devbox
你好赵伟
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

区块链——Hyperledger Fabric2.2多机搭建及区块链浏览器(修改版)_搭建区块链fibric

作者:你好赵伟 | 2024-04-01 11:22:12

搭建区块链fibric

参考(内容有错误,已修改): 区块链——Hyperledger Fabric2.2多机搭建及区块链浏览器

一、搭建环境

前提: order---10.10.10.65,org1---10.10.10.64,org2---10.10.10.53

1、设置网络

三台服务器都要设置

vim /etc/hosts

2、安装docker和docker-compose

  1. root@order:~# apt-get update
  2. root@order:~# apt-get -y install apt-transport-https ca-certificates curl software-properties-common
  3. root@order:~# curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
  4. root@order:~# add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
  5. root@order:~# apt-get -y update
  6. root@order:~# apt-get -y install docker-ce
  7. root@order:~# service docker start
  8. root@order:~# systemctl enable docker
  9. root@order:~# curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  10. root@order:~# chmod +x /usr/local/bin/docker-compose
  11. root@order:~# docker-compose -v
  12. docker-compose version 1.29.2, build 5becea4c

3、安装golang环境

  1. root@order:~# wget https://golang.google.cn/dl/go1.16.8.linux-amd64.tar.gz
  2. root@order:~# tar zxf go1.16.8.linux-amd64.tar.gz
  3. root@order:~# mv go /usr/local/
  4. root@order:~# vim /etc/profile
  5. export GOPATH=~/Go
  6. export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
  7. export GO111MODULE=on
  8. export GOPROXY=https://goproxy.cn
  9. root@order:~# source /etc/profile
  10. root@order:~# go version
  11. go version go1.16.8 linux/amd64

二、生成Fabric证书(order上执行)

克隆项目fabric和fabric-samples 

git clone https://gitee.com/hyperledger/fabric.git

git clone https://github.com/hyperledger/fabric-samples.git

cp fabric-samples/bin/* /usr/local/bin/

vim /etc/profile

export PATH=/home/bering/project/golandProjects/fabric/scripts/fabric-samples/bin:$PATH

source /etc/profile

1、编写证书文件

  1. root@order:~# mkdir hyperledger/multinodes/
  2. root@order:~# cd hyperledger/multinodes/
  3. root@order:~/hyperledger/multinodes# cryptogen showtemplate > crypto-config.yaml
  4. root@order:~/hyperledger/multinodes# vim crypto-config.yaml
  5. OrdererOrgs:
  6.  
  7.   - Name: Orderer
  8.     Domain: example.com
  9.     EnableNodeOUs: true
  10.  
  11.     Specs:
  12.       - Hostname: orderer
  13. PeerOrgs:
  14.  
  15.   - Name: org1
  16.     Domain: org1.example.com
  17.     EnableNodeOUs: true
  18.     Template:
  19.       Count: 1
  20.     Users:
  21.       Count: 1
  22.       
  23.   - Name: org2
  24.     Domain: org2.example.com
  25.     EnableNodeOUs: true
  26.     Template:
  27.       Count: 1
  28.     Users:
  29.       Count: 1

2、生成证书文件

  1. root@order:~/hyperledger/multinodes# cryptogen generate --config=crypto-config.yaml
  2. org1.example.com
  3. org2.example.com

3、复制证书文件到节点(可以Xftp复制)

  1. root@order:~/hyperledger/multinodes# scp -r ./crypto-config root@10.10.10.64:/home/bering/project/hyperledger/multinodes/
  2. root@order:~/hyperledger/multinodes# scp -r ./crypto-config root@10.10.10.53:/home/bering/project/hyperledger/multinodes/

三、生成通道文件(order上执行)

