【fabric實戰指南二】Fabric v1.0 部署過程原理詳解

區塊鏈兄弟社區，區塊鏈技術專業問答先行者，中國區塊鏈技術愛好者彙集地

做者：吳壽鶴

來源：區塊鏈兄弟

原文連接：http://www.blockchainbrother.com/article/18

著權歸做者全部。商業轉載請聯繫做者得到受權，非商業轉載請註明出處。

 

編譯fabric tools

咱們會編譯如下幾個工具：

• github.com/hyperledger/fabric/common/configtx/tool/configtxgen

• github.com/hyperledger/fabric/common/tools/cryptogen

• github.com/hyperledger/fabric/common/tools/configtxlator

• github.com/hyperledger/fabric/peer

以上每一個工具都須要讀取一個yaml文件配置，在配置文件中咱們指明網絡的拓撲結構，證書地址等。

cd $GOPATH/src/github.com/hyperledger/fabric
make release

ls -rtl release/linux-amd64/bin

-rwxrwxr-x 1 shouhewu shouhewu 15124356 Jul 17 13:58 configtxgen
-rwxrwxr-x 1 shouhewu shouhewu 7315638 Jul 17 13:58 cryptogen
-rwxrwxr-x 1 shouhewu shouhewu 16141847 Jul 17 13:58 configtxlator
-rwxrwxr-x 1 shouhewu shouhewu 22949903 Jul 17 13:58 peer
-rwxrwxr-x 1 shouhewu shouhewu 19942880 Jul 17 13:59 orderer
-rwxrwxr-x 1 shouhewu shouhewu 774 Jul 17 13:59 get-docker-images.sh
-rwxrwxr-x 1 shouhewu shouhewu 458 Jul 17 13:59 get-byfn.sh

Cryptogen Tool（cryptogen)

咱們會使用crptogen tool 爲網絡中的節點，用戶生成密碼證書(x509 certs)。

怎麼運行的？

Cryptogen 讀取 crypto-config.yaml 文件，yaml文件中包含網絡拓撲結構，這個yaml文件能夠幫咱們爲每一個組織和組織中的成員生成證書庫。每一個組織分配一個根證書（ca-cert)，這個根證書會綁定一些peers和orders到這個組織。fabric中的交易和通訊都會被一個參與者的私鑰（keystore）簽名，並會被公鑰（signcerts)驗證.yaml配置文件中有一個"count"變量，咱們用這個變量表示一個組織中會有多少個節點。在咱們的文檔的例子中每一個組織會有兩個節點。

crypto-config.yaml ：

# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
    OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
    - Name: Orderer
Domain: example.com # ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description # ---------------------------------------------------------------------------
    Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
    PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
    - Name: Org1
Domain: org1.example.com # ---------------------------------------------------------------------------
# "Specs" # ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration.  Most users will want to use Template, below
#
# Specs is an array of Spec entries.  Each Spec entry consists of two fields:
    #   - Hostname:   (Required) The desired hostname, sans the domain.
#   - CommonName: (Optional) Specifies the template or explicit override for #                 the CN.  By default, this is the template:
    #
#                              "{{.Hostname}}.{{.Domain}}" #
#                 which obtains its values from the Spec.Hostname and
#                 Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
    #   - Hostname: foo # implicitly "foo.org1.example.com" #     CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
#   - Hostname: bar
#   - Hostname: baz
# ---------------------------------------------------------------------------
# "Template" # ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive.  You may define both
# sections and the aggregate nodes will be created for you.  Take care with # name collisions
# ---------------------------------------------------------------------------
    Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default # ---------------------------------------------------------------------------
# "Users" # ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
    Users:
Count: 1
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
    - Name: Org2
Domain: org2.example.com Template:
Count: 2
Users:
Count: 1

 

執行結果

執行完cryptogen命令後，生成的證書會放在 crypto-config 文件夾中 。

ll crypto-config  drwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 ./
drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../
drwxr-xr-x 3 shouhewu shouhewu 4096 Jul 17 15:15 ordererOrganizations/
drwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 peerOrganizations/

 

