Build your own Fabric network
Article directory
- Build your own Fabric network
- 1, Generate organization structure and identity certificate
- 1.1. crypto-config.yaml configuration file
- 1.2 generate organization structure and identity certificate
- 2, Generate additional profiles
- 2.1. configtx.yaml file
- 2.2. The Orderer service starts the initial block creation
- 2.3 channel creation document
- 2.4. Generate an anchor node update configuration file
- 3, Start of network
- 4, Channel creation
In the front, we used automatic script to build Fabric network. Today, we use manual method to build a Fabric network, which is more conducive to our understanding of Fabric network. The following building process mainly refers to byfn.sh script. Learn how to create your own Fabric network today!
1, Generate organization structure and identity certificate
1.1. crypto-config.yaml configuration file
When creating a network in byfn.sh, the first step is to load crypto-config.yaml. This file mainly specifies the relevant organization information in the whole network. We can modify the example slightly. The final result is as follows. Each annotation is written in detail (the advantages of Lao Mei). You can understand it with a little understanding of English:
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # # --------------------------------------------------------------------------- # "OrdererOrgs" - Definition of organizations managing orderer nodes # --------------------------------------------------------------------------- OrdererOrgs: # --------------------------------------------------------------------------- # Orderer # --------------------------------------------------------------------------- - Name: Orderer Domain: xidian.com # --------------------------------------------------------------------------- # "Specs" - See PeerOrgs below for complete description # --------------------------------------------------------------------------- Specs: - Hostname: orderer # --------------------------------------------------------------------------- # "PeerOrgs" - Definition of organizations managing peer nodes # --------------------------------------------------------------------------- PeerOrgs: # --------------------------------------------------------------------------- # Org1 # --------------------------------------------------------------------------- - Name: Org1 Domain: org1.xidian.com EnableNodeOUs: true # --------------------------------------------------------------------------- # "Specs" # --------------------------------------------------------------------------- # Uncomment this section to enable the explicit definition of hosts in your # configuration. Most users will want to use Template, below # # Specs is an array of Spec entries. Each Spec entry consists of two fields: # - Hostname: (Required) The desired hostname, sans the domain. # - CommonName: (Optional) Specifies the template or explicit override for # the CN. By default, this is the template: # # "{{.Hostname}}.{{.Domain}}" # # which obtains its values from the Spec.Hostname and # Org.Domain, respectively. # --------------------------------------------------------------------------- # Specs: # - Hostname: foo # implicitly "foo.org1.example.com" # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above # - Hostname: bar # - Hostname: baz # --------------------------------------------------------------------------- # "Template" # --------------------------------------------------------------------------- # Allows for the definition of 1 or more hosts that are created sequentially # from a template. By default, this looks like "peer%d" from 0 to Count-1. # You may override the number of nodes (Count), the starting index (Start) # or the template used to construct the name (Hostname). # # Note: Template and Specs are not mutually exclusive. You may define both # sections and the aggregate nodes will be created for you. Take care with # name collisions # --------------------------------------------------------------------------- Template: Count: 2 # Start: 5 # Hostname: {{.Prefix}}{{.Index}} # default # --------------------------------------------------------------------------- # "Users" # --------------------------------------------------------------------------- # Count: The number of user accounts _in addition_ to Admin # --------------------------------------------------------------------------- Users: Count: 1 # --------------------------------------------------------------------------- # Org2: See "Org1" for full specification # --------------------------------------------------------------------------- - Name: Org2 Domain: org2.xidian.com EnableNodeOUs: true Template: Count: 2 Users: Count: 1
This configuration creates two organization information, OrdererOrgs and PeerOrgs. PeerOrgs has two org, each of which has two peer nodes and one user.
1.2 generate organization structure and identity certificate
We use the previously compiled cryptogen tool to generate the command as follows:
cryptogen generate --config=./crypto-config.yaml
The results are as follows:
After the command is executed, it will be in the crypto config folder of the current directory, which contains the relevant results and certificates. We can use the tree command to see the details and expand the three-level ha,
2, Generate additional profiles
2.1. configtx.yaml file
After generating organization structure and other documents, we need the genesis block and channel. The generation of this file still depends on yaml files, and these related files are mainly in configtx.yaml file. We can specify the path to generate the file in the previous step.