1、编写创世块文件

  1. root@order:~/hyperledger/multinodes# vim configtx.yaml
  2. ---
  3. Organizations:
  4.  
  5.     - &OrdererOrg
  6.  
  7.         Name: OrdererOrg
  8.         ID: OrdererMSP
  9.         MSPDir: ./crypto-config/ordererOrganizations/example.com/msp
  10.         Policies:
  11.             Readers:
  12.                 Type: Signature
  13.                 Rule: "OR('OrdererMSP.member')"
  14.             Writers:
  15.                 Type: Signature
  16.                 Rule: "OR('OrdererMSP.member')"
  17.             Admins:
  18.                 Type: Signature
  19.                 Rule: "OR('OrdererMSP.admin')"
  20.         OrdererEndpoints:
  21.             - orderer.example.com:7050
  22.  
  23.     - &Org1
  24.    
  25.         Name: Org1MSP
  26.         ID: Org1MSP
  27.         MSPDir: ./crypto-config/peerOrganizations/org1.example.com/msp
  28.         Policies:
  29.             Readers:
  30.                 Type: Signature
  31.                 Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
  32.             Writers:
  33.                 Type: Signature
  34.                 Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
  35.             Admins:
  36.                 Type: Signature
  37.                 Rule: "OR('Org1MSP.admin')"
  38.             Endorsement:
  39.                 Type: Signature
  40.                 Rule: "OR('Org1MSP.peer')"
  41.         AnchorPeers:
  42.             - Host: peer0.org1.example.com
  43.               Port: 7051
  44.  
  45.     - &Org2
  46.     
  47.         Name: Org2MSP
  48.         ID: Org2MSP
  49.         MSPDir: ./crypto-config/peerOrganizations/org2.example.com/msp
  50.         Policies:
  51.             Readers:
  52.                 Type: Signature
  53.                 Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
  54.             Writers:
  55.                 Type: Signature
  56.                 Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
  57.             Admins:
  58.                 Type: Signature
  59.                 Rule: "OR('Org2MSP.admin')"
  60.             Endorsement:
  61.                 Type: Signature
  62.                 Rule: "OR('Org2MSP.peer')"
  63.  
  64.         AnchorPeers:
  65.             - Host: peer0.org2.example.com
  66.               Port: 7051
  67.  
  68.  
  69. Capabilities:
  70.  
  71.     Channel: &ChannelCapabilities
  72.  
  73.         V2_0: true
  74.  
  75.     Orderer: &OrdererCapabilities
  76.  
  77.         V2_0: true
  78.  
  79.     Application: &ApplicationCapabilities
  80.  
  81.         V2_0: true
  82.  
  83. Application: &ApplicationDefaults
  84.  
  85.     Organizations:
  86.  
  87.     Policies:
  88.         Readers:
  89.             Type: ImplicitMeta
  90.             Rule: "ANY Readers"
  91.         Writers:
  92.             Type: ImplicitMeta
  93.             Rule: "ANY Writers"
  94.         Admins:
  95.             Type: ImplicitMeta
  96.             Rule: "MAJORITY Admins"
  97.         LifecycleEndorsement:
  98.             Type: ImplicitMeta
  99.             Rule: "MAJORITY Endorsement"
  100.         Endorsement:
  101.             Type: ImplicitMeta
  102.             Rule: "MAJORITY Endorsement"
  103.  
  104.     Capabilities:
  105.         <<: *ApplicationCapabilities
  106.  
  107. Orderer: &OrdererDefaults
  108.  
  109.     OrdererType: solo 
  110.  
  111.     Addresses:
  112.         - orderer.example.com:7050
  113.  
  114.     EtcdRaft:
  115.         Consenters:
  116.         - Host: orderer.example.com
  117.           Port: 7050
  118.           ClientTLSCert: ../organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
  119.           ServerTLSCert: ../organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
  120.  
  121.     BatchTimeout: 2s
  122.     BatchSize:
  123.         MaxMessageCount: 10
  124.         AbsoluteMaxBytes: 99 MB
  125.         PreferredMaxBytes: 512 KB
  126.  
  127.     Organizations:
  128.  
  129.     Policies:
  130.         Readers:
  131.             Type: ImplicitMeta
  132.             Rule: "ANY Readers"
  133.         Writers:
  134.             Type: ImplicitMeta
  135.             Rule: "ANY Writers"
  136.         Admins:
  137.             Type: ImplicitMeta
  138.             Rule: "MAJORITY Admins"
  139.       
  140.         BlockValidation:
  141.             Type: ImplicitMeta
  142.             Rule: "ANY Writers"
  143.  
  144.  
  145. Channel: &ChannelDefaults
  146.  
  147.     Policies:
  148.        
  149.         Readers:
  150.             Type: ImplicitMeta
  151.             Rule: "ANY Readers"
  152.         Writers:
  153.             Type: ImplicitMeta
  154.             Rule: "ANY Writers"
  155.         Admins:
  156.             Type: ImplicitMeta
  157.             Rule: "MAJORITY Admins"
  158.  
  159.     
  160.     Capabilities:
  161.         <<: *ChannelCapabilities
  162.  
  163. Profiles:
  164.  
  165.     TwoOrgsOrdererGenesis:
  166.         <<: *ChannelDefaults
  167.         Orderer:
  168.             <<: *OrdererDefaults
  169.             Organizations:
  170.                 - *OrdererOrg
  171.             Capabilities:
  172.                 <<: *OrdererCapabilities
  173.         Consortiums:
  174.             SampleConsortium:
  175.                 Organizations:
  176.                     - *Org1
  177.                     - *Org2
  178.     TwoOrgsChannel:
  179.         Consortium: SampleConsortium
  180.         <<: *ChannelDefaults
  181.         Application:
  182.             <<: *ApplicationDefaults
  183.             Organizations:
  184.                 - *Org1
  185.                 - *Org2
  186.             Capabilities:
  187.                 <<: *ApplicationCapabilities

2、生成创世块文件和通道文件

1、生成创世区块
  1. root@order:~/hyperledger/multinodes# configtxgen -profile TwoOrgsOrdererGenesis -channelID fabric-channel -outputBlock ./channel-artifacts/genesis.block
  2. 2021-11-04 10:40:27.919 CST [common.tools.configtxgen] main -> INFO 001 Loading configuration
  3. 2021-11-04 10:40:27.925 CST [common.tools.configtxgen.localconfig] completeInitialization -> INFO 002 orderer type: solo
  4. 2021-11-04 10:40:27.925 CST [common.tools.configtxgen.localconfig] Load -> INFO 003 Loaded configuration: configtx.yaml
  5. 2021-11-04 10:40:27.927 CST [common.tools.configtxgen] doOutputBlock -> INFO 004 Generating genesis block
  6. 2021-11-04 10:40:27.927 CST [common.tools.configtxgen] doOutputBlock -> INFO 005 Creating system channel genesis block
  7. 2021-11-04 10:40:27.927 CST [common.tools.configtxgen] doOutputBlock -> INFO 006 Writing genesis block
2、生成通道文件
  1. root@order:~/hyperledger/multinodes# configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID mychannel
  2. 2021-11-04 10:40:31.528 CST [common.tools.configtxgen] main -> INFO 001 Loading configuration
  3. 2021-11-04 10:40:31.533 CST [common.tools.configtxgen.localconfig] Load -> INFO 002 Loaded configuration: configtx.yaml
  4. 2021-11-04 10:40:31.533 CST [common.tools.configtxgen] doOutputChannelCreateTx -> INFO 003 Generating new channel configtx
  5. 2021-11-04 10:40:31.535 CST [common.tools.configtxgen] doOutputChannelCreateTx -> INFO 004 Writing new channel tx
3、为 Org1 定义锚节点
  1. root@order:~/hyperledger/multinodes# configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP
  2. 2021-11-04 10:40:35.494 CST [common.tools.configtxgen] main -> INFO 001 Loading configuration
  3. 2021-11-04 10:40:35.499 CST [common.tools.configtxgen.localconfig] Load -> INFO 002 Loaded configuration: configtx.yaml
  4. 2021-11-04 10:40:35.499 CST [common.tools.configtxgen] doOutputAnchorPeersUpdate -> INFO 003 Generating anchor peer update
  5. 2021-11-04 10:40:35.500 CST [common.tools.configtxgen] doOutputAnchorPeersUpdate -> INFO 004 Writing anchor peer update
4、为 Org2 定义锚节点
  1. root@order:~/hyperledger/multinodes# configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP
  2. 2021-11-04 10:40:38.888 CST [common.tools.configtxgen] main -> INFO 001 Loading configuration
  3. 2021-11-04 10:40:38.893 CST [common.tools.configtxgen.localconfig] Load -> INFO 002 Loaded configuration: configtx.yaml
  4. 2021-11-04 10:40:38.893 CST [common.tools.configtxgen] doOutputAnchorPeersUpdate -> INFO 003 Generating anchor peer update
  5. 2021-11-04 10:40:38.894 CST [common.tools.configtxgen] doOutputAnchorPeersUpdate -> INFO 004 Writing anchor peer update
5、将生成的文件拷贝到另两台主机(可以Xftp复制)
  1. root@order:~/hyperledger/multinodes# scp -r ./channel-artifacts root@10.10.10.64:/home/bering/projec/hyperledger/multinodes/
  2. root@order:~/hyperledger/multinodes# scp -r ./channel-artifacts root@10.10.10.53:/home/bering/projec/hyperledger/multinodes/

