From 00c561457f19eca7a73988830d88e21dc6c3a2e8 Mon Sep 17 00:00:00 2001 From: Dave Enyeart Date: Fri, 17 Mar 2023 09:17:39 -0400 Subject: [PATCH] Update samples to use Fabric v2.5.0-beta2 by default (#1006) Update samples to use Fabric v2.5.0-beta2 by default. Signed-off-by: David Enyeart --- .../actions/test-network-setup/action.yaml | 2 +- ci/scripts/pullFabricImages.sh | 15 ------ .../multipass-cloud-config.yaml | 6 +-- .../infrastructure/sample-network/network | 2 +- test-network-k8s/docs/KUBERNETES.md | 54 +++++++++---------- test-network-k8s/docs/TEST_NETWORK.md | 6 +-- 6 files changed, 35 insertions(+), 50 deletions(-) delete mode 100755 ci/scripts/pullFabricImages.sh diff --git a/.github/actions/test-network-setup/action.yaml b/.github/actions/test-network-setup/action.yaml index c8983258..b61fe61d 100644 --- a/.github/actions/test-network-setup/action.yaml +++ b/.github/actions/test-network-setup/action.yaml @@ -12,7 +12,7 @@ inputs: default: 11.x fabric-version: description: Version of Hyperledger Fabric - default: 2.5.0-alpha3 + default: 2.5.0-beta2 ca-version: description: Version of Hyperledger Fabric CA default: 1.5.6-beta3 diff --git a/ci/scripts/pullFabricImages.sh b/ci/scripts/pullFabricImages.sh deleted file mode 100755 index b27bc281..00000000 --- a/ci/scripts/pullFabricImages.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -e -set -euo pipefail - -FABRIC_VERSION=${FABRIC_VERSION:-2.4} -STABLE_TAG=amd64-${FABRIC_VERSION}-stable - -for image in baseos peer orderer ca tools orderer ccenv javaenv nodeenv tools; do - docker pull -q "hyperledger-fabric.jfrog.io/fabric-${image}:${STABLE_TAG}" - docker tag "hyperledger-fabric.jfrog.io/fabric-${image}:${STABLE_TAG}" hyperledger/fabric-${image} - docker tag "hyperledger-fabric.jfrog.io/fabric-${image}:${STABLE_TAG}" "hyperledger/fabric-${image}:${FABRIC_VERSION}" - docker rmi -f "hyperledger-fabric.jfrog.io/fabric-${image}:${STABLE_TAG}" -done - -docker pull -q couchdb:3.1.1 -docker images | grep hyperledger diff --git a/full-stack-asset-transfer-guide/infrastructure/multipass-cloud-config.yaml b/full-stack-asset-transfer-guide/infrastructure/multipass-cloud-config.yaml index 0ae75011..1ec8a510 100644 --- a/full-stack-asset-transfer-guide/infrastructure/multipass-cloud-config.yaml +++ b/full-stack-asset-transfer-guide/infrastructure/multipass-cloud-config.yaml @@ -33,8 +33,8 @@ write_files: HLF_VERSION=$1 fi - if [ ${HLF_VERSION:0:4} = '2.4.' ]; then - export GO_VERSION=1.17.10 + if [ ${HLF_VERSION:0:4} = '2.5.' -o ${HLF_VERSION:0:4} = '2.4.']; then + export GO_VERSION=1.18.10 elif [ ${HLF_VERSION:0:4} = '2.2.' -o ${HLF_VERSION:0:4} = '2.3.' ]; then export GO_VERSION=1.14.11 elif [ ${HLF_VERSION:0:4} = '2.0.' -o ${HLF_VERSION:0:4} = '2.1.' ]; then @@ -45,7 +45,7 @@ write_files: export GO_VERSION=1.9.7 else >&2 echo "Unexpected HLF_VERSION ${HLF_VERSION}" - >&2 echo "HLF_VERSION must be a 1.1.x, 1.2.x, 1.3.x, 1.4.x, 2.0.x, 2.1.x, 2.2.x, 2.3.x, or 2.4.x version" + >&2 echo "HLF_VERSION must be a 1.1.x, 1.2.x, 1.3.x, 1.4.x, 2.0.x, 2.1.x, 2.2.x, 2.3.x, 2.4.x, or 2.5.x version" exit 1 fi diff --git a/full-stack-asset-transfer-guide/infrastructure/sample-network/network b/full-stack-asset-transfer-guide/infrastructure/sample-network/network index 0e1f9373..1d0c1299 100755 --- a/full-stack-asset-transfer-guide/infrastructure/sample-network/network +++ b/full-stack-asset-transfer-guide/infrastructure/sample-network/network @@ -33,7 +33,7 @@ function context() { export ${name}="${!override_name:-${default_value}}" } -context FABRIC_VERSION 2.4.4 +context FABRIC_VERSION 2.5.0-beta2 context FABRIC_CA_VERSION 1.5.5 context CLUSTER_RUNTIME kind # or k3s for Rancher diff --git a/test-network-k8s/docs/KUBERNETES.md b/test-network-k8s/docs/KUBERNETES.md index 74e47fd3..4dad490e 100644 --- a/test-network-k8s/docs/KUBERNETES.md +++ b/test-network-k8s/docs/KUBERNETES.md @@ -70,31 +70,31 @@ or: $ kind delete cluster ``` -## Rancher Desktop and k3s +## Rancher Desktop and k3s -In addition to KIND, the Kube Test Network runs on the k3s Kubernetes provided by [Rancher Desktop](https://rancherdesktop.io). +In addition to KIND, the Kube Test Network runs on the k3s Kubernetes provided by [Rancher Desktop](https://rancherdesktop.io). To run natively on k3s, skip the creation of a KIND cluster and: 1. In Rancher's Kubernetes Settings: 1. Disable Traefik - 2. Select the dockerd (moby) container runtime - 3. Increase Memory allocation to 8 GRAM - 4. Increase CPU allocation to 8 CPU + 2. Select the dockerd (moby) container runtime + 3. Increase Memory allocation to 8 GRAM + 4. Increase CPU allocation to 8 CPU -2. Reset Kubernetes +2. Reset Kubernetes -3. Initialize the Nginx ingress and cert-manager: +3. Initialize the Nginx ingress and cert-manager: ```shell export TEST_NETWORK_CLUSTER_RUNTIME="k3s" ./network cluster init ``` -- containerd is also a viable runtime. When building images for chaincode-as-a-service, the `--namespace k8s.io` +- containerd is also a viable runtime. When building images for chaincode-as-a-service, the `--namespace k8s.io` argument must be applied to the `nerdctl` CLI. -- For use with containerd: +- For use with containerd: ```shell export TEST_NETWORK_CLUSTER_RUNTIME="k3s" export TEST_NETWORK_CONTAINER_NAMESPACE="--namespace k8s.io" @@ -107,7 +107,7 @@ export CONTAINER_CLI="nerdctl" ## Test Network Structure To emulate a more realistic example of multi-party collaboration, the test network -forms a blockchain consensus group spanning three virtual organizations. Network I/O between the +forms a blockchain consensus group spanning three virtual organizations. Network I/O between the blockchain nodes is entirely constrained to Kubernetes private networks, and consuming applications make use of a Kubernetes / Nginx ingress controller for external visibility. @@ -204,39 +204,39 @@ export TEST_NETWORK_FABRIC_VERSION=2.4.0 ./network up ``` -## Nginx Ingress Controller +## Nginx Ingress Controller -When Fabric nodes communicate within the k8s cluster, TCP sockets are established via Kube DNS service +When Fabric nodes communicate within the k8s cluster, TCP sockets are established via Kube DNS service aliases (e.g. grpcs://org1-peer1.test-network.svc.cluster.local:443) and traverse private K8s network routes. -For access from _external clients_, all traffic into the network nodes are routed into the correct pod by -virtue of an Nginx ingress controller bound to the host OS ports :80 and :443. To differentiate between -services, the Nginx provides a "layer 6" traffic router based on the http(s) host alias. In addition to -constructing Deployments, Pods, and Services, each Fabric node exposes a set of `Ingress` routes binding +For access from _external clients_, all traffic into the network nodes are routed into the correct pod by +virtue of an Nginx ingress controller bound to the host OS ports :80 and :443. To differentiate between +services, the Nginx provides a "layer 6" traffic router based on the http(s) host alias. In addition to +constructing Deployments, Pods, and Services, each Fabric node exposes a set of `Ingress` routes binding the virtual host name to the corresponding endpoint. -TLS traffic tunneled through the ingress controller has been configured in "ssl-passthrough" mode. For -secure access to services, client applications must present the TLS root certificate of the appropriate +TLS traffic tunneled through the ingress controller has been configured in "ssl-passthrough" mode. For +secure access to services, client applications must present the TLS root certificate of the appropriate organization when connecting to peers, orderers, and CAs. -## What is `*.localho.st` ? +## What is `*.localho.st` ? -In order to expose a dynamic set of DNS host aliases matching the Nginx ingress controller, the test network -employs the public DNS wildcard domain `*.localho.st` to resolve host and subdomains to the local loopback +In order to expose a dynamic set of DNS host aliases matching the Nginx ingress controller, the test network +employs the public DNS wildcard domain `*.localho.st` to resolve host and subdomains to the local loopback address 127.0.0.1. -Using this DNS wildcard alias means that all ingress points bound to the *.localho.st domain will resolve to your -local host, conveniently routing traffic into the KIND cluster on ports :80 and :443. +Using this DNS wildcard alias means that all ingress points bound to the *.localho.st domain will resolve to your +local host, conveniently routing traffic into the KIND cluster on ports :80 and :443. -To override the *.localho.st network ingress domain (for example in cloud-based environments supporting a DNS -wildcard resolver) set the `TEST_NETWORK_DOMAIN` environment variable before invoking `./network` -targets. E.g.: +To override the *.localho.st network ingress domain (for example in cloud-based environments supporting a DNS +wildcard resolver) set the `TEST_NETWORK_DOMAIN` environment variable before invoking `./network` +targets. E.g.: ```shell export TEST_NETWORK_DOMAIN=lvh.me -./network up +./network up curl -s --insecure https://org0-ca.lvh.me/cainfo | jq ``` diff --git a/test-network-k8s/docs/TEST_NETWORK.md b/test-network-k8s/docs/TEST_NETWORK.md index 3eb4a207..3478b2ac 100644 --- a/test-network-k8s/docs/TEST_NETWORK.md +++ b/test-network-k8s/docs/TEST_NETWORK.md @@ -139,11 +139,11 @@ node local MSP folders, certificates, and TLS signing keys that we generated abo Note that the deployment yaml files include some basic template substitution and parameters. For simplicity and clarity, we elected to use basic string substitution with `envsubst`, rather than introduce a Kube template -binding system (e.g. Helm, Kustomize, Kapitan, Ansible, etc.) for manipulating yaml templates. Any environment -variables declared in the `./network` script will be applied to these k8s templates. E.g.: +binding system (e.g. Helm, Kustomize, Kapitan, Ansible, etc.) for manipulating yaml templates. Any environment +variables declared in the `./network` script will be applied to these k8s templates. E.g.: ```shell -export FABRIC_VERSION=2.4.2 +export FABRIC_VERSION=2.4.2 ... cat kube/org0/org0-orderer1.yaml | envsubst | kubectl -n $NS -f -