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # --- ################################################################################ # # Profile # # - Different configuration profiles may be encoded here to be specified # as parameters to the configtxgen tool # ################################################################################ Profiles: TwoOrgsOrdererGenesis: Capabilities: <<: *ChannelCapabilities Orderer: <<: *OrdererDefaults Organizations: - *OrdererOrg Capabilities: <<: *OrdererCapabilities Consortiums: SampleConsortium: Organizations: - *Org1 - *Org2 TwoOrgsChannel: Consortium: SampleConsortium Application: <<: *ApplicationDefaults Organizations: - *Org1 - *Org2 Capabilities: <<: *ApplicationCapabilities ################################################################################ # # Section: Organizations # # - This section defines the different organizational identities which will # be referenced later in the configuration. # ################################################################################ Organizations: # SampleOrg defines an MSP using the sampleconfig. It should never be used # in production but may be used as a template for other definitions - &OrdererOrg # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: OrdererOrg # ID to load the MSP definition as ID: OrdererMSP # MSPDir is the filesystem path which contains the MSP configuration MSPDir: crypto-config/ordererOrganizations/xidian.com/msp - &Org1 # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: Org1MSP # ID to load the MSP definition as ID: Org1MSP MSPDir: crypto-config/peerOrganizations/org1.xidian.com/msp AnchorPeers: # AnchorPeers defines the location of peers which can be used # for cross org gossip communication. Note, this value is only # encoded in the genesis block in the Application section context - Host: peer0.org1.xidian.com Port: 7051 - &Org2 # DefaultOrg defines the organization which is used in the sampleconfig # of the fabric.git development environment Name: Org2MSP # ID to load the MSP definition as ID: Org2MSP MSPDir: crypto-config/peerOrganizations/org2.xidian.com/msp AnchorPeers: # AnchorPeers defines the location of peers which can be used # for cross org gossip communication. Note, this value is only # encoded in the genesis block in the Application section context - Host: peer0.org2.xidian.com Port: 7051 ################################################################################ # # SECTION: Orderer # # - This section defines the values to encode into a config transaction or # genesis block for orderer related parameters # ################################################################################ Orderer: &OrdererDefaults # Orderer Type: The orderer implementation to start # Available types are "solo" and "kafka" OrdererType: solo Addresses: - orderer.xidian.com:7050 # Batch Timeout: The amount of time to wait before creating a batch BatchTimeout: 2s # Batch Size: Controls the number of messages batched into a block BatchSize: # Max Message Count: The maximum number of messages to permit in a batch MaxMessageCount: 10 # Absolute Max Bytes: The absolute maximum number of bytes allowed for # the serialized messages in a batch. AbsoluteMaxBytes: 99 MB # Preferred Max Bytes: The preferred maximum number of bytes allowed for # the serialized messages in a batch. A message larger than the preferred # max bytes will result in a batch larger than preferred max bytes. PreferredMaxBytes: 512 KB Kafka: # Brokers: A list of Kafka brokers to which the orderer connects # NOTE: Use IP:port notation Brokers: - 127.0.0.1:9092 # Organizations is the list of orgs which are defined as participants on # the orderer side of the network Organizations: ################################################################################ # # SECTION: Application # # - This section defines the values to encode into a config transaction or # genesis block for application related parameters # ################################################################################ Application: &ApplicationDefaults # Organizations is the list of orgs which are defined as participants on # the application side of the network Organizations: ################################################################################ # # SECTION: Capabilities # # - This section defines the capabilities of fabric network. This is a new # concept as of v1.1.0 and should not be utilized in mixed networks with # v1.0.x peers and orderers. Capabilities define features which must be # present in a fabric binary for that binary to safely participate in the # fabric network. For instance, if a new MSP type is added, newer binaries # might recognize and validate the signatures from this type, while older # binaries without this support would be unable to validate those # transactions. This could lead to different versions of the fabric binaries # having different world states. Instead, defining a capability for a channel # informs those binaries without this capability that they must cease # processing transactions until they have been upgraded. For v1.0.x if any # capabilities are defined (including a map with all capabilities turned off) # then the v1.0.x peer will deliberately crash. # ################################################################################ Capabilities: # Channel capabilities apply to both the orderers and the peers and must be # supported by both. Set the value of the capability to true to require it. Global: &ChannelCapabilities # V1.1 for Global is a catchall flag for behavior which has been # determined to be desired for all orderers and peers running v1.0.x, # but the modification of which