四、编写docker-compose文件

1、orderer节点

  1. root@order:~/hyperledger/multinodes# vim docker-compose.yaml
  2. version: '2'
  3.  
  4. services:
  5.   orderer.example.com:
  6.     container_name: orderer.example.com
  7.     image: hyperledger/fabric-orderer:2.2
  8.     environment:
  9.       - FABRIC_LOGGING_SPEC=INFO
  10.       - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
  11.       - ORDERER_GENERAL_LISTENPORT=7050
  12.       - ORDERER_GENERAL_GENESISMETHOD=file
  13.       - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
  14.       - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
  15.       - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
  16.       - ORDERER_GENERAL_TLS_ENABLED=true
  17.       - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
  18.       - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
  19.       - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
  20.       - ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
  21.       - ORDERER_KAFKA_VERBOSE=true
  22.       - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
  23.       - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
  24.       - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
  25.     working_dir: /opt/gopath/src/github.com/hyperledger/fabric
  26.     command: orderer
  27.     volumes:
  28.       - ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
  29.       - ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
  30.       - ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
  31.     ports:
  32.       - 7050:7050
  33.     extra_hosts:
  34.       - "orderer.example.com:10.10.10.65"
  35.       - "peer0.org1.example.com:10.10.10.64"
  36.       - "peer0.org2.example.com:10.10.10.53"

2、org1节点

  1. root@org1:~/hyperledger/multinodes# vim docker-compose.yaml
  2. version: '2'
  3.  
  4. services:
  5.   couchdb0.org1.example.com:
  6.     container_name: couchdb0.org1.example.com
  7.     image: couchdb:3.1
  8.     environment:
  9.       - COUCHDB_USER=admin
  10.       - COUCHDB_PASSWORD=adminpw
  11.     ports:
  12.       - 5984:5984
  13.  
  14.   peer0.org1.example.com:
  15.     container_name: peer0.org1.example.com
  16.     image: hyperledger/fabric-peer:2.2
  17.     environment:
  18.       - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
  19.       - CORE_PEER_ID=peer0.org1.example.com
  20.       - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
  21.       - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
  22.       - CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
  23.       - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
  24.       - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
  25.       - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
  26.       - CORE_PEER_LOCALMSPID=Org1MSP
  27.       - FABRIC_LOGGING_SPEC=INFO
  28.       - CORE_PEER_TLS_ENABLED=true
  29.       - CORE_PEER_GOSSIP_USELEADERELECTION=true
  30.       - CORE_PEER_GOSSIP_ORGLEADER=false
  31.       - CORE_PEER_PROFILE_ENABLED=true
  32.       - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
  33.       - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
  34.       - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
  35.       - CORE_CHAINCODE_EXECUTETIMEOUT=300s
  36.       - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
  37.       - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0.org1.example.com:5984
  38.       - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
  39.       - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
  40.     depends_on:
  41.       - couchdb0.org1.example.com
  42.  
  43.     working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
  44.     command: peer node start
  45.     volumes:
  46.       - /var/run/:/host/var/run/
  47.       - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
  48.       - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
  49.     ports:
  50.       - 7051:7051
  51.       - 7052:7052
  52.       - 7053:7053
  53.     extra_hosts:
  54.       - "orderer.example.com:10.10.10.65"
  55.       - "peer0.org1.example.com:10.10.10.64"
  56.       - "peer0.org2.example.com:10.10.10.53"
  57.   cli:
  58.     container_name: cli
  59.     image: hyperledger/fabric-tools:2.2
  60.     tty: true
  61.     stdin_open: true
  62.     environment:
  63.       - GOPATH=/opt/gopath
  64.       - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
  65.       - FABRIC_LOGGING_SPEC=INFO
  66.       - CORE_PEER_ID=cli
  67.       - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
  68.       - CORE_PEER_LOCALMSPID=Org1MSP
  69.       - CORE_PEER_TLS_ENABLED=true
  70.       - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
  71.       - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
  72.       - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
  73.       - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
  74.     working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
  75.     command: /bin/bash
  76.     volumes:
  77.       - /var/run/:/host/var/run/
  78.       - ./chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go
  79.       - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
  80.       - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
  81.     extra_hosts:
  82.       - "orderer.example.com:10.10.10.65"
  83.       - "peer0.org1.example.com:10.10.10.64"
  84.       - "peer0.org2.example.com:10.10.10.53"