Configuration Transaction Generator（configtxgen)

configtxgen tool 用來生成四個artifacts：orderer bootstrap block,fabric channel configuration transaction,two anchor peer transactions（每一個組織一個）

orderer block 是ordering service 的創世區塊，在channel建立的時候channel transaction 文件會廣播給orderer。anchor peer transaction表示每一個組織在channel中的anchor 節點。

怎麼工做的？

configtxgen會讀取 configtx.yaml 配置文件。這個yaml 文件包含網絡的定義，網絡中有三個成員 一個orderer(OrdererOrg),兩個peer(Org1,Org2)，yaml文件中還包含一個由兩個組織構成的聯盟(SampleConsortium)。 在yaml文件最上方 「Profile」段落中，有兩個header，一個是orderer genesis block - TwoOrgsOrdererGenesis ,另外一個是channel - TwoOrgsChannel。這兩個header十分重要，咱們建立artifacts是咱們會把他們做爲參數傳入。yaml文件中還包含另外兩個東西：1.每一個peer 組中的anchor peer（peer0.org1.example.com & peer0.org2.example.com） 。2. 每一個成員的MSP 目錄位置，它容許咱們把每一個組織的根證書會存在orderer genesis block中。

configtx.yaml

---
################################################################################
#
#   Profile
#
#   - Different configuration profiles may be encoded here to be specified
#   as parameters to the configtxgen tool
#
################################################################################
Profiles:

    TwoOrgsOrdererGenesis:
        Orderer:
            <<: *OrdererDefaults
Organizations:
    - *OrdererOrg
Consortiums:
    SampleConsortium:
        Organizations:
            - *Org1
            - *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
    <<: *ApplicationDefaults
Organizations:
    - *Org1
    - *Org2

################################################################################
#
#   Section: Organizations
#
#   - This section defines the different organizational identities which will
#   be referenced later in the configuration.
#
################################################################################
Organizations:

    # SampleOrg defines an MSP using the sampleconfig.  It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg

# ID to load the MSP definition as
ID: OrdererMSP

# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp

- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP

# ID to load the MSP definition as
ID: Org1MSP

MSPDir: crypto-config/peerOrganizations/org1.example.com/msp

AnchorPeers:
    # AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.  Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com Port: 7051

- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP

# ID to load the MSP definition as
ID: Org2MSP

MSPDir: crypto-config/peerOrganizations/org2.example.com/msp

AnchorPeers:
    # AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.  Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com Port: 7051

################################################################################
#
#   SECTION: Orderer
#
#   - This section defines the values to encode into a config transaction or
#   genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults

# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka" OrdererType: solo

Addresses:
    - orderer.example.com:7050

# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s

# Batch Size: Controls the number of messages batched into a block
BatchSize:

    # Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10

# Absolute Max Bytes: The absolute maximum number of bytes allowed for # the serialized messages in a batch.
    AbsoluteMaxBytes: 98 MB

# Preferred Max Bytes: The preferred maximum number of bytes allowed for # the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
    PreferredMaxBytes: 512 KB

Kafka:
    # Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
    - 127.0.0.1:9092

# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:

    ################################################################################
#
#   SECTION: Application
#
#   - This section defines the values to encode into a config transaction or
#   genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults

# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:

 

執行結果

configtxgen 會把每一個成員的證書打包，輸出一個orderer genesis block 和三個channel transaction artifacts。

ll channel-artifacts/

drwxr-xr-x 2 shouhewu shouhewu 4096 Jul 17 15:15 ./
drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../
-rw-r--r-- 1 shouhewu shouhewu 369 Jul 17 15:21 channel.tx -rw-r--r-- 1 shouhewu shouhewu 9076 Jul 17 15:21 genesis.block
-rw-rw-r-- 1 shouhewu shouhewu 0 Jul 17 15:14 .gitkeep
-rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org1MSPanchors.tx -rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org2MSPanchors.tx

文章發佈只爲分享區塊鏈技術內容，版權歸原做者全部，觀點僅表明做者本人，毫不表明區塊鏈兄弟贊同其觀點或證明其描述