would cause incompatibilities. Users # should leave this flag set to true. V1_1: true # Orderer capabilities apply only to the orderers, and may be safely # manipulated without concern for upgrading peers. Set the value of the # capability to true to require it. Orderer: &OrdererCapabilities # V1.1 for Order is a catchall flag for behavior which has been # determined to be desired for all orderers running v1.0.x, but the # modification of which would cause incompatibilities. Users should # leave this flag set to true. V1_1: true # Application capabilities apply only to the peer network, and may be safely # manipulated without concern for upgrading orderers. Set the value of the # capability to true to require it. Application: &ApplicationCapabilities # V1.1 for Application is a catchall flag for behavior which has been # determined to be desired for all peers running v1.0.x, but the # modification of which would cause incompatibilities. Users should # leave this flag set to true. V1_1: true
2.2. The Orderer service starts the initial block creation
The tool used in this step is configtxgen. For detailed usage, we can use help to view. The command to generate the configuration file is as follows:
configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
2.3 channel creation document
Related commands:
export CHANNEL_NAME=mychannel configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
Final result:
2.4. Generate an anchor node update configuration file
The anchor node update configuration file is used to update the anchor nodes in the organization after the channel is created. It is also based on the configtx.yaml file and the configtxgen tool. The related commands are as follows:
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
The final results are as follows:
3, Start of network
3.1. Relevant configuration files
As of the previous step, our network related configuration files have been generated. The next step is to start the network. The main files used to start the network are: docker-compose-cli.yaml, base/docker-compose-base.yaml, ` ` base/peer-base.yaml`
Relevant contents are as follows:
- Content of docker-compose-cli.yaml file:
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' volumes: orderer.xidian.com: peer0.org1.xidian.com: peer1.org1.xidian.com: peer0.org2.xidian.com: peer1.org2.xidian.com: networks: byfn: services: orderer.xidian.com: extends: file: base/docker-compose-base.yaml service: orderer.xidian.com container_name: orderer.xidian.com networks: - byfn peer0.org1.xidian.com: container_name: peer0.org1.xidian.com extends: file: base/docker-compose-base.yaml service: peer0.org1.xidian.com networks: - byfn peer1.org1.xidian.com: container_name: peer1.org1.xidian.com extends: file: base/docker-compose-base.yaml service: peer1.org1.xidian.com networks: - byfn peer0.org2.xidian.com: container_name: peer0.org2.xidian.com extends: file: base/docker-compose-base.yaml service: peer0.org2.xidian.com networks: - byfn peer1.org2.xidian.com: container_name: peer1.org2.xidian.com extends: file: base/docker-compose-base.yaml service: peer1.org2.xidian.com networks: - byfn cli: container_name: cli image: hyperledger/fabric-tools:$IMAGE_TAG tty: true stdin_open: true environment: - GOPATH=/opt/gopath - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock #- CORE_LOGGING_LEVEL=DEBUG - CORE_LOGGING_LEVEL=INFO - CORE_PEER_ID=cli - CORE_PEER_ADDRESS=peer0.org1.xidian.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP - CORE_PEER_TLS_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.xidian.com/peers/peer0.org1.xidian.com/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.xidian.com/peers/peer0.org1.xidian.com/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.xidian.com/peers/peer0.org1.xidian.com/tls/ca.crt - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.xidian.com/users/Admin@org1.xidian.com/msp working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: /bin/bash volumes: - /var/run/:/host/var/run/ - ./../chaincode/:/opt/gopath/src/github.com/chaincode - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ - ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/ - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts depends_on: - orderer.xidian.com - peer0.org1.xidian.com - peer1.org1.xidian.com - peer0.org2.xidian.com - peer1.org2.xidian.com networks: - byfn
- Content of docker-compose-base.yaml file:
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: orderer.xidian.com: container_name: orderer.xidian.com image: hyperledger/fabric-orderer:$IMAGE_TAG environment: - ORDERER_GENERAL_LOGLEVEL=INFO - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_GENESISMETHOD=file - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS - ORDERER_GENERAL_TLS_ENABLED=true - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] working_dir: /opt/gopath/src/github.com/hyperledger/fabric command: orderer volumes: - ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block - ../crypto-config/ordererOrganizations/xidian.com/orderers/orderer.xidian.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/xidian.com/orderers/orderer.xidian.com/tls/:/var/hyperledger/orderer/tls - orderer.xidian.com:/var/hyperledger/production/orderer ports: - 7050:7050 peer0.org1.xidian.com: container_name: peer0.org1.xidian.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.org1.xidian.com - CORE_PEER_ADDRESS=peer0.org1.xidian.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.xidian.com:7051 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.xidian.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org1.xidian.com/peers/peer0.org1.xidian.