区块链fabric网络部署
Posted 川&泽
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了区块链fabric网络部署相关的知识,希望对你有一定的参考价值。
一 、实验过程日志
-
一、部署 orderer.example.com
-
\\1. 创建 Multipeer 文件夹
-
\\2. 生成证书
-
2.1 创建 crypto-config.yaml
-
2.2 调用cryptogen 生成证书
-
2.3 成功生成 crypto-config路径
-
-
\\3. 生成创世区块和通道配置区块
-
3.1 创建 configtx.yaml
-
3.2 生成创世区块
-
3.3 生成通道配置区块
-
3.4 成功生成 genesis.block 和 mychannel.tx
-
-
\\4. 拷贝 multipeer
-
\\5. 启动 Order 节点
-
5.1 创建 docker-compose-orderer.yaml
-
5.2 创建并启动容器[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-0aSh9xpz-1655174545691)(…/…/…/Typora/myimage/20c4dead-4033-4115-83db-6b5fc327cbaf-4094138.jpg)]
-
-
-
二、部署 peer0.bupt.eduAli.cn
-
\\1. 准备部署智能合约
-
-
\\2. 启动peer,准备peer0.bupt.eduAli.cn节点上docker配置文件:
-
-
3.修改docker-compose-peer.yaml文件
-
-
4.成功生成peer0.bupt.eduAli.cn
-
-
\\5. 进入cli,在容器中创建Channel
-
-
6.复制mychannel.block,拷贝到桌面
-
-
-
三、部署peer0.njupt.eduAli.cn
-
\\1. 基本部署(同bupt)
-
\\2. 修改docker-compose-peer.yaml文件
如图,修改bupt为njupt
- 遇到的问题
可能是因为防火墙的问题,网络中断,重启虚拟机以后解决
- 遇到的问题
-
\\3. 加入通道
-
启动cli容器(同上bupt)
-
拷贝mychannel.block到容器中
-
-
Peer加入Channel
-
-
-
四、测试智能合约
- 1.创建mycc与1. 在bupt中实例化智能合约
二、实验结果展示(如部分完成此部分可不写)
三、实验过程中遇到的问题、解决问题的过程日志
-
关于构建远程局域网的步骤总结
-
构建虚拟局域网
- 构建基于 ZeroTier 的 P2P 局域网 详见群里幕布链接
- 构建基于 ZeroTier 的 P2P 局域网 详见群里幕布链接
-
Xshell 无法使用 gedit
- 解决方案:使用本地 VSCode 编写 yaml,让后上传 Linux
-
修改 njupt 节点的 docker yaml 文件时,未替换 MSP 内容
-
查阅相关资料后,初步判断 MSP 与每一个节点实体有关,将 buptMSP 替换 njuptMSP 后试验成功
-
2.1 yaml 文件的 ip 替换
- 解决方案:手动修改yaml文件里面的ip
- 解决方案:手动修改yaml文件里面的ip
-
开放的端口号不确定(peer 节点)
-
因为虚拟机涉及到在VM中开放指定端口,现在有3个端口不确定用途 -
解决方案:
-
本实验为记录性实验,过程细则如有疑问下方 统一解答
Hyperleder Fabric国密改造&一键部署工具&区块链网络修改工具
A.Fabric国密改造(以2.2版本为例)
A.1.golang国密改造修改文件清单
└─src
└─crypto
│ crypto.go
│
├─ecdsa
│ ecdsa.go
│
├─sm2
│ ber.go
│ p256.go
│ sm2.go
│
├─sm3
│ sm3.go
│
├─sm4
│ key.pem
│ sm4.go
│ sm4_test.go
│
├─tls
│ auth.go
│ cipher_suites.go
│ common.go
│ conn.go
│ handshake_client.go
│ handshake_messages.go
│ handshake_server.go
│ key_agreement.go
│ tls.go
│
└─x509
cert_pool.go
pkcs8.go
sec1.go
x509.go
A.2 Fabric 国密修改文件清单
├─bccsp
│ │ hashopts.go
│ │ sm2opts.go
│ │
│ ├─factory
│ │ opts.go
│ │
│ ├─sw
│ │ conf.go
│ │ ecdsa.go
│ │ ecdsakey.go
│ │ fileks.go
│ │ keyimport.go
│ │ keys.go
│ │ new.go
│ │ sm2.go
│ │ sm2key.go
│ │ sm2_test.go
│ │ sm3sig.go
│ │
│ └─utils
│ ecdsa.go
│
├─cmd
│ └─cryptogen
│ main.go
│
├─core
│ ├─container
│ │ └─externalbuilder
│ │ externalbuilder.go
│ │
│ └─ledger
│ └─kvledger
│ kv_ledger_provider.go
│ snapshot.go
│
├─internal
│ └─cryptogen
│ ├─ca
│ │ ca.go
│ │
│ ├─csp
│ │ csp.go
│ │
│ └─msp
│ msp.go
│
└─msp
identities.go
mspimpl.go
A.3 编译链码的baseos容器
Dockerfile
gosrc.tar.gz
makego.sh
VERSION
B. Fabric Java SDK 及 fabric gateway 国密修改清单
B.1 bouncy castle 库国密算法处理过程完善
包括 bcprov 和 bcpkix
bcpkix-jdk15on-165-update.zip
bcprov-jdk15on-165-update.zip
B.2 netty库修改
主要是netty-handler中关于SSL协议中证书验证部分