3、org2节点

  1. root@org2:~/hyperledger/multinodes# vim docker-compose.yaml
  2. version: '2'
  3.  
  4. services:
  5.   couchdb0.org2.example.com:
  6.     container_name: couchdb0.org2.example.com
  7.     image: couchdb:3.1
  8.     environment:
  9.       - COUCHDB_USER=admin
  10.       - COUCHDB_PASSWORD=adminpw
  11.     ports:
  12.       - 5984:5984
  13.  
  14.   peer0.org2.example.com:
  15.     container_name: peer0.org2.example.com
  16.     image: hyperledger/fabric-peer:2.2
  17.     environment:
  18.       - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
  19.       - CORE_PEER_ID=peer0.org2.example.com
  20.       - CORE_PEER_ADDRESS=peer0.org2.example.com:7051
  21.       - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
  22.       - CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:7052
  23.       - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
  24.       - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:7051
  25.       - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:7051
  26.       - CORE_PEER_LOCALMSPID=Org2MSP
  27.       - FABRIC_LOGGING_SPEC=INFO
  28.       - CORE_PEER_TLS_ENABLED=true
  29.       - CORE_PEER_GOSSIP_USELEADERELECTION=true
  30.       - CORE_PEER_GOSSIP_ORGLEADER=false
  31.       - CORE_PEER_PROFILE_ENABLED=true
  32.       - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
  33.       - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
  34.       - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
  35.       - CORE_CHAINCODE_EXECUTETIMEOUT=300s
  36.       - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
  37.       - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0.org2.example.com:5984
  38.       - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
  39.       - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
  40.     depends_on:
  41.       - couchdb0.org2.example.com
  42.  
  43.     working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
  44.     command: peer node start
  45.     volumes:
  46.       - /var/run/:/host/var/run/
  47.       - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
  48.       - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
  49.     ports:
  50.       - 7051:7051
  51.       - 7052:7052
  52.       - 7053:7053
  53.     extra_hosts:
  54.       - "orderer.example.com:10.10.10.65"
  55.       - "peer0.org1.example.com:10.10.10.64"
  56.       - "peer0.org2.example.com:10.10.10.53"
  57.   cli:
  58.     container_name: cli
  59.     image: hyperledger/fabric-tools:2.2
  60.     tty: true
  61.     stdin_open: true
  62.     environment:
  63.       - GOPATH=/opt/gopath
  64.       - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
  65.       - FABRIC_LOGGING_SPEC=INFO
  66.       - CORE_PEER_ID=cli
  67.       - CORE_PEER_ADDRESS=peer0.org2.example.com:7051
  68.       - CORE_PEER_LOCALMSPID=Org2MSP
  69.       - CORE_PEER_TLS_ENABLED=true
  70.       - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
  71.       - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
  72.       - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
  73.       - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
  74.     working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
  75.     command: /bin/bash
  76.     volumes:
  77.       - /var/run/:/host/var/run/
  78.       - ./chaincode/go/:/opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go
  79.       - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
  80.       - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
  81.     extra_hosts:
  82.       - "orderer.example.com:10.10.10.65"
  83.       - "peer0.org1.example.com:10.10.10.64"
  84.       - "peer0.org2.example.com:10.10.10.53"

4、启动

order,org1,org2分别执行

  1. root@order:~/hyperledger/multinodes# docker-compose up -d
  2. Creating network "multinodes_default" with the default driver
  3. Creating orderer.example.com ... done
  1. root@org1:~/hyperledger/multinodes# docker-compose up -d
  2. Creating network "multinodes_default" with the default driver
  3. Creating couchdb0.org1.example.com ... done
  4. Creating cli                       ... done
  5. Creating peer0.org1.example.com    ... done
  1. root@org2:~/hyperledger/multinodes# docker-compose up -d
  2. Creating network "multinodes_default" with the default driver
  3. Creating cli                       ... done
  4. Creating couchdb0.org2.example.com ... done
  5. Creating peer0.org2.example.com    ... done

五、通道操作

1、创建通道

org1执行

  1. root@org1:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# peer channel create -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/msp/tlscacerts/tlsca.example.com-cert.pem
  3. 2021-11-04 05:35:20.209 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
  4. 2021-11-04 05:35:20.243 UTC [cli.common] readBlock -> INFO 002 Received block: 0
  5. bash-5.1# ls
  6. channel-artifacts  crypto             mychannel.block
  7. bash-5.1# exit

将通道文件 mychannel.block 拷贝到宿主机及其他节点的容器网址

org1执行

  1. root@org1:~/hyperledger/multinodes# docker cp cli:/opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block ./
  2. root@org1:~/hyperledger/multinodes# scp mychannel.block root@10.10.10.53:/home/bering/project/hyperledger/multinodes/

org2执行

root@org2:~/hyperledger/multinodes# docker cp mychannel.block cli:/opt/gopath/src/github.com/hyperledger/fabric/peer/

2、加入通道

org1执行

  1. root@org1:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# peer channel join -b mychannel.block
  3. 2021-11-04 05:39:36.166 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
  4. 2021-11-04 05:39:36.292 UTC [channelCmd] executeJoin -> INFO 002 Successfully submitted proposal to join channel

org2执行

  1. root@org2:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# peer channel join -b mychannel.block
  3. 2021-11-04 05:39:29.125 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
  4. 2021-11-04 05:39:29.237 UTC [channelCmd] executeJoin -> INFO 002 Successfully submitted proposal to join channel

3、更新锚节点

org1执行

  1. bash-5.1# peer channel update -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/Org1MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
  2. 2021-11-04 05:39:59.758 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
  3. 2021-11-04 05:39:59.770 UTC [channelCmd] update -> INFO 002 Successfully submitted channel update

org2执行

  1. bash-5.1# peer channel update -o orderer.example.com:7050 -c mychannel -f ./channel-artifacts/Org2MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
  2. 2021-11-04 05:40:14.723 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
  3. 2021-11-04 05:40:14.740 UTC [channelCmd] update -> INFO 002 Successfully submitted channel update