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org1.xidian.com/peers/peer0.org1.xidian.com/tls:/etc/hyperledger/fabric/tls - peer0.org1.xidian.com:/var/hyperledger/production ports: - 7051:7051 - 7053:7053 peer1.org1.xidian.com: container_name: peer1.org1.xidian.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer1.org1.xidian.com - CORE_PEER_ADDRESS=peer1.org1.xidian.com:7051 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.xidian.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.xidian.com:7051 - CORE_PEER_LOCALMSPID=Org1MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org1.xidian.com/peers/peer1.org1.xidian.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org1.xidian.com/peers/peer1.org1.xidian.com/tls:/etc/hyperledger/fabric/tls - peer1.org1.xidian.com:/var/hyperledger/production ports: - 8051:7051 - 8053:7053 peer0.org2.xidian.com: container_name: peer0.org2.xidian.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.org2.xidian.com - CORE_PEER_ADDRESS=peer0.org2.xidian.com:7051 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.xidian.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.xidian.com:7051 - CORE_PEER_LOCALMSPID=Org2MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org2.xidian.com/peers/peer0.org2.xidian.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org2.xidian.com/peers/peer0.org2.xidian.com/tls:/etc/hyperledger/fabric/tls - peer0.org2.xidian.com:/var/hyperledger/production ports: - 9051:7051 - 9053:7053 peer1.org2.xidian.com: container_name: peer1.org2.xidian.com extends: file: peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer1.org2.xidian.com - CORE_PEER_ADDRESS=peer1.org2.xidian.com:7051 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.xidian.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.xidian.com:7051 - CORE_PEER_LOCALMSPID=Org2MSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/org2.xidian.com/peers/peer1.org2.xidian.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/org2.xidian.com/peers/peer1.org2.xidian.com/tls:/etc/hyperledger/fabric/tls - peer1.org2.xidian.com:/var/hyperledger/production ports: - 10051:7051 - 10053:7053
- peer-base.yaml file content
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' services: peer-base: image: hyperledger/fabric-peer:$IMAGE_TAG environment: - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock # the following setting starts chaincode containers on the same # bridge network as the peers # https://docs.docker.com/compose/networking/ - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn - CORE_LOGGING_LEVEL=INFO #- CORE_LOGGING_LEVEL=DEBUG - CORE_PEER_TLS_ENABLED=true - CORE_PEER_GOSSIP_USELEADERELECTION=true - CORE_PEER_GOSSIP_ORGLEADER=false - CORE_PEER_PROFILE_ENABLED=true - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer command: peer node start
3.2 network startup
Use docker compose to start. Related commands:
docker-compose -f docker-compose-cli.yaml up
At this time, an error will be reported as follows:
WARNING: The IMAGE_TAG variable is not set. Defaulting to a blank string. WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string. Creating network "test_byfn" with the default driver ERROR: no such image: hyperledger/fabric-orderer:: invalid reference format
The solution is that there is no relevant content in base/docker-compose-base.yaml in the environment variable, so export is OK
export IMAGE_TAG=latest
Then run it again, and the result is as follows:
So far, our network has been started.
4, Channel creation
The concept of channel is similar to subnet. Channel provides a communication mechanism, which can connect Peer and Orderer together to form a communication link with confidentiality.
4.1 creating channels
- Enter the cli container
docker exec -it cli bash
- Setting environment variables
export CHANNEL_NAME=mychannel
- Create channel
peer channel create -o orderer.xidian.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/xidian.com/orderers/orderer.xidian.com/msp/tlscacerts/tlsca.xidian.com-cert.pem
The left side of the figure above is background information, and the right side is container information.
4.2 add nodes to application channel
peer channel join -b mychannel.block
The figure above shows the container information, and the figure below shows the network information.
4.3 update anchor nodes
Update as administrator using Org1
peer channel update -o orderer.xidian.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org1MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/xidian.com/orderers/orderer.xidian.com/msp/tlscacerts/tlsca.xidian.com-cert.pem
Update as the administrator of Org2, because the administrator of Org1 is the default for all environment variables of related configuration files in the configuration file. To update the administrator of Org2, you must set the relevant environment variables to Org2, which is a little more troublesome than the previous step. The related operations are as follows
CORE_PEER_ADDRESS=peer0.org2.xidian.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.xidian.com/peers/peer0.org2.xidian.com/tls/server.crt CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.xidian.com/peers/peer0.org2.xidian.com/tls/server.key CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.xidian.com/peers/peer0.org2.xidian.com/tls/ca.crt CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.xidian.com/users/Admin@org2.xidian.com/msp peer channel update -o orderer.xidian.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org2MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/xidian.com/orderers/orderer.xidian.com/msp/tlscacerts/tlsca.xidian.com-cert.pem
So far, the manually configured network is started. The chain code written will be deployed later!