netty-handler-4.1.38.Final-update.zip
B.3 替换netty-tcnative-boringssl二级制接口库实现为编译 netty-tcnative-openssl
netty-tcnative-openssl-static-2.0.30.Final-linux-x86_64.jar
B.4 OpenSSL库实现基于TASSL,但其兼容国密不完善,完善后可用。
TASSL-1.1.1b-1.3-update.zip
C. Fabric API 网关
基于SpringBoot开发http服务访问fabric
具体不详述,注意两个配置文件
connection.json 是工具生成的区块链连接参数文件
fabric-cc-config.json 是 访问智能合约的参数文件
D. 部署工具&定制工具
D.1 编写 区块链配置文件
"globalConfig":
"caInfo":
"country": "XXX",
"locality": "XXXXX",
"organizationalUnit": "XXXXXX",
"postalCode": "XXXXX",
"province": "XXX",
"streetAddress": "XXXXXXXXXXX"
,
"dockerImagePath": "./images",
"dockerImageType": "dockerhub",
"dockerType": "sshdocker",
"domain": "example.com",
"host": "172.16.0.72",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"toolsConfig":
"dockerImage": "cwchain/fabric-tools:2.2.1_gm",
"dockerName": "tools",
"toolsType": "sshdocker"
,
"orderersConfig":
"dockerImage": "cwchain/fabric-orderer:2.2.1_gm",
"orderers": [
"name": "orderer1",
"host": "172.16.0.72",
"port": "7050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "orderer2",
"host": "172.16.0.72",
"port": "8050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "orderer3",
"host": "172.16.0.72",
"port": "9050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
]
,
"orgsConfig":
"chaincodeBuilderDockerImage": "cwchain/fabric-ccenv:2.2.1_gm",
"dockerImage": "cwchain/fabric-peer:2.2.1_gm",
"golangBaseDockerImage": "cwchain/fabric-baseos:2.2.1",
"orgs": [
"admin": "Admin",
"domain": "org1",
"name": "Org1",
"peers": [
"name": "peer0",
"host": "172.16.0.72",
"port": "7051",
"operationPort":"9443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "peer1",
"host": "172.16.0.72",
"port": "8051",
"operationPort":"10443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "peer2",
"host": "172.16.0.72",
"port": "9051",
"operationPort":"11443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
],
"users": [
"name": "User1"
]
]
D.2 部署工具命令
│ 0.network-testenv.sh
│ 1.fromtplcreate.sh
│ 2.generate.sh
│ 3.network-compose.sh
│ 4.network-addchannel.sh
│ 5.network-installcc.sh
其中需要channel配置文件和链码配置文件
"name":"c001",
"join":"all",
"orgs":[
"name":"Org1"
,
"name":"Org2"
]
"name":"fabcar",
"package":"fabcar.tar.gz",
"version":"1.0",
"sequence":"1",
"initFunc":"initLedger",
"testFunc":"queryAllCars",
"installOnOrgs":"all",
"installOnChannels":"p001",
"orgs":[
"name":"Org1",
"peers":[
"peer0",
"peer1"
]
,
"name":"Org2",
"peers":[
"peer0",
"peer1"
]
]
D.3 修改区块链结构的命令
│ 6.update-addorderer.sh
│ 7.update-removeorderer.sh
│ 8.update-addorg.sh
│ 9.update-addorg-installcc.sh
│ a.update-removeorg.sh
│ b.update-addpeer.sh
│ c.update-removepeer.sh
D.4 生成API网关连接参数文件
d.generate-connection.sh
以上是关于区块链fabric网络部署的主要内容,如果未能解决你的问题,请参考以下文章
基于Spring的Fabric区块链Gateway,简化区块链开发
16. Fabric2.2 区块链农产品溯源系统 - 区块链浏览器部署(Fabric Explorer)