六、安装调用智能合约

1、复制官方示例智能合约

order执行

创建目录chaincode/go

/home/bering/project/golandProjects/hyperledger/multinodes/ 下创建 chaincode/go

把/home/bering/project/golandProjects/fabric-samples/chaincode 下的sacc目录移动到 chaincode/go下

org1执行

/home/bering/project/hyperledger/multinodes/ 下创建 chaincode/go

复制sacc到go目录下

org2执行

/home/bering/project/hyperledger/multinodes/ 下创建 chaincode/go

复制sacc到go目录下

2、容器内设置go语言依赖包

org1执行

  1. root@org1:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# cd /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/sacc
  3. bash-5.1# ls
  4. go.mod        go.sum        sacc.go       sacc_test.go  vendor
  5. bash-5.1# go env -w GOPROXY=https://goproxy.cn,direct
  6. bash-5.1# go env -w GO111MODULE=auto
  7. bash-5.1# go mod init
  8. go: /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/sacc/go.mod already exists
  9. bash-5.1# go mod vendor
  10. go: downloading github.com/hyperledger/fabric-chaincode-go v0.0.0-20190823162523-04390e015b85
  11. go: downloading github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022
  12. go: downloading github.com/golang/protobuf v1.3.2
  13. go: downloading google.golang.org/grpc v1.23.0
  14. go: downloading golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7
  15. go: downloading google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55
  16. go: downloading golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a
  17. go: downloading golang.org/x/text v0.3.2

org2执行

  1. root@org2:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# cd /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/sacc
  3. bash-5.1# ls
  4. go.mod        go.sum        sacc.go       sacc_test.go  vendor
  5. bash-5.1# go env -w GOPROXY=https://goproxy.cn,direct
  6. bash-5.1# go env -w GO111MODULE=auto
  7. bash-5.1# go mod init
  8. go: /opt/gopath/src/github.com/hyperledger/fabric-cluster/chaincode/go/sacc/go.mod already exists
  9. bash-5.1# go mod vendor
  10. go: downloading github.com/hyperledger/fabric-chaincode-go v0.0.0-20190823162523-04390e015b85
  11. go: downloading github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022
  12. go: downloading github.com/golang/protobuf v1.3.2
  13. go: downloading google.golang.org/grpc v1.23.0
  14. go: downloading golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7
  15. go: downloading google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55
  16. go: downloading golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a
  17. go: downloading golang.org/x/text v0.3.2

3、打包链码

仅仅org1执行

  1. bash-5.1# cd /opt/gopath/src/github.com/hyperledger/fabric/peer
  2. bash-5.1# peer lifecycle chaincode package sacc.tar.gz \
  3.   --path github.com/hyperledger/fabric-cluster/chaincode/go/sacc/ \
  4.   --label sacc_1
  5. bash-5.1# ls
  6. channel-artifacts  crypto             mychannel.block    sacc.tar.gz

4、复制链码

org1执行

  1. root@org1:~/hyperledger/multinodes# docker cp cli:/opt/gopath/src/github.com/hyperledger/fabric/peer/sacc.tar.gz ./
  2. root@org1:~/hyperledger/multinodes# scp sacc.tar.gz root@10.10.10.53:/home/bering/project/hyperledger/multinodes

org2执行

root@org2:~/hyperledger/multinodes# docker cp /home/bering/project/hyperledger/multinodes/sacc.tar.gz cli:/opt/gopath/src/github.com/hyperledger/fabric/peer

5、安装链码

org1执行

  1. root@org1:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# peer lifecycle chaincode install sacc.tar.gz
  3. 2021-11-04 05:44:44.537 UTC [cli.lifecycle.chaincode] submitInstallProposal -> INFO 001 Installed remotely: response:<status:200 payload:"\nGsacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259\022\006sacc_1" >
  4. 2021-11-04 05:44:44.537 UTC [cli.lifecycle.chaincode] submitInstallProposal -> INFO 002 Chaincode code package identifier: sacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259

org2执行

  1. root@org2:~/hyperledger/multinodes# docker exec -it cli bash
  2. bash-5.1# peer lifecycle chaincode install sacc.tar.gz
  3. 2021-11-04 05:44:36.627 UTC [cli.lifecycle.chaincode] submitInstallProposal -> INFO 001 Installed remotely: response:<status:200 payload:"\nGsacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259\022\006sacc_1" >
  4. 2021-11-04 05:44:36.627 UTC [cli.lifecycle.chaincode] submitInstallProposal -> INFO 002 Chaincode code package identifier: sacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259

6、批准链码

org1执行

  1. bash-5.1# peer lifecycle chaincode approveformyorg --channelID mychannel --name sacc --version 1.0 --init-required --package-id sacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259 --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
  2. 2021-11-04 05:45:51.128 UTC [cli.lifecycle.chaincode] setOrdererClient -> INFO 001 Retrieved channel (mychannel) orderer endpoint: orderer.example.com:7050
  3. 2021-11-04 05:45:53.260 UTC [chaincodeCmd] ClientWait -> INFO 002 txid [c2bebc9d5dbbe4b342facd9ae558dec6cc142f373bbf5a08fbf0953e06c2dce4] committed with status (VALID) at peer0.org1.example.com:7051

org2执行

  1. bash-5.1# peer lifecycle chaincode approveformyorg --channelID mychannel --name sacc --version 1.0 --init-required --package-id sacc_1:2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259 --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
  2. 2021-11-04 05:45:46.313 UTC [cli.lifecycle.chaincode] setOrdererClient -> INFO 001 Retrieved channel (mychannel) orderer endpoint: orderer.example.com:7050
  3. 2021-11-04 05:45:48.447 UTC [chaincodeCmd] ClientWait -> INFO 002 txid [456f2a9b88c235812d679e5a8b79fd2476f0843f51dcb273b239102f649a2c76] committed with status (VALID) at peer0.org2.example.com:7051

