section includes the process of creating creation block.

    Process explanation

  15. Check dependencies and start the network (ibid.).
  16. Set the environment variable to operate the blockchain network

    export CORE_PEER_TLS_ENABLED=true
    export CHANNEL_NAME=mychannel
    export ORDERER_CA=${PWD}/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem
    export PEER0_ORG1_CA=${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
    export PEER0_ORG2_CA=${PWD}/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem
    export PEER0_ORG3_CA=${PWD}/organizations/peerOrganizations/org3.example.com/tlsca/tlsca.org3.example.com-cert.pem
    export ORDERER_ADMIN_TLS_SIGN_CERT=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
    export ORDERER_ADMIN_TLS_PRIVATE_KEY=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key
  17. Create channel creation block:

    #Create channel data directory
    mkdir channel-artifacts
    #Configure Chuangshi block environment variable
    export FABRIC_CFG_PATH=${PWD}/configtx
    configtxgen -profile TwoOrgsApplicationGenesis -outputBlock ./channel-artifacts/${CHANNEL_NAME}.block -channelID ${CHANNEL_NAME}
  18. Create channel:

    #Configure channel environment variables
    export FABRIC_CFG_PATH=./config
    osnadmin channel join --channelID ${CHANNEL_NAME} --config-block ./channel-artifacts/${CHANNEL_NAME}.block -o localhost:7053 --ca-file "$ORDERER_CA" --client-cert "$ORDERER_ADMIN_TLS_SIGN_CERT" --client-key "$ORDERER_ADMIN_TLS_PRIVATE_KEY"
  19. Add peer nodes to the channel:

    #Add the peer of org1 to the channel
    export CORE_PEER_LOCALMSPID="Org1MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG1_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:7051
    peer channel join -b ./channel-artifacts/${CHANNEL_NAME}.block
    #Add the peer of org2 to the channel
    export CORE_PEER_LOCALMSPID="Org2MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:9051
    peer channel join -b ./channel-artifacts/${CHANNEL_NAME}.block

    After the organization is newly added to the channel, an anchor node (not required) is set for the organization.

  20. Obtain the latest configuration block of the channel for the channel (the following process is org1 environment):

    export CORE_PEER_LOCALMSPID="Org1MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG1_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:7051
    peer channel fetch config config_block.pb -o orderer.example.com:7050 --ordererTLSHostnameOverride orderer.example.com -c ${CHANNEL_NAME} --tls --cafile "$ORDERER_CA"
  21. Decode the configuration block into JSON and output it as${CORE_PEER_LOCALMSPID}config.json

    configtxlator proto_decode --input config_block.pb --type common.Block --output config_block.json
    jq .data.data[0].payload.data.config config_block.json >"${CORE_PEER_LOCALMSPID}config.json"
  22. Add anchor node configuration:

    jq '.channel_group.groups.Application.groups.'${CORE_PEER_LOCALMSPID}'.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "'$HOST'","port": '$PORT'}]},"version": "0"}}' ${CORE_PEER_LOCALMSPID}config.json > ${CORE_PEER_LOCALMSPID}modified_config.json
  23. According to the configuration on the chain${CORE_PEER_LOCALMSPID}config.jsonAnd additional configuration${CORE_PEER_LOCALMSPID}modified_config.jsonCalculate the updated configuration and write it as a new transaction${CORE_PEER_LOCALMSPID}anchors.tx

    configtxlator proto_encode --input ${CORE_PEER_LOCALMSPID}config.json --type common.Config --output original_config.pb
    configtxlator proto_encode --input ${CORE_PEER_LOCALMSPID}modified_config.json --type common.Config --output modified_config.pb
    configtxlator compute_update --channel_id "${CHANNEL_NAME}" --original original_config.pb --updated modified_config.pb --output config_update.pb
    configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate --output config_update.json
    echo '{"payload":{"header":{"channel_header":{"channel_id":"'$CHANNEL_NAME'", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . >config_update_in_envelope.json
    configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope --output "${CORE_PEER_LOCALMSPID}anchors.tx"
  24. Update anchor node:

    peer channel update -o orderer.example.com:7050 --ordererTLSHostnameOverride orderer.example.com -c $CHANNEL_NAME -f ${CORE_PEER_LOCALMSPID}anchors.tx --tls --cafile "$ORDERER_CA"
  25. Org2 repeat the above process and the creation is successful:

    echo "update org2 anchor==========="
    export CORE_PEER_LOCALMSPID="Org2MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:9051
    peer channel fetch config config_block.pb -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com -c ${CHANNEL_NAME} --tls --cafile "$ORDERER_CA"
    sleep 3
    
    configtxlator proto_decode --input config_block.pb --type common.Block --output config_block.json
    jq .data.data[0].payload.data.config config_block.json >"${CORE_PEER_LOCALMSPID}config.json"
    
    jq '.channel_group.groups.Application.groups.'${CORE_PEER_LOCALMSPID}'.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "localhost","port": 9051}]},"version": "0"}}' ${CORE_PEER_LOCALMSPID}config.json > ${CORE_PEER_LOCALMSPID}modified_config.json
    
    configtxlator proto_encode --input ${CORE_PEER_LOCALMSPID}config.json --type common.Config --output original_config.pb
    configtxlator proto_encode --input ${CORE_PEER_LOCALMSPID}modified_config.json --type common.Config --output original_config.pb
    configtxlator compute_update --channel_id "${CHANNEL_NAME}" --original original_config.pb --updated modified_config.pb --output config_update.pb
    configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate --output config_update.json
    echo '{"payload":{"header":{"channel_header":{"channel_id":"'$CHANNEL_NAME'", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . >config_update_in_envelope.json
    configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope --output "${CORE_PEER_LOCALMSPID}anchors.tx"
    
    peer channel update -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com -c $CHANNEL_NAME -f ${CORE_PEER_LOCALMSPID}anchors.tx --tls --cafile "$ORDERER_CA"
    sleep 3