7、查看链码是否就绪

org1执行

  1. bash-5.1# peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name sacc --version 1.0 --init-required --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --output json
  2. {
  3.         "approvals": {
  4.                 "Org1MSP": true,
  5.                 "Org2MSP": true
  6.         }
  7. }

org2执行

  1. bash-5.1# peer lifecycle chaincode checkcommitreadiness --channelID mychannel --name sacc --version 1.0 --init-required --sequence 1 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --output json
  2. {
  3.         "approvals": {
  4.                 "Org1MSP": true,
  5.                 "Org2MSP": true
  6.         }
  7. }

8、提交链码

仅仅org1执行

  1. bash-5.1# peer lifecycle chaincode commit -o orderer.example.com:7050 --channelID mychannel --name sacc --version 1.0 --sequence 1 --init-required --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
  2. 2021-11-04 05:46:43.990 UTC [chaincodeCmd] ClientWait -> INFO 001 txid [ac1b9887ed54dda567f54417216b6ac34255fcdccad14ffa8dd4eeb4b78fe781] committed with status (VALID) at peer0.org1.example.com:7051
  3. 2021-11-04 05:46:44.025 UTC [chaincodeCmd] ClientWait -> INFO 002 txid [ac1b9887ed54dda567f54417216b6ac34255fcdccad14ffa8dd4eeb4b78fe781] committed with status (VALID) at peer0.org2.example.com:7051

9、链码初始化

仅仅org1执行

  1. bash-5.1# peer chaincode invoke -o orderer.example.com:7050 --isInit --ordererTLSHostnameOverride orderer.example.com --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n sacc --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"Args":["a","bb"]}'
  2. 2021-11-04 05:46:55.388 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200

10、查询数据

org1和org2都可执行

  1. bash-5.1# peer chaincode query -C mychannel -n sacc -c '{"Args":["query","a"]}'
  2. bb

11、调用链码,新增数据

org1和org2都可执行

  1. bash-5.1# peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n sacc --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"Args":["set","a","cc"]}'
  2. 2021-11-04 05:47:25.219 UTC [chaincodeCmd] chaincodeInvokeOrQuery -> INFO 001 Chaincode invoke successful. result: status:200 payload:"cc"
  3. bash-5.1# peer chaincode query -C mychannel -n sacc -c '{"Args":["query","a"]}'
  4. cc

七、搭建超级账本区块链浏览器

1、下载配置文件

order上执行

  1. root@order:~/hyperledger/multinodes# mkdir explorer
  2. root@order:~/hyperledger/multinodes# cd explorer/
  3. root@order:~/hyperledger/multinodes/explorer# wget https://raw.githubusercontent.com/hyperledger/blockchain-explorer/main/examples/net1/config.json
  4. root@order:~/hyperledger/multinodes/explorer# wget https://raw.githubusercontent.com/hyperledger/blockchain-explorer/main/examples/net1/connection-profile/test-network.json -P connection-profile
  5. root@order:~/hyperledger/multinodes/explorer# wget https://raw.githubusercontent.com/hyperledger/blockchain-explorer/main/docker-compose.yaml
  6. root@order:~/hyperledger/multinodes/explorer# cd ..
  7. root@order:~/hyperledger/multinodes# cd crypto-config
  8. root@order:~/hyperledger/multinodes/crypto-config#ls
  9. ordererOrganizations  peerOrganizations
  10. root@order:~/hyperledger/multinodes/crypto-config#cd ..
  11. root@order:~/hyperledger/multinodes# cp -r crypto-config explorer/organizations
  12. root@order:~/hyperledger/multinodes# cd explorer/
  13. root@order:~/hyperledger/multinodes/explorer# ls organizations/
  14. ordererOrganizations  peerOrganizations

2、修改配置文件

order上执行

  1. root@order:~/hyperledger/multinodes/explorer# cd connection-profile/
  2. root@order:~/hyperledger/multinodes/explorer/connection-profile# mv test-network.json org1-network.json
  3. root@order:~/hyperledger/multinodes/explorer/connection-profile# vim org1-network.json
  4. root@order:~/hyperledger/multinodes/explorer/connection-profile# sed -i "s/test-network/org1-network/g" org1-network.json
  5. root@order:~/hyperledger/multinodes/explorer/connection-profile# vim org1-network.json
  6. {
  7. 	"name": "org1-network",
  8. 	"version": "1.0.0",
  9. 	"client": {
  10. 		"tlsEnable": true,
  11. 		"adminCredential": {
  12. 			"id": "exploreradmin",
  13. 			"password": "exploreradminpw"
  14. 		},
  15. 		"enableAuthentication": true,
  16. 		"organization": "Org1MSP",
  17. 		"connection": {
  18. 			"timeout": {
  19. 				"peer": {
  20. 					"endorser": "1200"
  21. 				},
  22. 				"orderer": "1200"
  23. 			}
  24. 		}
  25. 	},
  26. 	"channels": {
  27. 		"mychannel": {
  28. 			"peers": {
  29. 				"peer0.org1.example.com": {}
  30. 			}
  31. 		}
  32. 	},
  33. 	"organizations": {
  34. 		"Org1MSP": {
  35. 			"mspid": "Org1MSP",
  36. 			"adminPrivateKey": {
  37. 				"path": "/tmp/crypto/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/keystore/priv_sk"
  38. 			},
  39. 			"peers": ["peer0.org1.example.com"],
  40. 			"signedCert": {
  41. 				"path": "/tmp/crypto/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/signcerts/User1@org1.example.com-cert.pem"
  42. 			}
  43. 		}
  44. 	},
  45. 	"peers": {
  46. 		"peer0.org1.example.com": {
  47. 			"tlsCACerts": {
  48. 				"path": "/tmp/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt"
  49. 			},
  50. 			"url": "grpcs://peer0.org1.example.com:7051"
  51. 		}
  52. 	}
  53. }
  1. root@order:~/hyperledger/multinodes/explorer/connection-profile# cp org1-network.json org2-network.json
  2. root@order:~/hyperledger/multinodes/explorer/connection-profile# sed -i "s/org1/org2/g" org2-network.json
  3. root@order:~/hyperledger/multinodes/explorer/connection-profile# sed -i "s/Org1/Org2/g" org2-network.json
  4. root@order:~/hyperledger/multinodes/explorer/connection-profile# sed -i "s/7051/7051/g" org2-network.json
  5. root@order:~/hyperledger/multinodes/explorer/connection-profile# vim org2-network.json
  6. {
  7. 	"name": "org2-network",
  8. 	"version": "1.0.0",
  9. 	"client": {
  10. 		"tlsEnable": true,
  11. 		"adminCredential": {
  12. 			"id": "exploreradmin",
  13. 			"password": "exploreradminpw"
  14. 		},
  15. 		"enableAuthentication": true,
  16. 		"organization": "Org2MSP",
  17. 		"connection": {
  18. 			"timeout": {
  19. 				"peer": {
  20. 					"endorser": "1200"
  21. 				},
  22. 				"orderer": "1200"
  23. 			}
  24. 		}
  25. 	},
  26. 	"channels": {
  27. 		"mychannel": {
  28. 			"peers": {
  29. 				"peer0.org2.example.com": {}
  30. 			}
  31. 		}
  32. 	},
  33. 	"organizations": {
  34. 		"Org2MSP": {
  35. 			"mspid": "Org2MSP",
  36. 			"adminPrivateKey": {
  37. 				"path": "/tmp/crypto/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/keystore/priv_sk"
  38. 			},
  39. 			"peers": ["peer0.org2.example.com"],
  40. 			"signedCert": {
  41. 				"path": "/tmp/crypto/peerOrganizations/org2.example.com/users/User1@org2.example.com/msp/signcerts/User1@org2.example.com-cert.pem"
  42. 			}
  43. 		}
  44. 	},
  45. 	"peers": {
  46. 		"peer0.org2.example.com": {
  47. 			"tlsCACerts": {
  48. 				"path": "/tmp/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt"
  49. 			},
  50. 			"url": "grpcs://peer0.org2.example.com:7051"
  51. 		}
  52. 	}
  53. }
  1. root@order:~/hyperledger/multinodes/explorer/connection-profile# cd ..
  2. root@order:~/hyperledger/multinodes/explorer# vim config.json
  3. {
  4.         "network-configs": {
  5.                 "org1-network": {
  6.                         "name": "org1-network",
  7.                         "profile": "./connection-profile/org1-network.json"
  8.                 },
  9.                 "org2-network": {
  10.                         "name": "org2-network",
  11.                         "profile": "./connection-profile/org2-network.json"
  12.                 }
  13.         },
  14.         "license": "Apache-2.0"
  15. }

3、修改docker-compose文件

order上执行

  1. root@order:~/hyperledger/multinodes/explorer# vim docker-compose.yaml
  2. # SPDX-License-Identifier: Apache-2.0
  3. version: '2.1'
  4.  
  5. volumes:
  6.   pgdata:
  7.   walletstore:
  8.  
  9. networks:
  10.   mynetwork.com:
  11.     external:
  12.       name: twonodes_test
  13.  
  14. services:
  15.  
  16.   explorerdb.mynetwork.com:
  17.     image: hyperledger/explorer-db:latest
  18.     container_name: explorerdb.mynetwork.com
  19.     hostname: explorerdb.mynetwork.com
  20.     environment:
  21.       - DATABASE_DATABASE=fabricexplorer
  22.       - DATABASE_USERNAME=hppoc
  23.       - DATABASE_PASSWORD=password
  24.     healthcheck:
  25.       test: "pg_isready -h localhost -p 5432 -q -U postgres"
  26.       interval: 30s
  27.       timeout: 10s
  28.       retries: 5
  29.     volumes:
  30.       - pgdata:/var/lib/postgresql/data
  31.     networks:
  32.       - mynetwork.com
  33.  
  34.   explorer.mynetwork.com:
  35.     image: hyperledger/explorer:latest
  36.     container_name: explorer.mynetwork.com
  37.     hostname: explorer.mynetwork.com
  38.     environment:
  39.       - DATABASE_HOST=explorerdb.mynetwork.com
  40.       - DATABASE_DATABASE=fabricexplorer
  41.       - DATABASE_USERNAME=hppoc
  42.       - DATABASE_PASSWD=password
  43.       - LOG_LEVEL_APP=debug
  44.       - LOG_LEVEL_DB=debug
  45.       - LOG_LEVEL_CONSOLE=debug
  46.       - LOG_CONSOLE_STDOUT=true
  47.       - DISCOVERY_AS_LOCALHOST=false
  48.     volumes:
  49.       - ./config.json:/opt/explorer/app/platform/fabric/config.json
  50.       - ./connection-profile:/opt/explorer/app/platform/fabric/connection-profile
  51.       - ./organizations:/tmp/crypto
  52.       - walletstore:/opt/explorer/wallet
  53.     ports:
  54.       - 8080:8080
  55.     depends_on:
  56.       explorerdb.mynetwork.com:
  57.         condition: service_healthy
  58.     networks:
  59.       - mynetwork.com
  60.     extra_hosts:
  61.       - "orderer.example.com:10.10.10.65"
  62.       - "peer0.org1.example.com:10.10.10.64"
  63.       - "peer0.org2.example.com:10.10.10.53"