Deployment chain code

Official call

This section creates channels based on the previous section,After the previous channel is created successfully, you can directly run the following command to deploy the chain code:

./network.sh deployCC -ccn mychaincode -ccp ./asset-transfer-basic-go -ccv 1.0 -ccl go

Detailed explanation of bash source code of test network startup process of hyperledger fabric

Process explanation

  1. Check whether the parameters are normal:
    Detailed explanation of bash source code of test network startup process of hyperledger fabric
  2. Download the package dependency of asset transfer basic go:

    Pushd asset transfer basic go # enter the asset transfer basic go directory
    Go111module = on go mod vendor # download go package dependency
    POPD # returns the current directory
  3. Check whether the chain code needs initialization, policy setting and private data set:
    Detailed explanation of bash source code of test network startup process of hyperledger fabric
  4. Set environment variables:

    export FABRIC_CFG_PATH=$PWD/config/
    export CORE_PEER_TLS_ENABLED=true
    export ORDERER_CA=${PWD}/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem
    export PEER0_ORG1_CA=${PWD}/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
    export PEER0_ORG2_CA=${PWD}/organizations/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem
    export PEER0_ORG3_CA=${PWD}/organizations/peerOrganizations/org3.example.com/tlsca/tlsca.org3.example.com-cert.pem
    export ORDERER_ADMIN_TLS_SIGN_CERT=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
    export ORDERER_ADMIN_TLS_PRIVATE_KEY=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key
  5. Packing chain code:

    peer lifecycle chaincode package mychaincode.tar.gz --path ./asset-transfer-basic-go --lang golang --label mychaincode_1.0
  6. Installation chain code:

    #Org1 installation chain code
    export CORE_PEER_LOCALMSPID="Org1MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG1_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:7051
    peer lifecycle chaincode install mychaincode.tar.gz
    #Org2 installation chain code
    export CORE_PEER_LOCALMSPID="Org2MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:9051
    peer lifecycle chaincode install mychaincode.tar.gz

    After installing the chain code, a chain code ID will be returned, which needs to be recorded:
    Detailed explanation of bash source code of test network startup process of hyperledger fabric

  7. Set the chain code ID as the environment variable:

    export PACKAGE_ID=mychaincode_1.0:39889cf0623cce2500261b22914a7aa9037a897bc7f6c5b36df7a922f29b05e0
  8. Org1 query the installed chain code and approve the chain code:

    export CORE_PEER_LOCALMSPID="Org1MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG1_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:7051
    #Query installed chain code
    peer lifecycle chaincode queryinstalled
    #Approval chain code
    peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$ORDERER_CA" --channelID mychannel --name mychaincode --version 1.0 --package-id ${PACKAGE_ID} --sequence 1
  9. Org2 queries the installed chain code and approves the chain code:

    export CORE_PEER_LOCALMSPID="Org2MSP"
    export CORE_PEER_TLS_ROOTCERT_FILE=$PEER0_ORG2_CA
    export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
    export CORE_PEER_ADDRESS=localhost:9051
    #Query installed chain code
    peer lifecycle chaincode queryinstalled
    #Approval chain code
    peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$ORDERER_CA" --channelID mychannel --name mychaincode --version 1.0 --package-id ${PACKAGE_ID} --sequence 1
  10. Check whether the chain code is ready to be submitted:

    peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name mychaincode --version 1.0 --sequence 1 --output json

    Detailed explanation of bash source code of test network startup process of hyperledger fabric

  11. Submission chain code:

    peer lifecycle chaincode commit -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$ORDERER_CA"  --channelID mychannel --name mychaincode --version 1.0 --sequence 1 --peerAddresses localhost:7051 --tlsRootCertFiles $PEER0_ORG1_CA --peerAddresses localhost:9051 --tlsRootCertFiles $PEER0_ORG2_CA
  12. Query the submitted chain code:

    peer lifecycle chaincode querycommitted --channelID mychannel --name mychaincode
  13. Call chain code:

    peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "$ORDERER_CA" -C mychannel -n mychaincode --peerAddresses

    summary

    This paper first explainsfabric-samplesExcessive encapsulation is not conducive for us to understand and master the real process of each operation, and then take it out separatelytest-networkModify and customize, and finally analyze in detailtest-networkThe detailed processes of starting the default network, starting the CA network, creating the channel and deploying the chain code are given, so that we can build the network step by step according to the code and further understand the fabric architecture.

Relevant experimental source code has been uploaded: https://github.com/wefantasy/…

reference resources


  1. hyperledger. fabric-samples. Github. ↩