4、启动区块链浏览器

  1. root@order:~/hyperledger/multinodes/explorer# docker-compose up -d
  2. Creating network "explorer_default" with the default driver
  3. Creating volume "explorer_pgdata" with default driver
  4. Creating volume "explorer_walletstore" with default driver
  5. Creating explorerdb.mynetwork.com ... done
  6. Creating explorer.mynetwork.com   ... done
  7. root@order:~/hyperledger/multinodes/explorer# docker ps -a
  8. CONTAINER ID   IMAGE                                                                                                                                                                 COMMAND                  CREATED          STATUS                    PORTS                                                           NAMES
  9. d21e179e2060   hyperledger/explorer:latest                                                                                                                                           "docker-entrypoint.s…"   6 seconds ago    Up 5 seconds              0.0.0.0:8080->8080/tcp, :::8080->8080/tcp                       explorer.mynetwork.com
  10. 831395f70c85   hyperledger/explorer-db:latest                                                                                                                                        "docker-entrypoint.s…"   37 seconds ago   Up 36 seconds (healthy)   5432/tcp                                                        explorerdb.mynetwork.com
  11. 69ab158d8d67   dev-peer0.org1.example.com-sacc_1-2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259-8784c8728adbd8a126fe5163d5cae63d43ee9085043dddaa179d6f74edaf2d12   "chaincode -peer.add…"   18 minutes ago   Up 18 minutes                                                                             dev-peer0.org1.example.com-sacc_1-2791ff83074c654ab40b864ba03f6bb2710439d720adc883c26438212de8d259
  12. 84e8e0d3fe09   hyperledger/fabric-peer:2.3                                                                                                                                           "peer node start"        48 minutes ago   Up 18 minutes             0.0.0.0:7051-7053->7051-7053/tcp, :::7051-7053->7051-7053/tcp   peer0.org1.example.com
  13. 57cfe35e69a6   hyperledger/fabric-tools:2.2                                                                                                                                          "/bin/bash"              49 minutes ago   Up 18 minutes                                                                             cli
  14. 421b25e99adf   couchdb:3.1                                                                                                                                                           "tini -- /docker-ent…"   49 minutes ago   Up 18 minutes             4369/tcp, 9100/tcp, 0.0.0.0:5984->5984/tcp, :::5984->5984/tcp   couchdb0.org1.example.com

问题1:

2021-07-08T08:08:14.461Z - error: [DiscoveryService]: send[mychannel] - Channel:mychannel received discovery error:access denied
explorer.mynetwork.com      | [2021-07-08T08:08:14.461] [ERROR] FabricClient - Error: DiscoveryService: mychannel error: access denied
explorer.mynetwork.com      |     at DiscoveryService.send (/opt/explorer/node_modules/fabric-common/lib/DiscoveryService.js:363:11)
explorer.mynetwork.com      |     at processTicksAndRejections (internal/process/task_queues.js:97:5)
explorer.mynetwork.com      |     at async NetworkImpl._initializeInternalChannel (/opt/explorer/node_modules/fabric-network/lib/network.js:279:13)
explorer.mynetwork.com      |     at async NetworkImpl._initialize (/opt/explorer/node_modules/fabric-network/lib/network.js:231:9)
explorer.mynetwork.com      |     at async Gateway.getNetwork (/opt/explorer/node_modules/fabric-network/lib/gateway.js:330:9)

解决1:

参考: HyperledgerExplorer错误记录:FabricClient - Error: DiscoveryService: mychannel error: access denied_[error] fabricclient - error: discoveryservice: my-CSDN博客文章浏览阅读2.7k次,点赞4次,收藏6次。问题:重新启动HyperledgerExplorer报错昨日部署好了fabric和HyperledgerExplorer,启动了一次,一切正常。今日再次启动,却发现怎么也启动不起来,docker-compose logs显示错误:2021-07-08T08:08:14.461Z - error: [DiscoveryService]: send[mychannel] - Channel:mychannel received discovery error:access deniedexplorer.m_[error] fabricclient - error: discoveryservice: mychannel error: access denihttps://blog.csdn.net/lyz19961221/article/details/118576529

接入被拒绝了,明显是鉴权问题

排查
既然是explorer报的鉴权问题,那fabric这边应该会有日志打印,docker logs peer0.org1.example.com查看org1.peer0的日志(因为explorer这边鉴权用的就是org1的身份信息),果然其中有错,蓝色的一片INFO日志中赫然几条黄色的WARN在列:

  1. 2021-07-08 07:34:53.173 UTC [policies] SignatureSetToValidIdentities -> WARN 048 invalid identity: certificate subject=CN=org1admin,OU=admin,O=Hyperledger,ST=North Carolina,C=US serialnumber=406667895762504197446585402379494299487974961868 error="the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of \"x509: ECDSA verification failure\" while trying to verify candidate authority certificate \"ca.org1.example.com\")"
  2. 2021-07-08 07:34:53.185 UTC [policies] SignatureSetToValidIdentities -> WARN 049 invalid identity: certificate subject=CN=org1admin,OU=admin,O=Hyperledger,ST=North Carolina,C=US serialnumber=406667895762504197446585402379494299487974961868 error="the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of \"x509: ECDSA verification failure\" while trying to verify candidate authority certificate \"ca.org1.example.com\")"
  3. 2021-07-08 07:34:53.185 UTC [discovery] processQuery -> WARN 04a got query for channel mychannel from 172.21.0.10:54952 but it isn't eligible: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied
  4. 2021-07-08 07:34:53.185 UTC [discovery] processQuery -> WARN 04b got query for channel mychannel from 172.21.0.10:54952 but it isn't eligible: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied

通过日志信息可以知晓,确实是证书验证失败了,无论失败的原因为何,目前的基本猜想还是explorer所用证书与fabric本身生成的证书不一致。因为启动过两次第二次启动时没有清除第一次的证书。

马上执行docker volume ls查看,果然是有wallet残留:

  1. local     explorer_pgdata
  2. local     explorer_walletstore

清除volume

$ docker-compose down -v

执行命令删除残留的volume:

  1. docker volume rm explorer_pgdata
  2. docker volume rm explorer_walletstore

重新启动一切恢复正常。

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/你好赵伟/article/detail/348723?site
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号